Start using traffic analyzer as an developer with the given app_deployer.sh script.
- Use the parameter create to use the existing docker image and deploy it on port 8000 on the docker host system.
- Use the parameter recreate to recreate the docker image and deploy it on port 8000 on the docker host system.
- Use the parameter update to update the app traffic-analyzer inside the docker container.
- Use the parameter force-update to uninstall the app traffic-analyzer first before reinstalling it inside the docker container.
- Use the parameter copy-pcaps to copy new pcaps into the docker container from the given folder ./docker/init_files/pcaps
You can also use the docker image published on Docker Hub and
directly mount an volume into the container:
docker run -d -p 8000:8000 -p 8089:8089 -e SPLUNK_PASSWORD=AnJo-HSR -v /home/pcaps:/tmp/pcaps-mounted
anjohsr/traffic-analyzer
The container will be deployed on :8000 on the docker host system. HTTPS can be implemented by using a reverse proxy or by following this manual Changing the port can be done by changing the variable WEB_PORT in the .env file.
The default login credentials are:
- username: admin
- password: AnJo-HSR
To change the password, please edit the .env file. The password must follow the given password policy from splunk otherwise the container will not start. The username cannot be changed for the initial account.