v1.0.14增加流量分析支持

smarttang · Jun 3, 2022 · 9bc0d37 · 9bc0d37
1 parent 00a153f
commit 9bc0d37
Showing 1 changed file with 23 additions and 0 deletions.
diff --git a/deploy/docker-compose-x86_64/docker-compose.yml b/deploy/docker-compose-x86_64/docker-compose.yml
@@ -1,6 +1,29 @@
 version: '2'
 
 services:
+  # NIDS-suricate
+  suricate:
+    image: jasonish/suricata:6.0
+    privileged: true
+    command: -i eth0
+    volumes:
+      - ./nids/log:/var/log/suricata
+    cap_add:
+      - NET_ADMIN
+    #  - NET_RAW
+      - SYS_NICE
+    network_mode: "host"
+
+  # 采集流量日志到KAFKA
+  filebeat3:
+    image: docker.elastic.co/beats/filebeat:8.1.3
+    entrypoint: "filebeat -e -strict.perms=false"
+    volumes:
+      - ./filebeat-nids.yml:/usr/share/filebeat/filebeat.yml
+      - ./nids/log:/var/nids/logs
+    depends_on: 
+      - suricate
+
   # 业务端产出日志
   nginx:
     image: openresty/openresty:alpine