Wazuh Docker
| Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
|---|---|---|---|---|---|---|---|---|---|---|
| Portainer | 26,681 | 2 | 6 hours ago | 78 | April 21, 2021 | 465 | zlib | Go | ||
| Making Docker and Kubernetes management easy. | ||||||||||
| Setup Ipsec Vpn | 22,753 | 2 days ago | 1 | other | Shell | |||||
| Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2 | ||||||||||
| Trivy | 18,764 | 44 | 7 hours ago | 198 | July 31, 2023 | 188 | apache-2.0 | Go | ||
| Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more | ||||||||||
| Authelia | 17,453 |  | 2 | 9 hours ago | 64 | October 28, 2019 | 98 | apache-2.0 | Go | |
| The Single Sign-On Multi-Factor portal for web apps | ||||||||||
| Slim | 17,289 | 3 | 5 days ago | 73 | April 25, 2021 | 162 | apache-2.0 | Go | ||
| Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source) | ||||||||||
| Hydra | 14,454 | 9 | 7 hours ago | 1 | May 08, 2019 | 88 | apache-2.0 | Go | ||
| OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid. | ||||||||||
| Labs | 11,245 | 4 months ago | 141 | apache-2.0 | PHP | |||||
| This is a collection of tutorials for learning how to use Docker with various tools. Contributions welcome. | ||||||||||
| Rustscan | 10,721 | a month ago | 18 | November 07, 2022 | 128 | gpl-3.0 | Rust | |||
| 🤖 The Modern Port Scanner 🤖 | ||||||||||
| Docker Bench Security | 8,549 | 4 days ago | 18 | apache-2.0 | Shell | |||||
| The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production. | ||||||||||
| Devops Resources | 7,566 | 2 months ago | 14 | Groovy | ||||||
| DevOps resources - Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP | ||||||||||
Alternatives To Wazuh DockerSelect To Compare
Alternative Project Comparisons
Readme
Wazuh containers for Docker
In this repository you will find the containers to run:
- Wazuh manager: it runs the Wazuh manager, Wazuh API and Filebeat OSS
- Wazuh dashboard: provides a web user interface to browse through alerts data and allows you to visualize agents configuration and status.
- Wazuh indexer: Wazuh indexer container (working as a single-node cluster or as a multi-node cluster). Be aware to increase the
vm.max_map_countsetting, as it's detailed in the Wazuh documentation.
The folder build-docker-images contains a README explaining how to build the Wazuh images and the necessary assets.
The folder indexer-certs-creator contains a README explaining how to create the certificates creator tool and the necessary assets.
The folder single-node contains a README explaining how to run a Wazuh environment with one Wazuh manager, one Wazuh indexer, and one Wazuh dashboard.
The folder multi-node contains a README explaining how to run a Wazuh environment with two Wazuh managers, three Wazuh indexer, and one Wazuh dashboard.
Documentation
Setup SSL certificate
Before starting the environment it is required to provide an SSL certificate (or just generate one self-signed).
Documentation on how to provide these two can be found at Wazuh Docker Documentation.
Environment Variables
Default values are included when available.
Wazuh
API_USERNAME="wazuh-wui" # Wazuh API username
API_PASSWORD="MyS3cr37P450r.*-" # Wazuh API password - Must comply with requirements
# (8+ length, uppercase, lowercase, specials chars)
INDEXER_URL=https://wazuh.indexer:9200 # Wazuh indexer URL
INDEXER_USERNAME=admin # Wazuh indexer Username
INDEXER_PASSWORD=SecretPassword # Wazuh indexer Password
FILEBEAT_SSL_VERIFICATION_MODE=full # Filebeat SSL Verification mode (full or none)
SSL_CERTIFICATE_AUTHORITIES="" # Path of Filebeat SSL CA
SSL_CERTIFICATE="" # Path of Filebeat SSL Certificate
SSL_KEY="" # Path of Filebeat SSL Key
Dashboard
PATTERN="wazuh-alerts-*" # Default index pattern to use
CHECKS_PATTERN=true # Defines which checks must to be consider by the healthcheck
CHECKS_TEMPLATE=true # step once the Wazuh app starts. Values must to be true or false
CHECKS_API=true
CHECKS_SETUP=true
EXTENSIONS_PCI=true # Enable PCI Extension
EXTENSIONS_GDPR=true # Enable GDPR Extension
EXTENSIONS_HIPAA=true # Enable HIPAA Extension
EXTENSIONS_NIST=true # Enable NIST Extension
EXTENSIONS_TSC=true # Enable TSC Extension
EXTENSIONS_AUDIT=true # Enable Audit Extension
EXTENSIONS_OSCAP=false # Enable OpenSCAP Extension
EXTENSIONS_CISCAT=false # Enable CISCAT Extension
EXTENSIONS_AWS=false # Enable AWS Extension
EXTENSIONS_GCP=false # Enable GCP Extension
EXTENSIONS_VIRUSTOTAL=false # Enable Virustotal Extension
EXTENSIONS_OSQUERY=false # Enable OSQuery Extension
EXTENSIONS_DOCKER=false # Enable Docker Extension
APP_TIMEOUT=20000 # Defines maximum timeout to be used on the Wazuh app requests
API_SELECTOR=true Defines if the user is allowed to change the selected API directly from the Wazuh app top menu
IP_SELECTOR=true # Defines if the user is allowed to change the selected index pattern directly from the Wazuh app top menu
IP_IGNORE="[]" # List of index patterns to be ignored
DASHBOARD_USERNAME=kibanaserver # Custom user saved in the dashboard keystore
DASHBOARD_PASSWORD=kibanaserver # Custom password saved in the dashboard keystore
WAZUH_MONITORING_ENABLED=true # Custom settings to enable/disable wazuh-monitoring indices
WAZUH_MONITORING_FREQUENCY=900 # Custom setting to set the frequency for wazuh-monitoring indices cron task
WAZUH_MONITORING_SHARDS=2 # Configure wazuh-monitoring-* indices shards and replicas
WAZUH_MONITORING_REPLICAS=0 ##
Directory structure
├── build-docker-images
│ ├── docker-compose.yml
│ ├── wazuh-dashboard
│ │ ├── config
│ │ │ ├── config.sh
│ │ │ ├── config.yml
│ │ │ ├── entrypoint.sh
│ │ │ ├── opensearch_dashboards.yml
│ │ │ ├── wazuh_app_config.sh
│ │ │ └── wazuh.yml
│ │ └── Dockerfile
│ ├── wazuh-indexer
│ │ ├── config
│ │ │ ├── config.sh
│ │ │ ├── config.yml
│ │ │ ├── entrypoint.sh
│ │ │ ├── internal_users.yml
│ │ │ ├── opensearch.yml
│ │ │ ├── roles_mapping.yml
│ │ │ ├── roles.yml
│ │ │ └── securityadmin.sh
│ │ └── Dockerfile
│ └── wazuh-manager
│ ├── config
│ │ ├── create_user.py
│ │ ├── etc
│ │ │ ├── cont-init.d
│ │ │ │ ├── 0-wazuh-init
│ │ │ │ ├── 1-config-filebeat
│ │ │ │ └── 2-manager
│ │ │ └── services.d
│ │ │ ├── filebeat
│ │ │ │ ├── finish
│ │ │ │ └── run
│ │ │ └── ossec-logs
│ │ │ └── run
│ │ ├── filebeat.yml
│ │ ├── permanent_data.env
│ │ ├── permanent_data.sh
│ │ └── wazuh.repo
│ └── Dockerfile
├── CHANGELOG.md
├── indexer-certs-creator
│ ├── config
│ │ └── entrypoint.sh
│ └── Dockerfile
├── LICENSE
├── multi-node
│ ├── config
│ │ ├── nginx
│ │ │ └── nginx.conf
│ │ ├── wazuh_cluster
│ │ │ ├── wazuh_manager.conf
│ │ │ └── wazuh_worker.conf
│ │ ├── wazuh_dashboard
│ │ │ ├── opensearch_dashboards.yml
│ │ │ └── wazuh.yml
│ │ ├── wazuh_indexer
│ │ │ ├── internal_users.yml
│ │ │ ├── wazuh1.indexer.yml
│ │ │ ├── wazuh2.indexer.yml
│ │ │ └── wazuh3.indexer.yml
│ │ └── wazuh_indexer_ssl_certs
│ │ └── certs.yml
│ ├── docker-compose.yml
│ ├── generate-indexer-certs.yml
│ ├── Migration-to-Wazuh-4.3.md
│ └── volume-migrator.sh
├── README.md
├── single-node
│ ├── config
│ │ ├── wazuh_cluster
│ │ │ └── wazuh_manager.conf
│ │ ├── wazuh_dashboard
│ │ │ ├── opensearch_dashboards.yml
│ │ │ └── wazuh.yml
│ │ ├── wazuh_indexer
│ │ │ ├── internal_users.yml
│ │ │ └── wazuh.indexer.yml
│ │ └── wazuh_indexer_ssl_certs
│ │ ├── admin-key.pem
│ │ ├── admin.pem
│ │ ├── certs.yml
│ │ ├── root-ca.key
│ │ ├── root-ca.pem
│ │ ├── wazuh.dashboard-key.pem
│ │ ├── wazuh.dashboard.pem
│ │ ├── wazuh.indexer-key.pem
│ │ ├── wazuh.indexer.pem
│ │ ├── wazuh.manager-key.pem
│ │ └── wazuh.manager.pem
│ ├── docker-compose.yml
│ ├── generate-indexer-certs.yml
│ └── README.md
└── VERSION
Branches
-
masterbranch contains the latest code, be aware of possible bugs on this branch. -
stablebranch on correspond to the last Wazuh stable version.
Compatibility Matrix
| Wazuh version | ODFE | XPACK |
|---|---|---|
| v4.8.0 | ||
| v4.7.1 | ||
| v4.7.0 | ||
| v4.6.0 | ||
| v4.5.3 | ||
| v4.5.2 | ||
| v4.5.1 | ||
| v4.5.0 | ||
| v4.4.5 | ||
| v4.4.4 | ||
| v4.4.3 | ||
| v4.4.2 | ||
| v4.4.1 | ||
| v4.4.0 | ||
| v4.3.11 | ||
| v4.3.10 | ||
| v4.3.9 | ||
| v4.3.8 | ||
| v4.3.7 | ||
| v4.3.6 | ||
| v4.3.5 | ||
| v4.3.4 | ||
| v4.3.3 | ||
| v4.3.2 | ||
| v4.3.1 | ||
| v4.3.0 | ||
| v4.2.7 | 1.13.2 | 7.11.2 |
| v4.2.6 | 1.13.2 | 7.11.2 |
| v4.2.5 | 1.13.2 | 7.11.2 |
| v4.2.4 | 1.13.2 | 7.11.2 |
| v4.2.3 | 1.13.2 | 7.11.2 |
| v4.2.2 | 1.13.2 | 7.11.2 |
| v4.2.1 | 1.13.2 | 7.11.2 |
| v4.2.0 | 1.13.2 | 7.10.2 |
| v4.1.5 | 1.13.2 | 7.10.2 |
| v4.1.4 | 1.12.0 | 7.10.2 |
| v4.1.3 | 1.12.0 | 7.10.2 |
| v4.1.2 | 1.12.0 | 7.10.2 |
| v4.1.1 | 1.12.0 | 7.10.2 |
| v4.1.0 | 1.12.0 | 7.10.2 |
| v4.0.4 | 1.11.0 | |
| v4.0.3 | 1.11.0 | |
| v4.0.2 | 1.11.0 | |
| v4.0.1 | 1.11.0 | |
| v4.0.0 | 1.10.1 |
Credits and Thank you
These Docker containers are based on:
- "deviantony" dockerfiles which can be found at deviantony/docker-elk
- "xetus-oss" dockerfiles, which can be found at xetus-oss/docker-ossec-server
We thank you them and everyone else who has contributed to this project.
License and copyright
Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
Web references
Popular Docker Projects
Popular Security Projects
Popular Virtualization Categories
Related Searches
Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Shell
Docker
Security
Monitoring
Elasticsearch
Certificate
Ids
Kibana
Compliance
Incident Response
Vulnerability Detection
Security Hardening
Intrusion Detection
Log Analysis
Pci Dss