This is a docker-compose configuration to run a TheHive 3.5.0-1 + Cortex 3.1.0-1 instance with an Elasticsearch 7.8.1 database backend. Nginx 1.19.5 is used as reverse proxy in which you supply your own ssl certificates.
Elasticsearch storage has not been configured as persistent in this docker-compose file.
Populate the .env with the following entries.
| variable | entry |
|---|---|
| CORTEX_KEY | API KEY OF CORTEX USER - POPULATED POST SETUP |
| JOB_DIRECTORY | DIRECTORY TO STORE JOB FILES |
NOTE: You need to configure Cortex to generate the required API KEY. Once you have created the API KEY you need to rerun docker-compose up -d thehive.
docker-compose up -d- Local files stored in
./vol/nginxare mapped to the container under/etc/nginx/conf.d. - Local files stored in
./vol/sslare mapped to the container under/etc/ssl.
The following items require your attention:
- Update
thehive.confandcortex.conffiles as appropriate- Update
server_namefor your fqdn - Review/modify the configuration for your requirements
- Update
- Add your certificates to
./vol/ssl - Update
./vol/nginx/certs.confwith the certificate file names - Update
.envwith theCORTEX_KEYafter Cortex has been setup and configured - Add persistent storage for Elasticsearch