blob: 76eee312e1aeaccc3e50fe081ba94de6cccc9087 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
version: "3.8"
services:
suricata:
image: jasonish/suricata:6.0.3
restart: unless-stopped
networks:
- suricatanet
volumes:
- surilogs:/var/log/suricata
- surirules:/var/lib/suricata
- suriconf:/etc/suricata
cap_drop:
- ALL
cap_add:
- net_admin
- sys_nice
environment:
- SURICATA_OPTIONS=-i eth0 -vvv
network_mode: "host"
evebox:
image: jasonish/evebox:0.14.0
elasticsearch:
image: elasticsearch:7.10.1
volumes:
- elk-data:/usr/share/elasticsearch/data
networks:
- notifnet
- lognet
ports:
- "9200:9200"
- "9300:9300"
environment:
- ES_JAVA_OPTS=-Xms256m -Xmx256m
- discovery.type=single-node
- xpack.monitoring.enabled=true
- xpack.watcher.enabled=true
logstash:
image: logstash:7.10.1
networks:
- lognet
depends_on:
- elasticsearch
environment:
- MONITORING_ENABLED=true
- LS_JAVA_OPTS=-Xms256m -Xmx256m
ports:
- "5000:5000"
kibana:
image: kibana:7.10.1
environment:
- ELASTICSEARCH_URL=http://elastic:9200
networks:
- lognet
ports:
- "5102:5601"
depends_on:
- elasticsearch
networks:
suricatanet:
lognet:
volumes:
surilogs:
surirules:
suriconf:
|
