From 54aad0bdf69827398e58564ca280f3ccbc5f7d94 Mon Sep 17 00:00:00 2001 From: jbergner Date: Mon, 27 Apr 2026 09:11:22 +0200 Subject: [PATCH] Anpassungen Produktiv --- .env | 39 ++++++++++++++++++++++++++++++++++++--- compose.yml | 44 ++++++++++++++++++++++++++++++-------------- 2 files changed, 66 insertions(+), 17 deletions(-) diff --git a/.env b/.env index 3941672..c43c7a1 100644 --- a/.env +++ b/.env @@ -1,4 +1,4 @@ -TZ=Europe/Berlin +TZ=UTC LISTEN_ADDR=:8080 DB_DSN=eventuser:DEINPASSWORT@tcp(mariadb:3306)/eventcollector?parseTime=true&charset=utf8mb4,utf8&collation=utf8mb4_unicode_ci&loc=UTC @@ -15,6 +15,7 @@ HTTP_IDLE_TIMEOUT=60s DETECTION_INTERVAL=1m OFFLINE_AFTER=10m +OFFLINE_ALERT_MAX=120m FAILED_LOGON_WINDOW=5m FAILED_LOGON_THRESHOLD=25 REBOOT_WINDOW=15m @@ -33,6 +34,38 @@ MARIADB_PASSWORD=DEINPASSWORT MARIADB_ROOT_PASSWORD=ROOTPASSWORT GRAFANA_ADMIN_USER=admin -GRAFANA_ADMIN_PASSWORD=BITTE_AENDERN +GRAFANA_ADMIN_PASSWORD=admin -ENROLLMENT_KEY=BITTE_SEHR_LANG_UND_ZUFAELLIG \ No newline at end of file +ENROLLMENT_KEY=BITTE_SEHR_LANG_UND_ZUFAELLIG + +#Woche 1 +BASELINE_WINDOW=15m +BASELINE_MIN_SAMPLES=72 +BASELINE_MIN_COUNT=30 +BASELINE_MEDIUM_Z=3.5 +BASELINE_HIGH_Z=6.0 +BASELINE_SUPPRESS_FOR=6h + +#Woche 2-4 +#BASELINE_WINDOW=15m +#BASELINE_MIN_SAMPLES=48 +#BASELINE_MIN_COUNT=20 +#BASELINE_MEDIUM_Z=3.0 +#BASELINE_HIGH_Z=5.0 +#BASELINE_SUPPRESS_FOR=4h + +#Dauerlauf Aggressiv +#BASELINE_WINDOW=10m +#BASELINE_MIN_SAMPLES=36 +#BASELINE_MIN_COUNT=15 +#BASELINE_MEDIUM_Z=2.8 +#BASELINE_HIGH_Z=4.5 +#BASELINE_SUPPRESS_FOR=2h + +#Dauerlauf Passiv +#BASELINE_WINDOW=15m +#BASELINE_MIN_SAMPLES=48 +#BASELINE_MIN_COUNT=20 +#BASELINE_MEDIUM_Z=3.0 +#BASELINE_HIGH_Z=5.0 +#BASELINE_SUPPRESS_FOR=4h \ No newline at end of file diff --git a/compose.yml b/compose.yml index 03dae8b..1469953 100644 --- a/compose.yml +++ b/compose.yml @@ -3,6 +3,8 @@ services: image: mariadb:11.8 container_name: siem-mariadb restart: unless-stopped + ports: + - 3307:3306 env_file: - .env environment: @@ -20,12 +22,16 @@ services: - mariadb_data:/var/lib/mysql - ./deploy/mariadb/init:/docker-entrypoint-initdb.d:ro healthcheck: - test: ["CMD-SHELL", "mariadb-admin ping -h 127.0.0.1 -u root -p$$MARIADB_ROOT_PASSWORD --silent"] + test: + - CMD-SHELL + - mariadb-admin ping -h 127.0.0.1 -u root -p$$MARIADB_ROOT_PASSWORD + --silent interval: 20s timeout: 5s retries: 10 start_period: 30s - + networks: + - dockge_default siem-backend: image: git.send.nrw/sendnrw/siem-backend:latest container_name: siem-backend @@ -61,18 +67,25 @@ services: mariadb: condition: service_healthy ports: - - "8090:8080" + - 8090:8080 healthcheck: - test: ["CMD-SHELL", "wget -qO- http://127.0.0.1:8080/healthz >/dev/null 2>&1 || exit 1"] + test: + - CMD-SHELL + - wget -qO- http://127.0.0.1:8080/healthz >/dev/null 2>&1 || exit 1 interval: 30s timeout: 5s retries: 5 start_period: 20s - + networks: + - dockge_default prometheus: image: prom/prometheus:latest container_name: siem-prometheus restart: unless-stopped + env_file: + - .env + environment: + TZ: ${TZ} command: - --config.file=/etc/prometheus/prometheus.yml - --storage.tsdb.path=/prometheus @@ -86,8 +99,9 @@ services: - ./deploy/prometheus/rules:/etc/prometheus/rules:ro - prometheus_data:/prometheus ports: - - "9090:9090" - + - 9090:9090 + networks: + - dockge_default grafana: image: grafana/grafana:latest container_name: siem-grafana @@ -107,11 +121,13 @@ services: - ./deploy/grafana/provisioning:/etc/grafana/provisioning:ro - ./deploy/grafana/dashboards:/var/lib/grafana/dashboards:ro ports: - - "3000:3000" - + - 3090:3000 + networks: + - dockge_default volumes: - mariadb_data: - prometheus_data: - grafana_data: - - \ No newline at end of file + mariadb_data: null + prometheus_data: null + grafana_data: null +networks: + dockge_default: + external: true