In this repository you will find the containers to run:
- wazuh: It runs the Wazuh manager, Wazuh API and Filebeat (for integration with Elastic Stack)
- wazuh-kibana: Provides a web user interface to browse through alerts data. It includes Wazuh plugin for Kibana, that allows you to visualize agents configuration and status.
- wazuh-nginx: Proxies the Kibana container, adding HTTPS (via self-signed SSL certificate) and Basic authentication.
- wazuh-elasticsearch: An Elasticsearch container (working as a single-node cluster) using Elastic Stack Docker images. Be aware to increase the
vm.max_map_count
setting, as it's detailed in the Wazuh documentation.
In addition, a docker-compose file is provided to launch the containers mentioned above.
- Elasticsearch cluster. In the Elasticsearch Dockerfile we can visualize variables to configure an Elasticsearch Cluster. These variables are used in the file config_cluster.sh to set them in the elasticsearch.yml configuration file. You can see the meaning of the node variables here and other cluster settings here.
wazuh-docker
├── docker-compose.yml
├── kibana
│ ├── config
│ │ ├── entrypoint.sh
│ │ └── kibana.yml
│ └── Dockerfile
├── LICENSE
├── nginx
│ ├── config
│ │ └── entrypoint.sh
│ └── Dockerfile
├── README.md
├── CHANGELOG.md
├── VERSION
├── test.txt
└── wazuh
├── config
│ ├── data_dirs.env
│ ├── entrypoint.sh
│ ├── filebeat.runit.service
│ ├── filebeat.yml
│ ├── init.bash
│ ├── postfix.runit.service
│ ├── wazuh-api.runit.service
│ └── wazuh.runit.service
└── Dockerfile
stable
branch on correspond to the latest Wazuh-Docker stable version.master
branch contains the latest code, be aware of possible bugs on this branch.Wazuh.Version_ElasticStack.Version
(for example 3.9.5_7.2.1) branch. This branch contains the current release referenced in Docker Hub. The container images are installed under the current version of this branch.
These Docker containers are based on:
- "deviantony" dockerfiles which can be found at https://github.com/deviantony/docker-elk
- "xetus-oss" dockerfiles, which can be found at https://github.com/xetus-oss/docker-ossec-server
We thank you them and everyone else who has contributed to this project.
Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)