mirror of https://github.com/infosecn1nja/HELK.git
Docker Compose files
parent
f11d253ce2
commit
fce1374fa9
|
@ -0,0 +1,38 @@
|
|||
# Docker compose file for the HELK
|
||||
# HELK build version: 0.9 (BETA Script)
|
||||
# Author: Roberto Rodriguez @Cyb3rWard0g
|
||||
# ELK Version: 5x
|
||||
|
||||
version: '2'
|
||||
|
||||
services:
|
||||
elasticsearch:
|
||||
build: elasticsearch/docker/
|
||||
networks:
|
||||
- helk
|
||||
kibana:
|
||||
build: kibana/docker/
|
||||
depends_on:
|
||||
- elasticsearch
|
||||
networks:
|
||||
- helk
|
||||
nginx:
|
||||
build: nginx/docker/
|
||||
ports:
|
||||
- "80:80"
|
||||
depends_on:
|
||||
- kibana
|
||||
networks:
|
||||
- helk
|
||||
logstash:
|
||||
build: logstash/docker/
|
||||
depends_on:
|
||||
- elasticsearch
|
||||
networks:
|
||||
- helk
|
||||
|
||||
networks:
|
||||
helk:
|
||||
driver: bridge
|
||||
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
# Dockerfile for Elasticsearch
|
||||
# Author: Roberto Rodriguez @Cyb3rWard0g
|
||||
|
||||
FROM debian:jessie
|
||||
RUN apt-get update && apt-get install -y openjdk-8-jre-headless wget
|
||||
|
||||
RUN wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add - && \
|
||||
apt-get install apt-transport-https && \
|
||||
echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-5.x.list && \
|
||||
apt-get install elasticsearch && \
|
||||
mv /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/backup_elasticsearch.yml
|
||||
|
||||
ADD ../elasticsearch.yml /etc/elasticsearch/elasticsearch.yml
|
||||
|
||||
RUN systemctl daemon-reload && \
|
||||
systemctl enable elasticsearch.service && \
|
||||
systemctl start elasticsearch.service
|
||||
|
|
@ -0,0 +1,12 @@
|
|||
# Dockerfile for Kibana
|
||||
# Author: Roberto Rodriguez @Cyb3rWard0g
|
||||
|
||||
FROM debian:jessie
|
||||
RUN apt-get update && apt-get install kibana && \
|
||||
mv /etc/kibana/kibana.yml /etc/kibana/backup_kibana.yml
|
||||
|
||||
ADD ../kibana.yml /etc/kibana/kibana.yml
|
||||
|
||||
RUN systemctl daemon-reload && \
|
||||
systemctl enable kibana.service && \
|
||||
systemctl start kibana.service
|
|
@ -0,0 +1,11 @@
|
|||
# Dockerfile for Logstash
|
||||
# Author: Roberto Rodriguez @Cyb3rWard0g
|
||||
|
||||
FROM debian:jessie
|
||||
RUN apt-get update && apt-get install logstash
|
||||
|
||||
ADD ../logstash/02-beats-input.conf /etc/logstash/conf.d/02-beats-input.conf && \
|
||||
../logstash/50-elasticsearch-output.conf /etc/logstash/conf.d/50-elasticsearch-output.conf
|
||||
|
||||
RUN systemctl start logstash && \
|
||||
systemctl enable logstash
|
|
@ -0,0 +1,11 @@
|
|||
# Dockerfile for nginx
|
||||
# Author: Roberto Rodriguez @Cyb3rWard0g
|
||||
|
||||
FROM debian:jessie
|
||||
RUN apt-get update && apt-get -y install nginx && \
|
||||
echo "helkadmin:`openssl passwd -apr1 hunting`" | sudo tee -a /etc/nginx/htpasswd.users && \
|
||||
mv /etc/nginx/sites-available/default /etc/nginx/sites-available/backup_default
|
||||
|
||||
ADD ../default /etc/nginx/sites-available/default
|
||||
|
||||
RUN systemctl restart nginx
|
Loading…
Reference in New Issue