mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2026-04-08 05:42:10 +02:00
acc9b8062e
Removes all Strelka container salt states and infrastructure references, replaced by the native fileanalyze module in sensoroni. Removed: - salt/strelka/ directory (all container states, configs, tools) - Docker container definitions for 6 Strelka containers - Firewall rules for strelka_frontend - Container references in containers.map.jinja - top.sls and allowed_states references to strelka/strelka.manager - so-minion add_strelka_to_minion() function and call sites - so-deny strelka_frontend entry - Logstash strelka bind mount - Logrotate strelka config - Telegraf strelka file monitoring - so-sensor-clean strelka cleanup - so-image-common strelka container images Kept (still needed): - Elasticsearch index/ingest pipeline (ingests fileanalyze output) - Elastic agent/fleet log collection config - SOC strelkaengine (YARA rule management) - Kibana saved objects (dashboards)
198 lines
4.3 KiB
YAML
198 lines
4.3 KiB
YAML
docker:
|
|
range: '172.17.1.0/24'
|
|
gateway: '172.17.1.1'
|
|
ulimits:
|
|
- name: nofile
|
|
soft: 1048576
|
|
hard: 1048576
|
|
containers:
|
|
'so-dockerregistry':
|
|
final_octet: 20
|
|
port_bindings:
|
|
- 0.0.0.0:5000:5000
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-elastic-fleet':
|
|
final_octet: 21
|
|
port_bindings:
|
|
- 0.0.0.0:8220:8220/tcp
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-elasticsearch':
|
|
final_octet: 22
|
|
port_bindings:
|
|
- 0.0.0.0:9200:9200/tcp
|
|
- 0.0.0.0:9300:9300/tcp
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits:
|
|
- name: memlock
|
|
soft: -1
|
|
hard: -1
|
|
- name: nofile
|
|
soft: 65536
|
|
hard: 65536
|
|
- name: nproc
|
|
soft: 4096
|
|
hard: 4096
|
|
'so-influxdb':
|
|
final_octet: 26
|
|
port_bindings:
|
|
- 0.0.0.0:8086:8086
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-kibana':
|
|
final_octet: 27
|
|
port_bindings:
|
|
- 0.0.0.0:5601:5601
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-kratos':
|
|
final_octet: 28
|
|
port_bindings:
|
|
- 0.0.0.0:4433:4433
|
|
- 0.0.0.0:4434:4434
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-hydra':
|
|
final_octet: 30
|
|
port_bindings:
|
|
- 0.0.0.0:4444:4444
|
|
- 0.0.0.0:4445:4445
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-logstash':
|
|
final_octet: 29
|
|
port_bindings:
|
|
- 0.0.0.0:3765:3765
|
|
- 0.0.0.0:5044:5044
|
|
- 0.0.0.0:5055:5055
|
|
- 0.0.0.0:5056:5056
|
|
- 0.0.0.0:5644:5644
|
|
- 0.0.0.0:6050:6050
|
|
- 0.0.0.0:6051:6051
|
|
- 0.0.0.0:6052:6052
|
|
- 0.0.0.0:6053:6053
|
|
- 0.0.0.0:9600:9600
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-nginx':
|
|
final_octet: 31
|
|
port_bindings:
|
|
- 80:80
|
|
- 443:443
|
|
- 8443:8443
|
|
- 7788:7788
|
|
- 7789:7789
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-nginx-fleet-node':
|
|
final_octet: 31
|
|
port_bindings:
|
|
- 8443:8443
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-redis':
|
|
final_octet: 33
|
|
port_bindings:
|
|
- 0.0.0.0:6379:6379
|
|
- 0.0.0.0:9696:9696
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-sensoroni':
|
|
final_octet: 99
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-soc':
|
|
final_octet: 34
|
|
port_bindings:
|
|
- 0.0.0.0:9822:9822
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-elastalert':
|
|
final_octet: 42
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-elastic-fleet-package-registry':
|
|
final_octet: 44
|
|
port_bindings:
|
|
- 0.0.0.0:8080:8080/tcp
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-idh':
|
|
final_octet: 45
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-elastic-agent':
|
|
final_octet: 46
|
|
port_bindings:
|
|
- 0.0.0.0:514:514/tcp
|
|
- 0.0.0.0:514:514/udp
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-telegraf':
|
|
final_octet: 99
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-suricata':
|
|
final_octet: 99
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|
|
'so-zeek':
|
|
final_octet: 99
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits:
|
|
- name: core
|
|
soft: 0
|
|
hard: 0
|
|
'so-kafka':
|
|
final_octet: 88
|
|
port_bindings:
|
|
- 0.0.0.0:9092:9092
|
|
- 0.0.0.0:29092:29092
|
|
- 0.0.0.0:9093:9093
|
|
- 0.0.0.0:8778:8778
|
|
custom_bind_mounts: []
|
|
extra_hosts: []
|
|
extra_env: []
|
|
ulimits: []
|