Atualização - 16/04/2026 - 11:36

2026-04-16 11:36:22 -03:00
parent fa239622c1
commit c49bb8be4c
5 changed files with 62 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,2 @@
 pipelines/
 hosts/host03/dados
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -31,6 +31,8 @@ services:
      - 5601:5601 # Interface Web
    expose:
      - 5601
    command: ["/bin/bash", "-c", "/etc/init.d/opensearch-dashboards start && tail -f /var/log/opensearch-dashboards/opensearch-dashboards.stdout"]
    restart: always
    environment:
      - 'OPENSEARCH_HOSTS=["https://rk-siem-core:9200"]'
      - "DISABLE_SECURITY_DASHBOARDS_PLUGIN=false"
--- a/hosts/host02/fluent-bit.conf
+++ b/hosts/host02/fluent-bit.conf
@@ -0,0 +1,27 @@
 # cat /etc/fluent-bit/fluent-bit.conf 
 [SERVICE]
    Flush         1
    Log_Level     info
    Daemon        off
 #    Parsers_File  parsers.conf
 # Coleta logs do Apache
 [INPUT]
    Name           tail
    Path	   /var/log/apache2/access.log
    Tag            apache-logs-acesso
 #    Parser         apache2
 # Envio para o RK-SIEM-CORE
 [OUTPUT]
    Name            opensearch
    Match           apache-logs-acesso
    Host            172.20.0.1
    Port            9200
    Index           host02-logs
    Type            _doc
    HTTP_User       admin
    HTTP_Passwd     admin
    tls             On
    tls.verify      Off
    Suppress_Type_Name   On
--- a/hosts/host03/docker-compose.yml
+++ b/hosts/host03/docker-compose.yml
@@ -0,0 +1,22 @@
 services:
 rk-siem-host03:
 #    image: ricardokleber/rk-siem-host03:latest
    image: docker.ifrncn.com.br/rk/rk-windows:latest
    container_name: rk-siem-host03
    devices:
      - /dev/kvm # Essencial para aceleração de hardware (KVM)
    cap_add:
      - NET_ADMIN
    ports:
      - 8006:8006 # Interface Web (NoVNC)
    volumes:
      - ./dados:/storage
    stop_grace_period: 2m
    restart: on-failure
    environment:
      VERSION: "7u" # Define a versão (win11, win10, etc)
      RAM_SIZE: "2G"   # Mínimo recomendado para Win11
      CPU_CORES: "2"   # Quantidade de núcleos
      DISK_SIZE: "15G" # Tamanho do disco virtual
      USERNAME: "admin"
      PASSWORD: "admin"
--- a/rk-siem-collector/docker-compose.yml
+++ b/rk-siem-collector/docker-compose.yml
@@ -0,0 +1,9 @@
 services:
  rk-siem-collector:
    image: opensearchproject/data-prepper:2.15.0
    container_name: rk-siem-collector
    volumes:
      - ./log_pipeline.yaml:/usr/share/data-prepper/pipelines/log_pipeline.yaml
      - ./rk-siem-collector-config.yaml:/usr/share/data-prepper/config/data-prepper-config.yaml
    ports:
      - 2021:2021