Atualização - 16/04/2026 - 11:36

2026-04-16 11:36:22 -03:00
parent fa239622c1
commit c49bb8be4c
5 changed files with 62 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,2 @@
+pipelines/
+hosts/host03/dados
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -31,6 +31,8 @@ services:
      - 5601:5601 # Interface Web
    expose:
      - 5601
+    command: ["/bin/bash", "-c", "/etc/init.d/opensearch-dashboards start && tail -f /var/log/opensearch-dashboards/opensearch-dashboards.stdout"]
+    restart: always
    environment:
      - 'OPENSEARCH_HOSTS=["https://rk-siem-core:9200"]'
      - "DISABLE_SECURITY_DASHBOARDS_PLUGIN=false"
--- a/hosts/host02/fluent-bit.conf
+++ b/hosts/host02/fluent-bit.conf
@@ -0,0 +1,27 @@
+# cat /etc/fluent-bit/fluent-bit.conf 
+[SERVICE]
+    Flush         1
+    Log_Level     info
+    Daemon        off
+#    Parsers_File  parsers.conf
+
+# Coleta logs do Apache
+[INPUT]
+    Name           tail
+    Path	   /var/log/apache2/access.log
+    Tag            apache-logs-acesso
+#    Parser         apache2
+
+# Envio para o RK-SIEM-CORE
+[OUTPUT]
+    Name            opensearch
+    Match           apache-logs-acesso
+    Host            172.20.0.1
+    Port            9200
+    Index           host02-logs
+    Type            _doc
+    HTTP_User       admin
+    HTTP_Passwd     admin
+    tls             On
+    tls.verify      Off
+    Suppress_Type_Name   On
--- a/hosts/host03/docker-compose.yml
+++ b/hosts/host03/docker-compose.yml
@@ -0,0 +1,22 @@
+services:
+ rk-siem-host03:
+#    image: ricardokleber/rk-siem-host03:latest
+    image: docker.ifrncn.com.br/rk/rk-windows:latest
+    container_name: rk-siem-host03
+    devices:
+      - /dev/kvm # Essencial para aceleração de hardware (KVM)
+    cap_add:
+      - NET_ADMIN
+    ports:
+      - 8006:8006 # Interface Web (NoVNC)
+    volumes:
+      - ./dados:/storage
+    stop_grace_period: 2m
+    restart: on-failure
+    environment:
+      VERSION: "7u" # Define a versão (win11, win10, etc)
+      RAM_SIZE: "2G"   # Mínimo recomendado para Win11
+      CPU_CORES: "2"   # Quantidade de núcleos
+      DISK_SIZE: "15G" # Tamanho do disco virtual
+      USERNAME: "admin"
+      PASSWORD: "admin"
--- a/rk-siem-collector/docker-compose.yml
+++ b/rk-siem-collector/docker-compose.yml
@@ -0,0 +1,9 @@
+services:
+  rk-siem-collector:
+    image: opensearchproject/data-prepper:2.15.0
+    container_name: rk-siem-collector
+    volumes:
+      - ./log_pipeline.yaml:/usr/share/data-prepper/pipelines/log_pipeline.yaml
+      - ./rk-siem-collector-config.yaml:/usr/share/data-prepper/config/data-prepper-config.yaml
+    ports:
+      - 2021:2021