https://chaselau.me/tags/sysadmin/ Recent content in Sysadmin on Lau's Lounge Hugo en Wed, 11 Mar 2026 00:00:00 +0000 https://chaselau.me/post/deploy-cloud-defender-compose/ Wed, 11 Mar 2026 00:00:00 +0000 https://chaselau.me/post/deploy-cloud-defender-compose/ <h1 id="overview">Overview</h1> <p>I always prefer using Docker Compose instead of Docker commands since compose files are self-documenting. That&rsquo;s why it drives me crazy when someone&ndash;especially large companies&ndash;only give documentation in docker commands. Microsoft does this when you attempt to deploy an on-prem connector for Defender for Cloud Apps. Here&rsquo;s how to use a docker compose file instead.</p> <h1 id="process">Process</h1> <p>During setup, Microsoft will give you a command to run like this:</p> <p><code>(echo $TOKEN) | docker run --name $COLLECTOR_NAME$ -p 514:514/udp -p 21:21 -p 20000-20099:20000-20099 -e &quot;PUBLICIP='192.168.x.x'&quot; -e &quot;PROXY=&quot; -e &quot;SYSLOG=true&quot; -e &quot;CONSOLE=XXXX.us3.portal.cloudappsecurity.com&quot; -e &quot;COLLECTOR=COLLECTOR_NAME&quot; --security-opt apparmor:unconfined --cap-add=SYS_ADMIN --restart unless-stopped -a stdin -i mcr.microsoft.com/mcas/logcollector starter</code></p>