A quick and efficient way to set up a Zeek+Fluent-bit environment.
- Automatic removal of Zeek logs based on the specified number of days
- Easy configuration options for the project settings
To use this Project, follow the steps below.
- Create a file named
.env
in the root directory of the project. - In the
.env
file, add the following optional varible(s):- REMOVE_DAYS: number of days for which date will be kept (default: 7)
- IFNAME: name of the network interface to be used (default: eth0)
Here is an example of how the .env
file should look like:
REMOVE_DAYS=7
IFNAME=br1
If you have a custom local.zeek
file, please place it in the zeek/local.zeek
directory.
The configuration settings for Fluent-bit can be found in the file fluent-bit/fluent-bit.conf
To build all the Docker iamges required for this project, run the following command:
docker-compose build
Run!
docker-compose up -d