owlh
0.14.0
Getting Started with OwlH
Components
OwlH Master
OwlH Node
OwlH UI
OwlH Client
Capabilities
NIDS and Traffic analysis support
Top capabilities
Traffic transport and management
OwlH Plugins
Others
Architecture
Standard data flow
Inside OwlH Node
Used ports
Install OwlH
OwlH Installer
Install components
Standard Installation
Advanced Installation
Configure
Visualization
Appendices
Update and upgrade OwlH
OwlH components
User Manual
First configuration
User Interface
Analyzer
Suricata
Zeek
Wazuh
Configuration Files
API service configuration files
Node configuration
Master configuration
Main Configuration files (main.conf)
Master Main Configuration file
Node Main Configuration file
Analyzer configuration file
OwlH API
OwlH MASTER RESTful API
OwlH NODE RESTful API
Troubleshooting
OwlH Node
OwlH Master
OwlH UI
Looking for…
OwlH and Suricata
Main steps
Suricata output with OwlH
Suricata Rules
OwlH and Zeek
Integration Logical Diagram
Components
Configure - Zeek - OwlH Node
Zeek Logs Output format to JSON
Option 1 - Modify ASCII writer output
Zeek Event Enritchment to help Wazuh ruleset
Loading Zeek customizations at Zeek start
Review your Kibana Dashboard
OwlH and Moloch
Configure Moloch
Moloch in Master
Moloch in remote server
Use Cases
BASIC
ADVANCED
INTEGRATE WITH WAZUH
If you need help
owlh
Docs
»
Looking for…
Edit on GitHub
Looking for…
¶
OwlH and Suricata
OwlH and Zeek
OwlH and Moloch