merge mordor nxlog

docker/helk-kibana-analysis-alert-basic.yml

@@ -56,6 +56,7 @@ services:
     ports:
       - "5044:5044"
       - "8531:8531"
+      - "3515:3515"
     restart: always
     depends_on:
       - helk-kibana
@@ -136,7 +137,7 @@ services:
       REPLICATION_FACTOR: 1
       ADVERTISED_LISTENER: ${ADVERTISED_LISTENER}
       ZOOKEEPER_NAME: helk-zookeeper
-      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek
+      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor
       KAFKA_HEAP_OPTS: -Xmx1G -Xms1G
       LOG_RETENTION_HOURS: 4
     ports:
@@ -163,6 +164,7 @@ services:
       KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000
       KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest
       KSQL_HEAP_OPTS: -Xmx1g
+      KSQL_OPTS: "-Dconfluent.support.metrics.enable=false"
     ports:
       - 8088:8088
     networks:

docker/helk-kibana-analysis-alert-trial.yml

@@ -57,6 +57,7 @@ services:
     ports:
       - "5044:5044"
       - "8531:8531"
+      - "3515:3515"
     restart: always
     depends_on:
       - helk-kibana
@@ -136,7 +137,7 @@ services:
       REPLICATION_FACTOR: 1
       ADVERTISED_LISTENER: ${ADVERTISED_LISTENER}
       ZOOKEEPER_NAME: helk-zookeeper
-      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek
+      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor
       KAFKA_HEAP_OPTS: -Xmx1G -Xms1G
       LOG_RETENTION_HOURS: 4
     ports:
@@ -163,6 +164,7 @@ services:
       KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000
       KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest
       KSQL_HEAP_OPTS: -Xmx1g
+      KSQL_OPTS: "-Dconfluent.support.metrics.enable=false"
     ports:
       - 8088:8088
     networks:

docker/helk-kibana-analysis-basic.yml

@@ -51,6 +51,7 @@ services:
     ports:
       - "5044:5044"
       - "8531:8531"
+      - "3515:3515"
     restart: always
     depends_on:
       - helk-kibana
@@ -111,7 +112,7 @@ services:
       REPLICATION_FACTOR: 1
       ADVERTISED_LISTENER: ${ADVERTISED_LISTENER}
       ZOOKEEPER_NAME: helk-zookeeper
-      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek
+      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor
       KAFKA_HEAP_OPTS: -Xmx1G -Xms1G
       LOG_RETENTION_HOURS: 4
     ports:
@@ -133,6 +134,7 @@ services:
       KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000
       KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest
       KSQL_HEAP_OPTS: -Xmx1g
+      KSQL_OPTS: "-Dconfluent.support.metrics.enable=false"
     ports:
       - 8088:8088
     networks:

docker/helk-kibana-analysis-trial.yml

@@ -57,6 +57,7 @@ services:
     ports:
       - "5044:5044"
       - "8531:8531"
+      - "3515:3515"
     restart: always
     depends_on:
       - helk-kibana
@@ -136,7 +137,7 @@ services:
       REPLICATION_FACTOR: 1
       ADVERTISED_LISTENER: ${ADVERTISED_LISTENER}
       ZOOKEEPER_NAME: helk-zookeeper
-      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek
+      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor
       KAFKA_HEAP_OPTS: -Xmx1G -Xms1G
       LOG_RETENTION_HOURS: 4
     ports:
@@ -163,6 +164,7 @@ services:
       KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000
       KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest
       KSQL_HEAP_OPTS: -Xmx1g
+      KSQL_OPTS: "-Dconfluent.support.metrics.enable=false"
     ports:
       - 8088:8088
     networks:

docker/helk-kibana-notebook-analysis-alert-basic.yml

@@ -56,6 +56,7 @@ services:
     ports:
       - "5044:5044"
       - "8531:8531"
+      - "3515:3515"
     restart: always
     depends_on:
       - helk-kibana
@@ -136,7 +137,7 @@ services:
       REPLICATION_FACTOR: 1
       ADVERTISED_LISTENER: ${ADVERTISED_LISTENER}
       ZOOKEEPER_NAME: helk-zookeeper
-      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek
+      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor
       KAFKA_HEAP_OPTS: -Xmx1G -Xms1G
       LOG_RETENTION_HOURS: 4
     ports:
@@ -163,6 +164,7 @@ services:
       KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000
       KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest
       KSQL_HEAP_OPTS: -Xmx1g
+      KSQL_OPTS: "-Dconfluent.support.metrics.enable=false"
     ports:
       - 8088:8088
     networks:

docker/helk-kibana-notebook-analysis-alert-trial.yml

@@ -57,6 +57,7 @@ services:
     ports:
       - "5044:5044"
       - "8531:8531"
+      - "3515:3515"
     restart: always
     depends_on:
       - helk-kibana
@@ -137,7 +138,7 @@ services:
       REPLICATION_FACTOR: 1
       ADVERTISED_LISTENER: ${ADVERTISED_LISTENER}
       ZOOKEEPER_NAME: helk-zookeeper
-      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek
+      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor
       KAFKA_HEAP_OPTS: -Xmx1g -Xms1g
       LOG_RETENTION_HOURS: 4
     ports:
@@ -164,6 +165,7 @@ services:
       KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000
       KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest
       KSQL_HEAP_OPTS: -Xmx500m
+      KSQL_OPTS: "-Dconfluent.support.metrics.enable=false"
     ports:
       - 8088:8088
     networks:

docker/helk-kibana-notebook-analysis-basic.yml

@@ -56,6 +56,7 @@ services:
     ports:
       - "5044:5044"
       - "8531:8531"
+      - "3515:3515"
     restart: always
     depends_on:
       - helk-kibana
@@ -136,7 +137,7 @@ services:
       REPLICATION_FACTOR: 1
       ADVERTISED_LISTENER: ${ADVERTISED_LISTENER}
       ZOOKEEPER_NAME: helk-zookeeper
-      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek
+      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor
       KAFKA_HEAP_OPTS: -Xmx1G -Xms1G
       LOG_RETENTION_HOURS: 4
     ports:
@@ -163,6 +164,7 @@ services:
       KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000
       KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest
       KSQL_HEAP_OPTS: -Xmx1g
+      KSQL_OPTS: "-Dconfluent.support.metrics.enable=false"
     ports:
       - 8088:8088
     networks:

docker/helk-kibana-notebook-analysis-trial.yml

@@ -57,6 +57,7 @@ services:
     ports:
       - "5044:5044"
       - "8531:8531"
+      - "3515:3515"
     restart: always
     depends_on:
       - helk-kibana
@@ -137,7 +138,7 @@ services:
       REPLICATION_FACTOR: 1
       ADVERTISED_LISTENER: ${ADVERTISED_LISTENER}
       ZOOKEEPER_NAME: helk-zookeeper
-      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek
+      KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor
       KAFKA_HEAP_OPTS: -Xmx1g -Xms1g
       LOG_RETENTION_HOURS: 4
     ports:
@@ -164,6 +165,7 @@ services:
       KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000
       KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest
       KSQL_HEAP_OPTS: -Xmx500m
+      KSQL_OPTS: "-Dconfluent.support.metrics.enable=false"
     ports:
       - 8088:8088
     networks: