Monitoring-Security-Project/docker-compose.yaml at master · GiulioSavini/Monitoring-Security-Project · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
version: '3.8'
services:
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.15.0
    environment:
      - discovery.type=single-node
      - ES_JAVA_OPTS=-Xms512m -Xmx512m
    ports:
      - "9200:9200"
    networks:
      - monitoring

  logstash:
    image: docker.elastic.co/logstash/logstash:7.15.0
    volumes:
      - ./logstash.conf:/usr/share/logstash/pipeline/logstash.conf
    ports:
      - "5044:5044"
    depends_on:
      - elasticsearch
    networks:
      - monitoring

  kibana:
    image: docker.elastic.co/kibana/kibana:7.15.0
    ports:
      - "5601:5601"
    depends_on:
      - elasticsearch
    networks:
      - monitoring

  suricata:
    image: jasonish/suricata:latest
    cap_add:
      - NET_ADMIN
      - SYS_NICE  # Aggiunto per migliorare la gestione delle priorità
    volumes:
      - ./suricata.yaml:/etc/suricata/suricata.yaml
      - /var/log/suricata:/var/log/suricata  # Monta la directory dei log di Suricata
      - /var/lib/suricata/rules:/var/lib/suricata/rules  # Assicurati che le regole siano accessibili
    networks:
      - monitoring

  traffic-generator:
    image: alpine
    command: sh -c "while true; do wget -q -O- http://kibana:5601; sleep 2; done"
    networks:
      - monitoring

networks:
  monitoring:
    driver: bridge