From c49bb8be4c5e90988207e9bc22708e677ede9862 Mon Sep 17 00:00:00 2001
From: ricardokleber <ricardokleber@ricardokleber.com.br>
Date: Thu, 16 Apr 2026 11:36:22 -0300
Subject: [PATCH] =?UTF-8?q?Atualiza=C3=A7=C3=A3o=20-=2016/04/2026=20-=2011?=
 =?UTF-8?q?:36?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .gitignore                           |  2 ++
 docker-compose.yml                   |  2 ++
 hosts/host02/fluent-bit.conf         | 27 +++++++++++++++++++++++++++
 hosts/host03/docker-compose.yml      | 22 ++++++++++++++++++++++
 rk-siem-collector/docker-compose.yml |  9 +++++++++
 5 files changed, 62 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 hosts/host02/fluent-bit.conf
 create mode 100644 hosts/host03/docker-compose.yml
 create mode 100644 rk-siem-collector/docker-compose.yml

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..f980479
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+pipelines/
+hosts/host03/dados
diff --git a/docker-compose.yml b/docker-compose.yml
index b6f2cb2..2ef3bad 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -31,6 +31,8 @@ services:
       - 5601:5601 # Interface Web
     expose:
       - 5601
+    command: ["/bin/bash", "-c", "/etc/init.d/opensearch-dashboards start && tail -f /var/log/opensearch-dashboards/opensearch-dashboards.stdout"]
+    restart: always
     environment:
       - 'OPENSEARCH_HOSTS=["https://rk-siem-core:9200"]'
       - "DISABLE_SECURITY_DASHBOARDS_PLUGIN=false"
diff --git a/hosts/host02/fluent-bit.conf b/hosts/host02/fluent-bit.conf
new file mode 100644
index 0000000..c542935
--- /dev/null
+++ b/hosts/host02/fluent-bit.conf
@@ -0,0 +1,27 @@
+# cat /etc/fluent-bit/fluent-bit.conf 
+[SERVICE]
+    Flush         1
+    Log_Level     info
+    Daemon        off
+#    Parsers_File  parsers.conf
+
+# Coleta logs do Apache
+[INPUT]
+    Name           tail
+    Path	   /var/log/apache2/access.log
+    Tag            apache-logs-acesso
+#    Parser         apache2
+
+# Envio para o RK-SIEM-CORE
+[OUTPUT]
+    Name            opensearch
+    Match           apache-logs-acesso
+    Host            172.20.0.1
+    Port            9200
+    Index           host02-logs
+    Type            _doc
+    HTTP_User       admin
+    HTTP_Passwd     admin
+    tls             On
+    tls.verify      Off
+    Suppress_Type_Name   On
diff --git a/hosts/host03/docker-compose.yml b/hosts/host03/docker-compose.yml
new file mode 100644
index 0000000..e16278c
--- /dev/null
+++ b/hosts/host03/docker-compose.yml
@@ -0,0 +1,22 @@
+services:
+ rk-siem-host03:
+#    image: ricardokleber/rk-siem-host03:latest
+    image: docker.ifrncn.com.br/rk/rk-windows:latest
+    container_name: rk-siem-host03
+    devices:
+      - /dev/kvm # Essencial para aceleração de hardware (KVM)
+    cap_add:
+      - NET_ADMIN
+    ports:
+      - 8006:8006 # Interface Web (NoVNC)
+    volumes:
+      - ./dados:/storage
+    stop_grace_period: 2m
+    restart: on-failure
+    environment:
+      VERSION: "7u" # Define a versão (win11, win10, etc)
+      RAM_SIZE: "2G"   # Mínimo recomendado para Win11
+      CPU_CORES: "2"   # Quantidade de núcleos
+      DISK_SIZE: "15G" # Tamanho do disco virtual
+      USERNAME: "admin"
+      PASSWORD: "admin"
diff --git a/rk-siem-collector/docker-compose.yml b/rk-siem-collector/docker-compose.yml
new file mode 100644
index 0000000..0339aee
--- /dev/null
+++ b/rk-siem-collector/docker-compose.yml
@@ -0,0 +1,9 @@
+services:
+  rk-siem-collector:
+    image: opensearchproject/data-prepper:2.15.0
+    container_name: rk-siem-collector
+    volumes:
+      - ./log_pipeline.yaml:/usr/share/data-prepper/pipelines/log_pipeline.yaml
+      - ./rk-siem-collector-config.yaml:/usr/share/data-prepper/config/data-prepper-config.yaml
+    ports:
+      - 2021:2021