In this repository you will find the containers to run:
- wazuh: It runs the Wazuh manager, Wazuh API and Filebeat (for integration with Elastic Stack)
- wazuh-logstash: It is used to receive alerts generated by the manager and feed Elasticsearch using an alerts template
- wazuh-kibana: Provides a web user interface to browse through alerts data. It includes Wazuh plugin for Kibana, that allows you to visualize agents configuration and status.
- wazuh-nginx: Proxies the Kibana container, adding HTTPS (via self-signed SSL certificate) and Basic authentication.
In addition, a docker-compose file is provided to launch the containers mentioned above. It also launches an Elasticsearch container (working as a single-node cluster) using Elastic Stack Docker images.
wazuh-docker
├── docker-compose.yml
├── kibana
│ ├── config
│ │ ├── entrypoint.sh
│ │ └── kibana.yml
│ └── Dockerfile
├── LICENSE
├── logstash
│ ├── config
│ │ ├── 01-wazuh.conf
│ │ └── run.sh
│ └── Dockerfile
├── nginx
│ ├── config
│ │ └── entrypoint.sh
│ └── Dockerfile
├── README.md
├── CHANGELOG.md
├── VERSION
├── test.txt
└── wazuh
├── config
│ ├── data_dirs.env
│ ├── entrypoint.sh
│ ├── filebeat.runit.service
│ ├── filebeat.yml
│ ├── init.bash
│ ├── postfix.runit.service
│ ├── wazuh-api.runit.service
│ └── wazuh.runit.service
└── Dockerfile
stablebranch on correspond to the last Wazuh-Docker stable version.masterbranch contains the latest code, be aware of possible bugs on this branch.Wazuh.Version_ElasticStack.Version(for example 3.7.0_6.4.3) branch. This branch contains the current release referenced in Docker Hub. The container images are installed under the current version of this branch.
These Docker containers are based on:
- "deviantony" dockerfiles which can be found at https://github.com/deviantony/docker-elk
- "xetus-oss" dockerfiles, which can be found at https://github.com/xetus-oss/docker-ossec-server
We thank you them and everyone else who has contributed to this project.
Wazuh App Copyright (C) 2018 Wazuh Inc. (License GPLv2)