Anpassungen Produktiv

2026-04-27 09:11:22 +02:00
parent e0ef00a4ee
commit 54aad0bdf6
2 changed files with 66 additions and 17 deletions
--- a/.env
+++ b/.env
@@ -1,4 +1,4 @@
-TZ=Europe/Berlin
+TZ=UTC

 LISTEN_ADDR=:8080
 DB_DSN=eventuser:DEINPASSWORT@tcp(mariadb:3306)/eventcollector?parseTime=true&charset=utf8mb4,utf8&collation=utf8mb4_unicode_ci&loc=UTC
@@ -15,6 +15,7 @@ HTTP_IDLE_TIMEOUT=60s

 DETECTION_INTERVAL=1m
 OFFLINE_AFTER=10m
+OFFLINE_ALERT_MAX=120m
 FAILED_LOGON_WINDOW=5m
 FAILED_LOGON_THRESHOLD=25
 REBOOT_WINDOW=15m
@@ -33,6 +34,38 @@ MARIADB_PASSWORD=DEINPASSWORT
 MARIADB_ROOT_PASSWORD=ROOTPASSWORT

 GRAFANA_ADMIN_USER=admin
-GRAFANA_ADMIN_PASSWORD=BITTE_AENDERN
+GRAFANA_ADMIN_PASSWORD=admin

-ENROLLMENT_KEY=BITTE_SEHR_LANG_UND_ZUFAELLIG
+ENROLLMENT_KEY=BITTE_SEHR_LANG_UND_ZUFAELLIG
+
+#Woche 1
+BASELINE_WINDOW=15m
+BASELINE_MIN_SAMPLES=72
+BASELINE_MIN_COUNT=30
+BASELINE_MEDIUM_Z=3.5
+BASELINE_HIGH_Z=6.0
+BASELINE_SUPPRESS_FOR=6h
+
+#Woche 2-4
+#BASELINE_WINDOW=15m
+#BASELINE_MIN_SAMPLES=48
+#BASELINE_MIN_COUNT=20
+#BASELINE_MEDIUM_Z=3.0
+#BASELINE_HIGH_Z=5.0
+#BASELINE_SUPPRESS_FOR=4h
+
+#Dauerlauf Aggressiv
+#BASELINE_WINDOW=10m
+#BASELINE_MIN_SAMPLES=36
+#BASELINE_MIN_COUNT=15
+#BASELINE_MEDIUM_Z=2.8
+#BASELINE_HIGH_Z=4.5
+#BASELINE_SUPPRESS_FOR=2h
+
+#Dauerlauf Passiv
+#BASELINE_WINDOW=15m
+#BASELINE_MIN_SAMPLES=48
+#BASELINE_MIN_COUNT=20
+#BASELINE_MEDIUM_Z=3.0
+#BASELINE_HIGH_Z=5.0
+#BASELINE_SUPPRESS_FOR=4h
--- a/compose.yml
+++ b/compose.yml
@@ -3,6 +3,8 @@ services:
    image: mariadb:11.8
    container_name: siem-mariadb
    restart: unless-stopped
+    ports:
+      - 3307:3306
    env_file:
      - .env
    environment:
@@ -20,12 +22,16 @@ services:
      - mariadb_data:/var/lib/mysql
      - ./deploy/mariadb/init:/docker-entrypoint-initdb.d:ro
    healthcheck:
-      test: ["CMD-SHELL", "mariadb-admin ping -h 127.0.0.1 -u root -p$$MARIADB_ROOT_PASSWORD --silent"]
+      test:
+        - CMD-SHELL
+        - mariadb-admin ping -h 127.0.0.1 -u root -p$$MARIADB_ROOT_PASSWORD
+          --silent
      interval: 20s
      timeout: 5s
      retries: 10
      start_period: 30s
-
+    networks:
+      - dockge_default
  siem-backend:
    image: git.send.nrw/sendnrw/siem-backend:latest
    container_name: siem-backend
@@ -61,18 +67,25 @@ services:
      mariadb:
        condition: service_healthy
    ports:
-      - "8090:8080"
+      - 8090:8080
    healthcheck:
-      test: ["CMD-SHELL", "wget -qO- http://127.0.0.1:8080/healthz >/dev/null 2>&1 || exit 1"]
+      test:
+        - CMD-SHELL
+        - wget -qO- http://127.0.0.1:8080/healthz >/dev/null 2>&1 || exit 1
      interval: 30s
      timeout: 5s
      retries: 5
      start_period: 20s
-
+    networks:
+      - dockge_default
  prometheus:
    image: prom/prometheus:latest
    container_name: siem-prometheus
    restart: unless-stopped
+    env_file:
+      - .env
+    environment:
+      TZ: ${TZ}
    command:
      - --config.file=/etc/prometheus/prometheus.yml
      - --storage.tsdb.path=/prometheus
@@ -86,8 +99,9 @@ services:
      - ./deploy/prometheus/rules:/etc/prometheus/rules:ro
      - prometheus_data:/prometheus
    ports:
-      - "9090:9090"
-
+      - 9090:9090
+    networks:
+      - dockge_default
  grafana:
    image: grafana/grafana:latest
    container_name: siem-grafana
@@ -107,11 +121,13 @@ services:
      - ./deploy/grafana/provisioning:/etc/grafana/provisioning:ro
      - ./deploy/grafana/dashboards:/var/lib/grafana/dashboards:ro
    ports:
-      - "3000:3000"
-
+      - 3090:3000
+    networks:
+      - dockge_default
 volumes:
-  mariadb_data:
-  prometheus_data:
-  grafana_data:
-
-  
+  mariadb_data: null
+  prometheus_data: null
+  grafana_data: null
+networks:
+  dockge_default:
+    external: true