Installation Main Tools at Once - wahyusutejo1986/socarium GitHub Wiki

Install All Main Tools of SOC Package

System Overview

  • Continue from the installation prerequisites, in the main menu select Deploy All Core Services

  • This process may take some time depending on your system and network speed.

  • After finish the installation process, the main menu will be prompt again.

  • Verify the installation, please Exit from the main menu.

  • Type this command into the server:
sudo docker ps
  • Check all the containers that has been created.

  • Access the security platforms from your browser apps for continue verify the installation.

Wazuh

  • URL: https://<your-server-ip>
  • Default Credentials:

Username: admin Password: SecretPassword

DFIR-IRIS

  • URL: https://<your-server-ip>:8443
  • Default Credentials:

Username: administrator Password: socarium

Shuffle

  • URL: http://<your-server-ip>:3443

  • In the beginning you need to register an account, please follow the steps:

  • Access URL http://<your-server-ip>:3443 or http://<your-server-ip>:3001, register page will load.

  • Fill in a username and password that you able to remember.

  • Note: At this example we filled in the username box is admin and the password box is socarium.

  • Press submit to register the username and password.

  • The login page will be prompt after you click submit.

  • Fill in the username and password box with the username and password that previously you created.

MISP

  • Modify the config.php to access the MISP page.

  • Get the root access and root password to access the configs directory and config.php.

sudo su
  • Access config.php with text editor that you familiar with.
nano misp-docker/configs/config.php
  • Edit baseurl: https://<your ip address>:10443 to your server IP address.

  • Press Ctrl + o to save the edited file and Enter to confirm it.

  • Press Ctrl + x to exit the text editor.

  • Exit from root access with type this in the terminal.

exit

  • Ready to access the MISP page via your browser app.

  • URL: https://<your-server-ip>:10443

  • Default Credentials:

Username: [email protected] Password: admin

Velociraptor

  • URL: https://<your-server-ip>:8889
  • Default Credentials:

Username: admin Password: socarium