Skip to content

Commit

Permalink
update docker compose examples
Browse files Browse the repository at this point in the history
  • Loading branch information
@mmta
mmta committed Nov 5, 2018
1 parent da7f4b2 commit 375f762
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 14 deletions.
54 changes: 41 additions & 13 deletions deployments/docker/docker-compose-cluster.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,6 @@ services:
elasticsearch:
container_name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:6.4.2
deploy:
replicas: 1
environment:
- discovery.type=single-node
- "ES_JAVA_OPTS=-Xms256m -Xmx256m"
Expand All @@ -27,8 +25,6 @@ services:
image: defenxor/docker-logstash:6.4.2
command:
- -f/etc/logstash/conf.d
deploy:
replicas: 1
environment:
- xpack.monitoring.enabled=false
networks:
Expand All @@ -40,43 +36,75 @@ services:
kibana:
container_name: kibana
image: docker.elastic.co/kibana/kibana:6.4.2
deploy:
replicas: 1
environment:
- xpack.monitoring.ui.container.elasticsearch.enabled=false
ports:
- 5601:5601
networks:
- siemnet

# use dsiem name for frontend to avoid changing logstash configuration
dsiem:
container_name: dsiem
container_name: dsiem-frontend
image: defenxor/dsiem:latest
deploy:
replicas: 1
environment:
- DSIEM_MODE=cluster-frontend
- DSIEM_NODE=dsiem
- DSIEM_MSQ=nats://dsiem-nats:4222
- DSIEM_PORT=8080
ports:
- "8080:8080"
networks:
- siemnet

dsiem-backend:
container_name: dsiem-backend
image: defenxor/dsiem:latest
environment:
- DSIEM_MODE=cluster-backend
- DSIEM_NODE=dsiem-backend
- DSIEM_FRONTEND=http://dsiem:8080
- DSIEM_MSQ=nats://dsiem-nats:4222
- DSIEM_PORT=8081
networks:
- siemnet
volumes:
- dsiem-log:/dsiem/logs

nats:
container_name: dsiem-nats
image: nats:1.3.0-linux
networks:
- siemnet

filebeat:
container_name: filebeat
image: docker.elastic.co/beats/filebeat:6.4.2
user: root
deploy:
replicas: 1
networks:
- siemnet
volumes:
- dsiem-log:/var/log/dsiem
- filebeat-data:/usr/share/filebeat/data
- ./conf/filebeat/filebeat.yml:/usr/share/filebeat/filebeat.yml
- dsiem-log:/var/log/dsiem
- suricata-log:/var/log/suricata

suricata:
container_name: suricata
image: dtagdevsec/suricata:1710
network_mode: "host"
cap_add:
- NET_ADMIN
- SYS_NICE
- NET_RAW
command: [ "/bin/bash", "-c" , "chown -R suri /var/log/suricata && /usr/bin/suricata -v -i ${PROMISC_INTERFACE}" ]
volumes:
- suricata-log:/var/log/suricata

volumes:
dsiem-log:
filebeat-data:
es-data:
dsiem-log:
suricata-log:
networks:
siemnet:
2 changes: 1 addition & 1 deletion deployments/docker/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
command: [ "/bin/bash", "-c" , "chown -R suri /var/log/suricata && /usr/bin/suricata -v -i wlp4s0" ]
command: [ "/bin/bash", "-c" , "chown -R suri /var/log/suricata && /usr/bin/suricata -v -i ${PROMISC_INTERFACE}" ]
volumes:
- suricata-log:/var/log/suricata

Expand Down

0 comments on commit 375f762

Please sign in to comment.