From 04215320feec846c1c2baa4473774ba55163dadd Mon Sep 17 00:00:00 2001 From: neu5ron <> Date: Fri, 3 Jan 2020 12:19:57 -0500 Subject: [PATCH] merge mordor nxlog --- docker/helk-kibana-analysis-alert-basic.yml | 4 +++- docker/helk-kibana-analysis-alert-trial.yml | 4 +++- docker/helk-kibana-analysis-basic.yml | 4 +++- docker/helk-kibana-analysis-trial.yml | 4 +++- docker/helk-kibana-notebook-analysis-alert-basic.yml | 4 +++- docker/helk-kibana-notebook-analysis-alert-trial.yml | 4 +++- docker/helk-kibana-notebook-analysis-basic.yml | 4 +++- docker/helk-kibana-notebook-analysis-trial.yml | 4 +++- 8 files changed, 24 insertions(+), 8 deletions(-) diff --git a/docker/helk-kibana-analysis-alert-basic.yml b/docker/helk-kibana-analysis-alert-basic.yml index ab12c84..bff54f4 100644 --- a/docker/helk-kibana-analysis-alert-basic.yml +++ b/docker/helk-kibana-analysis-alert-basic.yml @@ -56,6 +56,7 @@ services: ports: - "5044:5044" - "8531:8531" + - "3515:3515" restart: always depends_on: - helk-kibana @@ -136,7 +137,7 @@ services: REPLICATION_FACTOR: 1 ADVERTISED_LISTENER: ${ADVERTISED_LISTENER} ZOOKEEPER_NAME: helk-zookeeper - KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek + KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor KAFKA_HEAP_OPTS: -Xmx1G -Xms1G LOG_RETENTION_HOURS: 4 ports: @@ -163,6 +164,7 @@ services: KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000 KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest KSQL_HEAP_OPTS: -Xmx1g + KSQL_OPTS: "-Dconfluent.support.metrics.enable=false" ports: - 8088:8088 networks: diff --git a/docker/helk-kibana-analysis-alert-trial.yml b/docker/helk-kibana-analysis-alert-trial.yml index 0867b70..2473ffe 100644 --- a/docker/helk-kibana-analysis-alert-trial.yml +++ b/docker/helk-kibana-analysis-alert-trial.yml @@ -57,6 +57,7 @@ services: ports: - "5044:5044" - "8531:8531" + - "3515:3515" restart: always depends_on: - helk-kibana @@ -136,7 +137,7 @@ services: REPLICATION_FACTOR: 1 ADVERTISED_LISTENER: ${ADVERTISED_LISTENER} ZOOKEEPER_NAME: helk-zookeeper - KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek + KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor KAFKA_HEAP_OPTS: -Xmx1G -Xms1G LOG_RETENTION_HOURS: 4 ports: @@ -163,6 +164,7 @@ services: KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000 KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest KSQL_HEAP_OPTS: -Xmx1g + KSQL_OPTS: "-Dconfluent.support.metrics.enable=false" ports: - 8088:8088 networks: diff --git a/docker/helk-kibana-analysis-basic.yml b/docker/helk-kibana-analysis-basic.yml index 8a4ee45..554728c 100644 --- a/docker/helk-kibana-analysis-basic.yml +++ b/docker/helk-kibana-analysis-basic.yml @@ -51,6 +51,7 @@ services: ports: - "5044:5044" - "8531:8531" + - "3515:3515" restart: always depends_on: - helk-kibana @@ -111,7 +112,7 @@ services: REPLICATION_FACTOR: 1 ADVERTISED_LISTENER: ${ADVERTISED_LISTENER} ZOOKEEPER_NAME: helk-zookeeper - KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek + KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor KAFKA_HEAP_OPTS: -Xmx1G -Xms1G LOG_RETENTION_HOURS: 4 ports: @@ -133,6 +134,7 @@ services: KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000 KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest KSQL_HEAP_OPTS: -Xmx1g + KSQL_OPTS: "-Dconfluent.support.metrics.enable=false" ports: - 8088:8088 networks: diff --git a/docker/helk-kibana-analysis-trial.yml b/docker/helk-kibana-analysis-trial.yml index 5c8867a..41a8087 100644 --- a/docker/helk-kibana-analysis-trial.yml +++ b/docker/helk-kibana-analysis-trial.yml @@ -57,6 +57,7 @@ services: ports: - "5044:5044" - "8531:8531" + - "3515:3515" restart: always depends_on: - helk-kibana @@ -136,7 +137,7 @@ services: REPLICATION_FACTOR: 1 ADVERTISED_LISTENER: ${ADVERTISED_LISTENER} ZOOKEEPER_NAME: helk-zookeeper - KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek + KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor KAFKA_HEAP_OPTS: -Xmx1G -Xms1G LOG_RETENTION_HOURS: 4 ports: @@ -163,6 +164,7 @@ services: KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000 KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest KSQL_HEAP_OPTS: -Xmx1g + KSQL_OPTS: "-Dconfluent.support.metrics.enable=false" ports: - 8088:8088 networks: diff --git a/docker/helk-kibana-notebook-analysis-alert-basic.yml b/docker/helk-kibana-notebook-analysis-alert-basic.yml index cf1a1a0..c02f98d 100644 --- a/docker/helk-kibana-notebook-analysis-alert-basic.yml +++ b/docker/helk-kibana-notebook-analysis-alert-basic.yml @@ -56,6 +56,7 @@ services: ports: - "5044:5044" - "8531:8531" + - "3515:3515" restart: always depends_on: - helk-kibana @@ -136,7 +137,7 @@ services: REPLICATION_FACTOR: 1 ADVERTISED_LISTENER: ${ADVERTISED_LISTENER} ZOOKEEPER_NAME: helk-zookeeper - KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek + KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor KAFKA_HEAP_OPTS: -Xmx1G -Xms1G LOG_RETENTION_HOURS: 4 ports: @@ -163,6 +164,7 @@ services: KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000 KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest KSQL_HEAP_OPTS: -Xmx1g + KSQL_OPTS: "-Dconfluent.support.metrics.enable=false" ports: - 8088:8088 networks: diff --git a/docker/helk-kibana-notebook-analysis-alert-trial.yml b/docker/helk-kibana-notebook-analysis-alert-trial.yml index a31184d..371f0aa 100644 --- a/docker/helk-kibana-notebook-analysis-alert-trial.yml +++ b/docker/helk-kibana-notebook-analysis-alert-trial.yml @@ -57,6 +57,7 @@ services: ports: - "5044:5044" - "8531:8531" + - "3515:3515" restart: always depends_on: - helk-kibana @@ -137,7 +138,7 @@ services: REPLICATION_FACTOR: 1 ADVERTISED_LISTENER: ${ADVERTISED_LISTENER} ZOOKEEPER_NAME: helk-zookeeper - KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek + KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor KAFKA_HEAP_OPTS: -Xmx1g -Xms1g LOG_RETENTION_HOURS: 4 ports: @@ -164,6 +165,7 @@ services: KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000 KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest KSQL_HEAP_OPTS: -Xmx500m + KSQL_OPTS: "-Dconfluent.support.metrics.enable=false" ports: - 8088:8088 networks: diff --git a/docker/helk-kibana-notebook-analysis-basic.yml b/docker/helk-kibana-notebook-analysis-basic.yml index 4caa107..50989cf 100644 --- a/docker/helk-kibana-notebook-analysis-basic.yml +++ b/docker/helk-kibana-notebook-analysis-basic.yml @@ -56,6 +56,7 @@ services: ports: - "5044:5044" - "8531:8531" + - "3515:3515" restart: always depends_on: - helk-kibana @@ -136,7 +137,7 @@ services: REPLICATION_FACTOR: 1 ADVERTISED_LISTENER: ${ADVERTISED_LISTENER} ZOOKEEPER_NAME: helk-zookeeper - KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek + KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor KAFKA_HEAP_OPTS: -Xmx1G -Xms1G LOG_RETENTION_HOURS: 4 ports: @@ -163,6 +164,7 @@ services: KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000 KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest KSQL_HEAP_OPTS: -Xmx1g + KSQL_OPTS: "-Dconfluent.support.metrics.enable=false" ports: - 8088:8088 networks: diff --git a/docker/helk-kibana-notebook-analysis-trial.yml b/docker/helk-kibana-notebook-analysis-trial.yml index d9b60bf..7188f49 100644 --- a/docker/helk-kibana-notebook-analysis-trial.yml +++ b/docker/helk-kibana-notebook-analysis-trial.yml @@ -57,6 +57,7 @@ services: ports: - "5044:5044" - "8531:8531" + - "3515:3515" restart: always depends_on: - helk-kibana @@ -137,7 +138,7 @@ services: REPLICATION_FACTOR: 1 ADVERTISED_LISTENER: ${ADVERTISED_LISTENER} ZOOKEEPER_NAME: helk-zookeeper - KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, zeek + KAFKA_CREATE_TOPICS: winlogbeat, SYSMON_JOIN, filebeat, nxlog_mordor KAFKA_HEAP_OPTS: -Xmx1g -Xms1g LOG_RETENTION_HOURS: 4 ports: @@ -164,6 +165,7 @@ services: KSQL_KSQL_CACHE_MAX_BYTES_BUFFERING: 10000000 KSQL_KSQL_STREAMS_AUTO_OFFSET_RESET: earliest KSQL_HEAP_OPTS: -Xmx500m + KSQL_OPTS: "-Dconfluent.support.metrics.enable=false" ports: - 8088:8088 networks: