Security Onion Lab¶
Summary¶
The Security Onion Lab is a home lab security monitoring environment used to practice network visibility, log review, alert triage, and SOC-style investigation workflows.
The lab gives me a place to work with security telemetry, troubleshoot ingestion issues, and understand how alerts move from raw data to analyst review.
Problem¶
Cybersecurity monitoring is difficult to understand from theory alone. Real skills come from seeing logs, alerts, dashboards, network traffic, failed ingestion, broken connectivity, and noisy events.
A lab environment creates a safe place to learn and troubleshoot those problems.
Approach¶
The lab is designed around security visibility:
- Deploy the monitoring platform.
- Send logs or network telemetry into the platform.
- Review dashboards and alerts.
- Troubleshoot collection or connectivity issues.
- Document what worked and what failed.
- Use the lab to practice SOC-style review.
Tools and Concepts¶
- Security Onion
- Syslog
- Virtual machines
- Network monitoring
- Alert review
- Log ingestion
- Dashboard analysis
- Firewall/routing troubleshooting
- SOC workflow concepts
What This Demonstrates¶
- Security monitoring fundamentals
- Log ingestion awareness
- Alert triage practice
- Network troubleshooting
- SOC-style thinking
- Comfort working with imperfect lab environments
- Ability to document technical problems and fixes
Outcome¶
This lab demonstrates hands-on security monitoring practice. It shows that I am not only studying cybersecurity concepts but building environments where those concepts can be tested and understood.
Screenshot Opportunities¶
| Screenshot | What It Proves |
|---|---|
| Security Onion dashboard | Shows platform deployment |
| Alerts/events view | Shows monitoring and triage |
| Log source or syslog configuration | Shows ingestion setup |
| Network diagram | Shows monitoring architecture |
| Troubleshooting notes | Shows operational problem solving |
Screenshot Folder¶
Save screenshots here:
docs/assets/images/projects/security-onion/
Recommended filenames:
dashboard.pngalerts.pnglog-source.pngnetwork-architecture.pngtroubleshooting.png
Public Safety Notes¶
Blur private IPs, hostnames, usernames, MAC addresses, internal device names, and any logs that could reveal sensitive personal or network details.