diff --git a/Dockerfile b/Dockerfile index ab7d068..5a6f937 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,8 +12,8 @@ RUN apt-get -y install syslog-ng syslog-ng-core syslog-ng-mod-add-contextual-dat RUN mkdir /config COPY config /config -RUN mkdir -p /config/GeoIP -COPY data/GeoIP/GeoLite2-City.mmdb /config/GeoIP/GeoLite2-City.mmdb +RUN mkdir -p /usr/local/share/GeoIP +COPY data/GeoIP/GeoLite2-City.mmdb /usr/local/share/GeoIP/GeoLite2-City.mmdb RUN unlink /etc/localtime && ln -s /usr/share/zoneinfo/America/Indiana/Indianapolis /etc/localtime diff --git a/config/syslog-ng.conf.d/bind-dns.conf b/config/syslog-ng.conf.d/bind-dns.conf index f85bac2..b646740 100644 --- a/config/syslog-ng.conf.d/bind-dns.conf +++ b/config/syslog-ng.conf.d/bind-dns.conf @@ -51,7 +51,7 @@ parser p_bind_client_ip_geoip2_city { geoip2( "${bind9.client.ip}", prefix( "geoip2.source." ) - database( "GeoIP/GeoLite2-City.mmdb" ) + database( "/usr/local/share/GeoIP/GeoLite2-City.mmdb" ) ); }; diff --git a/config/syslog-ng.conf.d/nginx.conf b/config/syslog-ng.conf.d/nginx.conf index faa00d1..a234f1e 100644 --- a/config/syslog-ng.conf.d/nginx.conf +++ b/config/syslog-ng.conf.d/nginx.conf @@ -40,7 +40,7 @@ parser p_nginx_client_ip_geoip2_city { geoip2( "${nginx.client.ip}", prefix( "geoip2.source." ) - database( "GeoIP/GeoLite2-City.mmdb" ) + database( "/usr/local/share/GeoIP/GeoLite2-City.mmdb" ) ); }; diff --git a/config/syslog-ng.conf.d/unifi.conf b/config/syslog-ng.conf.d/unifi.conf index c17a667..e05966c 100644 --- a/config/syslog-ng.conf.d/unifi.conf +++ b/config/syslog-ng.conf.d/unifi.conf @@ -20,7 +20,7 @@ parser p_fw_src_ip_geoip2_city { geoip2( "${kv.SRC}", prefix( "geoip2.source." ) - database( "GeoIP/GeoLite2-City.mmdb" ) + database( "/usr/local/share/GeoIP/GeoLite2-City.mmdb" ) ); }; @@ -28,7 +28,7 @@ parser p_fw_dst_ip_geoip2_city { geoip2( "${kv.DST}", prefix( "geoip2.destination." ) - database( "GeoIP/GeoLite2-City.mmdb" ) + database( "/usr/local/share/GeoIP/GeoLite2-City.mmdb" ) ); }; @@ -36,7 +36,7 @@ parser p_suricata_dest_ip_geoip2_city { geoip2( "${suricata.dest_ip}", prefix( "geoip2.destination." ) - database( "GeoIP/GeoLite2-City.mmdb" ) + database( "/usr/local/share/GeoIP/GeoLite2-City.mmdb" ) ); }; @@ -44,7 +44,7 @@ parser p_suricata_src_ip_geoip2_city { geoip2( "${suricata.src_ip}", prefix( "geoip2.source." ) - database( "GeoIP/GeoLite2-City.mmdb" ) + database( "/usr/local/share/GeoIP/GeoLite2-City.mmdb" ) ); }; diff --git a/config/syslog-ng.conf.d/GeoIP/GeoLite2-ASN_20240614.tar.gz b/data/GeoIP/GeoLite2-ASN_20240614.tar.gz similarity index 100% rename from config/syslog-ng.conf.d/GeoIP/GeoLite2-ASN_20240614.tar.gz rename to data/GeoIP/GeoLite2-ASN_20240614.tar.gz diff --git a/config/syslog-ng.conf.d/GeoIP/GeoLite2-City.mmdb b/data/GeoIP/GeoLite2-City.mmdb similarity index 100% rename from config/syslog-ng.conf.d/GeoIP/GeoLite2-City.mmdb rename to data/GeoIP/GeoLite2-City.mmdb diff --git a/config/syslog-ng.conf.d/GeoIP/GeoLite2-City_20240614.tar.gz b/data/GeoIP/GeoLite2-City_20240614.tar.gz similarity index 100% rename from config/syslog-ng.conf.d/GeoIP/GeoLite2-City_20240614.tar.gz rename to data/GeoIP/GeoLite2-City_20240614.tar.gz diff --git a/config/syslog-ng.conf.d/GeoIP/GeoLite2-Country_20240614.tar.gz b/data/GeoIP/GeoLite2-Country_20240614.tar.gz similarity index 100% rename from config/syslog-ng.conf.d/GeoIP/GeoLite2-Country_20240614.tar.gz rename to data/GeoIP/GeoLite2-Country_20240614.tar.gz