Security Onion is a Linux distribution for intrusion detection, network security monitoring (NSM), and log management. It's based on Ubuntu and contains software packages such as Snort, Suricata, Bro, OSSEC, Sguil, Squert, Snorby, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes! The creator of Security Onion, Doug Burks, says it’s designed so a Window admin can have a working IDS in 30 minutes. In this presentation we’ll explore some of the features and capabilities of Security Onion including ELSA (Enterprise Log Search and Archive), Snorby, Squert, and Sguil, the ways it can deployed and how to analyze you network incidents. Yes, there will be a demo.