ricardokleber/rk-siem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Atualização - 18/04/2026 - 11:36

Browse Source
This commit is contained in:
ricardokleber
2026-04-18 11:36:22 -03:00
parent 92f4b2ef96
commit e10cfc8c34
5 changed files with 49 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
roteiros/instalacao/README.md
View File

@@ -54,4 +54,4 @@ http://localhost:5601
**Vídeos do RK-SIEM (Youtube):**
<a href="https://www.youtube.com/playlist?list=PLzEiYA7yCrq9-Dub9qwmFJFbh2NMoOjTh" target="_blank"><img width="400" height="120" alt="assistavideo" src="assets/rk-siem-youtube.png" /></a>
<a href="https://www.youtube.com/playlist?list=PLzEiYA7yCrq9-Dub9qwmFJFbh2NMoOjTh" target="_blank"><img width="400" height="120" alt="assistavideo" src="../../assets/rk-siem-youtube.png" /></a>

48
roteiros/instalacao/docker-compose.yml Normal file
View File

@@ -0,0 +1,48 @@
services:
rk-siem-core:
image: ricardokleber/rk-siem-core:latest
container_name: rk-siem-core
environment:
- cluster.name=rk-siem-core
- node.name=rk-siem-node
- discovery.type=single-node
- bootstrap.memory_lock=true
- "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # Ajuste conforme sua RAM disponível
- DISABLE_INSTALL_DEMO_CONFIG=false
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
volumes:
- rk-siem-data:/usr/share/opensearch/data
ports:
- 9200:9200 # API REST
- 9600:9600 # Performance Analyzer
networks:
- rk-siem-net
rk-siem-ui:
image: ricardokleber/rk-siem-ui:latest
container_name: rk-siem-ui
ports:
- 5601:5601 # Interface Web
expose:
- 5601
command: ["/bin/bash", "-c", "/etc/init.d/opensearch-dashboards start && tail -f /var/log/opensearch-dashboards/opensearch-dashboards.stdout"]
restart: always
environment:
- 'OPENSEARCH_HOSTS=["https://rk-siem-core:9200"]'
- "DISABLE_SECURITY_DASHBOARDS_PLUGIN=false"
networks:
- rk-siem-net
depends_on:
- rk-siem-core
volumes:
rk-siem-data:
networks:
rk-siem-net:

8
roteiros/lab02/docker-compose.yml Normal file
View File

@@ -0,0 +1,8 @@
services:
rk-siem-host02:
image: ricardokleber/rk-siem-host02:latest
container_name: rk-siem-host02
hostname: rk-siem-host02
tty: true
stdin_open: true
restart: always

27
roteiros/lab02/fluent-bit.conf Normal file
View File

@@ -0,0 +1,27 @@
# cat /etc/fluent-bit/fluent-bit.conf
[SERVICE]
Flush 1
Log_Level info
Daemon off
# Parsers_File parsers.conf
# Coleta logs do Apache
[INPUT]
Name tail
Path /var/log/apache2/access.log
Tag apache-logs-acesso
# Parser apache2
# Envio para o RK-SIEM-CORE
[OUTPUT]
Name opensearch
Match apache-logs-acesso
Host 172.20.0.1
Port 9200
Index host02-logs
Type _doc
HTTP_User admin
HTTP_Passwd admin
tls On
tls.verify Off
Suppress_Type_Name On

22
roteiros/lab03/docker-compose.yml Normal file
View File

@@ -0,0 +1,22 @@
services:
rk-siem-host03:
# image: ricardokleber/rk-siem-host03:latest
image: docker.ifrncn.com.br/rk/rk-windows:latest
container_name: rk-siem-host03
devices:
- /dev/kvm # Essencial para aceleração de hardware (KVM)
cap_add:
- NET_ADMIN
ports:
- 8006:8006 # Interface Web (NoVNC)
volumes:
- ./dados:/storage
stop_grace_period: 2m
restart: on-failure
environment:
VERSION: "7u" # Define a versão (win11, win10, etc)
RAM_SIZE: "2G" # Mínimo recomendado para Win11
CPU_CORES: "2" # Quantidade de núcleos
DISK_SIZE: "15G" # Tamanho do disco virtual
USERNAME: "admin"
PASSWORD: "admin"