docker-selks

Docker based Suricata, Elasticsearch, Logstash, Kibana, Scirius aka SELKS.

Setup

On Linux

• Install docker.
• Install docker-compose.
• Clone this repository

Then, start your stack using docker-compose:

docker-compose up

On Windows, use Vagrant or Docker for Windows

For Vagrant be sure to have the following vagrant plugins installed

• vagrant-proxyconf when behind a croporate proxy
• vagrant-docker-compose
• vagrant-vbguest
• vagrant-cachier

Start up the box

vagrant up

Next, access

• Scirius with scirius/scirius as login/password,
• Kibana and
• Evebox.

Connect into the box via ssh/putty on 127.0.0.1:2222 with standard login vagrant/vagrant. Then,

cd /vagrant
docker-compose [ps,logs, ...]