-
Notifications
You must be signed in to change notification settings - Fork 5
/
docker-compose_build.yml
91 lines (83 loc) · 2.67 KB
/
docker-compose_build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
# Inspired by: https://github.com/wazuh/wazuh-docker/blob/v4.0.0_1.10.1/docker-compose.yml
version: '3.7'
services:
wazuh:
image: wazuh/wazuh-odfe:4.0.0_1.10.1
container_name: wazuh
hostname: wazuh-manager-container
restart: always
ports:
- "1514:1514"
- "1515:1515"
- "514:514/udp"
- "55000:55000"
environment:
- ELASTICSEARCH_URL=https://elasticsearch:9200
# In a non-demo deployment we wouldn't place secrets in the Dockerfile
- ELASTIC_USERNAME=admin
- ELASTIC_PASSWORD=admin
- FILEBEAT_SSL_VERIFICATION_MODE=none
volumes:
# For more context on wazuh-config-mount, please view...
# https://documentation.wazuh.com/3.7/docker/container-usage.html#mount-custom-wazuh-configuration-files
- './wazuh-manager-container/misc/local_rules.xml:/wazuh-config-mount/etc/rules/local_rules.xml'
- './wazuh-manager-container/misc/ossec.conf:/wazuh-config-mount/etc/ossec.conf'
elasticsearch:
image: amazon/opendistro-for-elasticsearch:1.10.1
hostname: elasticsearch
restart: always
ports:
- "9200:9200"
environment:
- discovery.type=single-node
- cluster.name=wazuh-cluster
- network.host=0.0.0.0
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- bootstrap.memory_lock=true
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
kibana:
image: wazuh/wazuh-kibana-odfe:4.0.0_1.10.1
hostname: kibana
restart: always
ports:
- 8080:5601
environment:
# In a non-demo deployment we wouldn't place secrets in the Dockerfile
- ELASTICSEARCH_USERNAME=admin
- ELASTICSEARCH_PASSWORD=admin
- SERVER_SSL_ENABLED=true
- SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/opendistroforelasticsearch.example.org.cert
- SERVER_SSL_KEY=/usr/share/kibana/config/opendistroforelasticsearch.example.org.key
depends_on:
- elasticsearch
links:
- elasticsearch:elasticsearch
- wazuh:wazuh
victim:
image: zachroofsec/os-analysis-with-wazuh-victim
container_name: victim
build: ./victim-container
privileged: true
links:
- wazuh:wazuh
- merlin-server:merlin-server
depends_on:
- wazuh
- merlin-server
# volumes:
# - './victim-container/misc/foothold/foothold.py:/tmp/foothold.py'
# - './victim-container/misc/foothold/libprocesshider.c:/tmp/libprocesshider.c'
merlin-server:
image: zachroofsec/os-analysis-with-wazuh-merlin
container_name: merlin-server
build: ./merlin-server-container/
ports:
- "443:443"
# volumes:
# - './victim-container/misc/foothold:/foothold'