Get Graylog
- git clone https://github.com/Graylog2/docker-compose.git
Config
- cd docker-compose/cluster
#set your_new_password
#get your_new_password_sha from : echo -n your_new_password | shasum -a 256 - sudo nano .env.example
keyin your_new_password and your_new_password_sha - sudo mv .env.example .env
Run
- sudo docker-compose up -d
- sudo ufw open ports 9000,1514~1516(tcp/udp),12201(tcp/udp)
- http://yourip:9000/welcome
See
- https://greenbone.github.io > Greenbone Community Containers
- https://greenbone.github.io/docs/latest/22.4/container/index.html
Ubuntu
- Install Docker
- sudo usermod -aG docker $USER && su $USER
- export DOWNLOAD_DIR=$HOME/greenbone-community-container && mkdir -p $DOWNLOAD_DIR
- curl -f -O -L https://greenbone.github.io/docs/latest/_static/compose.yaml --output-dir "$DOWNLOAD_DIR"
- sudo nano $DOWNLOAD_DIR/compose.yaml
- find 127.0.0.1:443:443 change 127.0.0.1 to 0.0.0.0
- find 127.0.0.1:9392:9392 change 127.0.0.1 to 0.0.0.0
- docker compose -f $DOWNLOAD_DIR/compose.yaml pull
- docker compose -f $DOWNLOAD_DIR/compose.yaml up -d
- docker compose -f $DOWNLOAD_DIR/compose.yaml logs -f
- docker compose -f $DOWNLOAD_DIR/compose.yaml \
exec -u gvmd gvmd gvmd --user=admin --new-password='<password>'
Test
- xdg-open "https://127.0.0.1" 2>/dev/null >/dev/null &
Firewall
- sudo ufw allow 9393/tcp
- sudo ufw reload
Config
- open https://ip:9393/dashboards
- admin
- Setting
- change utc to your timezone
- administration > feed status , all of those is newest
#see scan db https://www.ichiayi.com/tech/openvas - Configuration > Scan Configs, refresh to download items before is null
# https://greenbone.github.io/docs/latest/22.4/container/workflows.html - docker compose -f $DOWNLOAD_DIR/compose.yaml pull notus-data vulnerability-tests scap-data dfn-cert-data cert-bund-data report-formats data-objects
- docker compose -f $DOWNLOAD_DIR/compose.yaml up -d notus-data vulnerability-tests scap-data dfn-cert-data cert-bund-data report-formats data-objects
Scan Work
- open https://ip:9393/dashboards
- type1:take a scan, Scans > Tasks, click:Task Wizard, keyin ip and click scan of button
- type2:Authenticated Scan,
- Configuration > Credentials
- menu Username + Password or Username + ssh key
- Configuration > Targets, keyin name/ip/Credentials
- Scans > Tasks and click New Task
- Scan Targets choose above info
- Scan Config choose full and fast
- start after save
- report:Scans > Reports, click date and time to watch or download
