MISP
/
MISP-Taxii-Server
mirror of https://github.com/MISP/MISP-Taxii-Server
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'master' of github.com:MISP/MISP-Taxii-Server

pull/14/head
Hannah Ward 2017-06-14 13:52:41 +01:00
parent cef25438ea 5680cc982d
commit 344ca1c8f5
2 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@ -39,6 +39,7 @@ mysql> exit;
Now, with that data edit `config.yaml`, and edit the `db_connection` parameters to match Now, with that data edit `config.yaml`, and edit the `db_connection` parameters to match
your environment. Change `auth_api -> parameters -> secret` whilst you're here as well. your environment. Change `auth_api -> parameters -> secret` whilst you're here as well.
Do not forget to set your MISP server's URL and API key at the bottom.
If you wish, you can edit the taxii service definitions in `services.yaml`, If you wish, you can edit the taxii service definitions in `services.yaml`,
or the collections to be created in `collections.yaml`; full documentation on how this is set up is available at [OpenTaxii's docs](https://opentaxii.readthedocs.io/en/stable/configuration.html). or the collections to be created in `collections.yaml`; full documentation on how this is set up is available at [OpenTaxii's docs](https://opentaxii.readthedocs.io/en/stable/configuration.html).
@ -47,8 +48,13 @@ Now it's time to create all your SQL tables. Luckily OpenTaxii comes with comman
You're going to want to export your configuration file to a variable as well. You're going to want to export your configuration file to a variable as well.
```bash ```bash
# Install mysqlclient for python3 if you haven't already done so
apt-get install libmysqlclient-dev # for mysql_config
pip3 install mysqlclient
# An example of this config is in the config directory # An example of this config is in the config directory
export OPENTAXII_CONFIG=/path/to/config.yaml export OPENTAXII_CONFIG=/path/to/config.yaml
export PYTHONPATH=.
opentaxii-create-services -c config/services.yaml opentaxii-create-services -c config/services.yaml
opentaxii-create-collections -c config/collections.yaml opentaxii-create-collections -c config/collections.yaml
@ -58,11 +64,9 @@ opentaxii-create-collections -c config/collections.yaml
opentaxii-create-account -u root -p root opentaxii-create-account -u root -p root
``` ```
OpenTaxii is now ready to roll, we've just gotta do one or two more things. OpenTaxii is now ready to roll, we've just gotta do one more thing.
Edit `misp_taxii_hooks/hooks.py` and add your MISP server's URL and API key. In the repository root directory, run
Then, in the repository root directory, run
```bash ```bash
sudo python3 setup.py install sudo python3 setup.py install
``` ```

13
scripts/push_published_to_taxii.py
View File

@ -45,13 +45,20 @@ cli.set_auth(username = config["taxii"]["auth"]["username"],
while True: while True:
# Wait for something to come in on the ZMQ socket # Wait for something to come in on the ZMQ socket
message = socket.recv().decode("utf-8")[10:] message = socket.recv().decode("utf-8")
log.info("Recieved a message!") log.info("Recieved a message!")
topic = message.split(' ', 1)[0]
if topic != 'misp_json':
log.info("Ignoring " + topic + "...")
continue
# Process the JSON payload
log.debug("Processing...") log.debug("Processing...")
payload = message[len(topic)+1:]
# Load the message JSON # Load the message JSON
msg = json.loads(message) msg = json.loads(payload)
log.debug(msg) log.debug(msg)