version: '2' services: wazuh: image: wazuh/wazuh hostname: wazuh-manager restart: always ports: - "1514:1514/udp" - "1515:1515" - "514:514/udp" - "55000:55000" networks: - docker_elk # volumes: # - my-path:/var/ossec/data:Z # - my-path:/etc/postfix:Z # - my-path:/etc/filebeat # - my-custom-config-path/ossec.conf:/wazuh-config-mount/etc/ossec.conf depends_on: - elasticsearch logstash: image: wazuh/wazuh-logstash hostname: logstash restart: always command: -f /etc/logstash/conf.d/ # volumes: # - my-path:/etc/logstash/conf.d:Z links: - kibana - elasticsearch:elasticsearch ports: - "5000:5000" networks: - docker_elk depends_on: - elasticsearch environment: - LS_HEAP_SIZE=2048m - XPACK_MONITORING_ENABLED=false elasticsearch: image: docker.elastic.co/elasticsearch/elasticsearch:6.2.2 hostname: elasticsearch restart: always ports: - "9200:9200" # - "9300:9300" environment: - node.name=node-1 - cluster.name=wazuh - network.host=0.0.0.0 - bootstrap.memory_lock=true - xpack.security.enabled=false - xpack.monitoring.enabled=false - xpack.ml.enabled=false - xpack.watcher.enabled=false - xpack.graph.enabled=false - "ES_JAVA_OPTS=-Xms1g -Xmx1g" ulimits: memlock: soft: -1 hard: -1 mem_limit: 2g # volumes: # - my-path:/usr/share/elasticsearch/data:Z networks: - docker_elk kibana: image: wazuh/wazuh-kibana hostname: kibana restart: always # ports: # - "5601:5601" environment: - "NODE_OPTIONS=--max-old-space-size=3072" networks: - docker_elk depends_on: - elasticsearch links: - elasticsearch:elasticsearch - wazuh entrypoint: /wait-for-it.sh elasticsearch nginx: image: wazuh/wazuh-nginx hostname: nginx restart: always entrypoint: /run.sh environment: - NGINX_PORT=443 ports: - "80:80" - "443:443" # volumes: # - my-path:/etc/nginx/conf.d:Z networks: - docker_elk depends_on: - kibana links: - kibana networks: docker_elk: driver: bridge ipam: config: - subnet: 172.25.0.0/24