paulmataruso/wazuh-docker-mirror
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-docker.git synced 2025-10-23 04:51:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,002 Commits 92 Branches 159 Tags
2c2c32e8b74268ad7bd6fd1d74134f7a64a5b8b1
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Gonzalo Acuña 2c2c32e8b7 README update
2022-03-18 09:52:40 -03:00
.github/workflows
fix various issues into PR
2022-02-18 17:01:58 -03:00
indexer_certs_creator
Fixed wazuh-certs-tool.sh and wazuh-passwords-tool.sh URLs
2022-03-17 11:09:57 +01:00
production_cluster
Production deployment update
2022-03-17 10:45:17 -03:00
wazuh-dashboard
Update Dockerfile
2022-03-17 17:24:30 +01:00
wazuh-indexer
Updated base URL
2022-03-17 17:21:45 +01:00
wazuh-manager
Repositories URLs updated to packages bucket
2022-03-17 13:04:38 -03:00
.goss.yaml
Merge 4.2 into master
2021-09-30 16:33:20 -03:00
build-wazuh-images.yml
update dashboard.yml and indexer ports
2022-03-02 16:30:07 -03:00
CHANGELOG.md
Resolving conflicts in merge
2021-11-16 12:54:49 -03:00
docker-compose.yml
update dashboard.yml and indexer ports
2022-03-02 16:30:07 -03:00
generate-indexer-certs.yml
Update config and certs path
2022-03-04 18:20:15 -03:00
LICENSE
Bump year
2021-01-11 13:05:17 +01:00
production-cluster.yml
Production deployment update
2022-03-17 10:45:17 -03:00
README.md
README update
2022-03-18 09:52:40 -03:00
VERSION
Merge conflicts with master branch
2021-05-24 09:31:30 +02:00

README.md

Wazuh containers for Docker

Slack Email Documentation Documentation

In this repository you will find the containers to run:

  • Wazuh manager: it runs the Wazuh manager, Wazuh API and Filebeat OSS
  • Wazuh dashboard: provides a web user interface to browse through alerts data and allows you to visualize agents configuration and status.
  • Wazuh indexer: Wazuh indexer container (working as a single-node cluster). Be aware to increase the vm.max_map_count setting, as it's detailed in the Wazuh documentation.

In addition, a docker-compose file is provided to launch the containers mentioned above.

  • Wazuh indexer cluster. In the Wazuh indexer Dockerfile we can visualize variables to configure an Wazuh indexer Cluster. These variables are used in the file config_cluster.sh to set them in the opensearch.yml configuration file. You can see the meaning of the node variables and other cluster settings here.

Documentation

Setup SSL certificate

Before starting the environment it is required to provide an SSL certificate (or just generate one self-signed).

Documentation on how to provide these two can be found at Wazuh Docker Documentation.

Environment Variables

Default values are included when available.

Wazuh

API_USERNAME="wazuh"                                # Wazuh API username
API_PASSWORD="wazuh"                                # Wazuh API password - Must comply with requirements
                                                    # (8+ length, uppercase, lowercase, specials chars)

INDEXER_URL=https://wazuh1.indexer:9200             # Wazuh indexer URL
INDEXER_USERNAME=admin                              # Wazuh indexer Username
INDEXER_PASSWORD=admin                              # Wazuh indexer Password
FILEBEAT_SSL_VERIFICATION_MODE=full                 # Filebeat SSL Verification mode (full or none)
SSL_CERTIFICATE_AUTHORITIES=""                      # Path of Filebeat SSL CA
SSL_CERTIFICATE=""                                  # Path of Filebeat SSL Certificate
SSL_KEY=""                                          # Path of Filebeat SSL Key

Directory structure

├── build-wazuh-images.yml ├── CHANGELOG.md ├── docker-compose.yml ├── generate-indexer-certs.yml ├── indexer_certs_creator │ ├── config │ │ └── entrypoint.sh │ └── Dockerfile ├── LICENSE ├── production_cluster │ ├── nginx │ │ ├── nginx.conf │ │ └── ssl │ │ └── generate-self-signed-cert.sh │ ├── wazuh_cluster │ │ ├── wazuh_manager.conf │ │ └── wazuh_worker.conf │ ├── wazuh_dashboard │ │ ├── opensearch_dashboards.yml │ │ └── wazuh.yml │ ├── wazuh-indexer │ │ ├── internal_users.yml │ │ ├── wazuh1.indexer.yml │ │ ├── wazuh2.indexer.yml │ │ └── wazuh3.indexer.yml │ └── wazuh_indexer_ssl_certs │ └── certs.yml ├── production-cluster.yml ├── README.md ├── VERSION ├── wazuh-dashboard │ ├── config │ │ ├── entrypoint.sh │ │ ├── opensearch_dashboards.yml │ │ ├── wazuh_app_config.sh │ │ └── wazuh.yml │ └── Dockerfile ├── wazuh-indexer │ ├── config │ │ ├── config.sh │ │ ├── config.yml │ │ ├── entrypoint.sh │ │ ├── internal_users.yml │ │ ├── opensearch.yml │ │ ├── roles_mapping.yml │ │ ├── roles.yml │ │ └── securityadmin.sh │ └── Dockerfile └── wazuh-manager ├── config │ ├── create_user.py │ ├── etc │ │ ├── cont-init.d │ │ │ ├── 0-wazuh-init │ │ │ ├── 1-config-filebeat │ │ │ └── 2-manager │ │ └── services.d │ │ ├── filebeat │ │ │ ├── finish │ │ │ └── run │ │ └── ossec-logs │ │ └── run │ ├── filebeat.yml │ ├── permanent_data.env │ ├── permanent_data.sh │ └── wazuh.repo └── Dockerfile

Branches

  • master branch contains the latest code, be aware of possible bugs on this branch.
  • stable branch on correspond to the last Wazuh stable version.

Compatibility Matrix

Wazuh version ODFE XPACK
v4.3.0
v4.2.5 1.13.2 7.11.2
v4.2.4 1.13.2 7.11.2
v4.2.3 1.13.2 7.11.2
v4.2.2 1.13.2 7.11.2
v4.2.1 1.13.2 7.11.2
v4.2.0 1.13.2 7.10.2
v4.1.5 1.13.2 7.10.2
v4.1.4 1.12.0 7.10.2
v4.1.3 1.12.0 7.10.2
v4.1.2 1.12.0 7.10.2
v4.1.1 1.12.0 7.10.2
v4.1.0 1.12.0 7.10.2
v4.0.4 1.11.0
v4.0.3 1.11.0
v4.0.2 1.11.0
v4.0.1 1.11.0
v4.0.0 1.10.1

Credits and Thank you

These Docker containers are based on:

We thank you them and everyone else who has contributed to this project.

License and copyright

Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)

Web references

Wazuh website

Description
Wazuh - Docker containers
compliancedockerelasticsearchfile-integrity-managementhacktoberfesthacktoberfest-acceptedidsincident-responseintrusion-detectionlog-analysisloganalyzermonitoringossecpci-dsspolicy-monitoringsecuritysecurity-awarenesssecurity-hardeningvulnerability-detectionwazuh
Readme 390 MiB
Languages
Shell 76.9%
Dockerfile 17.9%
Python 5.2%