new file: .gitignore

modified:   README.md
	new file:   app/dashboard.py
	new file:   app/main.py
	new file:   docker-compose.yml
	new file:   snort/local.rules
	new file:   snort/snort-logs/soc_actions.log
	new file:   snort/snort.lua
	new file:   snort/snort3-community.rules

docker-compose.yml

@@ -0,0 +1,52 @@
+version: '3.8'
+
+services:
+  snort:
+    image: ciscotalos/snort3:latest
+    user: "root"
+    network_mode: host
+    privileged: true
+    volumes:
+      # Pushed all Snort-related mounts into the ./snort directory
+      - ./snort/snort-logs:/var/log/snort
+      - ./snort/local.rules:/etc/snort/rules/local.rules
+      - ./snort/snort3-community.rules:/etc/snort/rules/snort3-community.rules:ro
+      - ./snort/snort.lua:/home/snorty/snort3/etc/snort/snort.lua:ro
+    entrypoint: ["/home/snorty/snort3/bin/snort"]
+    command: [
+      "-c", "/home/snorty/snort3/etc/snort/snort.lua", 
+      "-R", "/etc/snort/rules/local.rules", 
+      # NOTE: Users cloning this must change the interface to match their machine
+      "-i", "enp1s0f0",
+      "-l", "/var/log/snort",
+      "--lua", "alert_json = { file = true }",
+      "--bpf", "not broadcast and not multicast"
+    ]
+
+  webhook-shipper:
+    image: python:3.11-slim
+    restart: unless-stopped
+    volumes:
+      # Updated paths for logs, rules, and the python script
+      - ./snort/snort-logs:/var/log/snort
+      - ./app/main.py:/app/main.py:ro
+      - ./snort/local.rules:/app/local.rules
+    environment:
+      - WEBHOOK_URL=${WEBHOOK_URL}
+      - OPENROUTER_API_KEY=${OPENROUTER_API_KEY}
+    working_dir: /app
+    command: sh -c "pip install --no-cache-dir requests && python -u main.py"
+
+  soc-dashboard:
+    image: python:3.11-slim
+    restart: unless-stopped
+    ports:
+      - "5050:5050"
+    volumes:
+      # Updated paths for logs, rules, and the dashboard script
+      - ./snort/snort-logs:/var/log/snort
+      - ./snort/local.rules:/etc/snort/rules/local.rules
+      - ./app/dashboard.py:/app/dashboard.py:ro
+    working_dir: /app
+    command: >
+      sh -c "pip install fastapi uvicorn python-multipart && uvicorn dashboard:app --host 0.0.0.0 --port 5050"