Shuffle
A guide to installing and running Shuffle using Docker
What is Shuffle?
Shuffle is an open-source Security Orchestration, Automation, and Response (SOAR) platform. It enables security teams to automate workflows, integrate various security tools, and respond to threats more efficiently. With its drag-and-drop interface, Shuffle simplifies the process of building security automation without requiring extensive coding skills.
Shuffle Architecture
Prerequisites
Before installing Shuffle, ensure you have the following:
- Docker and Docker Compose installed
- At least 4GB RAM and 2 CPUs available
- An internet connection to download dependencies
Installation
Clone the Shuffle repository and navigate to the directory:
1
2
git clone https://github.com/Shuffle/Shuffle
cd Shuffle
Create a directory for the database and set permissions:
1
2
3
mkdir shuffle-database
sudo chown -R 1000:1000 shuffle-database
sudo swapoff -a
Update system settings by adding the following line to /etc/sysctl.conf:
1
vm.max_map_count=262144
Apply the changes:
1
sudo sysctl -p
Start Shuffle using Docker Compose:
1
docker-compose up -d
Installing Shuffle Apps
Download and extract the Shuffle apps repository:
1
2
3
4
wget https://github.com/Shuffle/python-apps/archive/refs/heads/master.zip
unzip master.zip
cp -r python-apps-master/* shuffle/shuffle-apps
rm -rf python-apps-master/
Accessing Shuffle
Once the installation is complete, you can access the Shuffle web interface at: http://localhost:5001
Log in and start configuring your workflows!
This guide provides a basic setup. For advanced configurations, refer to the official documentation.