Sys265 Docker Large - ConnorEast/Tech-Journal GitHub Wiki

<< Previous Page

Installing Docker for Wazuh Implementation

Step: Command Image/Reason:
Command 1: "curl -sSL https://get.docker.com" | sh
Command 2: systemctl start docker
Command 3: systemctl status docker
command 4: curl -L "https://github.com/docker/compose/releases/download/v2.12.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
command 5: chmod +x /usr/local/bin/docker-compose
Command 6: docker-compose --version ![image](https://github.com/user-attachments/assets/7275fd21-0273-4dc4-8d47-60ca9d85cd08)
Source documentation.wazuh.com

Installing Single Node Wazuh installation

Step: Command Image/Reason:
Command 1: git clone https://github.com/wazuh/wazuh-docker.git -b v4.10.1
Command 2: cd /wazuh-docker/single-node
Command 3: docker-compose -f generate-indexer-certs.yml run --rm generator
Command 4: docker-compose up -d
Reason: Given I dont have any self signed certificates I skip passed the indexer, management, and dashboard ssl certificate self instillation

Navigate to docker

Docker can be accessed by going to "https://[local IP]:443" The base install uses the username admin and the password "SecretPassword". Once the page has loaded you should see something akin to the following:

Step: Command Image/Reason:
Step 1: Select Deploy New Agent
Step 2: Under Select Package to download and install choose your distro. In my case Windows MSI 32/64 bits
Step 3: Insert the IP address of your Wuzuh server as seen in the image below
Step 4: Select a name for your agent and a group. Given this is only an example I will simply be doing default
Step 5: take the new code shown under "Run the following commands and install the agent".
Step 6: on the windows server in powershell use the command: "Net Start WazuhSvc"

Deliverable 1: Active device on network: Deliverable 2: Lists security checks:

Delivering emails through SMTP Server Relay

Step: Command Image/Reason:
Step 1: vi /home/docker/docker-compose.yml

Add the following under services:

  • smtp-relay:
  • image: jaunluisbapatiste/postfix
  • enviornment:
  • SMTP_SERVER=${SMTPS_EAST}
  • SMTP_USERNAME=${SMTPU_EAST}
  • SMTP_PASSWORD=${SMTPP_EAST}
  • SERVER_HOSTNAME=${SMTPH_EAST}
  • ports:
  • - 25:25
Step 2: sudo vi .env

Add the following into .env and save

  • SMPTS_EAST=smtp-mail.gmail.com
  • SMTPU_EAST=[INSERT_EMAIL]
  • SMTPP_EAST=[INSERT_Email/APP_PASSWORD]
  • SMPTH_EAST=wazuh.com
Sources:
Wazuh.com Email Notification doc
Open Source Security Blogs
⚠️ **GitHub.com Fallback** ⚠️