Logo

A powerful, easily deployable network traffic analysis tool suite for network security monitoring

Quick Start

Documentation

Components

Supported Protocols

Configuring

Arkime

Dashboards

Hedgehog Linux

Contribution Guide

Adding a new service (image)

A new service can be added to Malcolm by following the following steps:

  1. Create a new subdirectory for the service (under the Malcolm working copy base directory) containing whatever source or configuration files are necessary to build and run the service
  2. Create the service’s Dockerfile in the Dockerfiles directory of the Malcolm working copy
  3. Add a new section for the service under services: in the docker-compose.yml and docker-compose-dev.yml files
  4. To enable automatic builds for the service on GitHub, create a new workflow, using an existing workflow as an example

Networking and firewall

If the new service needs to expose a web interface to the user:

Avoid publishing ports directly from the container to the host machine’s network interface if at all possible. The nginx-proxy container handles encryption and authentication and should sit in front of any user-facing interface provided by Malcolm.