paulmataruso/wazuh-docker-mirror
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-docker.git synced 2025-10-24 16:43:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updating to Wazuh v3.12. Also license year update.

Browse Source
This commit is contained in:
Zenidd
2020-03-20 16:42:36 +01:00
parent 320061f022
commit 90074777da
26 changed files with 68 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
CHANGELOG.md
View File

@@ -1,6 +1,14 @@
# Change Log # Change Log
All notable changes to this project will be documented in this file. All notable changes to this project will be documented in this file.
## Wazuh Docker v3.11.4_7.6.1
### Added
- Update to Wazuh version 3.12.0_7.6.1
## Wazuh Docker v3.11.4_7.6.1 ## Wazuh Docker v3.11.4_7.6.1
### Added ### Added
@@ -201,7 +209,7 @@ All notable changes to this project will be documented in this file.
- Add env credentials for nginx. ([#86](https://github.com/wazuh/wazuh-docker/pull/86)) - Add env credentials for nginx. ([#86](https://github.com/wazuh/wazuh-docker/pull/86))
- Improve filebeat configuration ([#88](https://github.com/wazuh/wazuh-docker/pull/88)) - Improve filebeat configuration ([#88](https://github.com/wazuh/wazuh-docker/pull/88))
### Fixed ### Fixed
- Temporary fix for Wazuh cluster master node in Kubernetes. ([#84](https://github.com/wazuh/wazuh-docker/pull/84)) - Temporary fix for Wazuh cluster master node in Kubernetes. ([#84](https://github.com/wazuh/wazuh-docker/pull/84))

2
LICENSE
View File

@@ -1,5 +1,5 @@
Portions Copyright (C) 2019 Wazuh, Inc. Portions Copyright (C) 2020 Wazuh, Inc.
Based on work Copyright (C) 2003 - 2013 Trend Micro, Inc. Based on work Copyright (C) 2003 - 2013 Trend Micro, Inc.
This program is a free software; you can redistribute it and/or modify This program is a free software; you can redistribute it and/or modify

6
README.md
View File

@@ -10,9 +10,9 @@ In this repository you will find the containers to run:
* wazuh: It runs the Wazuh manager, Wazuh API and Filebeat (for integration with Elastic Stack) * wazuh: It runs the Wazuh manager, Wazuh API and Filebeat (for integration with Elastic Stack)
* wazuh-kibana: Provides a web user interface to browse through alerts data. It includes Wazuh plugin for Kibana, that allows you to visualize agents configuration and status. * wazuh-kibana: Provides a web user interface to browse through alerts data. It includes Wazuh plugin for Kibana, that allows you to visualize agents configuration and status.
* wazuh-nginx: Proxies the Kibana container, adding HTTPS (via self-signed SSL certificate) and [Basic authentication](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication#Basic_authentication_scheme). * wazuh-nginx: Proxies the Kibana container, adding HTTPS (via self-signed SSL certificate) and [Basic authentication](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication#Basic_authentication_scheme).
* wazuh-elasticsearch: An Elasticsearch container (working as a single-node cluster) using Elastic Stack Docker images. **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).** * wazuh-elasticsearch: An Elasticsearch container (working as a single-node cluster) using Elastic Stack Docker images. **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).**
In addition, a docker-compose file is provided to launch the containers mentioned above. In addition, a docker-compose file is provided to launch the containers mentioned above.
* Elasticsearch cluster. In the Elasticsearch Dockerfile we can visualize variables to configure an Elasticsearch Cluster. These variables are used in the file *config_cluster.sh* to set them in the *elasticsearch.yml* configuration file. You can see the meaning of the node variables [here](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html) and other cluster settings [here](https://github.com/elastic/elasticsearch/blob/master/distribution/src/config/elasticsearch.yml). * Elasticsearch cluster. In the Elasticsearch Dockerfile we can visualize variables to configure an Elasticsearch Cluster. These variables are used in the file *config_cluster.sh* to set them in the *elasticsearch.yml* configuration file. You can see the meaning of the node variables [here](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html) and other cluster settings [here](https://github.com/elastic/elasticsearch/blob/master/distribution/src/config/elasticsearch.yml).
@@ -70,7 +70,7 @@ We thank you them and everyone else who has contributed to this project.
## License and copyright ## License and copyright
Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
## Web references ## Web references

10
docker-compose.yml
View File

@@ -1,9 +1,9 @@
# Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
version: '2' version: '2'
services: services:
wazuh: wazuh:
image: wazuh/wazuh:3.11.4_7.6.1 image: wazuh/wazuh:3.12.4_7.6.1
hostname: wazuh-manager hostname: wazuh-manager
restart: always restart: always
ports: ports:
@@ -13,7 +13,7 @@ services:
- "55000:55000" - "55000:55000"
elasticsearch: elasticsearch:
image: wazuh/wazuh-elasticsearch:3.11.4_7.6.1 image: wazuh/wazuh-elasticsearch:3.12.4_7.6.1
hostname: elasticsearch hostname: elasticsearch
restart: always restart: always
ports: ports:
@@ -30,7 +30,7 @@ services:
mem_limit: 2g mem_limit: 2g
kibana: kibana:
image: wazuh/wazuh-kibana:3.11.4_7.6.1 image: wazuh/wazuh-kibana:3.12.4_7.6.1
hostname: kibana hostname: kibana
restart: always restart: always
depends_on: depends_on:
@@ -40,7 +40,7 @@ services:
- wazuh:wazuh - wazuh:wazuh
nginx: nginx:
image: wazuh/wazuh-nginx:3.11.4_7.6.1 image: wazuh/wazuh-nginx:3.12.4_7.6.1
hostname: nginx hostname: nginx
restart: always restart: always
environment: environment:

8
elasticsearch/Dockerfile
View File

@@ -1,4 +1,4 @@
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
ARG ELASTIC_VERSION=7.6.1 ARG ELASTIC_VERSION=7.6.1
FROM docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION} FROM docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION}
ARG ELASTIC_VERSION ARG ELASTIC_VERSION
@@ -12,11 +12,11 @@ ENV ALERTS_SHARDS="1" \
ENV API_USER="foo" \ ENV API_USER="foo" \
API_PASS="bar" API_PASS="bar"
ENV XPACK_ML="true" ENV XPACK_ML="true"
ENV ENABLE_CONFIGURE_S3="false" ENV ENABLE_CONFIGURE_S3="false"
ARG TEMPLATE_VERSION=v3.11.4 ARG TEMPLATE_VERSION=v3.12.0
# Elasticearch cluster configuration environment variables # Elasticearch cluster configuration environment variables
# If ELASTIC_CLUSTER is set to "true" the following variables will be added to the Elasticsearch configuration # If ELASTIC_CLUSTER is set to "true" the following variables will be added to the Elasticsearch configuration
@@ -35,7 +35,7 @@ ENV ELASTIC_CLUSTER="false" \
CLUSTER_DELAYED_TIMEOUT="1m" \ CLUSTER_DELAYED_TIMEOUT="1m" \
CLUSTER_INITIAL_MASTER_NODES="wazuh-elasticsearch" CLUSTER_INITIAL_MASTER_NODES="wazuh-elasticsearch"
COPY config/entrypoint.sh /entrypoint.sh COPY config/entrypoint.sh /entrypoint.sh
RUN chmod 755 /entrypoint.sh RUN chmod 755 /entrypoint.sh

12
elasticsearch/config/config_cluster.sh
View File

@@ -1,11 +1,11 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
elastic_config_file="/usr/share/elasticsearch/config/elasticsearch.yml" elastic_config_file="/usr/share/elasticsearch/config/elasticsearch.yml"
remove_single_node_conf(){ remove_single_node_conf(){
if grep -Fq "discovery.type" $1; then if grep -Fq "discovery.type" $1; then
sed -i '/discovery.type\: /d' $1 sed -i '/discovery.type\: /d' $1
fi fi
} }
@@ -27,9 +27,9 @@ cat > $elastic_config_file << EOF
network.host: 0.0.0.0 network.host: 0.0.0.0
node.name: $CLUSTER_MASTER_NODE_NAME node.name: $CLUSTER_MASTER_NODE_NAME
node.master: $CLUSTER_NODE_MASTER node.master: $CLUSTER_NODE_MASTER
cluster.initial_master_nodes: cluster.initial_master_nodes:
- $CLUSTER_MASTER_NODE_NAME - $CLUSTER_MASTER_NODE_NAME
# end cluster config" # end cluster config"
EOF EOF
elif [[ $CLUSTER_NODE_NAME != "" ]];then elif [[ $CLUSTER_NODE_NAME != "" ]];then
@@ -42,10 +42,10 @@ cat > $elastic_config_file << EOF
network.host: 0.0.0.0 network.host: 0.0.0.0
node.name: $CLUSTER_NODE_NAME node.name: $CLUSTER_NODE_NAME
node.master: false node.master: false
discovery.seed_hosts: discovery.seed_hosts:
- $CLUSTER_MASTER_NODE_NAME - $CLUSTER_MASTER_NODE_NAME
- $CLUSTER_NODE_NAME - $CLUSTER_NODE_NAME
# end cluster config" # end cluster config"
EOF EOF
fi fi
# If the cluster is disabled, then set a single-node configuration # If the cluster is disabled, then set a single-node configuration

4
elasticsearch/config/configure_s3.sh
View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
set -e set -e
@@ -10,7 +10,7 @@ function CheckArgs()
{ {
if [ $1 != 4 ] && [ $1 != 5 ];then if [ $1 != 4 ] && [ $1 != 5 ];then
echo "Use: configure_s3.sh <Elastic_Server_IP:Port> <Bucket> <Path> <RepositoryName> (By default <current_elasticsearch_major_version> is added to the path and the repository name)" echo "Use: configure_s3.sh <Elastic_Server_IP:Port> <Bucket> <Path> <RepositoryName> (By default <current_elasticsearch_major_version> is added to the path and the repository name)"
echo "or use: configure_s3.sh <Elastic_Server_IP:Port> <Bucket> <Path> <RepositoryName> <Elasticsearch major version>" echo "or use: configure_s3.sh <Elastic_Server_IP:Port> <Bucket> <Path> <RepositoryName> <Elasticsearch major version>"
exit 1 exit 1
fi fi

6
elasticsearch/config/entrypoint.sh
View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
# For more information https://github.com/elastic/elasticsearch-docker/blob/6.8.0/build/elasticsearch/bin/docker-entrypoint.sh # For more information https://github.com/elastic/elasticsearch-docker/blob/6.8.0/build/elasticsearch/bin/docker-entrypoint.sh
@@ -24,7 +24,7 @@ run_as_other_user_if_needed() {
elasticsearch_config_file="/usr/share/elasticsearch/config/elasticsearch.yml" elasticsearch_config_file="/usr/share/elasticsearch/config/elasticsearch.yml"
if grep -Fq "#xpack features" "$elasticsearch_config_file"; if grep -Fq "#xpack features" "$elasticsearch_config_file";
then then
declare -A CONFIG_MAP=( declare -A CONFIG_MAP=(
[xpack.ml.enabled]=$XPACK_ML [xpack.ml.enabled]=$XPACK_ML
) )
@@ -49,4 +49,4 @@ fi
# Execute elasticsearch # Execute elasticsearch
run_as_other_user_if_needed /usr/share/elasticsearch/bin/elasticsearch run_as_other_user_if_needed /usr/share/elasticsearch/bin/elasticsearch

10
elasticsearch/config/load_settings.sh
View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
set -e set -e
@@ -24,13 +24,13 @@ if [ $ENABLE_CONFIGURE_S3 ]; then
sleep 10 sleep 10
IP_PORT="${ELASTICSEARCH_IP}:${ELASTICSEARCH_PORT}" IP_PORT="${ELASTICSEARCH_IP}:${ELASTICSEARCH_PORT}"
if [ "x$S3_PATH" != "x" ]; then if [ "x$S3_PATH" != "x" ]; then
if [ "x$S3_ELASTIC_MAJOR" != "x" ]; then if [ "x$S3_ELASTIC_MAJOR" != "x" ]; then
./config/configure_s3.sh $IP_PORT $S3_BUCKET_NAME $S3_PATH $S3_REPOSITORY_NAME $S3_ELASTIC_MAJOR ./config/configure_s3.sh $IP_PORT $S3_BUCKET_NAME $S3_PATH $S3_REPOSITORY_NAME $S3_ELASTIC_MAJOR
else else
./config/configure_s3.sh $IP_PORT $S3_BUCKET_NAME $S3_PATH $S3_REPOSITORY_NAME ./config/configure_s3.sh $IP_PORT $S3_BUCKET_NAME $S3_PATH $S3_REPOSITORY_NAME
fi fi

2
kibana/Dockerfile
View File

@@ -1,4 +1,4 @@
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
FROM docker.elastic.co/kibana/kibana:7.6.1 FROM docker.elastic.co/kibana/kibana:7.6.1
USER kibana USER kibana
ARG ELASTIC_VERSION=7.6.1 ARG ELASTIC_VERSION=7.6.1

2
kibana/config/entrypoint.sh
View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
set -e set -e

8
kibana/config/kibana_settings.sh
View File

@@ -1,12 +1,12 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
WAZUH_MAJOR=3 WAZUH_MAJOR=3
############################################################################## ##############################################################################
# Wait for the Kibana API to start. It is necessary to do it in this container # Wait for the Kibana API to start. It is necessary to do it in this container
# because the others are running Elastic Stack and we can not interrupt them. # because the others are running Elastic Stack and we can not interrupt them.
# #
# The following actions are performed: # The following actions are performed:
# #
# Add the wazuh alerts index as default. # Add the wazuh alerts index as default.
@@ -49,7 +49,7 @@ while [[ "$(curl -XGET -I -s -o /dev/null -w ''%{http_code}'' $kibana_ip:5601/s
sleep 5 sleep 5
done done
# Prepare index selection. # Prepare index selection.
echo "Kibana API is running" echo "Kibana API is running"
default_index="/tmp/default_index.json" default_index="/tmp/default_index.json"

6
kibana/config/wazuh_app_config.sh
View File

@@ -1,12 +1,12 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
wazuh_url="${WAZUH_API_URL:-https://wazuh}" wazuh_url="${WAZUH_API_URL:-https://wazuh}"
wazuh_port="${API_PORT:-55000}" wazuh_port="${API_PORT:-55000}"
api_user="${API_USER:-foo}" api_user="${API_USER:-foo}"
api_password="${API_PASS:-bar}" api_password="${API_PASS:-bar}"
kibana_config_file="/usr/share/kibana/plugins/wazuh/wazuh.yml" kibana_config_file="/usr/share/kibana/optimize/wazuh/config/wazuh.yml"
declare -A CONFIG_MAP=( declare -A CONFIG_MAP=(
[pattern]=$PATTERN [pattern]=$PATTERN
@@ -53,7 +53,7 @@ grep -q 1513629884013 $kibana_config_file
_config_exists=$? _config_exists=$?
if [[ "x$CONFIG_CODE" != "x200" && $_config_exists -ne 0 ]]; then if [[ "x$CONFIG_CODE" != "x200" && $_config_exists -ne 0 ]]; then
cat << EOF >> $kibana_config_file cat << EOF >> $kibana_config_file
- 1513629884013: - 1513629884013:
url: $wazuh_url url: $wazuh_url
port: $wazuh_port port: $wazuh_port

3
kibana/config/welcome_wazuh.sh
View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
if [[ $CHANGE_WELCOME == "true" ]] if [[ $CHANGE_WELCOME == "true" ]]
then then
@@ -21,4 +21,3 @@ then
sed -i 's#visible: true#visible: false#g' $kibana_path/node_modules/x-pack/plugins/rollup/public/crud_app/index.js sed -i 's#visible: true#visible: false#g' $kibana_path/node_modules/x-pack/plugins/rollup/public/crud_app/index.js
sed -i 's#visible: true#visible: false#g' $kibana_path/node_modules/x-pack/plugins/license_management/public/management_section.js sed -i 's#visible: true#visible: false#g' $kibana_path/node_modules/x-pack/plugins/license_management/public/management_section.js
fi fi

6
kibana/config/xpack_config.sh
View File

@@ -1,9 +1,9 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
kibana_config_file="/usr/share/kibana/config/kibana.yml" kibana_config_file="/usr/share/kibana/config/kibana.yml"
if grep -Fq "#xpack features" "$kibana_config_file"; if grep -Fq "#xpack features" "$kibana_config_file";
then then
declare -A CONFIG_MAP=( declare -A CONFIG_MAP=(
[xpack.apm.ui.enabled]=$XPACK_APM [xpack.apm.ui.enabled]=$XPACK_APM
[xpack.grokdebugger.enabled]=$XPACK_DEVTOOLS [xpack.grokdebugger.enabled]=$XPACK_DEVTOOLS
@@ -23,7 +23,7 @@ then
else else
echo " echo "
#xpack features #xpack features
xpack.apm.ui.enabled: $XPACK_APM xpack.apm.ui.enabled: $XPACK_APM
xpack.grokdebugger.enabled: $XPACK_DEVTOOLS xpack.grokdebugger.enabled: $XPACK_DEVTOOLS
xpack.searchprofiler.enabled: $XPACK_DEVTOOLS xpack.searchprofiler.enabled: $XPACK_DEVTOOLS
xpack.ml.enabled: $XPACK_ML xpack.ml.enabled: $XPACK_ML

2
nginx/Dockerfile
View File

@@ -1,4 +1,4 @@
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
FROM nginx:latest FROM nginx:latest
ENV DEBIAN_FRONTEND noninteractive ENV DEBIAN_FRONTEND noninteractive

4
nginx/config/entrypoint.sh
View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
set -e set -e
@@ -36,7 +36,7 @@ if [ ! -f /etc/nginx/conf.d/kibana.htpasswd ]; then
fi fi
done done
else else
# NGINX_PWD and NGINX_NAME are declared in nginx/Dockerfile # NGINX_PWD and NGINX_NAME are declared in nginx/Dockerfile
htpasswd -b -c /etc/nginx/conf.d/kibana.htpasswd $NGINX_NAME $NGINX_PWD >/dev/null htpasswd -b -c /etc/nginx/conf.d/kibana.htpasswd $NGINX_NAME $NGINX_PWD >/dev/null
fi fi
else else

10
wazuh/Dockerfile
View File

@@ -1,14 +1,14 @@
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
FROM phusion/baseimage:latest FROM phusion/baseimage:latest
ARG FILEBEAT_VERSION=7.6.1 ARG FILEBEAT_VERSION=7.6.1
ARG WAZUH_VERSION=3.11.4-1 ARG WAZUH_VERSION=3.12.0-1
ENV API_USER="foo" \ ENV API_USER="foo" \
API_PASS="bar" API_PASS="bar"
ARG TEMPLATE_VERSION="v3.11.4" ARG TEMPLATE_VERSION="v3.12.0"
# Set repositories. # Set repositories.
RUN set -x && echo "deb https://packages.wazuh.com/3.x/apt/ stable main" | tee /etc/apt/sources.list.d/wazuh.list && \ RUN set -x && echo "deb https://packages.wazuh.com/3.x/apt/ stable main" | tee /etc/apt/sources.list.d/wazuh.list && \
@@ -70,11 +70,11 @@ COPY config/filebeat.runit.service /etc/service/filebeat/run
RUN chmod +x /etc/service/wazuh-api/run && \ RUN chmod +x /etc/service/wazuh-api/run && \
chmod +x /etc/service/wazuh/run && \ chmod +x /etc/service/wazuh/run && \
chmod +x /etc/service/postfix/run && \ chmod +x /etc/service/postfix/run && \
chmod +x /etc/service/filebeat/run chmod +x /etc/service/filebeat/run
ADD https://raw.githubusercontent.com/wazuh/wazuh/$TEMPLATE_VERSION/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat ADD https://raw.githubusercontent.com/wazuh/wazuh/$TEMPLATE_VERSION/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat
RUN chmod go-w /etc/filebeat/wazuh-template.json RUN chmod go-w /etc/filebeat/wazuh-template.json
# Run all services # Run all services
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]

2
wazuh/config/00-wazuh.sh
View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
# Wazuh container bootstrap. See the README for information of the environment # Wazuh container bootstrap. See the README for information of the environment
# variables expected by this script. # variables expected by this script.

3
wazuh/config/01-config_filebeat.sh
View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
set -e set -e
@@ -16,4 +16,3 @@ fi
curl -s "https://packages.wazuh.com/3.x/filebeat/${WAZUH_FILEBEAT_MODULE}" | tar -xvz -C /usr/share/filebeat/module curl -s "https://packages.wazuh.com/3.x/filebeat/${WAZUH_FILEBEAT_MODULE}" | tar -xvz -C /usr/share/filebeat/module
mkdir -p /usr/share/filebeat/module/wazuh mkdir -p /usr/share/filebeat/module/wazuh
chmod 755 -R /usr/share/filebeat/module/wazuh chmod 755 -R /usr/share/filebeat/module/wazuh

4
wazuh/config/entrypoint.sh
View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
# It will run every .sh script located in entrypoint-scripts folder in lexicographical order # It will run every .sh script located in entrypoint-scripts folder in lexicographical order
for script in `ls /entrypoint-scripts/*.sh | sort -n`; do for script in `ls /entrypoint-scripts/*.sh | sort -n`; do
@@ -11,4 +11,4 @@ done
# Start Wazuh Server. # Start Wazuh Server.
############################################################################## ##############################################################################
/sbin/my_init /sbin/my_init

2
wazuh/config/filebeat.runit.service
View File

@@ -1,4 +1,4 @@
#!/bin/sh #!/bin/sh
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
service filebeat start service filebeat start
tail -f /var/log/filebeat/filebeat tail -f /var/log/filebeat/filebeat

2
wazuh/config/init.bash
View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
# Initialize the custom data directory layout # Initialize the custom data directory layout
source /data_dirs.env source /data_dirs.env

2
wazuh/config/postfix.runit.service
View File

@@ -1,4 +1,4 @@
#!/bin/sh #!/bin/sh
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
service postfix start service postfix start
tail -f /var/log/mail.log tail -f /var/log/mail.log

3
wazuh/config/wazuh-api.runit.service
View File

@@ -1,5 +1,4 @@
#!/bin/sh #!/bin/sh
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
service wazuh-api start service wazuh-api start
tail -f /var/ossec/data/logs/api.log tail -f /var/ossec/data/logs/api.log

3
wazuh/config/wazuh.runit.service
View File

@@ -1,5 +1,4 @@
#!/bin/sh #!/bin/sh
# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
service wazuh-manager start service wazuh-manager start
tail -f /var/ossec/data/logs/ossec.log tail -f /var/ossec/data/logs/ossec.log