How to use this box with Vagrant:

Vagrant.configure("2") do |config|
  config.vm.box = "skadivm/skadi_server"
end
vagrant init skadivm/skadi_server
vagrant up

This version was created about 2 months ago.

  • Refactored signed installer to be more module and flow better
  • Includes daemon (cdqr.d) version of CDQR Docker helper script
  • Refactored docker-compose.yml file
    • Reference only artifacts in the Skadi repository
    • All items now in one file (22 containers configured to work together)
  • Created Start/Stop/Reset Docker helper scripts for Powershell and Bash
  • Updated signed installer to use the new components
  • Removed Cerebro and now use Kibana Management page instead
  • Enabled Skadi to run on any OS with Docker installed (MacOS, Windows, and Linux)
  • Created skadi-backend network and reduced exposed ports to only 80, 5432, 9200
  • Updated Secure Networking pack to work with these changes
  • Fixes
    • Yeti investigations now work
    • Yeti settings and data now persist
    • All containers now persist data
2 providers for this version.
  • virtualbox Hosted by Vagrant Cloud (4.82 GB)

  • vmware_desktop Hosted by Vagrant Cloud (4.81 GB)

This version was created 5 months ago.

System Changes

  • Added Yeti Threat Intelligence Open Source Project: https://github.com/yeti-platform/yeti
  • Updated Skadi Portal Start Page
    • Added Yeti (Threat Intelligence) link to portal
  • Updated Docker Stack
  • Modified Firewall and Nginx Reverse proxy configuration
    • Added Yeti configuration
  • Updated Digitally Signed Installer
    • Now includes installing Yeti
    • Small tweaks to Packer build
2 providers for this version.
  • virtualbox Hosted by Vagrant Cloud (4.49 GB)

  • vmware_desktop Hosted by Vagrant Cloud (4.41 GB)

This version was created 6 months ago.

System Changes

  • Removed CyLR, Plaso, TimeSketch from Host OS (they are now all docker containers)
  • Added CDQR helper script to host OS
  • Updated Skadi Portal Start Page
    • Single Point of Access to all tools
    • Direct download links to all CyLR versions that are stored on skadi server
    • Removed Glances web service link
    • Added Portainer link
  • Updated Remote Management and Monitoring tools
    • Grafana (Host & Container monitoring)
    • Removed Glances (Still on OS but no longer a web service)
    • Added Portainer (Docker Management)
  • Refactored to use containers for every component
  • Updated and version locked the Docker Images for TimeSketch and CyberChef
  • Modified Firewall and Nginx Reverse proxy configuration
    • New add-on scripts available to add self signed or letsencrypt provided TLS certs
  • Updated Digitally Signed Installer
    • Now works on Ubuntu 18.04 (Bionic) and 16.04 (Xenial)
    • Updated build script to heavily use environment variables for more flexibility
    • Reworked Packer build scripts to automate over 90% of the build process

Updated Tools to Include the Following

  • Docker Version 18.09.3
  • CDQR Docker Version 4.4.1
  • CyLR Version 2.1.0
  • Kibana 6.6.2
  • ElasticSearch 6.6.2
  • Nginx 1.15
  • Grafana 5.4.2
  • Portainer 1.20.2
  • Cerebro Version 0.8.1
  • Redis Version 5
  • Neo4j Version 3.5
  • Postgres 11
  • skadi_cyberchef 20190326
  • skadi_dockprom Last Update Dec 12, 2018
  • skadi_timesketch 20190326
2 providers for this version.
  • vmware_desktop Hosted by Vagrant Cloud (3.88 GB)

  • virtualbox Hosted by Vagrant Cloud (3.96 GB)

This version was created 7 months ago.

There isn't a description.

1 provider for this version.
  • vmware_desktop Hosted by Vagrant Cloud (3.21 GB)

This version was created 9 months ago.

System Changes

Updated All Tools to Include the Following

  • Plaso Version 20181219
  • Docker Version 18.09.0
  • CDQR Version 4.2.1
  • CyLR Version 2.0.0.0
  • Kibana 6.5.1
  • ElasticSearch 6.5.1
  • Nginx 1.15
  • Grafana 5.4.2
  • Cerebro Version 0.8.1
  • Redis Version 5
  • Neo4j Version 3.5
  • Postgres 10
  • skadi_cyberchef Last update Dec 19, 2018
  • skadi_dockprom Last Update Dec 12, 2018
  • skadi_timesketch 1.2
2 providers for this version.
  • virtualbox Hosted by Vagrant Cloud (3.31 GB)

  • vmware_desktop Hosted by Vagrant Cloud (3.22 GB)

This version was created 11 months ago.

System Changes

  • Now includes CyberChef
  • Now uses ELK 6.x
  • TimeSketch and Nginx configurations updated to now support larger Uploads
  • TimeSketch was built from Master branch instead of pypi release in order to be compatible with ELK 6.x
  • Updated Digitally Signed Installer
  • Updated Packer and Vagrant build scripts
  • Updated /opt/skadi/update.sh to download and install the new version of CyLR 2.0
  • Added /opt/skadi/healthcheck.sh to aid in diagnostics

Updated All Tools to Include the Following

  • Plaso Version 20180930
  • CDQR Version 4.2.1
  • CyLR Version 2.0.0.0
  • Docker Version 18.06.1-ce
  • ELK Version 6.4.2
  • TimeSketch Version 20180613
  • Redis Version 5.0.0
  • Neo4j Version 3.4.9
  • Celery Version 4.1.0
  • Cerebro Version 0.8.1
  • CyberChef
2 providers for this version.
  • virtualbox Hosted by Vagrant Cloud (2.48 GB)

  • vmware_desktop Hosted by Vagrant Cloud (2.43 GB)

This version was created 12 months ago.

System Changes

  • TimeSketch now has Uploads and Graphing enabled by default
  • Updated Digitally Signed Installer

Updated All Tools to Include the Following

  • Plaso version: 20180818
  • CDQR version: 4.1.9
  • CyLR version: 1.5.0.0
  • Docker version: 18.06.1-ce, build e68fc7a
  • ELK Version: "6.4.1"
  • Redis server: 4.0.11
  • neo4j 3.4.7
  • Celery version: 4.1.0
  • Cerebro version: 0.8.1

Other

  • Updated README.md
2 providers for this version.
  • virtualbox Hosted by Vagrant Cloud (2.06 GB)

  • vmware_desktop Hosted by Vagrant Cloud (2.01 GB)

This version was created about 1 year ago.

Fixed a user issue

2 providers for this version.
  • vmware_desktop Hosted by Vagrant Cloud (1.86 GB)

  • virtualbox Hosted by Vagrant Cloud (1.87 GB)

This version was created about 1 year ago.

System Changes

  • Disabled Logstash boot start (it's still installed)
  • Applied Ubuntu system updates

Updated CDQR, Plaso, ELK, TimeSketch

  • Updated CDQR to 4.1.7
  • Updated Plaso to 20180630
  • Updated ELK to latest version
  • Updated TimeSketch to latest version with updated configuration file
2 providers for this version.
  • vmware_desktop Hosted by Vagrant Cloud (1.83 GB)

  • virtualbox Hosted by Vagrant Cloud (1.87 GB)