mirror of
https://github.com/Lanakod-Networks/snort-docker.git
synced 2025-07-04 13:26:38 +03:00
| configs | ||
| grafana | ||
| logs | ||
| scripts | ||
| tars | ||
| .env.example | ||
| .gitignore | ||
| docker-compose.yml | ||
| Dockerfile | ||
| LICENSE | ||
| README.md | ||
| SECURITY.md | ||
Snort-docker
How to deploy
git clone https://github.com/Lanakod/snort-docker.git
cd snort-docker
cp .env.example .env
# Edit ".env" file via "nano .env" or "vi .env"
docker compose up -d
# Grafana will be hosted on port 3000 and ELK on 5601
Configuration
configs
┣ snort-conf
┃ ┣ balanced.lua
┃ ┣ connectivity.lua
┃ ┣ file_magic.rules
┃ ┣ inline.lua
┃ ┣ max_detect.lua
┃ ┣ security.lua
┃ ┣ sensitive_data.rules
┃ ┣ snort.lua
┃ ┣ snort_defaults.lua
┃ ┗ talos.lua
┣ filebeat.yml
┣ logstash.conf
┣ promtail.yml
┣ snort.rules
┗ supervisord.conf
snort.rules- your custom written rules for snortfilebeat.yml- config file for filebeat | needed for ELKlogstash.yml- config file for logstash | needed for ELKpromtail.yml- config file for promtail | needed for Grafanasupervisord.conf- config file that runs snort in supervisorsnorf-conf- folder with all snort config files written in lua
grafana
┗ provisioning
┃ ┗ datasources
┃ ┃ ┗ loki.yml
- In grafana folder can be found
loki.ymlfile
Contact
- For any security issues, please do not create a public issue on GitHub, instead please write to security@lanakod.ru
License
snort-docker is MIT licensed.