Skip to content

Docker

Jump to bottom Edit New page
Jason Ish edited this page Aug 3, 2020 · 6 revisions

An up to date Docker image is maintained https://hub.docker.com/r/jasonish/evebox/ which can be pulled down with the following commands:

docker pull jasonish/evebox:latest

To run EveBox in Docker against an Elasticsearch server:

docker run -it -p 5636:5636 jasonish/evebox:latest \
    -e http://elasticsearch.hostname.com:9200

Here is an example of running EveBox with its built-in SQLite database on the same machine that is running Suricata:

docker run --rm -it -v $(pwd)/data:/data \
    -v /var/log/suricata:/var/log/suricata \
    -p 5636:5636 \
    jasonish/evebox:latest \
    --datastore sqlite \
    -D /data \
    --input /var/log/suricata/eve.json
Add a custom footer
Add a custom sidebar
Clone this wiki locally