Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
- version: '3.7'
- services:
- wazuh.manager:
- image: wazuh/wazuh-manager:4.4.1
- hostname: wazuh.manager
- restart: always
- ports:
- - "1514:1514"
- - "1515:1515"
- - "514:514/udp"
- - "55000:55000"
- environment:
- - INDEXER_URL=https://wazuh.indexer:9200
- - INDEXER_USERNAME=admin
- - INDEXER_PASSWORD=SecretPassword
- - FILEBEAT_SSL_VERIFICATION_MODE=full
- - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
- - SSL_CERTIFICATE=/etc/ssl/filebeat.pem
- - SSL_KEY=/etc/ssl/filebeat.key
- - API_USERNAME=wazuh-wui
- - API_PASSWORD=MyS3cr37P450r.*-
- volumes:
- - wazuh_api_configuration:/var/ossec/api/configuration
- - wazuh_etc:/var/ossec/etc
- - wazuh_logs:/var/ossec/logs
- - wazuh_queue:/var/ossec/queue
- - wazuh_var_multigroups:/var/ossec/var/multigroups
- - wazuh_integrations:/var/ossec/integrations
- - wazuh_active_response:/var/ossec/active-response/bin
- - wazuh_agentless:/var/ossec/agentless
- - wazuh_wodles:/var/ossec/wodles
- - filebeat_etc:/etc/filebeat
- - filebeat_var:/var/lib/filebeat
- - ./config/wazuh_indexer_ssl_certs/root-ca-manager.pem:/etc/ssl/root-ca.pem
- - ./config/wazuh_indexer_ssl_certs/wazuh.manager.pem:/etc/ssl/filebeat.pem
- - ./config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem:/etc/ssl/filebeat.key
- - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
- wazuh.indexer:
- image: wazuh/wazuh-indexer:4.4.1
- hostname: wazuh.indexer
- restart: always
- ports:
- - "9200:9200"
- environment:
- - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m"
- ulimits:
- memlock:
- soft: -1
- hard: -1
- nofile:
- soft: 65536
- hard: 65536
- volumes:
- - wazuh-indexer-data:/var/lib/wazuh-indexer
- - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
- - ./config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.key
- - ./config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.pem
- - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem
- - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem
- - ./config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
- - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
- wazuh.dashboard:
- image: wazuh/wazuh-dashboard:4.4.1
- hostname: wazuh.dashboard
- restart: always
- ports:
- - 443:5601
- environment:
- - INDEXER_USERNAME=admin
- - INDEXER_PASSWORD=SecretPassword
- - WAZUH_API_URL=https://wazuh.manager
- - API_USERNAME=wazuh-wui
- - API_PASSWORD=MyS3cr37P450r.*-
- volumes:
- - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
- - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
- - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
- - ./config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
- - ./config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
- depends_on:
- - wazuh.indexer
- links:
- - wazuh.indexer:wazuh.indexer
- - wazuh.manager:wazuh.manager
- mongo:
- image: mongo:latest
- container_name: mongo
- restart: on-failure
- volumes:
- - mongo_data:/data/db
- graylog:
- image: graylog/graylog:5.0
- container_name: graylog
- restart: always
- depends_on:
- - mongo
- - wazuh.indexer
- environment:
- - GRAYLOG_HTTP_EXTERNAL_URI=http://10.93.1.61:9000/
- - GRAYLOG_HTTP_PUBLISH_URI=http://localhost:9000/
- - GRAYLOG_ROOT_TIMEZONE=UTC
- - GRAYLOG_IS_MASTER=true
- - GRAYLOG_MONGODB_URI=mongodb://mongo:27017/graylog
- - GRAYLOG_OPENSEARCH_HOSTS=https://wazuh.indexer:9200
- - GRAYLOG_ROOT_PASSWORD_SHA2=415e8a6ba1c3eb93e81df34731acc3d60efee685c8e6f7412592a45ba3a0e3b0
- - GRAYLOG_PASSWORD_SECRET=somepasswordpepper
- - GRAYLOG_HTTP_TLS_CERT_FILE=/usr/share/graylog/certificates/graylog.pem
- - GRAYLOG_HTTP_TLS_KEY_FILE=/usr/share/graylog/certificates/graylog.key
- - GRAYLOG_HTTP_TLS_TRUST_MANAGERS_FILE=/usr/share/graylog/certificates/root-ca.pem
- # - GRAYLOG_HTTP_TLS_ENABLE_OCSP=true
- # - GRAYLOG_SERVER_JAVA_OPTS="$GRAYLOG_SERVER_JAVA_OPTS -Dlog4j2.formatMsgNoLookups=true -Djavax.net.ssl.trustStore=/etc/graylog/server/certs/cacerts -Djavax.net.ssl.trustStorePassword=changeit"
- ports:
- - "1516:514/tcp"
- - "1516:514/udp"
- - "5044:5044/tcp" # Beats
- - "5140:5140/udp" # Syslog
- - "5140:5140/tcp" # Syslog
- - "5555:5555/tcp" # RAW TCP
- - "5555:5555/udp" # RAW TCP
- - "9000:9000/tcp" # Server API
- - "12201:12201/tcp" # GELF TCP
- - "12201:12201/udp" # GELF UDP
- #- "10000:10000/tcp" # Custom TCP port
- #- "10000:10000/udp" # Custom UDP port
- - "13301:13301/tcp" # Forwarder data
- - "13302:13302/tcp" # Forwarder config
- volumes:
- # - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/certs/root-ca.pem
- # - ./config/wazuh_indexer_ssl_certs/graylog-key.pem:/etc/ssl/certs/graylog-pkcs8-encrypted.pem
- # - ./config/wazuh_indexer_ssl_certs/graylog.pem:/etc/ssl/certs/graylog.pem
- - graylog_data:/usr/share/graylog/data
- - graylog_journal:/usr/share/graylog/data/journal
- volumes:
- wazuh_api_configuration:
- wazuh_etc:
- wazuh_logs:
- wazuh_queue:
- wazuh_var_multigroups:
- wazuh_integrations:
- wazuh_active_response:
- wazuh_agentless:
- wazuh_wodles:
- filebeat_etc:
- filebeat_var:
- wazuh-indexer-data:
- graylog_data:
- graylog_journal:
- mongo_data:
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement