From 012005693af9963f93daaed3cb5ecf5819e43f08 Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Wed, 27 Oct 2021 10:41:16 +0200 Subject: lower the docker-compose file version Debian 11 (bullseye) comes with docker-compose version 1.25.0, build unknown. Lowering the docker-compose version to 2.3 seems to work. But I'm really not sure what I'm doing here. Please lmk if this isn't reasonable. --- docker/docker-compose.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/docker-compose.yaml b/docker/docker-compose.yaml index be09765..3420709 100644 --- a/docker/docker-compose.yaml +++ b/docker/docker-compose.yaml @@ -1,4 +1,4 @@ -version: '3.8' +version: '2.3' services: collector: build: ./collector/ -- cgit v1.1 From 7db80179e77c3f206e8ac24b585ed512b85b94b4 Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Wed, 27 Oct 2021 10:41:58 +0200 Subject: typo fix --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8ef8971..2f46de3 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ SOC staff ever: Can we have lunch now? ## The elevator pitch -Your're working as a Security Operations Center engineer and your job +You're working as a Security Operations Center engineer and your job is to, one, know when any part of your infrastructure is vulnerable and, two, if it is, do something smart about it. -- cgit v1.1 From c95b319e1513b76c1cf3e4f04f707f3c28dc580b Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Wed, 27 Oct 2021 10:42:07 +0200 Subject: tested with bullseye --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 2f46de3..dae42a5 100644 --- a/README.md +++ b/README.md @@ -41,8 +41,8 @@ the full text. ## How to test it out -The collector has been tested on Debian 10 (Buster). Other Unix -systems should also be capable of hosting it. +The collector has been tested on Debian 11 (Bullseye). Other Unix +systems should also be capable of running a collector. Clone the repository. -- cgit v1.1 From 7a663a74601c3b61f1903c831d4b8843769e87e4 Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Wed, 27 Oct 2021 10:42:14 +0200 Subject: update dependencies --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index dae42a5..5478fc8 100644 --- a/README.md +++ b/README.md @@ -50,8 +50,7 @@ Clone the repository. Install dependencies (Debian). - sudo apt install python3 python3-pip python3-leveldb - pip3 install falcon + sudo apt install docker.io docker-compose Start CouchDB and the collector. Make sure to give it a username and password: -- cgit v1.1 From 415044e7087ff89efc15e1babf84dd963c617175 Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Wed, 27 Oct 2021 11:00:26 +0200 Subject: quote url containing ampersand and clarify "key" --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 5478fc8..769f999 100644 --- a/README.md +++ b/README.md @@ -93,10 +93,10 @@ We might also filter the data: curl -s -u user1:pw1 http://localhost:80/sc/v0/get?port=111 | json_pp -json_opt utf8,pretty -Believe it or not, but we can also get a single observation by looking up its key: +Believe it or not, but we can also get a single observation by looking up its key (_id): curl -s -u user1:pw1 http://localhost:80/sc/v0/get/1633633714355 | json_pp -json_opt utf8,pretty We can also limit the number of results and skip N results forward with the parameters limit and skip: - curl -s -u user1:pw1 http://localhost:80/sc/v0/get?limit=5&skip=2 | json_pp -json_opt utf8,pretty + curl -s -u user1:pw1 'http://localhost:80/sc/v0/get?limit=5&skip=2' | json_pp -json_opt utf8,pretty -- cgit v1.1 From dd0664047ca0843123079fc7e0dfe2f1f5c87e1b Mon Sep 17 00:00:00 2001 From: Kristofer Hallin Date: Fri, 29 Oct 2021 09:46:34 +0200 Subject: Initialize CouchDB properly, now _users should be created. --- docker/couchdb/10-single-node.ini | 2 ++ docker/couchdb/Dockerfile | 5 +++++ docker/docker-compose.yaml | 2 +- 3 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 docker/couchdb/10-single-node.ini create mode 100644 docker/couchdb/Dockerfile diff --git a/docker/couchdb/10-single-node.ini b/docker/couchdb/10-single-node.ini new file mode 100644 index 0000000..c85b081 --- /dev/null +++ b/docker/couchdb/10-single-node.ini @@ -0,0 +1,2 @@ +[couchdb] +single_node=true \ No newline at end of file diff --git a/docker/couchdb/Dockerfile b/docker/couchdb/Dockerfile new file mode 100644 index 0000000..ce3d5b2 --- /dev/null +++ b/docker/couchdb/Dockerfile @@ -0,0 +1,5 @@ +FROM couchdb:latest + +COPY 10-single-node.ini /opt/couchdb/etc/local.d/10-single-node.ini + +EXPOSE 5984 diff --git a/docker/docker-compose.yaml b/docker/docker-compose.yaml index 3420709..e89964d 100644 --- a/docker/docker-compose.yaml +++ b/docker/docker-compose.yaml @@ -17,7 +17,7 @@ services: - couchdb couchdb: - image: couchdb + build: ./couchdb/ ports: - "5984:5984" environment: -- cgit v1.1