Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • opensearch
  • master-wo-opendistro-plugins
  • dev-bartos
  • tag-modification
  • java-upgrade
  • ports
  • nifi-update
  • kiril.kjiroski-master-patch-71888
  • user-mgmt-ui
  • interactive
  • cluster-support
  • dev5
  • dev4
  • dev02
  • dev01b
  • dev1
  • dev3
  • dev2
  • v1.0
  • v0.7
21 results
Compare
user avatar
Revised README
Bozidar Proevski authored
cbdbff71
History
user avatar cbdbff71
History
Name Last commit Last update
group_vars/all
inventories
roles
README.md
build_images.yml
deploy.yml
soctools-inventory
soctools.yml
startsoctools.yml
stopsoctools.yml
README.md

SOCTools

SOCTools is a set of tools that can be used by a SOC for collecting and analyzing security data, incident handling and threat intelligence.

Installation

Edit soctools-inventory and add the desired docker containers to be deployed. The playbook has been tested on CentOS 7.

Run the ansible playbook:

ansible-playbook -i soctools-inventory soctools.yml -t start to start the cluster. ansible-playbook -i soctools-inventory soctools.yml -t stop to stop the cluster.

The NiFi interface should now be available on port 443 on the server.

This will install the following docker images:

  • zookeeper:latest
  • nginx:latest
  • apache/nifi:latest

Building images

Images that are not offical Docker images can be built from scratch by running:

ansible-playbook -i inventories/build/hosts.yml build_images.yml

Edit the files under inventories/deploy/group_vars to specify that built images should be used. Currently only NiFi is built from scratch.

License

BSD

Author Information

GEANT WP8