Centos 7 Repo - asklinux/rimau-waf GitHub Wiki

Install tunnelbiz repo

rpm -ivh http://centos.tunnelbiz.com/tunnelbiz-1.0.0-0.el7.centos.x86_64.rpm

yum update

yum install rimauwaf

restart server/start service

http://ip:9090

user/pass: admin

Install And configure Elastic Stack and kibana

- rimauwaf

yum install filebeat

cd /etc/filebeat/

vim filebeat.yml

In the paths section on line 21, add the new log files. We will add two files '/var/log/secure' for ssh activity and '/var/log/messages' for the server log.

paths:

- /var/log/secure

- /var/log/messages

Add a new configuration on line 26 to define the syslog type files.

document-type: syslog

Disable elasticsearch output.

  1. -------------------------- Elasticsearch output ------------------------------
  2. output.elasticsearch:
  1. Array of hosts to connect to.
  1. hosts: ["localhost:9200"]

Now add the new logstash output configuration. Uncomment the logstash output configuration and change all value to the configuration that is shown below.

output.logstash:

# The Logstash hosts

hosts: ["10.0.15.10:5443"]

bulk_max_size: 1024

ssl.certificate_authorities: ["/etc/pki/tls/certs/logstash-forwarder.crt"]

template.name: "filebeat"

template.path: "filebeat.template.json"

template.overwrite: false

- report server (kibana + elastic)

now u can using rimauWAF on cloud Platform AWS and Azure the system include source code that u can update

AWS

Azure

⚠️ **GitHub.com Fallback** ⚠️