ale/docker-compose-hatthieves
2
Fork 0
Código Incidencias Pull Requests Lanzamientos Wiki Actividad
Files
d9271192759e640eaec7abb3375b251b8f1fc2ba
docker-compose-hatthieves/production/broseek/docker-compose.yml
Your Name fc28a75245 broseek
2020-08-02 23:23:05 +00:00

312 líneas
6.5 KiB
YAML
Original Blame Histórico

version: '2'
services:
broseek:
image: blacktop/zeek:elastic
hostname: broseek
container_name: broseek
restart: always
command: -i af_packet::ens192 local "Site::local_nets += { 127.0.0.1/8,
172.0.0.0/24,
172.1.0.0/24,
172.2.0.0/24,
172.3.0.0/24,
172.4.0.0/24,
172.5.0.0/24,
172.6.0.0/24,
172.7.0.0/24,
172.8.0.0/24,
172.9.0.0/24,
172.10.0.0/24,
172.11.0.0/24,
172.12.0.0/24,
172.13.0.0/24,
172.14.0.0/24,
172.15.0.0/24,
172.16.0.0/24,
172.17.0.0/24,
172.18.0.0/24,
172.19.0.0/24,
172.20.0.0/24,
172.21.0.0/24,
172.22.0.0/24,
172.23.0.0/24,
172.24.0.0/24,
172.25.0.0/24,
172.26.0.0/24,
172.27.0.0/24,
172.28.0.0/24,
172.29.0.0/24,
172.30.0.0/24,
172.31.0.0/24,
172.32.0.0/24,
172.33.0.0/24,
172.34.0.0/24,
172.35.0.0/24,
172.36.0.0/24,
172.37.0.0/24,
172.38.0.0/24,
172.39.0.0/24,
172.40.0.0/24,
172.41.0.0/24,
172.42.0.0/24,
172.43.0.0/24,
172.44.0.0/24,
172.45.0.0/24,
172.46.0.0/24,
172.47.0.0/24,
172.48.0.0/24,
172.49.0.0/24,
172.50.0.0/24,
172.51.0.0/24,
172.52.0.0/24,
172.53.0.0/24,
172.54.0.0/24,
172.55.0.0/24,
172.56.0.0/24,
172.57.0.0/24,
172.58.0.0/24,
172.59.0.0/24,
172.60.0.0/24,
172.61.0.0/24,
172.62.0.0/24,
172.63.0.0/24,
172.64.0.0/24,
172.65.0.0/24,
172.66.0.0/24,
172.67.0.0/24,
172.68.0.0/24,
172.69.0.0/24,
172.70.0.0/24,
172.71.0.0/24,
172.72.0.0/24,
172.73.0.0/24,
172.74.0.0/24,
172.75.0.0/24,
172.76.0.0/24,
172.77.0.0/24,
172.78.0.0/24,
172.79.0.0/24,
172.80.0.0/24,
172.81.0.0/24,
172.82.0.0/24,
172.83.0.0/24,
172.84.0.0/24,
172.85.0.0/24,
172.86.0.0/24,
172.87.0.0/24,
172.88.0.0/24,
172.89.0.0/24,
172.90.0.0/24,
172.91.0.0/24,
172.92.0.0/24,
172.93.0.0/24,
172.94.0.0/24,
172.95.0.0/24,
172.96.0.0/24,
172.97.0.0/24,
172.98.0.0/24,
172.99.0.0/24,
172.100.0.0/24,
172.101.0.0/24,
172.102.0.0/24,
172.103.0.0/24,
172.104.0.0/24,
172.105.0.0/24,
172.106.0.0/24,
172.107.0.0/24,
172.108.0.0/24,
172.109.0.0/24,
172.110.0.0/24,
172.111.0.0/24,
172.112.0.0/24,
172.113.0.0/24,
172.114.0.0/24,
172.115.0.0/24,
172.116.0.0/24,
172.117.0.0/24,
172.118.0.0/24,
172.119.0.0/24,
172.120.0.0/24,
172.121.0.0/24,
172.122.0.0/24,
172.123.0.0/24,
172.124.0.0/24,
172.125.0.0/24,
172.126.0.0/24,
172.127.0.0/24,
172.128.0.0/24,
172.129.0.0/24,
172.130.0.0/24,
172.131.0.0/24,
172.132.0.0/24,
172.133.0.0/24,
172.134.0.0/24,
172.135.0.0/24,
172.136.0.0/24,
172.137.0.0/24,
172.138.0.0/24,
172.139.0.0/24,
172.140.0.0/24,
172.141.0.0/24,
172.142.0.0/24,
172.143.0.0/24,
172.144.0.0/24,
172.145.0.0/24,
172.146.0.0/24,
172.147.0.0/24,
172.148.0.0/24,
172.149.0.0/24,
172.150.0.0/24,
172.151.0.0/24,
172.152.0.0/24,
172.153.0.0/24,
172.154.0.0/24,
172.155.0.0/24,
172.156.0.0/24,
172.157.0.0/24,
172.158.0.0/24,
172.159.0.0/24,
172.160.0.0/24,
172.161.0.0/24,
172.162.0.0/24,
172.163.0.0/24,
172.164.0.0/24,
172.165.0.0/24,
172.166.0.0/24,
172.167.0.0/24,
172.168.0.0/24,
172.169.0.0/24,
172.170.0.0/24,
172.171.0.0/24,
172.172.0.0/24,
172.173.0.0/24,
172.174.0.0/24,
172.175.0.0/24,
172.176.0.0/24,
172.177.0.0/24,
172.178.0.0/24,
172.179.0.0/24,
172.180.0.0/24,
172.181.0.0/24,
172.182.0.0/24,
172.183.0.0/24,
172.184.0.0/24,
172.185.0.0/24,
172.186.0.0/24,
172.187.0.0/24,
172.188.0.0/24,
172.189.0.0/24,
172.190.0.0/24,
172.191.0.0/24,
172.192.0.0/24,
172.193.0.0/24,
172.194.0.0/24,
172.195.0.0/24,
172.196.0.0/24,
172.197.0.0/24,
172.198.0.0/24,
172.199.0.0/24,
172.200.0.0/24,
172.201.0.0/24,
172.202.0.0/24,
172.203.0.0/24,
172.204.0.0/24,
172.205.0.0/24,
172.206.0.0/24,
172.207.0.0/24,
172.208.0.0/24,
172.209.0.0/24,
172.210.0.0/24,
172.211.0.0/24,
172.212.0.0/24,
172.213.0.0/24,
172.214.0.0/24,
172.215.0.0/24,
172.216.0.0/24,
172.217.0.0/24,
172.218.0.0/24,
172.219.0.0/24,
172.220.0.0/24,
172.221.0.0/24,
172.222.0.0/24,
172.223.0.0/24,
172.224.0.0/24,
172.225.0.0/24,
172.226.0.0/24,
172.227.0.0/24,
172.228.0.0/24,
172.229.0.0/24,
172.230.0.0/24,
172.231.0.0/24,
172.232.0.0/24,
172.233.0.0/24,
172.234.0.0/24,
172.235.0.0/24,
172.236.0.0/24,
172.237.0.0/24,
172.238.0.0/24,
172.239.0.0/24,
172.240.0.0/24,
172.241.0.0/24,
172.242.0.0/24,
172.243.0.0/24,
172.244.0.0/24,
172.245.0.0/24,
172.246.0.0/24,
172.247.0.0/24,
172.248.0.0/24,
172.249.0.0/24,
172.250.0.0/24,
172.251.0.0/24,
172.252.0.0/24,
172.253.0.0/24,
172.254.0.0/24,
172.255.0.0/24 }"
volumes:
- ./pcap:/pcap
cap_add:
- NET_RAW
network_mode: host
# broseek-elastic:
# image: blacktop/elasticsearch:x-pack-7.4.0
# hostname: broseek-elastic
# container_name: broseek-elastic
# restart: always
# environment:
# - discovery.type=single-node
# expose:
# - 9200
#
# broseek-kibana:
# image: blacktop/kibana:x-pack-7.4.0
# hostname: broseek-kibana
# container_name: broseek-kibana
# restart: always
# environment:
# - xpack.reporting.enabled=false
# links:
# - broseek-elastic
# expose:
# - 5601
broseek-filebeat:
image: blacktop/filebeat
hostname: broseek-filebeat
container_name: broseek-filebeat
restart: always
command: -e
volumes:
- ./pcap:/pcap
external_links:
- elasticsearch
- kibana
networks:
elk:
networks:
elk:
external:
name: elk_mynet
Referencia en una nueva incidencia Ver la culpa de Git Copiar Permalink