Skip to content
Snippets Groups Projects
Commit 2919172f authored by Arne Øslebø's avatar Arne Øslebø
Browse files

Add README.md

parents
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 41 additions and 0 deletions
README.md 0 → 100644
+ 41
0
View file @ 2919172f
SOCTools
=========
SOCTools is a set of tools that can be used by a SOC for collecting and analyzing security data, incident handling and threat intelligence.
Installation
------------
Edit inventories/deploy/hosts.yml and change "host1" to the fqdn or IP address of the server where the tools should be installed. The playbook has been tested on Debian Stretch and CentOS 7.
The role soctools_server makes sure that docker is properly installed on the server. To prevent the playbook to make any changes to the server besides setting up docker networks and containers, this role can be removed.
Run the ansible playbook:
ansible-playbook -i inventories/deploy/hosts.yml deploy.yml
This will install the following docker images:
* zookeeper:latest
* haproxy:latest
* apache/nifi:latest
While the ansible playbook supports multiple servers, the current configuration of NiFi and haproxy only supports a single server.
Building images
---------------
Images that are not offical Docker images can be built from scratch by running:
ansible-playbook -i inventories/build/hosts.yml build_images.yml
Edit the files under inventories/deploy/group_vars to specify that built images should be used. Currently only NiFi is built from scratch.
License
-------
BSD
Author Information
------------------
GEANT WP8
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment