From cbdbff71228c33d8c3d4b55146a947fe3f34e1a1 Mon Sep 17 00:00:00 2001 From: Bozidar Proevski <bozidar.proevski@finki.ukim.mk> Date: Fri, 27 Sep 2019 13:19:58 +0200 Subject: [PATCH] Revised README --- README-dev1.md | 42 ------------------------------------------ README.md | 14 +++++++------- 2 files changed, 7 insertions(+), 49 deletions(-) delete mode 100644 README-dev1.md diff --git a/README-dev1.md b/README-dev1.md deleted file mode 100644 index a65ecab..0000000 --- a/README-dev1.md +++ /dev/null @@ -1,42 +0,0 @@ -SOCTools -========= - -SOCTools is a set of tools that can be used by a SOC for collecting and analyzing security data, incident handling and threat intelligence. - -Installation ------------- - -Edit soctools-inventory and add the desired docker containers to be deployed. The playbook has been tested on CentOS 7. - -Run the ansible playbook: - - -`ansible-playbook -i soctools-inventory soctools.yml -t start` to start the cluster. -`ansible-playbook -i soctools-inventory soctools.yml -t stop` to stop the cluster. - -The NiFi interface should now be available on port 443 on the server. - -This will install the following docker images: - * zookeeper:latest - * nginx:latest - * apache/nifi:latest - - -Building images ---------------- - -Images that are not offical Docker images can be built from scratch by running: - -`ansible-playbook -i inventories/build/hosts.yml build_images.yml` - -Edit the files under inventories/deploy/group_vars to specify that built images should be used. Currently only NiFi is built from scratch. - -License -------- - -BSD - -Author Information ------------------- - -GEANT WP8 diff --git a/README.md b/README.md index 3682708..a65ecab 100644 --- a/README.md +++ b/README.md @@ -6,21 +6,21 @@ SOCTools is a set of tools that can be used by a SOC for collecting and analyzin Installation ------------ -Edit inventories/deploy/hosts.yml and change "host1" to the fqdn or IP address of the server where the tools should be installed. The playbook has been tested on Debian Stretch and CentOS 7. -The role soctools_server makes sure that docker is properly installed on the server. To prevent the playbook to make any changes to the server besides setting up docker networks and containers, this role can be removed. +Edit soctools-inventory and add the desired docker containers to be deployed. The playbook has been tested on CentOS 7. Run the ansible playbook: -`ansible-playbook -i inventories/deploy/hosts.yml deploy.yml` -The NiFi interface should now be available on port 80 on the server. +`ansible-playbook -i soctools-inventory soctools.yml -t start` to start the cluster. +`ansible-playbook -i soctools-inventory soctools.yml -t stop` to stop the cluster. + +The NiFi interface should now be available on port 443 on the server. This will install the following docker images: * zookeeper:latest - * haproxy:latest + * nginx:latest * apache/nifi:latest -While the ansible playbook supports multiple servers, the current configuration of NiFi and haproxy only supports a single server. Building images --------------- @@ -39,4 +39,4 @@ BSD Author Information ------------------ -GEANT WP8 \ No newline at end of file +GEANT WP8 -- GitLab