Description Filebeat-FIPS is a FIPS 140-2 compliant log file shipper for enterprise environments. This container provides secure log data collection and forwarding capabilities while maintaining compliance with federal security standards. It features automated log harvesting, secure data transmission, and integration with major log analytics platforms.
Key Features Core capabilities and strengths of this container
FIPS 140-2 compliant logging operations Secure log collection and forwarding Automated log harvesting and processing Enterprise security compliance support Common Use Cases Typical scenarios where this container excels
Federal and government system logging Healthcare data compliance monitoring Financial services audit logging Enterprise security operations Pull Latest Image Download the container image from the registry
docker pull clnstrt-images.cleanstart.com/$ORGANIZATION/filebeat-fips:latestdocker pull clnstrt-images.cleanstart.com/$ORGANIZATION/filebeat-fips:latest-devBasic Run Run the container with basic configuration
bash docker run -d \
--name filebeat-fips \
-v $(pwd)/filebeat.yml:/usr/share/filebeat/filebeat.yml \
clnstrt-images.cleanstart.com/$ORGANIZATION/filebeat-fips:latestProduction Deployment Deploy with production security settings
bash docker run -d --name filebeat-fips-prod \
--read-only \
--security-opt=no-new-privileges \
--user 1000:1000 \
-v $(pwd)/filebeat.yml:/usr/share/filebeat/filebeat.yml:ro \
-v $(pwd)/logs:/logs:ro \
clnstrt-images.cleanstart.com/$ORGANIZATION/filebeat-fips:latestVolume Mount Mount log directories for monitoring
bash docker run -d \
-v /var/log:/logs:ro \
-v $(pwd)/filebeat.yml:/usr/share/filebeat/filebeat.yml:ro \
clnstrt-images.cleanstart.com/$ORGANIZATION/filebeat-fips:latestPort Forwarding Configure network ports for monitoring
bash docker run -d \
-p 5066:5066 \
clnstrt-images.cleanstart.com/$ORGANIZATION/filebeat-fips:latestEnvironment Variables Configuration options available through environment variables
ELASTICSEARCH_HOST Elasticsearch host address localhost:9200ELASTICSEARCH_USERNAME Elasticsearch authentication username elastic
ELASTICSEARCH_PASSWORD Elasticsearch authentication password KIBANA_HOST Kibana host address localhost:5601Security Best Practices Recommended security configurations and practices
Use FIPS mode for all cryptographic operations Implement proper access controls for log files Enable TLS for all network communications Regular security patches and updates Monitor file integrity and access patterns Implement proper log rotation policies Kubernetes Security Context Recommended security context for Kubernetes deployments
yaml securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
add: ["NET_BIND_SERVICE"]Documentation Resources Essential links and resources for further information