old Version für Rollback: elasticsearch:8.13.2 & kibana:8.13.2
currently 8.15.0 & 8.15.0
- Get basics together:
git clone https://github.com/Jokoclp/parsedmarc-dockerized.git /opt/parsedmarc-dockerized/
cd /opt/parsedmarc-dockerized/ && cp data/conf/parsedmarc/config.sample.ini data/conf/parsedmarc/config.ini
- Next we change the
parsedmarcconfig (see docs. You can setTesttoTruefor testing purposes.)
nano data/conf/parsedmarc/config.ini
- Add your geoipupdate credentials from your MaxMind account to allow the container to pull the databases. For update cycles of the databases, please see here.
nano data/conf/geoipupdate/geoipupdate.env
- Change credentials for HTTP basic auth, e.g. this way (needs apache2-utils or httpd-tools):
htpasswd -c data/conf/nginx/htpasswd USERNAME
- Finally, we start up the stack and wait:
docker-compose up -d
- First, containers of the stack are created and started. This might take a while, as several containers have dependencies on others being in a healthy state (meaning that its service must be fully started).
- During the startup of the
parsedmarc-initcontainer, all required steps and preparations are being taken care of - like generating a self-signed certificate for the includednginxwebserver. - Once the Kibana container - where you can view the dashboards - is started up, the corresponding parsedmarc dashboards are automatically imported into Kibana by the
parsedmarc-initcontainer. - After some while, when everything is up and running, you can then access Kibana and its dashboards under the shipped reverse proxy at
https://HOST_IP(Make sure to use HTTPS!). There will be a warning due to the self-signed certificate. The default username/password for HTTP basic authentication is admin/admin. You should change this!
Built with awesome parsedmarc, Elasticsearch and Kibana, nginx, Docker and MaxMind GeoIP. Based on patschi's work.