· 6 years ago · May 15, 2019, 04:04 PM
1version: '2'
2services:
3 elasticsearch:
4 image: docker.elastic.co/elasticsearch/elasticsearch:6.6.0
5 container_name: elasticsearch
6 environment:
7 - cluster.name=vulnwhisperer
8 - bootstrap.memory_lock=true
9 - "ES_JAVA_OPTS=-Xms1g -Xmx1g"
10 - xpack.security.enabled=false
11 ulimits:
12 memlock:
13 soft: -1
14 hard: -1
15 nofile:
16 soft: 65536
17 hard: 65536
18 mem_limit: 8g
19 volumes:
20 - esdata1:/usr/share/elasticsearch/data
21 ports:
22 - 9200:9200
23 #restart: always
24 networks:
25 esnet:
26 aliases:
27 - elasticsearch.local
28 kibana:
29 image: docker.elastic.co/kibana/kibana:6.6.0
30 container_name: kibana
31 environment:
32 SERVER_NAME: kibana
33 ELASTICSEARCH_URL: http://elasticsearch:9200
34 ports:
35 - 5601:5601
36 depends_on:
37 - elasticsearch
38 networks:
39 esnet:
40 aliases:
41 - kibana.local
42 kibana-config:
43 image: alpine
44 container_name: kibana-config
45 volumes:
46 - ./resources/elk6/init_kibana.sh:/opt/init_kibana.sh
47 - ./resources/elk6/kibana_APIonly.json:/opt/kibana_APIonly.json
48 - ./resources/elk6/logstash-vulnwhisperer-template.json:/opt/index-template.json
49 command: sh -c "apk add --no-cache curl bash && chmod +x /opt/init_kibana.sh && chmod +r /opt/kibana_APIonly.json && cd /opt/ && /bin/bash /opt/init_kibana.sh" # /opt/kibana_APIonly.json"
50 networks:
51 esnet:
52 aliases:
53 - kibana-config.local
54 logstash:
55 image: docker.elastic.co/logstash/logstash:6.6.0
56 container_name: logstash
57 volumes:
58 - ./resources/elk6/pipeline/:/usr/share/logstash/pipeline
59 - ./data/:/opt/VulnWhisperer/data
60 - ./resources/elk6/logstash.yml:/usr/share/logstash/config/logstash.yml
61 environment:
62 - xpack.monitoring.enabled=false
63 depends_on:
64 - elasticsearch
65 networks:
66 esnet:
67 aliases:
68 - logstash.local
69 vulnwhisperer:
70 image: vulnwhisperer
71 container_name: vulnwhisperer
72 entrypoint: [
73 "vuln_whisperer",
74 "-c",
75 "/opt/VulnWhisperer/vulnwhisperer.ini"
76 ]
77 volumes:
78 - ./data/:/opt/VulnWhisperer/data
79 - ./resources/elk6/vulnwhisperer.ini:/opt/VulnWhisperer/vulnwhisperer.ini
80 network_mode: host
81volumes:
82 esdata1:
83 driver: local
84
85networks:
86 esnet:
87
88
89
90
91---------------------------------- INI -------------------------------------
92[nessus]
93enabled=true
94hostname=localhost
95port=8834
96username=redacted
97password=redacted
98write_path=/opt/VulnWhisperer/data/nessus/
99db_path=/opt/VulnWhisperer/data/database
100trash=false
101verbose=true
102
103[tenable]
104enabled=false
105hostname=cloud.tenable.com
106port=443
107username=tenable.io_username
108password=tenable.io_password
109write_path=/opt/VulnWhisperer/data/tenable/
110db_path=/opt/VulnWhisperer/data/database
111trash=false
112verbose=true
113
114[qualys_web]
115#Reference https://www.qualys.com/docs/qualys-was-api-user-guide.pdf to find your API
116enabled = false
117hostname = qualysapi.qg2.apps.qualys.com
118username = exampleuser
119password = examplepass
120write_path=/opt/VulnWhisperer/data/qualys/
121db_path=/opt/VulnWhisperer/data/database
122verbose=true
123
124# Set the maximum number of retries each connection should attempt.
125#Note, this applies only to failed connections and timeouts, never to requests where the server returns a response.
126max_retries = 10
127# Template ID will need to be retrieved for each document. Please follow the reference guide above for instructions on how to get your template ID.
128template_id = 126024
129
130[qualys_vuln]
131#Reference https://www.qualys.com/docs/qualys-was-api-user-guide.pdf to find your API
132enabled = false
133hostname = qualysapi.qg2.apps.qualys.com
134username = exampleuser
135password = examplepass
136write_path=/opt/VulnWhisperer/data/qualys/
137db_path=/opt/VulnWhisperer/data/database
138verbose=true
139
140# Set the maximum number of retries each connection should attempt.
141#Note, this applies only to failed connections and timeouts, never to requests where the server returns a response.
142max_retries = 10
143# Template ID will need to be retrieved for each document. Please follow the reference guide above for instructions on how to get your template ID.
144template_id = 126024
145
146[detectify]
147#Reference https://developer.detectify.com/
148enabled = false
149hostname = api.detectify.com
150#username variable used as apiKey
151username = exampleuser
152#password variable used as secretKey
153password = examplepass
154write_path =/opt/VulnWhisperer/data/detectify/
155db_path = /opt/VulnWhisperer/data/database
156verbose = true
157
158[openvas]
159enabled = false
160hostname = localhost
161port = 4000
162username = exampleuser
163password = examplepass
164write_path=/opt/VulnWhisperer/data/openvas/
165db_path=/opt/VulnWhisperer/data/database
166verbose=true
167
168#[proxy]
169; This section is optional. Leave it out if you're not using a proxy.
170; You can use environmental variables as well: http://www.python-requests.org/en/latest/user/advanced/#proxies
171
172; proxy_protocol set to https, if not specified.
173#proxy_url = proxy.mycorp.com
174
175; proxy_port will override any port specified in proxy_url
176#proxy_port = 8080
177
178; proxy authentication
179#proxy_username = proxyuser
180#proxy_password = proxypass
181
182[jira]
183hostname = jira-host
184username = username
185password = password
186write_path = /opt/VulnWhisperer/data/jira/
187db_path = /opt/VulnWhisperer/data/database
188verbose = true
189dns_resolv = False
190
191#Sample jira report scan, will automatically be created for existent scans
192#[jira.qualys_vuln.test_scan]
193#source = qualys_vuln
194#scan_name = Test Scan
195#jira_project = PROJECT
196; if multiple components, separate by "," = None
197#components =
198; minimum criticality to report (low, medium, high or critical) = None
199#min_critical_to_report = high