Adding Caldera deployment to Docker #260
Conversation
MaartendeKruijf
changed the base branch from
development
to
feature/docs/261-caldera-command-documentation
MaartendeKruijf
left a comment
MaartendeKruijf
left a comment
There was a problem hiding this comment.
Looks good please add the caldera command and the general improvements to different PR's
| [](/docs/soarca-extensions/native-capabilities/#ssh-capability) | ||
| {{% /card %}} | ||
| {{< /cardpane >}} | ||
| </div> | ||
|
|
There was a problem hiding this comment.
This is changed in development please update
| wget https://github.com/COSSAS/SOARCA/releases/download/SOARCA_1.0.0/SOARCA_1.0.0_linux_amd64.tar.gz && tar -xvf SOARCA* && ./SOARCA | ||
| {{< /tab >}} | ||
| {{< tab header="Docker Compose" lang="sh" >}} | ||
| cd docker/soarca && sudo docker compose up -d |
There was a problem hiding this comment.
This change assumes one is in the docker group
| # make sure an ssh server is running on adres 192.168.0.10 | ||
| curl -X POST -H "Content-Type: application/json" -d @./example/ssh-playbook.json localhost:8080/trigger/playbook | ||
| curl -X POST -H "Content-Type: application/json" -d @./example-playbooks/ssh-playbook.json localhost:8080/trigger/playbook | ||
| {{< /tab >}} | ||
| {{< tab header="http" lang="sh" >}} | ||
| curl -X POST -H "Content-Type: application/json" -d @./example/http-playbook.json localhost:8080/trigger/playbook | ||
| curl -X POST -H "Content-Type: application/json" -d @./example-playbooks/http-playbook.json localhost:8080/trigger/playbook | ||
| {{< /tab >}} | ||
| {{< tab header="openC2" lang="sh" >}} | ||
| curl -X POST -H "Content-Type: application/json" -d @./example/openc2-playbook.json localhost:8080/trigger/playbook | ||
| curl -X POST -H "Content-Type: application/json" -d @./example-playbooks/openc2-playbook.json localhost:8080/trigger/playbook |
There was a problem hiding this comment.
This move is not intended to be here
| ### Caldera setup | ||
|
|
||
| SOARCA optionally comes packaged together with Caldera. To use the | ||
| [Caldera capability](/docs/soarca-extensions/native-capabilities#caldera-capability), simply make | ||
| sure you use the right Compose file when running: | ||
|
|
||
| ```diff | ||
| - cd docker/soarca && docker compose up -d | ||
| + cd docker/soarca && docker compose --profile caldera up -d | ||
| ``` | ||
|
|
||
| {{% alert title="Warning" %}} | ||
| This only works when using Docker Compose to run SOARCA. When building SOARCA from scratch, | ||
| you should supply your own Caldera instance and [configure](#configuration) its URL manually. | ||
| {{% /alert %}} |
There was a problem hiding this comment.
Maybe this page is not the right place to put caldera. I would say this is more an advanced setup.
| "target_definitions": { | ||
| "security-category--b1ead715-d565-48f8-a6a4-0d5c4a3e643e": { | ||
| "type": "security-category", | ||
| "name": "djnsbg", |
There was a problem hiding this comment.
What is this name?
| test/cacao/flatfile-db-example.json | ||
| test/routes/__debug_bin2988553005 | ||
|
|
||
| .idea |
There was a problem hiding this comment.
Why was this added?
There was a problem hiding this comment.
That would be the InteliJ IDEA config folder, like the .vscode one for VS Code.
What do you mean exactly with 'the general improvements'? Should we take out some improvements (that are not necessary to the Caldera deployment in Docker) we made in this PR and create separate PR's for it, or do you mean other general improvements that are not in this PR yet? |
docs: add caldera capability class to class diagram docs: add caldera to the native capabilities Apply suggestions from code review Co-authored-by: Mark Boom <github@mpboom.com> fix: Caldera with capital C
|
Replaced by #313 |
4 participants
No description provided.