mirror of
https://github.com/wazuh/wazuh-docker.git
synced 2025-10-23 06:11:57 +00:00
9.2 KiB
9.2 KiB
Wazuh containers for Docker
In this repository you will find the containers to run:
- Wazuh manager: it runs the Wazuh manager, Wazuh API and Filebeat OSS
- Wazuh dashboard: provides a web user interface to browse through alert data and allows you to visualize the agents configuration and status.
- Wazuh indexer: Wazuh indexer container (working as a single-node cluster or as a multi-node cluster). Be aware to increase the
vm.max_map_countsetting, as it's detailed in the Wazuh documentation. - Wazuh agent: This container contains the Wazuh agent services. Current functionality is limited.
The folder build-docker-images contains a README explaining how to build the Wazuh images and the necessary assets.
The folder indexer-certs-creator contains a README explaining how to create the certificates creator tool and the necessary assets.
The folder single-node contains a README explaining how to run a Wazuh environment with one Wazuh manager, one Wazuh indexer, and one Wazuh dashboard.
The folder multi-node contains a README explaining how to run a Wazuh environment with two Wazuh managers, three Wazuh indexers, and one Wazuh dashboard.
The folder wazuh-agent contains a README explaining how to run a container with Wazuh agent.
Documentation
Directory structure
├── build-docker-images
│ ├── build-images.sh
│ ├── build-images.yml
│ ├── README.md
│ ├── wazuh-agent
│ │ ├── config
│ │ │ ├── check_repository.sh
│ │ │ └── etc
│ │ │ ├── cont-init.d
│ │ │ │ ├── 0-wazuh-init
│ │ │ │ └── 1-agent
│ │ │ └── services.d
│ │ │ └── ossec-logs
│ │ │ └── run
│ │ └── Dockerfile
│ ├── wazuh-dashboard
│ │ ├── config
│ │ │ ├── check_repository.sh
│ │ │ ├── config.sh
│ │ │ ├── config.yml
│ │ │ ├── entrypoint.sh
│ │ │ ├── wazuh_app_config.sh
│ │ │ └── wazuh.yml
│ │ └── Dockerfile
│ ├── wazuh-indexer
│ │ ├── config
│ │ │ ├── action_groups.yml
│ │ │ ├── check_repository.sh
│ │ │ ├── config.sh
│ │ │ ├── config.yml
│ │ │ ├── entrypoint.sh
│ │ │ ├── internal_users.yml
│ │ │ ├── opensearch.yml
│ │ │ ├── roles_mapping.yml
│ │ │ ├── roles.yml
│ │ │ └── securityadmin.sh
│ │ └── Dockerfile
│ └── wazuh-manager
│ ├── config
│ │ ├── check_repository.sh
│ │ ├── create_user.py
│ │ ├── etc
│ │ │ ├── cont-init.d
│ │ │ │ ├── 0-wazuh-init
│ │ │ │ ├── 1-config-filebeat
│ │ │ │ └── 2-manager
│ │ │ └── services.d
│ │ │ ├── filebeat
│ │ │ │ ├── finish
│ │ │ │ └── run
│ │ │ └── ossec-logs
│ │ │ └── run
│ │ ├── filebeat_module.sh
│ │ ├── filebeat.yml
│ │ ├── permanent_data.env
│ │ └── permanent_data.sh
│ └── Dockerfile
├── CHANGELOG.md
├── docs
│ ├── book.toml
│ ├── build.sh
│ ├── dev
│ │ ├── build-image.md
│ │ ├── README.md
│ │ ├── run-tests.md
│ │ └── setup.md
│ ├── README.md
│ ├── ref
│ │ ├── configuration
│ │ │ ├── configuration-files.md
│ │ │ ├── environment-variables.md
│ │ │ └── README.md
│ │ ├── getting-started
│ │ │ ├── deployment
│ │ │ │ ├── multi-node.md
│ │ │ │ ├── README.md
│ │ │ │ ├── single-node.md
│ │ │ │ └── wazuh-agent.md
│ │ │ ├── README.md
│ │ │ └── requirements.md
│ │ ├── glossary.md
│ │ ├── Introduction
│ │ │ ├── compatibility.md
│ │ │ ├── description.md
│ │ │ └── README.md
│ │ ├── README.md
│ │ └── upgrade.md
│ ├── server.sh
│ └── SUMMARY.md
├── indexer-certs-creator
│ ├── config
│ │ └── entrypoint.sh
│ ├── Dockerfile
│ └── README.md
├── LICENSE
├── multi-node
│ ├── config
│ │ ├── certs.yml
│ │ ├── nginx
│ │ │ └── nginx.conf
│ │ ├── wazuh_cluster
│ │ │ ├── wazuh_manager.conf
│ │ │ └── wazuh_worker.conf
│ │ ├── wazuh_dashboard
│ │ │ ├── opensearch_dashboards.yml
│ │ │ └── wazuh.yml
│ │ └── wazuh_indexer
│ │ ├── internal_users.yml
│ │ ├── wazuh1.indexer.yml
│ │ ├── wazuh2.indexer.yml
│ │ └── wazuh3.indexer.yml
│ ├── docker-compose.yml
│ ├── generate-indexer-certs.yml
│ ├── Migration-to-Wazuh-4.4.md
│ ├── README.md
│ └── volume-migrator.sh
├── README.md
├── SECURITY.md
├── single-node
│ ├── config
│ │ ├── certs.yml
│ │ ├── wazuh_cluster
│ │ │ └── wazuh_manager.conf
│ │ ├── wazuh_dashboard
│ │ │ ├── opensearch_dashboards.yml
│ │ │ └── wazuh.yml
│ │ ├── wazuh_indexer
│ │ │ ├── internal_users.yml
│ │ │ └── wazuh.indexer.yml
│ │ └── wazuh_indexer_ssl_certs [error opening dir]
│ ├── docker-compose.yml
│ ├── generate-indexer-certs.yml
│ └── README.md
├── VERSION.json
└── wazuh-agent
├── config
│ └── wazuh-agent-conf
└── docker-compose.yml
Branches
mainbranch contains the latest code, be aware of possible bugs on this branch.
Compatibility Matrix
| Wazuh version | ODFE | XPACK |
|---|---|---|
| v4.3.0+ | ||
| v4.2.7 | 1.13.2 | 7.11.2 |
| v4.2.6 | 1.13.2 | 7.11.2 |
| v4.2.5 | 1.13.2 | 7.11.2 |
| v4.2.4 | 1.13.2 | 7.11.2 |
| v4.2.3 | 1.13.2 | 7.11.2 |
| v4.2.2 | 1.13.2 | 7.11.2 |
| v4.2.1 | 1.13.2 | 7.11.2 |
| v4.2.0 | 1.13.2 | 7.10.2 |
| v4.1.5 | 1.13.2 | 7.10.2 |
| v4.1.4 | 1.12.0 | 7.10.2 |
| v4.1.3 | 1.12.0 | 7.10.2 |
| v4.1.2 | 1.12.0 | 7.10.2 |
| v4.1.1 | 1.12.0 | 7.10.2 |
| v4.1.0 | 1.12.0 | 7.10.2 |
| v4.0.4 | 1.11.0 | |
| v4.0.3 | 1.11.0 | |
| v4.0.2 | 1.11.0 | |
| v4.0.1 | 1.11.0 | |
| v4.0.0 | 1.10.1 |
Credits and Thank you
These Docker containers are based on:
- "deviantony" dockerfiles which can be found at https://github.com/deviantony/docker-elk
- "xetus-oss" dockerfiles, which can be found at https://github.com/xetus-oss/docker-ossec-server
We thank them and everyone else who has contributed to this project.
License and copyright
Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)