mirror of
https://github.com/wazuh/wazuh-docker.git
synced 2025-11-04 05:53:16 +00:00
Compare commits
21 Commits
cloud-v1.1
...
cloud-2.0.
| Author | SHA1 | Date | |
|---|---|---|---|
|
89eecb5b84 | ||
|
fc2f6a2125 | ||
|
6a7debd410 | ||
|
803f940d15 | ||
|
|
9300bd9542 | ||
|
|
2d78972166 | ||
|
|
fb09148e17 | ||
|
|
ea1501bff9 | ||
|
|
864dfc624f | ||
|
|
6f762ff04d | ||
|
|
a8b2c43dfc | ||
|
|
03fbcd8d99 | ||
|
|
93d686a0f5 | ||
|
b46c346ebe | ||
|
|
91675fecd1 | ||
|
83370eda56 | ||
|
8336d36509 | ||
|
|
2a2db1b8b3 | ||
|
68198a2138 | ||
|
7a2356f6ff | ||
|
|
c586c0cf88 |
@@ -3,7 +3,7 @@ FROM waystonesystems/baseimage-centos:0.2.0
|
||||
|
||||
# Arguments
|
||||
ARG FILEBEAT_VERSION=7.10.2
|
||||
ARG WAZUH_VERSION=4.3.6-0.debug
|
||||
ARG WAZUH_VERSION=4.7.3-0.debug
|
||||
|
||||
# Environment variables
|
||||
ENV API_USER="foo" \
|
||||
@@ -16,7 +16,10 @@ ENV FILEBEAT_DESTINATION="elasticsearch"
|
||||
RUN set -x && \
|
||||
groupadd -g 1000 wazuh && \
|
||||
useradd -u 1000 -g 1000 -d /var/ossec wazuh && \
|
||||
curl -o /tmp/wazuh-manager-$WAZUH_VERSION.x86_64.rpm https://packages.wazuh.com/cloud/4.3.x/wazuh-manager-$WAZUH_VERSION.x86_64.rpm && \
|
||||
# Retrieve DEV package
|
||||
#curl -o /tmp/wazuh-manager-$WAZUH_VERSION.x86_64.rpm https://packages-dev.wazuh.com/pre-release/yum/wazuh-manager-$WAZUH_VERSION.x86_64.rpm && \
|
||||
# Retrieve PROD package
|
||||
curl -o /tmp/wazuh-manager-$WAZUH_VERSION.x86_64.rpm https://packages.wazuh.com/cloud/4.7.x/rpm/wazuh-manager-$WAZUH_VERSION.x86_64.rpm && \
|
||||
yum update -y && \
|
||||
yum upgrade -y &&\
|
||||
yum install -y openssl vim expect python-boto python-pip python-cryptography postfix bsd-mailx mailx ca-certificates && \
|
||||
@@ -101,11 +104,12 @@ RUN chmod 755 /entrypoint.sh && \
|
||||
chmod 755 /entrypoint-scripts/85-save_wazuh_version.sh
|
||||
|
||||
# Load wazuh alerts template.
|
||||
ADD https://raw.githubusercontent.com/wazuh/wazuh/$TEMPLATE_VERSION/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat
|
||||
RUN chmod go-w /etc/filebeat/wazuh-template.json
|
||||
#ADD https://raw.githubusercontent.com/wazuh/wazuh/$TEMPLATE_VERSION/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat
|
||||
#RUN chmod go-w /etc/filebeat/wazuh-template.json
|
||||
|
||||
# Expose ports
|
||||
EXPOSE 55000/tcp 1514/udp 1515/tcp 514/udp 1516/tcp
|
||||
|
||||
# Run all services
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
|
||||
|
||||
@@ -11,7 +11,7 @@ WUI_USER_FILE_PATH = "/var/ossec/api/configuration/wui-user.json"
|
||||
WAZUH_USER_FILE_PATH = "/var/ossec/api/configuration/wazuh-user.json"
|
||||
|
||||
try:
|
||||
from wazuh.rbac.orm import create_rbac_db
|
||||
from wazuh.rbac.orm import check_database_integrity
|
||||
from wazuh.security import (
|
||||
create_user,
|
||||
get_users,
|
||||
@@ -44,7 +44,7 @@ if __name__ == "__main__":
|
||||
|
||||
wui_password = read_wui_user_file()
|
||||
wazuh_password = read_wazuh_user_file()
|
||||
create_rbac_db()
|
||||
check_database_integrity()
|
||||
initial_users = db_users()
|
||||
|
||||
# set a random password for all other users (not wazuh-wui)
|
||||
|
||||
@@ -22,6 +22,8 @@ PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/shuffle.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/shuffle"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/default-firewall-drop"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/disable-account"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/firewalld-drop"
|
||||
@@ -53,12 +55,17 @@ PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/aws-s3"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/aws-s3.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/azure/azure-logs"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/azure/azure-logs.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/azure/orm.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/docker/DockerListener"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/docker/DockerListener.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/gcloud"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/gcloud.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/buckets/access_logs.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/buckets/bucket.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/pubsub/subscriber.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/integration.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/tools.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/exceptions.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/utils.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/queue/vulnerabilities/dictionaries/cpe_helper.json"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/var/db/mitre.db"
|
||||
|
||||
Reference in New Issue
Block a user