Running Dragonfly MLE inside a Docker container

Steps to get Dragonfly MLE implementation working in Docker and feeding your current Suricata’s logs (this is assuming that eve.json file is located under /var/log/suricata/) :

$ git clone

$ cd dragonfly-mle

$ docker build -t dragonfly .

$ docker run -it -v /var/log/suricata:/var/log/suricata dragonfly

Open another interactive session to the container:

$ docker exec -ti <container_name> /bin/bash

The dragonfly mle logs are available under:


