Running Dragonfly MLE inside a Docker container

Steps to get Dragonfly MLE implementation working in Docker and feeding your current Suricata’s logs (this is assuming that eve.json file is located under /var/log/suricata/) :

$ git clone https://github.com/counterflow-ai/dragonfly-mle.git

$ cd dragonfly-mle

$ docker build -t dragonfly .

$ docker run -it -v /var/log/suricata:/var/log/suricata dragonfly

Open another interactive session to the container:

$ docker exec -ti <container_name> /bin/bash

The dragonfly mle logs are available under:

/var/log/dragonfly-mle/

More information is available at: https://github.com/counterflow-ai/dragonfly-mle