Skip to content

Security Onion Lab

Summary

The Security Onion Lab is a home lab security monitoring environment used to practice network visibility, log review, alert triage, and SOC-style investigation workflows.

The lab gives me a place to work with security telemetry, troubleshoot ingestion issues, and understand how alerts move from raw data to analyst review.

Problem

Cybersecurity monitoring is difficult to understand from theory alone. Real skills come from seeing logs, alerts, dashboards, network traffic, failed ingestion, broken connectivity, and noisy events.

A lab environment creates a safe place to learn and troubleshoot those problems.

Approach

The lab is designed around security visibility:

  1. Deploy the monitoring platform.
  2. Send logs or network telemetry into the platform.
  3. Review dashboards and alerts.
  4. Troubleshoot collection or connectivity issues.
  5. Document what worked and what failed.
  6. Use the lab to practice SOC-style review.

Tools and Concepts

  • Security Onion
  • Syslog
  • Virtual machines
  • Network monitoring
  • Alert review
  • Log ingestion
  • Dashboard analysis
  • Firewall/routing troubleshooting
  • SOC workflow concepts

What This Demonstrates

  • Security monitoring fundamentals
  • Log ingestion awareness
  • Alert triage practice
  • Network troubleshooting
  • SOC-style thinking
  • Comfort working with imperfect lab environments
  • Ability to document technical problems and fixes

Outcome

This lab demonstrates hands-on security monitoring practice. It shows that I am not only studying cybersecurity concepts but building environments where those concepts can be tested and understood.

Screenshot Opportunities

Screenshot What It Proves
Security Onion dashboard Shows platform deployment
Alerts/events view Shows monitoring and triage
Log source or syslog configuration Shows ingestion setup
Network diagram Shows monitoring architecture
Troubleshooting notes Shows operational problem solving

Screenshot Folder

Save screenshots here:

docs/assets/images/projects/security-onion/

Recommended filenames:

  • dashboard.png
  • alerts.png
  • log-source.png
  • network-architecture.png
  • troubleshooting.png

Public Safety Notes

Blur private IPs, hostnames, usernames, MAC addresses, internal device names, and any logs that could reveal sensitive personal or network details.