Skip to content
/ dbaudit Public

packet capture for (mysql、monogdb、redis、postgresql)

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dblife1024/dbaudit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
elasticsearch/config
elasticsearch/config
 
 
kibana/config
kibana/config
 
 
packetbeat/config
packetbeat/config
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

使用docker-compose部署packetbeat+es数据库审计

准备环境

  • Docker
  • Docker-compose
  • CentOS 7
  • images(确定能拉取外网源,如果不行,请自行安装源elasticsearch:7.14.2、kibana:7.14.2、elastic/packetbeat:7.14.2)

部署指南

设置宿主机内核参数

echo vm.max_map_count=655350 >> /etc/sysctl.conf
sysctl -p

启动

mkdir -p /data1/esauditdata && chmod -R 777 /data1/esauditdata
cd dbaudit
docker-compose up -d

访问服务

http://docker-compose-ip:5601

密码

# 默认密码
elastic:elasticdocker

清理

docker-compose down -v 
rm -r /data1/esautditdata && rm -r packetbeat-dbaudit-compose

项目说明

  • 目前使用的版本为7.16.2
  • 登陆kibana后,先创建“索引模式”,在通过Discover查看
  • 根据需求,修改 packetbeat/config/packetbeat.yml 相关模块的port,进行监听
  • 更多 https://github.com/dblife1024/dbaudit/wiki

About

packet capture for (mysql、monogdb、redis、postgresql)

Topics

mysql redis elasticsearch kibana mongodb audit packet

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published