10-01-2019 10:36 AM
I created a Docker container for the Palo Alto Expedition tool as of version 1.1.38 and published it to Docker Hub. I rebuilt it on Alpine Linux and stripped the binaries, reducing the image size to a mere 1.43 GB. Optionally, you can make the database persistent by binding a directory on your host machine to /var/lib/mysql. Likewise you can bind a directory to /data for data persistence. I made a tweak to the MySQL config to store the innodb temp file to /tmp within the container, which allows the container to support database persistence on Mac OS (and presumably Windows) in addition to Linux. This was necessary due to an issue with the Alpine host on Mac OS/Windows using a ZFS backend and MariaDB being incompatible https://jira.mariadb.org/browse/MDEV-16015
Docker Hub Repo:
https://hub.docker.com/r/jlegarreta/expedition
GitHub Repo (Docker source):
https://github.com/jlegarreta/expedition
Among other things, these are some of the dashboard errors I fixed:
- Remediated the "log_bin flag in MariaDB is set to off" issue by turning it on in the MySQL config
- Remediated the DBSQL_LOG_BIN value issue by setting it to 0 in /home/userSpace/userDefinitions.php
Assuming you have sufficient disk space, your dashboard should be all green out of the box 🙂
Enjoy!
