bpmcdevitt/splunk_local
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
splunk_local/docker-compose.yml

158 lines
3.9 KiB
YAML
Raw Permalink Blame History

services:
splunk:
image: splunk/splunk:latest
container_name: splunk_local
environment:
- SPLUNK_START_ARGS=--accept-license
- SPLUNK_PASSWORD=admin123
- SPLUNK_HEC_TOKEN=00000000-0000-0000-0000-000000000000
ports:
- "8000:8000" # Splunk Web UI
- "8088:8088" # HTTP Event Collector (HEC)
- "9997:9997" # Splunk2Splunk
- "8089:8089" # Splunk Management Port
- "514:514/udp" # Syslog
volumes:
- splunk_etc:/opt/splunk/etc
- splunk_var:/opt/splunk/var
- ./config:/tmp/defaults
- ./logs:/opt/splunk/logs
restart: unless-stopped
# Optional: Universal Forwarder for testing log forwarding
splunk_forwarder:
image: splunk/universalforwarder:latest
container_name: splunk_forwarder
environment:
- SPLUNK_START_ARGS=--accept-license
- SPLUNK_PASSWORD=admin123
- SPLUNK_FORWARD_SERVER=splunk:9997
volumes:
- ./logs:/var/log/app
- splunk_uf_etc:/opt/splunkforwarder/etc
- splunk_uf_var:/opt/splunkforwarder/var
depends_on:
- splunk
restart: unless-stopped
profiles:
- forwarder
# Log Generators for testing various log formats
log_generator_web:
image: python:3.11-slim
container_name: log_generator_web
working_dir: /app
command: python web_logs.py
volumes:
- ./generators:/app
- ./logs:/var/log/app
restart: unless-stopped
profiles:
- generators
log_generator_syslog:
image: python:3.11-slim
container_name: log_generator_syslog
working_dir: /app
command: python syslog_generator.py
volumes:
- ./generators:/app
- ./logs:/var/log/app
restart: unless-stopped
profiles:
- generators
log_generator_json:
image: python:3.11-slim
container_name: log_generator_json
working_dir: /app
command: python json_logs.py
volumes:
- ./generators:/app
- ./logs:/var/log/app
restart: unless-stopped
profiles:
- generators
log_generator_hec:
image: python:3.11-slim
container_name: log_generator_hec
working_dir: /app
command: sh -c "pip install requests && python hec_sender.py"
volumes:
- ./generators:/app
environment:
- SPLUNK_HEC_URL=http://splunk:8088/services/collector
- SPLUNK_HEC_TOKEN=00000000-0000-0000-0000-000000000000
depends_on:
- splunk
restart: unless-stopped
profiles:
- generators
# Security-focused log generators
log_generator_windows:
image: python:3.11-slim
container_name: log_generator_windows
working_dir: /app
command: python windows_events.py
volumes:
- ./generators:/app
- ./logs:/var/log/app
restart: unless-stopped
profiles:
- security
log_generator_firewall:
image: python:3.11-slim
container_name: log_generator_firewall
working_dir: /app
command: python firewall_logs.py
volumes:
- ./generators:/app
- ./logs:/var/log/app
restart: unless-stopped
profiles:
- security
log_generator_dns:
image: python:3.11-slim
container_name: log_generator_dns
working_dir: /app
command: python dns_logs.py
volumes:
- ./generators:/app
- ./logs:/var/log/app
restart: unless-stopped
profiles:
- security
log_generator_auth:
image: python:3.11-slim
container_name: log_generator_auth
working_dir: /app
command: python auth_logs.py
volumes:
- ./generators:/app
- ./logs:/var/log/app
restart: unless-stopped
profiles:
- security
log_generator_cloud:
image: python:3.11-slim
container_name: log_generator_cloud
working_dir: /app
command: python cloud_logs.py
volumes:
- ./generators:/app
- ./logs:/var/log/app
restart: unless-stopped
profiles:
- security
volumes:
splunk_etc:
splunk_var:
splunk_uf_etc:
splunk_uf_var:
Reference in a new issue View git blame Copy permalink