IT/Docker

Splunk Enterprice 설치

re-bugger 2022. 6. 23. 15:38

 

1. 우분투 18에 Docker 설치하기

sudo apt update
sudo apt install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"
sudo apt update
apt-cache policy docker-ce
sudo apt install docker-ce
sudo systemctl status docker

 

2. Docker-compose 설치

sudo curl -L \
"https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" \
  -o /usr/local/bin/docker-compose
  
chmod +x /usr/local/bin/docker-compose
  
docker-compose -v

 

3. docker-compose.yml 작성

version: "3.3"
services:
  splunk:
    image: ${SPLUNK_IMAGE:-splunk/splunk:8.0} // 취약한 버전 8.0
    environment:
      - SPLUNK_START_ARGS=--accept-license
      - SPLUNK_HEC_TOKEN=abcd1234
      - SPLUNK_PASSWORD
    ports:
      - 8000:8000
      - 8088:8088

 

4. docker-compose 실행

SPLUNK_PASSWORTD={비밀번호 입력} Docker-compose up -d

 

5. 브라우저에서 localhost:8000 접근 (비밀번호는 도커 컴포즈 실행 시 입력한 비밀번호)

 

Docker-compose, YAML 작성법

Docker-compose 공식문서
Docker-compose 한글 블로그

 

'IT > Docker' 카테고리의 다른 글

[Docker] Kali John the ripper  (0) 2023.08.12