RedGalahad 
We've got it updated and Security onion installing. I love having to type in 10+ IP ranges to monitor.
Does anyone with experience on the platform have any advice or tips and tricks for me? I'd appreciate it
Took me two hours to work out why it wouldn't lold the WebUI. But finally..
I'm In.
So I've had a poke around Security onion, and obviously, I'm setting this all up from scratch with ZERO existing knowledge of how to do any of this.
I'm a little lost if I'm honest, I know I can ingest device alerts through the Wazuh Agent. but I want to ingest data from existing services.. ESET for a start.
I think i can do this through SYSLOG but that requires knowledge of ElasticSearch it seems, is anyone any good with ElasticSearch and can give me a rundown?
BrBr.Prime