Public | Automated Build

Last pushed: 3 years ago
Short Description
Short description is empty for this repo.
Full Description

Docker Image: OSSEC-HIDS

An ossec-hids Docker image that actually works!

This is a very quick and dirty build, but it pulls from the official ossec-hids Github repo so it should be fairly simple to keep up to date.

The server is configured with pretty much all the defaults, except e-mail notifications, which I don't need / want to deal with. Everything else is pretty much bone, stock, but that should work for most folk.

I am an OSSEC newbie, and this Docker Image has been tested lightly, so expect updates. If you know better (like I'm missing a persistent volume or something important) please give me a shout. I'm also open to any critique of my Dockerfile, since this is my first build with Docker and I suspect there are some less-than-best-practice moments here and there.

All the details can be found in my Github repo.

An example container launch:

docker run -d -p 1514:1514/udp -p 514:514/udp --name ossec luciusbono/ossec-hids:latest

Add agents with:

docker exec -it ossec /var/ossec/bin/manage_agents

Don't forget to do a docker exec -it ossec /var/ossec/bin/ossec-control restart after you'd added your first agent.

Docker Pull Command
Source Repository