# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) version: '3.7' services: wazuh: image: wazuh/wazuh:4.2.5 hostname: wazuh-manager restart: always ports: - "1514:1514" - "1515:1515" - "514:514/udp" - "55000:55000" environment: - ELASTICSEARCH_URL=https://elasticsearch:9200 - ELASTIC_USERNAME=elastic - ELASTIC_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=none - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/ca.crt - SSL_CERTIFICATE=/etc/ssl/wazuh.crt - SSL_KEY=/etc/ssl/wazuh.key volumes: - ossec_api_configuration:/var/ossec/api/configuration - ossec_etc:/var/ossec/etc - ossec_logs:/var/ossec/logs - ossec_queue:/var/ossec/queue - ossec_var_multigroups:/var/ossec/var/multigroups - ossec_integrations:/var/ossec/integrations - ossec_active_response:/var/ossec/active-response/bin - ossec_agentless:/var/ossec/agentless - ossec_wodles:/var/ossec/wodles - filebeat_etc:/etc/filebeat - filebeat_var:/var/lib/filebeat - ./xpack/ca/ca.crt:/etc/ssl/ca.crt - ./xpack/wazuh/wazuh.crt:/etc/ssl/wazuh.crt - ./xpack/wazuh/wazuh.key:/etc/ssl/wazuh.key elasticsearch: image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2 hostname: elasticsearch restart: always ports: - "9200:9200" environment: - cluster.name=wazuh-cluster - node.name=elasticsearch - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3 - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3 - ELASTIC_PASSWORD=SecretPassword - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - bootstrap.memory_lock=true - xpack.license.self_generated.type=basic - xpack.security.enabled=true - xpack.security.http.ssl.enabled=true - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - xpack.security.transport.ssl.enabled=true - xpack.security.transport.ssl.verification_mode=certificate - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt ulimits: memlock: soft: -1 hard: -1 nofile: soft: 65536 hard: 65536 volumes: - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - ./xpack/elasticsearch/elasticsearch.key:/usr/share/elasticsearch/config/elasticsearch.key - ./xpack/elasticsearch/elasticsearch.crt:/usr/share/elasticsearch/config/elasticsearch.crt elasticsearch2: image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2 hostname: elasticsearch2 restart: always environment: - cluster.name=wazuh-cluster - node.name=elasticsearch2 - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3 - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3 - ELASTIC_PASSWORD=SecretPassword - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - bootstrap.memory_lock=true - xpack.license.self_generated.type=basic - xpack.security.enabled=true - xpack.security.http.ssl.enabled=true - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - xpack.security.transport.ssl.enabled=true - xpack.security.transport.ssl.verification_mode=certificate - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt ulimits: memlock: soft: -1 hard: -1 nofile: soft: 65536 hard: 65536 volumes: - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - ./xpack/elasticsearch2/elasticsearch2.key:/usr/share/elasticsearch/config/elasticsearch.key - ./xpack/elasticsearch2/elasticsearch2.crt:/usr/share/elasticsearch/config/elasticsearch.crt elasticsearch3: image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2 hostname: elasticsearch3 restart: always environment: - cluster.name=wazuh-cluster - node.name=elasticsearch3 - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3 - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3 - ELASTIC_PASSWORD=SecretPassword - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - bootstrap.memory_lock=true - xpack.license.self_generated.type=basic - xpack.security.enabled=true - xpack.security.http.ssl.enabled=true - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - xpack.security.transport.ssl.enabled=true - xpack.security.transport.ssl.verification_mode=certificate - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt ulimits: memlock: soft: -1 hard: -1 nofile: soft: 65536 hard: 65536 volumes: - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - ./xpack/elasticsearch3/elasticsearch3.key:/usr/share/elasticsearch/config/elasticsearch.key - ./xpack/elasticsearch3/elasticsearch3.crt:/usr/share/elasticsearch/config/elasticsearch.crt kibana: image: wazuh/wazuh-kibana:4.2.5 hostname: kibana restart: always ports: - 443:5601 environment: - SERVERNAME=localhost - ELASTICSEARCH_USERNAME=elastic - ELASTICSEARCH_PASSWORD=SecretPassword - ELASTICSEARCH_URL=https://elasticsearch:9200 - ELASTICSEARCH_HOSTS=https://elasticsearch:9200 - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=/usr/share/kibana/config/ca.crt - SERVER_SSL_ENABLED=true - XPACK_SECURITY_ENABLED=true - SERVER_SSL_KEY=/usr/share/kibana/config/kibana.key - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/kibana.crt volumes: - ./xpack/ca/ca.crt:/usr/share/kibana/config/ca.crt - ./xpack/kibana/kibana.key:/usr/share/kibana/config/kibana.key - ./xpack/kibana/kibana.crt:/usr/share/kibana/config/kibana.crt depends_on: - elasticsearch links: - elasticsearch:elasticsearch - wazuh:wazuh volumes: ossec_api_configuration: ossec_etc: ossec_logs: ossec_queue: ossec_var_multigroups: ossec_integrations: ossec_active_response: ossec_agentless: ossec_wodles: filebeat_etc: filebeat_var: