2019-07-02 04:26:55 +02:00
|
|
|
## 9.07/ misp-modules
|
|
|
|
```bash
|
|
|
|
# <snippet-begin 3_misp-modules_RHEL.sh>
|
|
|
|
mispmodulesRHEL () {
|
|
|
|
# some misp-modules dependencies
|
|
|
|
sudo yum install openjpeg-devel gcc-c++ poppler-cpp-devel pkgconfig python-devel redhat-rpm-config -y
|
|
|
|
|
|
|
|
sudo chmod 2777 /usr/local/src
|
|
|
|
sudo chown root:users /usr/local/src
|
|
|
|
cd /usr/local/src/
|
2020-05-25 01:47:49 +02:00
|
|
|
false; while [[ $? -ne 0 ]]; do $SUDO_WWW git clone https://github.com/MISP/misp-modules.git; done
|
2019-07-02 04:26:55 +02:00
|
|
|
cd misp-modules
|
|
|
|
# pip install
|
|
|
|
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U -I -r REQUIREMENTS
|
|
|
|
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U .
|
|
|
|
sudo yum install rubygem-rouge rubygem-asciidoctor zbar-devel opencv-devel -y
|
|
|
|
|
|
|
|
echo "[Unit]
|
|
|
|
Description=MISP modules
|
|
|
|
After=misp-workers.service
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
Type=simple
|
2020-02-19 12:23:08 +01:00
|
|
|
User=$WWW_USER
|
|
|
|
Group=$WWW_USER
|
2019-07-02 04:26:55 +02:00
|
|
|
WorkingDirectory=/usr/local/src/misp-modules
|
|
|
|
Environment="PATH=/var/www/MISP/venv/bin"
|
|
|
|
ExecStart=\"${PATH_TO_MISP}/venv/bin/misp-modules -l 127.0.0.1 -s\"
|
|
|
|
Restart=always
|
|
|
|
RestartSec=10
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
WantedBy=multi-user.target" |sudo tee /etc/systemd/system/misp-modules.service
|
|
|
|
|
|
|
|
sudo systemctl daemon-reload
|
|
|
|
# Test misp-modules
|
|
|
|
$SUDO_WWW $PATH_TO_MISP/venv/bin/misp-modules -l 127.0.0.1 -s &
|
|
|
|
sudo systemctl enable --now misp-modules
|
|
|
|
|
|
|
|
# Enable Enrichment, set better timeouts
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_services_enable" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_hover_enable" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_timeout" 300
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_hover_timeout" 150
|
|
|
|
# TODO:"Investigate why the next one fails"
|
|
|
|
#$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_asn_history_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_cve_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_dns_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_btc_steroids_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_ipasn_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_yara_syntax_validator_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_yara_query_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_pdf_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_docx_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_xlsx_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_pptx_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_ods_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_odt_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_services_url" "http://127.0.0.1"
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_services_port" 6666
|
|
|
|
|
|
|
|
# Enable Import modules, set better timeout
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_services_enable" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_services_url" "http://127.0.0.1"
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_services_port" 6666
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_timeout" 300
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_ocr_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_mispjson_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_openiocimport_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_threatanalyzer_import_enabled" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_csvimport_enabled" true
|
|
|
|
|
|
|
|
# Enable Export modules, set better timeout
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Export_services_enable" true
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Export_services_url" "http://127.0.0.1"
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Export_services_port" 6666
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Export_timeout" 300
|
|
|
|
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Export_pdfexport_enabled" true
|
|
|
|
}
|
|
|
|
# <snippet-end 3_misp-modules_RHEL.sh>
|
|
|
|
```
|
|
|
|
|