Posts

elasticsearch:8.13.1 is the latest version working and tested. version: '3.7' services: elasticsearch: image: docker.elastic.co/elasticsearch/elasticsearch:8.13.1 # Replace with the latest version if needed container_name: elasticsearch environment: - discovery.type=single-node - ES_JAVA_OPTS=-Xms512m -Xmx512m # Adjust JVM heap size as needed - bootstrap.memory_lock=true - xpack.security.enabled=true # Enable security - ELASTIC_USERNAME=elastic # Set the username for the 'elastic' user - ELASTIC_PASSWORD=YourSecurePasswordHere # Set the password for the 'elastic' user ulimits: memlock: soft: -1 hard: -1 volumes: - es_data:/usr/share/elasticsearch/data ports: - "9200:9200" - "9300:9300" networks: - es_network volumes: es_data: driver: local networks: es_network: driver: bridge Do the initial configuration of Zenarmor Database settings -> Use a Remote Elasticsearch Database Provide the http://hostname:9200 where the docker is running and user / pass specified in the compose config file

After installing Zenarmor on OPNsense I saw that due to the nature of the netmap driver I am not able to run Suricata and Zenarmor both on the LAN interfaces. This was somewhat a downside as I already had some nmap rules configured and ET Telemetry in Suricata. I my scenario I have all the physical interfaces bridged. Suricata detects that bridge interface and I was able to add it. Zenarmor does not see that interface and only sees the physical ones. I added all the physical LAN interfaces in Zenarmor and the BRIDGE in Suricata. ...

More Than Just Hardware, It’s a Work of OPNsense Art! In the search for hardware to install OPNsense, just after ditching the Ubiquiti garbage that was not capable of handling 1 Gbps on PPPoE with Suricata IPS/IDS turned on, I stumbled upon the dedicated devices provided by Deciso - OPNsense®. When I saw the DEC 850 V2, it was instant love. Despite the fact that the price was a bit over my budget, and honestly, the hardware is a bit overkill for a home environment, I finally committed and bought one. I have no regrets. ...

Replicating to Amazon S3 Bucket This guide will show you how to use Amazon S3 as a database replica path for Litestream. You will need an Amazon AWS account to complete this guide. Setup Create an IAM user You will need to set up a user with programmatic access to work with Amazon S3. From the AWS Console , go to the IAM service. Next, click Users from the left-hand navigation and then click the Add Userbutton. Enter a name for your user and make sure to enable Programmatic Access. Then click the Next button. ...

SSH-powered pastebin alternative with a human-friendly TUI and web UI snips.sh is a free, anonymous, open source, snippet service. After @clneagu showed me this project on GitHub, I deployed it using Docker to give it a try. My initial impression is that the service is incredibly user-friendly. For anyone who spends a lot of time in the terminal and frequently needs to save notes or share them, this tool can significantly boost productivity by eliminating the need to switch between different apps. ...