diff --git a/Docker/docker-compose.yml b/Docker/docker-compose.yml new file mode 100644 index 0000000..d3e3bec --- /dev/null +++ b/Docker/docker-compose.yml @@ -0,0 +1,110 @@ +version: '2' +services: + + # MongoDB: https://hub.docker.com/_/mongo/ + mongodb: + image: 'mongo:3' + volumes: + - 'mongo_data:/data/db' + + # Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/6.x/docker.html + elasticsearch: + image: 'docker.elastic.co/elasticsearch/elasticsearch-oss:6.8.4' + mem_limit: 4g + restart: always + volumes: + - 'es_data:/usr/share/elasticsearch/data' + env_file: + - ./elasticsearch.env + ulimits: + memlock: + soft: -1 + hard: -1 + ports: + - '9200:9200' + + # Graylog: https://hub.docker.com/r/graylog/graylog/ + graylog: + image: 'graylog/graylog:3.1' + volumes: + - 'graylog_journal:/usr/share/graylog/data/journal' + - './service-names-port-numbers.csv:/etc/graylog/server/service-names-port-numbers.csv' + - './GeoLite2-City.mmdb:/etc/graylog/server/GeoLite2-City.mmdb' + env_file: + - ./graylog.env + links: + - 'mongodb:mongo' + - elasticsearch + depends_on: + - mongodb + - elasticsearch + ports: + # Netflow + - '2055:2055/udp' + # Syslog Feed + - '5442:5442/udp' + # Graylog web interface and REST API + - '9000:9000' + # Syslog TCP + - '1514:1514' + # Syslog UDP + - '1514:1514/udp' + # GELF TCP + - '12201:12201' + # GELF UDP + - '12201:12201/udp' + + # Kibana : https://www.elastic.co/guide/en/kibana/6.8/index.html + kibana: + image: 'docker.elastic.co/kibana/kibana-oss:6.8.4' + env_file: + - kibana.env + depends_on: + - elasticsearch + ports: + - '5601:5601' + cerebro: + image: lmenezes/cerebro + ports: + - '9001:9000' + links: + - elasticsearch + depends_on: + - elasticsearch + influxdb: + image: 'influxdb:latest' + env_file: + - ./influxdb.env + ports: + - '8086:8086' + volumes: + - 'influxdb:/var/lib/influxdb' + + grafana: + image: 'grafana/grafana:latest' + env_file: + - ./grafana.env + ports: + - '3000:3000' + volumes: + - 'grafana:/var/lib/grafana' + - './provisioning/:/etc/grafana/provisioning' + links: + - elasticsearch + - influxdb + depends_on: + - elasticsearch + - influxdb + +# Volumes for persisting data, see https://docs.docker.com/engine/admin/volumes/volumes/ +volumes: + mongo_data: + driver: local + es_data: + driver: local + graylog_journal: + driver: local + grafana: + driver: local + influxdb: + driver: local \ No newline at end of file diff --git a/Docker/elasticsearch.env b/Docker/elasticsearch.env new file mode 100644 index 0000000..6ff280c --- /dev/null +++ b/Docker/elasticsearch.env @@ -0,0 +1,5 @@ +http.host=0.0.0.0 +transport.host=0.0.0.0 +network.host=0.0.0.0 +ES_JAVA_OPTS="-Xms1g -Xmx1g" +ES_HEAP_SIZE=2g diff --git a/Docker/grafana.env b/Docker/grafana.env new file mode 100644 index 0000000..bcb5cff --- /dev/null +++ b/Docker/grafana.env @@ -0,0 +1 @@ +GF_INSTALL_PLUGINS=grafana-piechart-panel,grafana-worldmap-panel,savantly-heatmap-panel diff --git a/provisioning/dashboards/all.yml b/Docker/grafana/provisioning/dashboards/all.yml similarity index 100% rename from provisioning/dashboards/all.yml rename to Docker/grafana/provisioning/dashboards/all.yml diff --git a/provisioning/dashboards/firewall.json b/Docker/grafana/provisioning/dashboards/firewall.json similarity index 100% rename from provisioning/dashboards/firewall.json rename to Docker/grafana/provisioning/dashboards/firewall.json diff --git a/provisioning/dashboards/ndpi.json b/Docker/grafana/provisioning/dashboards/ndpi.json similarity index 100% rename from provisioning/dashboards/ndpi.json rename to Docker/grafana/provisioning/dashboards/ndpi.json diff --git a/provisioning/datasources/automatic.yml b/Docker/grafana/provisioning/datasources/automatic.yml similarity index 100% rename from provisioning/datasources/automatic.yml rename to Docker/grafana/provisioning/datasources/automatic.yml diff --git a/Docker/graylog.env b/Docker/graylog.env new file mode 100644 index 0000000..72895fb --- /dev/null +++ b/Docker/graylog.env @@ -0,0 +1,6 @@ +# CHANGE ME (must be at least 16 characters)! +GRAYLOG_PASSWORD_SECRET=somepasswordpepperzzz +# Password: admin +GRAYLOG_ROOT_PASSWORD_SHA2=8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918 +GRAYLOG_HTTP_EXTERNAL_URI=http://localhost:9000/ +GRAYLOG_TIMEZONE=Europe/Berlin diff --git a/service-names-port-numbers.csv b/Docker/graylog/service-names-port-numbers.csv similarity index 100% rename from service-names-port-numbers.csv rename to Docker/graylog/service-names-port-numbers.csv diff --git a/Docker/influxdb.env b/Docker/influxdb.env new file mode 100644 index 0000000..ffa6569 --- /dev/null +++ b/Docker/influxdb.env @@ -0,0 +1 @@ +INFLUXDB_DB="ndpi" diff --git a/Docker/kibana.env b/Docker/kibana.env new file mode 100644 index 0000000..5fdcf03 --- /dev/null +++ b/Docker/kibana.env @@ -0,0 +1 @@ +ELASTICSEARCH_URL=http://elasticsearch:9200 diff --git a/docker-compose.yml b/docker-compose.yml deleted file mode 100644 index 5bf75b0..0000000 --- a/docker-compose.yml +++ /dev/null @@ -1,117 +0,0 @@ -version: '2' -services: - # MongoDB: https://hub.docker.com/_/mongo/ - mongodb: - image: mongo:3 - volumes: - - mongo_data:/data/db - # Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/6.x/docker.html - elasticsearch: - image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.8.4 - mem_limit: 4g - restart: always - volumes: - - es_data:/usr/share/elasticsearch/data - environment: - - http.host=0.0.0.0 - - transport.host=0.0.0.0 - - network.host=0.0.0.0 - - "ES_JAVA_OPTS=-Xms1g -Xmx1g" - - ES_HEAP_SIZE=2g - ulimits: - memlock: - soft: -1 - hard: -1 - ports: - - 9200:9200 - # Graylog: https://hub.docker.com/r/graylog/graylog/ - graylog: - image: graylog/graylog:3.1 - volumes: - - graylog_journal:/usr/share/graylog/data/journal - - ./service-names-port-numbers.csv:/etc/graylog/server/service-names-port-numbers.csv - - ./GeoLite2-City.mmdb:/etc/graylog/server/GeoLite2-City.mmdb - environment: - # CHANGE ME (must be at least 16 characters)! - - GRAYLOG_PASSWORD_SECRET=somepasswordpepperzzz - # Password: admin - - GRAYLOG_ROOT_PASSWORD_SHA2=8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918 - - GRAYLOG_HTTP_EXTERNAL_URI=http://localhost:9000/ - - GRAYLOG_TIMEZONE=Europe/Berlin - links: - - mongodb:mongo - - elasticsearch - depends_on: - - mongodb - - elasticsearch - ports: - # Netflow - - 2055:2055/udp - # Syslog Feed - - 5442:5442/udp - # Graylog web interface and REST API - - 9000:9000 - # Syslog TCP - - 1514:1514 - # Syslog UDP - - 1514:1514/udp - # GELF TCP - - 12201:12201 - # GELF UDP - - 12201:12201/udp - # Kibana : https://www.elastic.co/guide/en/kibana/6.8/index.html - kibana: - image: docker.elastic.co/kibana/kibana-oss:6.8.4 - # volumes: - # - ./kibana.yml:/usr/share/kibana/config/kibana.yml - environment: - - ELASTICSEARCH_URL=http://elasticsearch:9200 - depends_on: - - elasticsearch - ports: - - 5601:5601 - cerebro: - image: lmenezes/cerebro - ports: - - 9001:9000 - links: - - elasticsearch - depends_on: - - elasticsearch - - influxdb: - image: "influxdb:latest" - environment: - - INFLUXDB_DB="ndpi" - ports: - - "8086:8086" - volumes: - - influxdb:/var/lib/influxdb - grafana: - image: grafana/grafana:latest - environment: - - GF_INSTALL_PLUGINS=grafana-piechart-panel,grafana-worldmap-panel,savantly-heatmap-panel - ports: - - "3000:3000" - volumes: - - grafana:/var/lib/grafana - - ./provisioning/:/etc/grafana/provisioning - links: - - elasticsearch - - influxdb - depends_on: - - elasticsearch - - influxdb - -# Volumes for persisting data, see https://docs.docker.com/engine/admin/volumes/volumes/ -volumes: - mongo_data: - driver: local - es_data: - driver: local - graylog_journal: - driver: local - grafana: - driver: local - influxdb: - driver: local diff --git a/dashboardassign.sh b/misc/dashboardassign.sh similarity index 100% rename from dashboardassign.sh rename to misc/dashboardassign.sh diff --git a/jvm.options b/misc/jvm.options similarity index 100% rename from jvm.options rename to misc/jvm.options