Added separate log feature. Write actions are written to container standard output. SEC logs are written to `/app/logs/sec.log`. To manage SEC logs then mount directory to host system `-v logs:/app/logs`. Probably log rotation can be done on the host machine side.
In my usecase docker has been really useful in testing environment when I need to test different rules. Deploying standard solution fast and easy is the main benefit for using it. Nevertheless, rsyslog can be configured with encryption also. I added simplest configuration I could. Regards, On Mon, Dec 16, 2019 at 5:22 PM Risto Vaarandi <risto.vaara...@gmail.com> wrote: > hi Andres, > so far, official sec distribution has not had a docker image, since sec is > packaged for common linux and bsd distributions, and it doesn't have many > dependencies (just standard perl is needed without any exotic modules). > That has made sec very easy to deploy. > I had a quick look into the repository and it seems that the container > runs sec as a process connected to rsyslog, with rsyslog acting as event > collector for sec. Is my understanding correct? If so, is that container > targeted for collecting logs in a small trusted network segment where > encryption is not needed? I noticed that rsyslog has been configured to > receive logs in plain text, hence the question. > kind regards, > risto > > Kontakt Andres Pihlak (<apih...@gmail.com>) kirjutas kuupƤeval E, 16. > detsember 2019 kell 12:40: > >> Hello, >> >> I had a need for SEC docker container because it makes life much easier. >> Unfortunately, there isn't public image for that so I created it myself. >> Furthermore, I added CI pipeline to build those docker images. Repository >> is here: https://github.com/apihlak/SEC. Is there plan to add official >> Dockerfile and image to simple-evcorr repository or is there any >> suggestions to make my repository better to help out community? >> >> Regards, >> Andres >> _______________________________________________ >> Simple-evcorr-users mailing list >> Simple-evcorr-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/simple-evcorr-users >> >
_______________________________________________ Simple-evcorr-users mailing list Simple-evcorr-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/simple-evcorr-users
