Commit 2919172f authored by Arne Øslebø's avatar Arne Øslebø
Browse files


SOCTools is a set of tools that can be used by a SOC for collecting and analyzing security data, incident handling and threat intelligence.
Edit inventories/deploy/hosts.yml and change "host1" to the fqdn or IP address of the server where the tools should be installed. The playbook has been tested on Debian Stretch and CentOS 7.
The role soctools_server makes sure that docker is properly installed on the server. To prevent the playbook to make any changes to the server besides setting up docker networks and containers, this role can be removed.
Run the ansible playbook:
ansible-playbook -i inventories/deploy/hosts.yml deploy.yml
This will install the following docker images:
* zookeeper:latest
* haproxy:latest
* apache/nifi:latest
While the ansible playbook supports multiple servers, the current configuration of NiFi and haproxy only supports a single server.
Building images
Images that are not offical Docker images can be built from scratch by running:
ansible-playbook -i inventories/build/hosts.yml build_images.yml
Edit the files under inventories/deploy/group_vars to specify that built images should be used. Currently only NiFi is built from scratch.
Author Information
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment