mirror of https://github.com/MISP/MISP
Merge branch '2.4' into tools
commit
6a8a02b505
2
PyMISP
2
PyMISP
|
@ -1 +1 @@
|
|||
Subproject commit a68bd80ab9dceaee9674bd9a2b0bffc4f387fcdc
|
||||
Subproject commit e8334be9caaddab229d850c92cb029812222dd82
|
|
@ -2,173 +2,281 @@
|
|||
App::uses('AppShell', 'Console/Command');
|
||||
class AdminShell extends AppShell
|
||||
{
|
||||
public $uses = array('Event', 'Post', 'Attribute', 'Job', 'User', 'Task', 'Whitelist', 'Server', 'Organisation', 'AdminSetting', 'Galaxy', 'Taxonomy', 'Warninglist', 'Noticelist', 'ObjectTemplate', 'Bruteforce', 'Role');
|
||||
public $uses = array('Event', 'Post', 'Attribute', 'Job', 'User', 'Task', 'Whitelist', 'Server', 'Organisation', 'AdminSetting', 'Galaxy', 'Taxonomy', 'Warninglist', 'Noticelist', 'ObjectTemplate', 'Bruteforce', 'Role');
|
||||
|
||||
public function jobGenerateCorrelation() {
|
||||
$jobId = $this->args[0];
|
||||
$this->loadModel('Job');
|
||||
$this->Job->id = $jobId;
|
||||
$this->loadModel('Attribute');
|
||||
$this->Attribute->generateCorrelation($jobId, 0);
|
||||
$this->Job->saveField('progress', 100);
|
||||
$this->Job->saveField('message', 'Job done.');
|
||||
$this->Job->saveField('status', 4);
|
||||
}
|
||||
public function jobGenerateCorrelation() {
|
||||
$jobId = $this->args[0];
|
||||
$this->loadModel('Job');
|
||||
$this->Job->id = $jobId;
|
||||
$this->loadModel('Attribute');
|
||||
$this->Attribute->generateCorrelation($jobId, 0);
|
||||
$this->Job->saveField('progress', 100);
|
||||
$this->Job->saveField('message', 'Job done.');
|
||||
$this->Job->saveField('status', 4);
|
||||
}
|
||||
|
||||
public function jobPurgeCorrelation() {
|
||||
$jobId = $this->args[0];
|
||||
$this->loadModel('Job');
|
||||
$this->Job->id = $jobId;
|
||||
$this->loadModel('Attribute');
|
||||
$this->Attribute->purgeCorrelations();
|
||||
$this->Job->saveField('progress', 100);
|
||||
$this->Job->saveField('message', 'Job done.');
|
||||
$this->Job->saveField('status', 4);
|
||||
}
|
||||
public function jobPurgeCorrelation() {
|
||||
$jobId = $this->args[0];
|
||||
$this->loadModel('Job');
|
||||
$this->Job->id = $jobId;
|
||||
$this->loadModel('Attribute');
|
||||
$this->Attribute->purgeCorrelations();
|
||||
$this->Job->saveField('progress', 100);
|
||||
$this->Job->saveField('message', 'Job done.');
|
||||
$this->Job->saveField('status', 4);
|
||||
}
|
||||
|
||||
public function jobGenerateShadowAttributeCorrelation() {
|
||||
$jobId = $this->args[0];
|
||||
$this->loadModel('Job');
|
||||
$this->Job->id = $jobId;
|
||||
$this->loadModel('ShadowAttribute');
|
||||
$this->ShadowAttribute->generateCorrelation($jobId);
|
||||
}
|
||||
public function jobGenerateShadowAttributeCorrelation() {
|
||||
$jobId = $this->args[0];
|
||||
$this->loadModel('Job');
|
||||
$this->Job->id = $jobId;
|
||||
$this->loadModel('ShadowAttribute');
|
||||
$this->ShadowAttribute->generateCorrelation($jobId);
|
||||
}
|
||||
|
||||
public function updateMISP() {
|
||||
$status = array('branch' => '2.4');
|
||||
echo $this->Server->update($status) . PHP_EOL;
|
||||
}
|
||||
|
||||
public function restartWorkers() {
|
||||
public function restartWorkers()
|
||||
{
|
||||
$this->Server->restartWorkers();
|
||||
echo PHP_EOL . 'Workers restarted.' . PHP_EOL;
|
||||
}
|
||||
|
||||
public function updateGalaxies() {
|
||||
// The following is 7.x upwards only
|
||||
//$value = $this->args[0] ?? $this->args[0] ?? 0;
|
||||
$value = empty($this->args[0]) ? null : $this->args[0];
|
||||
if ($value === 'false') $value = 0;
|
||||
if ($value === 'true') $value = 1;
|
||||
if ($value === 'force') $value = 1;
|
||||
$force = $value;
|
||||
$result = $this->Galaxy->update($force);
|
||||
if ($result) {
|
||||
echo 'Galaxies updated';
|
||||
} else {
|
||||
echo 'Could not update Galaxies';
|
||||
}
|
||||
}
|
||||
public function updateAfterPull() {
|
||||
$this->loadModel('Job');
|
||||
$this->loadModel('Server');
|
||||
$submodule_name = $this->args[0];
|
||||
$jobId = $this->args[1];
|
||||
$userId = $this->args[2];
|
||||
$this->Job->id = $jobId;
|
||||
$result = $this->Server->updateAfterPull($submodule_name, $userId);
|
||||
$this->Job->saveField('progress', 100);
|
||||
$this->Job->saveField('date_modified', date("y-m-d H:i:s"));
|
||||
if ($result) {
|
||||
$this->Job->saveField('message', __('Database updated: ' . $submodule_name));
|
||||
} else {
|
||||
$this->Job->saveField('message', __('Could not update the database: ' . $submodule_name));
|
||||
}
|
||||
}
|
||||
|
||||
# FIXME: Make Taxonomy->update() return a status string on API if successful
|
||||
public function updateTaxonomies() {
|
||||
$result = $this->Taxonomy->update();
|
||||
if ($result) {
|
||||
echo 'Taxonomies updated';
|
||||
} else {
|
||||
echo 'Could not update Taxonomies';
|
||||
}
|
||||
}
|
||||
public function restartWorker()
|
||||
{
|
||||
if (empty($this->args[0]) || !is_numeric($this->args[0])) {
|
||||
echo 'Usage: ' . APP . '/cake ' . 'Admin restartWorker [PID]';
|
||||
}
|
||||
$pid = $this->args[0];
|
||||
$result = $this->Server->restartWorker($pid);
|
||||
if ($result === true) {
|
||||
$response = __('Worker restarted.');
|
||||
} else {
|
||||
$response = __('Could not restart the worker. Reason: %s', $result);
|
||||
}
|
||||
echo sprintf(
|
||||
'%s%s%s',
|
||||
PHP_EOL,
|
||||
$response,
|
||||
PHP_EOL
|
||||
);
|
||||
}
|
||||
|
||||
public function updateWarningLists() {
|
||||
$result = $this->Galaxy->update();
|
||||
if ($result) {
|
||||
echo 'Warning lists updated';
|
||||
} else {
|
||||
echo 'Could not update warning lists';
|
||||
}
|
||||
}
|
||||
public function killWorker()
|
||||
{
|
||||
if (empty($this->args[0]) || !is_numeric($this->args[0])) {
|
||||
echo 'Usage: ' . APP . '/cake ' . 'Admin killWorker [PID]';
|
||||
die();
|
||||
}
|
||||
$pid = $this->args[0];
|
||||
$result = $this->Server->killWorker($pid, false);
|
||||
echo sprintf(
|
||||
'%s%s%s',
|
||||
PHP_EOL,
|
||||
__('Worker killed.'),
|
||||
PHP_EOL
|
||||
);
|
||||
}
|
||||
|
||||
public function updateNoticeLists() {
|
||||
$result = $this->Noticelist->update();
|
||||
if ($result) {
|
||||
echo 'Notice lists updated';
|
||||
} else {
|
||||
echo 'Could not update notice lists';
|
||||
}
|
||||
}
|
||||
public function startWorker()
|
||||
{
|
||||
if (empty($this->args[0])) {
|
||||
echo 'Usage: ' . APP . '/cake ' . 'Admin startWorker [queue]';
|
||||
die();
|
||||
}
|
||||
$queue = $this->args[0];
|
||||
$this->Server->startWorker($queue);
|
||||
echo sprintf(
|
||||
'%s%s%s',
|
||||
PHP_EOL,
|
||||
__('Worker started.'),
|
||||
PHP_EOL
|
||||
);
|
||||
}
|
||||
|
||||
# FIXME: Debug and make it work, fails to pass userId/orgId properly
|
||||
public function updateObjectTemplates() {
|
||||
if (empty($this->args[0])) {
|
||||
echo 'Usage: ' . APP . '/cake ' . 'Admin updateNoticeLists [user_id]';
|
||||
} else {
|
||||
$userId = $this->args[0];
|
||||
$user = $this->User->find('first', array(
|
||||
'recursive' => -1,
|
||||
'conditions' => array(
|
||||
'User.id' => $userId,
|
||||
),
|
||||
'fields' => array('User.id', 'User.org_id')
|
||||
));
|
||||
if (empty($user)) {
|
||||
echo 'User not found';
|
||||
} else {
|
||||
$result = $this->ObjectTemplate->update($user, false,false);
|
||||
if ($result) {
|
||||
echo 'Object templates updated';
|
||||
} else {
|
||||
echo 'Could not update object templates';
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
public function updateJSON() {
|
||||
echo 'Updating all JSON structures.' . PHP_EOL;
|
||||
$results = $this->Server->updateJSON();
|
||||
foreach ($results as $type => $result) {
|
||||
if ($result !== false) {
|
||||
echo sprintf(
|
||||
__('%s updated.') . PHP_EOL,
|
||||
Inflector::pluralize(Inflector::humanize($type))
|
||||
);
|
||||
} else {
|
||||
echo sprintf(
|
||||
__('Could not update %s.') . PHP_EOL,
|
||||
Inflector::pluralize(Inflector::humanize($type))
|
||||
);
|
||||
}
|
||||
}
|
||||
echo 'All JSON structures updated. Thank you and have a very safe and productive day.' . PHP_EOL;
|
||||
}
|
||||
|
||||
public function jobUpgrade24() {
|
||||
$jobId = $this->args[0];
|
||||
$user_id = $this->args[1];
|
||||
$this->loadModel('Job');
|
||||
$this->Job->id = $jobId;
|
||||
$this->loadModel('Server');
|
||||
$this->Server->upgrade2324($user_id, $jobId);
|
||||
$this->Job->saveField('progress', 100);
|
||||
$this->Job->saveField('message', 'Job done.');
|
||||
$this->Job->saveField('status', 4);
|
||||
}
|
||||
public function updateGalaxies() {
|
||||
// The following is 7.x upwards only
|
||||
//$value = $this->args[0] ?? $this->args[0] ?? 0;
|
||||
$value = empty($this->args[0]) ? null : $this->args[0];
|
||||
if ($value === 'false') $value = 0;
|
||||
if ($value === 'true') $value = 1;
|
||||
if ($value === 'force') $value = 1;
|
||||
$force = $value;
|
||||
$result = $this->Galaxy->update($force);
|
||||
if ($result) {
|
||||
echo 'Galaxies updated';
|
||||
} else {
|
||||
echo 'Could not update Galaxies';
|
||||
}
|
||||
}
|
||||
|
||||
public function prune_update_logs() {
|
||||
$jobId = $this->args[0];
|
||||
$user_id = $this->args[1];
|
||||
$user = $this->User->getAuthUser($user_id);
|
||||
$this->loadModel('Job');
|
||||
$this->Job->id = $jobId;
|
||||
$this->loadModel('Log');
|
||||
$this->Log->pruneUpdateLogs($jobId, $user);
|
||||
$this->Job->saveField('progress', 100);
|
||||
$this->Job->saveField('message', 'Job done.');
|
||||
$this->Job->saveField('status', 4);
|
||||
}
|
||||
# FIXME: Make Taxonomy->update() return a status string on API if successful
|
||||
public function updateTaxonomies() {
|
||||
$result = $this->Taxonomy->update();
|
||||
if ($result) {
|
||||
echo 'Taxonomies updated';
|
||||
} else {
|
||||
echo 'Could not update Taxonomies';
|
||||
}
|
||||
}
|
||||
|
||||
public function getWorkers() {
|
||||
$result = $this->Server->workerDiagnostics($workerIssueCount);
|
||||
echo json_encode($result, JSON_PRETTY_PRINT) . PHP_EOL;
|
||||
public function updateWarningLists() {
|
||||
$result = $this->Galaxy->update();
|
||||
if ($result) {
|
||||
echo 'Warning lists updated';
|
||||
} else {
|
||||
echo 'Could not update warning lists';
|
||||
}
|
||||
}
|
||||
|
||||
public function updateNoticeLists() {
|
||||
$result = $this->Noticelist->update();
|
||||
if ($result) {
|
||||
echo 'Notice lists updated';
|
||||
} else {
|
||||
echo 'Could not update notice lists';
|
||||
}
|
||||
}
|
||||
|
||||
# FIXME: Debug and make it work, fails to pass userId/orgId properly
|
||||
public function updateObjectTemplates() {
|
||||
if (empty($this->args[0])) {
|
||||
echo 'Usage: ' . APP . '/cake ' . 'Admin updateNoticeLists [user_id]';
|
||||
} else {
|
||||
$userId = $this->args[0];
|
||||
$user = $this->User->find('first', array(
|
||||
'recursive' => -1,
|
||||
'conditions' => array(
|
||||
'User.id' => $userId,
|
||||
),
|
||||
'fields' => array('User.id', 'User.org_id')
|
||||
));
|
||||
if (empty($user)) {
|
||||
echo 'User not found';
|
||||
} else {
|
||||
$result = $this->ObjectTemplate->update($user, false,false);
|
||||
if ($result) {
|
||||
echo 'Object templates updated';
|
||||
} else {
|
||||
echo 'Could not update object templates';
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public function jobUpgrade24() {
|
||||
$jobId = $this->args[0];
|
||||
$user_id = $this->args[1];
|
||||
$this->loadModel('Job');
|
||||
$this->Job->id = $jobId;
|
||||
$this->loadModel('Server');
|
||||
$this->Server->upgrade2324($user_id, $jobId);
|
||||
$this->Job->saveField('progress', 100);
|
||||
$this->Job->saveField('message', 'Job done.');
|
||||
$this->Job->saveField('status', 4);
|
||||
}
|
||||
|
||||
public function prune_update_logs() {
|
||||
$jobId = $this->args[0];
|
||||
$user_id = $this->args[1];
|
||||
$user = $this->User->getAuthUser($user_id);
|
||||
$this->loadModel('Job');
|
||||
$this->Job->id = $jobId;
|
||||
$this->loadModel('Log');
|
||||
$this->Log->pruneUpdateLogs($jobId, $user);
|
||||
$this->Job->saveField('progress', 100);
|
||||
$this->Job->saveField('message', 'Job done.');
|
||||
$this->Job->saveField('status', 4);
|
||||
}
|
||||
|
||||
public function getWorkers() {
|
||||
$result = $this->Server->workerDiagnostics($workerIssueCount);
|
||||
$query = 'all';
|
||||
if (!empty($this->args[0])) {
|
||||
$query = $this->args[0];
|
||||
}
|
||||
if ($query === 'dead') {
|
||||
$dead_workers = array();
|
||||
foreach ($result as $queue => $data) {
|
||||
if (!empty($data['workers'])) {
|
||||
foreach ($data['workers'] as $k => $worker) {
|
||||
if ($worker['alive']) {
|
||||
unset($result[$queue]['workers'][$k]);
|
||||
}
|
||||
}
|
||||
}
|
||||
if (empty($result[$queue]['workers'])) {
|
||||
unset($result[$queue]);
|
||||
}
|
||||
}
|
||||
}
|
||||
echo json_encode($result, JSON_PRETTY_PRINT) . PHP_EOL;
|
||||
}
|
||||
|
||||
public function getSetting() {
|
||||
$param = empty($this->args[0]) ? 'all' : $this->args[0];
|
||||
$settings = $this->Server->serverSettingsRead();
|
||||
$result = $settings;
|
||||
if (!empty($param)) {
|
||||
$result = 'No valid setting found for ' . $param;
|
||||
foreach ($settings as $setting) {
|
||||
if ($setting['setting'] == $param) {
|
||||
$result = $setting;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
echo json_encode($result, JSON_PRETTY_PRINT) . PHP_EOL;
|
||||
}
|
||||
|
||||
public function getSetting() {
|
||||
$param = empty($this->args[0]) ? 'all' : $this->args[0];
|
||||
$settings = $this->Server->serverSettingsRead();
|
||||
$result = $settings;
|
||||
if (!empty($param)) {
|
||||
$result = 'No valid setting found for ' . $param;
|
||||
foreach ($settings as $setting) {
|
||||
if ($setting['setting'] == $param) {
|
||||
$result = $setting;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
echo json_encode($result, JSON_PRETTY_PRINT) . PHP_EOL;
|
||||
}
|
||||
|
||||
public function setSetting() {
|
||||
$setting_name = !isset($this->args[0]) ? null : $this->args[0];
|
||||
$value = !isset($this->args[1]) ? null : $this->args[1];
|
||||
if ($value === 'false') $value = 0;
|
||||
if ($value === 'true') $value = 1;
|
||||
public function setSetting() {
|
||||
$setting_name = !isset($this->args[0]) ? null : $this->args[0];
|
||||
$value = !isset($this->args[1]) ? null : $this->args[1];
|
||||
if ($value === 'false') $value = 0;
|
||||
if ($value === 'true') $value = 1;
|
||||
$cli_user = array('id' => 0, 'email' => 'SYSTEM', 'Organisation' => array('name' => 'SYSTEM'));
|
||||
if (empty($setting_name) || $value === null) {
|
||||
echo 'Invalid parameters. Usage: ' . APP . 'Console/cake Admin setSetting [setting_name] [setting_value]';
|
||||
} else {
|
||||
if (empty($setting_name) || $value === null) {
|
||||
echo 'Invalid parameters. Usage: ' . APP . 'Console/cake Admin setSetting [setting_name] [setting_value]';
|
||||
} else {
|
||||
$setting = $this->Server->getSettingData($setting_name);
|
||||
if (empty($setting)) {
|
||||
echo 'Invalid setting. Please make sure that the setting that you are attempting to change exists.';
|
||||
|
@ -179,25 +287,25 @@ class AdminShell extends AppShell
|
|||
} else {
|
||||
echo $result;
|
||||
}
|
||||
}
|
||||
}
|
||||
echo PHP_EOL;
|
||||
}
|
||||
}
|
||||
|
||||
public function setDatabaseVersion() {
|
||||
if (empty($this->args[0])) echo 'Invalid parameters. Usage: ' . APP . 'Console/cake Admin setDatabaseVersion [db_version]' . PHP_EOL;
|
||||
else {
|
||||
$db_version = $this->AdminSetting->find('first', array(
|
||||
'conditions' => array('setting' => 'db_version')
|
||||
));
|
||||
if (!empty($db_version)) {
|
||||
$db_version['value'] = trim($this->args[0]);
|
||||
$this->AdminSetting->save($db_version);
|
||||
echo 'Database version set. MISP will replay all of the upgrade scripts since the selected version on the next user login.' . PHP_EOL;
|
||||
} else {
|
||||
echo 'Something went wrong. Could not find the existing db version.' . PHP_EOL;
|
||||
}
|
||||
}
|
||||
}
|
||||
public function setDatabaseVersion() {
|
||||
if (empty($this->args[0])) echo 'Invalid parameters. Usage: ' . APP . 'Console/cake Admin setDatabaseVersion [db_version]' . PHP_EOL;
|
||||
else {
|
||||
$db_version = $this->AdminSetting->find('first', array(
|
||||
'conditions' => array('setting' => 'db_version')
|
||||
));
|
||||
if (!empty($db_version)) {
|
||||
$db_version['value'] = trim($this->args[0]);
|
||||
$this->AdminSetting->save($db_version);
|
||||
echo 'Database version set. MISP will replay all of the upgrade scripts since the selected version on the next user login.' . PHP_EOL;
|
||||
} else {
|
||||
echo 'Something went wrong. Could not find the existing db version.' . PHP_EOL;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public function updateDatabase() {
|
||||
echo 'Executing all updates to bring the database up to date with the current version.' . PHP_EOL;
|
||||
|
@ -222,20 +330,20 @@ class AdminShell extends AppShell
|
|||
}
|
||||
}
|
||||
|
||||
public function clearBruteforce()
|
||||
{
|
||||
$conditions = array('Bruteforce.username !=' => '');
|
||||
if (!empty($this->args[0])) {
|
||||
public function clearBruteforce()
|
||||
{
|
||||
$conditions = array('Bruteforce.username !=' => '');
|
||||
if (!empty($this->args[0])) {
|
||||
$conditions = array('Bruteforce.username' => $this->args[0]);
|
||||
}
|
||||
$result = $this->Bruteforce->deleteAll($conditions, false, false);
|
||||
$target = empty($this->args[0]) ? 'all users' : $this->args[0];
|
||||
if ($result) {
|
||||
echo 'Brutefoce entries for ' . $target . ' deleted.' . PHP_EOL;
|
||||
} else {
|
||||
echo 'Something went wrong, could not delete bruteforce entries for ' . $target . '.' . PHP_EOL;
|
||||
}
|
||||
}
|
||||
$result = $this->Bruteforce->deleteAll($conditions, false, false);
|
||||
$target = empty($this->args[0]) ? 'all users' : $this->args[0];
|
||||
if ($result) {
|
||||
echo 'Brutefoce entries for ' . $target . ' deleted.' . PHP_EOL;
|
||||
} else {
|
||||
echo 'Something went wrong, could not delete bruteforce entries for ' . $target . '.' . PHP_EOL;
|
||||
}
|
||||
}
|
||||
|
||||
public function setDefaultRole()
|
||||
{
|
||||
|
@ -296,4 +404,17 @@ class AdminShell extends AppShell
|
|||
}
|
||||
echo 'Updated, new key:' . PHP_EOL . $authKey . PHP_EOL;
|
||||
}
|
||||
|
||||
public function getOptionParser() {
|
||||
$parser = parent::getOptionParser();
|
||||
$parser->addSubcommand('updateJSON', array(
|
||||
'help' => __('Update the JSON definitions of MISP.'),
|
||||
'parser' => array(
|
||||
'arguments' => array(
|
||||
'update' => array('help' => __('Update the submodules before ingestion.'), 'short' => 'u', 'boolean' => 1)
|
||||
)
|
||||
)
|
||||
));
|
||||
return $parser;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,57 +1,18 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# TODO: Put some logic inside if many worker PIDs are detected
|
||||
|
||||
# Extract base directory where this script is and cd into it
|
||||
cd "${0%/*}"
|
||||
|
||||
# Set to the current webroot owner
|
||||
WWW_USER=$(ls -l ../cake |awk {'print $3'}|tail -1)
|
||||
|
||||
# In most cases the owner of the cake script is also the user as which it should be executed.
|
||||
if [[ "$USER" != "$WWW_USER" ]]; then
|
||||
echo "You run this script as $USER and the owner of the cake command is $WWW_USER. This might be an issue."
|
||||
fi
|
||||
|
||||
# Check if run as root
|
||||
if [[ "$EUID" -eq "0" ]]; then
|
||||
if [ "$EUID" -eq 0 ]; then
|
||||
echo "Please DO NOT run the worker script as root"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if jq is present and enable advanced checks
|
||||
if [[ "$(jq -V > /dev/null 2> /dev/null; echo $?)" != 0 ]]; then
|
||||
echo "jq is not installed, disabling advanced checks."
|
||||
ADVANCED="0"
|
||||
else
|
||||
ADVANCED="1"
|
||||
fi
|
||||
# Extract base directory where this script is and cd into it
|
||||
cd "${0%/*}"
|
||||
../cake CakeResque.CakeResque stop --all
|
||||
../cake CakeResque.CakeResque start --interval 5 --queue default
|
||||
../cake CakeResque.CakeResque start --interval 5 --queue prio
|
||||
../cake CakeResque.CakeResque start --interval 5 --queue cache
|
||||
../cake CakeResque.CakeResque start --interval 5 --queue email
|
||||
../cake CakeResque.CakeResque startscheduler --interval 5
|
||||
|
||||
if [[ "$ADVANCED" == "1" ]]; then
|
||||
for worker in `echo cache default email prio scheduler`; do
|
||||
workerStatus=$(../cake Admin getWorkers |tail -n +7 |jq -r ".$worker" |jq -r '.ok')
|
||||
PIDcount=$(../cake admin getWorkers |tail -n +7 |jq -r ".$worker.workers" |grep pid | wc -l)
|
||||
echo -n "$worker has $PIDcount PID(s)"
|
||||
if [[ "$workerStatus" != "true" ]]; then
|
||||
echo ", trying to restart."
|
||||
if [[ "$worker" != "scheduler" ]]; then
|
||||
../cake CakeResque.CakeResque start --interval 5 --queue $worker
|
||||
else
|
||||
../cake CakeResque.CakeResque startscheduler --interval 5
|
||||
fi
|
||||
else
|
||||
echo ", up and running."
|
||||
fi
|
||||
done
|
||||
exit 0
|
||||
else
|
||||
|
||||
../cake CakeResque.CakeResque stop --all
|
||||
../cake CakeResque.CakeResque start --interval 5 --queue default
|
||||
../cake CakeResque.CakeResque start --interval 5 --queue prio
|
||||
../cake CakeResque.CakeResque start --interval 5 --queue cache
|
||||
../cake CakeResque.CakeResque start --interval 5 --queue email
|
||||
../cake CakeResque.CakeResque startscheduler --interval 5
|
||||
|
||||
exit 0
|
||||
fi
|
||||
exit 0
|
||||
|
|
|
@ -0,0 +1,57 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# TODO: Put some logic inside if many worker PIDs are detected
|
||||
|
||||
# Extract base directory where this script is and cd into it
|
||||
cd "${0%/*}"
|
||||
|
||||
# Set to the current webroot owner
|
||||
WWW_USER=$(ls -l ../cake |awk {'print $3'}|tail -1)
|
||||
|
||||
# In most cases the owner of the cake script is also the user as which it should be executed.
|
||||
if [[ "$USER" != "$WWW_USER" ]]; then
|
||||
echo "You run this script as $USER and the owner of the cake command is $WWW_USER. This might be an issue."
|
||||
fi
|
||||
|
||||
# Check if run as root
|
||||
if [[ "$EUID" -eq "0" ]]; then
|
||||
echo "Please DO NOT run the worker script as root"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if jq is present and enable advanced checks
|
||||
if [[ "$(jq -V > /dev/null 2> /dev/null; echo $?)" != 0 ]]; then
|
||||
echo "jq is not installed, disabling advanced checks."
|
||||
ADVANCED="0"
|
||||
else
|
||||
ADVANCED="1"
|
||||
fi
|
||||
|
||||
if [[ "$ADVANCED" == "1" ]]; then
|
||||
for worker in `echo cache default email prio scheduler`; do
|
||||
workerStatus=$(../cake Admin getWorkers |tail -n +7 |jq -r ".$worker" |jq -r '.ok')
|
||||
PIDcount=$(../cake admin getWorkers |tail -n +7 |jq -r ".$worker.workers" |grep pid | wc -l)
|
||||
echo -n "$worker has $PIDcount PID(s)"
|
||||
if [[ "$workerStatus" != "true" ]]; then
|
||||
echo ", trying to restart."
|
||||
if [[ "$worker" != "scheduler" ]]; then
|
||||
../cake CakeResque.CakeResque start --interval 5 --queue $worker
|
||||
else
|
||||
../cake CakeResque.CakeResque startscheduler --interval 5
|
||||
fi
|
||||
else
|
||||
echo ", up and running."
|
||||
fi
|
||||
done
|
||||
exit 0
|
||||
else
|
||||
|
||||
../cake CakeResque.CakeResque stop --all
|
||||
../cake CakeResque.CakeResque start --interval 5 --queue default
|
||||
../cake CakeResque.CakeResque start --interval 5 --queue prio
|
||||
../cake CakeResque.CakeResque start --interval 5 --queue cache
|
||||
../cake CakeResque.CakeResque start --interval 5 --queue email
|
||||
../cake CakeResque.CakeResque startscheduler --interval 5
|
||||
|
||||
exit 0
|
||||
fi
|
|
@ -46,7 +46,7 @@ class AppController extends Controller
|
|||
|
||||
public $helpers = array('Utility', 'OrgImg', 'FontAwesome');
|
||||
|
||||
private $__queryVersion = '65';
|
||||
private $__queryVersion = '66';
|
||||
public $pyMispVersion = '2.4.103';
|
||||
public $phpmin = '7.0';
|
||||
public $phprec = '7.2';
|
||||
|
|
|
@ -1197,7 +1197,7 @@ class AttributesController extends AppController
|
|||
}
|
||||
}
|
||||
|
||||
public function viewPicture($id, $thumbnail=false, $width=200, $height=200)
|
||||
public function viewPicture($id, $thumbnail=false)
|
||||
{
|
||||
if (Validation::uuid($id)) {
|
||||
$temp = $this->Attribute->find('first', array(
|
||||
|
@ -1221,11 +1221,15 @@ class AttributesController extends AppController
|
|||
'Attribute.id' => $id,
|
||||
'Attribute.type' => 'attachment'
|
||||
),
|
||||
'withAttachments' => true,
|
||||
'includeAllTags' => false,
|
||||
'includeAttributeUuid' => true,
|
||||
'flatten' => true
|
||||
);
|
||||
|
||||
if ($this->_isRest()) {
|
||||
$conditions['withAttachments'] = true;
|
||||
}
|
||||
|
||||
$attribute = $this->Attribute->fetchAttributes($this->Auth->user(), $conditions);
|
||||
if (empty($attribute)) {
|
||||
throw new MethodNotAllowedException('Invalid attribute');
|
||||
|
@ -1235,49 +1239,11 @@ class AttributesController extends AppController
|
|||
if ($this->_isRest()) {
|
||||
return $this->RestResponse->viewData($attribute['Attribute']['data'], $this->response->type());
|
||||
} else {
|
||||
$width = isset($this->request->params['named']['width']) ? $this->request->params['named']['width'] : 200;
|
||||
$height = isset($this->request->params['named']['height']) ? $this->request->params['named']['height'] : 200;
|
||||
$image_data = $this->Attribute->getPictureData($attribute, $thumbnail, $width, $height);
|
||||
$extension = explode('.', $attribute['Attribute']['value']);
|
||||
$extension = end($extension);
|
||||
if (extension_loaded('gd')) {
|
||||
$image = ImageCreateFromString(base64_decode($attribute['Attribute']['data']));
|
||||
if (!$thumbnail) {
|
||||
ob_start ();
|
||||
switch ($extension) {
|
||||
case 'gif':
|
||||
imagegif($image);
|
||||
break;
|
||||
case 'jpg':
|
||||
case 'jpeg':
|
||||
imagejpeg($image);
|
||||
break;
|
||||
case 'png':
|
||||
imagepng($image);
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
$image_data = $extension != 'gif' ? ob_get_contents() : base64_decode($attribute['Attribute']['data']);
|
||||
ob_end_clean ();
|
||||
imagedestroy($image);
|
||||
} else { // thumbnail requested, resample picture with desired dimension
|
||||
$width = isset($this->request->params['named']['width']) ? $this->request->params['named']['width'] : 150;
|
||||
$height = isset($this->request->params['named']['height']) ? $this->request->params['named']['height'] : 150;
|
||||
if ($extension == 'gif') {
|
||||
$image_data = base64_decode($attribute['Attribute']['data']);
|
||||
} else {
|
||||
$extension = 'jpg';
|
||||
$imageTC = ImageCreateTrueColor($width, $height);
|
||||
ImageCopyResampled($imageTC, $image, 0, 0, 0, 0, $width, $height, ImageSX($image), ImageSY($image));
|
||||
ob_start ();
|
||||
imagejpeg ($imageTC);
|
||||
$image_data = ob_get_contents();
|
||||
ob_end_clean ();
|
||||
imagedestroy($image);
|
||||
imagedestroy($imageTC);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$image_data = base64_decode($attribute['Attribute']['data']);
|
||||
}
|
||||
$this->response->type(strtolower(h($extension)));
|
||||
$this->response->body($image_data);
|
||||
$this->autoRender = false;
|
||||
|
@ -3161,21 +3127,23 @@ class AttributesController extends AppController
|
|||
$success = 0;
|
||||
$fails = 0;
|
||||
foreach ($idList as $id) {
|
||||
$this->Attribute->id = $id;
|
||||
if (!$this->Attribute->exists()) {
|
||||
$attribute = $this->Attribute->find('first', array(
|
||||
'recursive' => -1,
|
||||
'conditions' => array('Attribute.id' => $id, 'Attribute.deleted' => 0),
|
||||
'contain' => array('Event.orgc_id')
|
||||
));
|
||||
if (empty($attribute)) {
|
||||
throw new NotFoundException(__('Invalid attribute'));
|
||||
}
|
||||
$this->Attribute->read();
|
||||
if (!$this->_isSiteAdmin() && $this->Attribute->data['Event']['orgc_id'] !== $this->Auth->user('org_id')) {
|
||||
if (!$this->_isSiteAdmin() && $attribute['Event']['orgc_id'] !== $this->Auth->user('org_id')) {
|
||||
$fails++;
|
||||
continue;
|
||||
}
|
||||
if ($this->Attribute->data['Attribute']['deleted']) {
|
||||
throw new NotFoundException(__('Invalid attribute'));
|
||||
}
|
||||
$eventId = $this->Attribute->data['Attribute']['event_id'];
|
||||
$this->Attribute->Event->recursive = -1;
|
||||
$event = $this->Attribute->Event->read(array(), $eventId);
|
||||
$eventId = $attribute['Attribute']['event_id'];
|
||||
$event = $this->Attribute->Event->find('first', array(
|
||||
'conditions' => array('Event.id' => $eventId),
|
||||
'recursive' => -1
|
||||
));
|
||||
if (!$this->_isSiteAdmin() && !$this->userRole['perm_sync']) {
|
||||
if (!$this->userRole['perm_tagger'] || ($this->Auth->user('org_id') !== $event['Event']['org_id'] && $this->Auth->user('org_id') !== $event['Event']['orgc_id'])) {
|
||||
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'You don\'t have permission to do that.')), 'status' => 200, 'type' => 'json'));
|
||||
|
@ -3184,8 +3152,6 @@ class AttributesController extends AppController
|
|||
if (!$this->_isRest()) {
|
||||
$this->Attribute->Event->insertLock($this->Auth->user(), $eventId);
|
||||
}
|
||||
$this->Attribute->recursive = -1;
|
||||
|
||||
foreach ($tag_id_list as $tag_id) {
|
||||
$this->Attribute->AttributeTag->Tag->id = $tag_id;
|
||||
if (!$this->Attribute->AttributeTag->Tag->exists()) {
|
||||
|
@ -3214,9 +3180,9 @@ class AttributesController extends AppController
|
|||
$event['Event']['published'] = 0;
|
||||
$date = new DateTime();
|
||||
$event['Event']['timestamp'] = $date->getTimestamp();
|
||||
$this->Attribute->Event->save($event);
|
||||
$this->Attribute->data['Attribute']['timestamp'] = $date->getTimestamp();
|
||||
$this->Attribute->save($this->Attribute->data);
|
||||
$result = $this->Attribute->Event->save($event);
|
||||
$attribute['Attribute']['timestamp'] = $date->getTimestamp();
|
||||
$this->Attribute->save($attribute);
|
||||
$log = ClassRegistry::init('Log');
|
||||
$log->createLogEntry($this->Auth->user(), 'tag', 'Attribute', $id, 'Attached tag (' . $tag_id . ') "' . $tag['Tag']['name'] . '" to attribute (' . $id . ')', 'Attribute (' . $id . ') tagged as Tag (' . $tag_id . ')');
|
||||
$success++;
|
||||
|
|
|
@ -358,6 +358,7 @@ class ACLComponent extends Component
|
|||
'stopZeroMQServer' => array(),
|
||||
'testConnection' => array('perm_sync'),
|
||||
'update' => array(),
|
||||
'updateJSON' => array(),
|
||||
'updateSubmodule' => array(),
|
||||
'uploadFile' => array(),
|
||||
'clearWorkerQueue' => array()
|
||||
|
|
|
@ -1552,7 +1552,7 @@ class RestResponseComponent extends Component
|
|||
$field['values'] = $tags;
|
||||
}
|
||||
private function __overwriteNationality($scope, &$field) {
|
||||
$field['values'] = array_keys(ClassRegistry::init("Organisation")->countries);
|
||||
$field['values'] = ClassRegistry::init("Organisation")->countries;
|
||||
}
|
||||
private function __overwriteAction($scope, &$field) {
|
||||
$field['values'] = array_keys(ClassRegistry::init("Log")->actionDefinitions);
|
||||
|
|
|
@ -4204,60 +4204,60 @@ class EventsController extends AppController
|
|||
// #TODO i18n
|
||||
$exports = array(
|
||||
'xml' => array(
|
||||
'url' => '/events/restSearch/xml/false/false/false/false/false/false/false/false/false/' . $id . '/false.xml',
|
||||
'url' => '/events/restSearch/xml/eventid:' . $id . '.xml',
|
||||
'text' => 'MISP XML (metadata + all attributes)',
|
||||
'requiresPublished' => false,
|
||||
'checkbox' => true,
|
||||
'checkbox_text' => 'Encode Attachments',
|
||||
'checkbox_set' => '/events/restSearch/xml/false/false/false/false/false/false/false/false/false/' . $id . '/true.xml',
|
||||
'checkbox_set' => '/events/restSearch/xml/eventid:' . $id . '/withAttachments:1.xml',
|
||||
'checkbox_default' => true
|
||||
),
|
||||
'json' => array(
|
||||
'url' => '/events/restSearch/json/false/false/false/false/false/false/false/false/false/' . $id . '/false.json',
|
||||
'url' => '/events/restSearch/json/eventid:' . $id . '.json',
|
||||
'text' => 'MISP JSON (metadata + all attributes)',
|
||||
'requiresPublished' => false,
|
||||
'checkbox' => true,
|
||||
'checkbox_text' => 'Encode Attachments',
|
||||
'checkbox_set' => '/events/restSearch/json/false/false/false/false/false/false/false/false/false/' . $id . '/true.json',
|
||||
'checkbox_set' => '/events/restSearch/json/withAttachments:1/eventid:' . $id . '.json',
|
||||
'checkbox_default' => true
|
||||
),
|
||||
'openIOC' => array(
|
||||
'url' => '/events/downloadOpenIOCEvent/download/' . $id,
|
||||
'text' => 'OpenIOC (all indicators marked to IDS)',
|
||||
'requiresPublished' => true,
|
||||
'requiresPublished' => false,
|
||||
'checkbox' => false,
|
||||
),
|
||||
'csv' => array(
|
||||
'url' => '/events/csv/download/' . $id,
|
||||
'text' => 'CSV',
|
||||
'requiresPublished' => true,
|
||||
'requiresPublished' => false,
|
||||
'checkbox' => true,
|
||||
'checkbox_text' => 'Include non-IDS marked attributes',
|
||||
'checkbox_set' => '/events/csv/download/' . $id . '/1'
|
||||
),
|
||||
'csv_with_context' => array(
|
||||
'url' => '/events/csv/download/' . $id . '/0/0/0/0/1',
|
||||
'url' => '/events/restSearch/returnFormat:csv/eventid:' . $id,
|
||||
'text' => 'CSV with additional context',
|
||||
'requiresPublished' => true,
|
||||
'requiresPublished' => false,
|
||||
'checkbox' => true,
|
||||
'checkbox_text' => 'Include non-IDS marked attributes',
|
||||
'checkbox_set' => '/events/csv/download/' . $id . '/1/0/0/0/1'
|
||||
'checkbox_set' => '/events/restSearch/returnFormat:csv/to_ids:1||0/published:1||0/eventid:' . $id
|
||||
),
|
||||
'stix_xml' => array(
|
||||
'url' => '/events/restSearch/stix/eventid:' . $id,
|
||||
'text' => 'STIX XML (metadata + all attributes)',
|
||||
'requiresPublished' => true,
|
||||
'requiresPublished' => false,
|
||||
'checkbox' => true,
|
||||
'checkbox_text' => 'Encode Attachments',
|
||||
'checkbox_set' => '/events/restSearch/stix/eventid:' . $id . '/withAttachments:1'
|
||||
),
|
||||
'stix_json' => array(
|
||||
'url' => '/events/stix/download/' . $id . '.json',
|
||||
'url' => '/events/restSearch/stix/eventid:' . $id . '.json',
|
||||
'text' => 'STIX JSON (metadata + all attributes)',
|
||||
'requiresPublished' => true,
|
||||
'requiresPublished' => false,
|
||||
'checkbox' => true,
|
||||
'checkbox_text' => 'Encode Attachments',
|
||||
'checkbox_set' => '/events/stix/download/' . $id . '/true.json'
|
||||
'checkbox_set' => '/events/restSearch/stix/withAttachments:1/eventid:' . $id . '.json'
|
||||
),
|
||||
'stix2_json' => array(
|
||||
'url' => '/events/restSearch/stix2/eventid:' . $id,
|
||||
|
@ -4268,36 +4268,36 @@ class EventsController extends AppController
|
|||
'checkbox_set' => '/events/restSearch/stix2/eventid:' . $id . '/withAttachments:1'
|
||||
),
|
||||
'rpz' => array(
|
||||
'url' => '/attributes/rpz/download/false/' . $id,
|
||||
'url' => '/attributes/restSearch/returnFormat:rpz/published:1||0/eventid:' . $id,
|
||||
'text' => 'RPZ Zone file',
|
||||
'requiresPublished' => true,
|
||||
'requiresPublished' => false,
|
||||
'checkbox' => false,
|
||||
),
|
||||
'suricata' => array(
|
||||
'url' => '/events/nids/suricata/download/' . $id,
|
||||
'url' => '/events/restSearch/returnFormat:suricata/published:1||0/eventid:' . $id,
|
||||
'text' => 'Download Suricata rules',
|
||||
'requiresPublished' => true,
|
||||
'requiresPublished' => false,
|
||||
'checkbox' => false,
|
||||
),
|
||||
'snort' => array(
|
||||
'url' => '/events/nids/snort/download/' . $id,
|
||||
'url' => '/events/restSearch/returnFormat:snort/published:1||0/eventid:' . $id,
|
||||
'text' => 'Download Snort rules',
|
||||
'requiresPublished' => true,
|
||||
'requiresPublished' => false,
|
||||
'checkbox' => false,
|
||||
),
|
||||
'bro' => array(
|
||||
'url' => '/attributes/bro/download/all/false/' . $id,
|
||||
'text' => 'Download Bro rules',
|
||||
'requiresPublished' => true,
|
||||
'requiresPublished' => false,
|
||||
'checkbox' => false
|
||||
),
|
||||
'text' => array(
|
||||
'url' => '/attributes/text/download/all/false/' . $id,
|
||||
'text' => 'Export all attribute values as a text file',
|
||||
'requiresPublished' => true,
|
||||
'url' => '/attributes/restSearch/returnFormat:text/published:1||0/eventid:' . $id,
|
||||
'requiresPublished' => false,
|
||||
'checkbox' => true,
|
||||
'checkbox_text' => 'Include non-IDS marked attributes',
|
||||
'checkbox_set' => '/attributes/text/download/all/false/' . $id . '/true'
|
||||
'checkbox_set' => '/attributes/restSearch/returnFormat:text/published:1||0/to_ids:1||0/eventid:' . $id
|
||||
),
|
||||
);
|
||||
if ($event['Event']['published'] == 0) {
|
||||
|
|
|
@ -1555,7 +1555,7 @@ class ServersController extends AppController
|
|||
if ($this->request->is('post')) {
|
||||
$request = $this->request->data;
|
||||
$submodule = $request['Server']['submodule'];
|
||||
$res = $this->Server->updateSubmodule($submodule);
|
||||
$res = $this->Server->updateSubmodule($this->Auth->user(), $submodule);
|
||||
return new CakeResponse(array('body'=> json_encode($res), 'type' => 'json'));
|
||||
} else {
|
||||
throw new MethodNotAllowedException();
|
||||
|
@ -1832,4 +1832,10 @@ misp.direct_call(relative_path, body)
|
|||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
}
|
||||
|
||||
public function updateJSON()
|
||||
{
|
||||
$results = $this->Server->updateJSON();
|
||||
return $this->RestResponse->viewData($results, $this->response->type());
|
||||
}
|
||||
}
|
||||
|
|
|
@ -60,6 +60,7 @@ class TaxonomiesController extends AppController
|
|||
$this->loadModel('AttributeTag');
|
||||
foreach ($taxonomy['entries'] as $key => $value) {
|
||||
$count = 0;
|
||||
$count_a = 0;
|
||||
if (!empty($value['existing_tag'])) {
|
||||
foreach ($value['existing_tag'] as $et) {
|
||||
$count = $this->EventTag->find('count', array(
|
||||
|
|
|
@ -58,7 +58,7 @@ class StixExport
|
|||
$randomFileName = $this->generateRandomFileName();
|
||||
$this->__tmp_dir = $this->__scripts_dir . 'tmp/';
|
||||
$this->__framing = json_decode(shell_exec($framing_cmd), true);
|
||||
$this->__stix_file = new File($this->__tmp_dir . $randomFileName . '.stix');
|
||||
$this->__stix_file = new File($this->__tmp_dir . $randomFileName . '.' . $this->__return_type);
|
||||
unset($randomFileName);
|
||||
$this->__stix_file->write($this->__framing['header']);
|
||||
$this->__initialize_misp_file();
|
||||
|
@ -93,7 +93,7 @@ class StixExport
|
|||
$this->__stix_file->close();
|
||||
$this->__stix_file->delete();
|
||||
$sep_len = strlen($this->__framing['separator']);
|
||||
$stix_event = substr($stix_event, 0, -$sep_len) . $this->__framing['footer'];
|
||||
$stix_event = (empty($this->__filenames) ? $stix_event : substr($stix_event, 0, -$sep_len)) . $this->__framing['footer'];
|
||||
return $stix_event;
|
||||
}
|
||||
|
||||
|
|
|
@ -3,20 +3,73 @@
|
|||
class ComplexTypeTool
|
||||
{
|
||||
private $__refangRegexTable = array(
|
||||
'/^hxxp/i' => 'http',
|
||||
'/^meow/i' => 'http',
|
||||
'/^h\[tt\]p/i' => 'http',
|
||||
'/\[\.\]/' => '.',
|
||||
'/\[dot\]/' => '.',
|
||||
'/\(dot\)/' => '.',
|
||||
'/\\\\\./' => '.',
|
||||
'/\.+/' => '.',
|
||||
'/\[hxxp:\/\/\]/' => 'http://',
|
||||
'/\\\/' => '',
|
||||
'/[\@]/' => '@',
|
||||
'/\[:\]/' => ':'
|
||||
array(
|
||||
'from' => '/^hxxp/i',
|
||||
'to' => 'http',
|
||||
'types' => array('link', 'url')
|
||||
),
|
||||
array(
|
||||
'from' => '/^meow/i',
|
||||
'to' => 'http',
|
||||
'types' => array('link', 'url')
|
||||
),
|
||||
array(
|
||||
'from' => '/^h\[tt\]p/i',
|
||||
'to' => 'http',
|
||||
'types' => array('link', 'url')
|
||||
),
|
||||
array(
|
||||
'from' => '/\[\.\]/',
|
||||
'to' => '.',
|
||||
'types' => array('link', 'url', 'ip-dst', 'ip-src', 'domain|ip', 'domain', 'hostname')
|
||||
),
|
||||
array(
|
||||
'from' => '/\[dot\]/',
|
||||
'to' => '.',
|
||||
'types' => array('link', 'url', 'ip-dst', 'ip-src', 'domain|ip', 'domain', 'hostname')
|
||||
),
|
||||
array(
|
||||
'from' => '/\(dot\)/',
|
||||
'to' => '.',
|
||||
'types' => array('link', 'url', 'ip-dst', 'ip-src', 'domain|ip', 'domain', 'hostname')
|
||||
),
|
||||
array(
|
||||
'from' => '/\\\\\./',
|
||||
'to' => '.',
|
||||
'types' => array('link', 'url', 'ip-dst', 'ip-src', 'domain|ip', 'domain', 'hostname')
|
||||
),
|
||||
array(
|
||||
'from' => '/\.+/',
|
||||
'to' => '.',
|
||||
'types' => array('link', 'url', 'ip-dst', 'ip-src', 'domain|ip', 'domain', 'hostname')
|
||||
),
|
||||
array(
|
||||
'from' => '/\[hxxp:\/\/\]/',
|
||||
'to' => 'http://',
|
||||
'types' => array('link', 'url')
|
||||
),
|
||||
array(
|
||||
'from' => '/[\@]/',
|
||||
'to' => '@',
|
||||
'types' => array('email-src', 'email-dst')
|
||||
),
|
||||
array(
|
||||
'from' => '/\[:\]/',
|
||||
'to' => ':',
|
||||
'types' => array('url', 'link')
|
||||
)
|
||||
);
|
||||
|
||||
public function refangValue($value, $type)
|
||||
{
|
||||
foreach ($this->__refangRegexTable as $regex) {
|
||||
if (!isset($regex['types']) || in_array($type, $regex['types'])) {
|
||||
$value = preg_replace($regex['from'], $regex['to'], $value);
|
||||
}
|
||||
}
|
||||
return $value;
|
||||
}
|
||||
|
||||
private $__tlds = array();
|
||||
|
||||
public function setTLDs($tlds = array())
|
||||
|
@ -329,8 +382,8 @@ class ComplexTypeTool
|
|||
private function __refangInput($input)
|
||||
{
|
||||
$input['refanged'] = $input['raw'];
|
||||
foreach ($this->__refangRegexTable as $regex => $replacement) {
|
||||
$input['refanged'] = preg_replace($regex, $replacement, $input['refanged']);
|
||||
foreach ($this->__refangRegexTable as $regex) {
|
||||
$input['refanged'] = preg_replace($regex['from'], $regex['to'], $input['refanged']);
|
||||
}
|
||||
$input['refanged'] = rtrim($input['refanged'], ".");
|
||||
$input['refanged'] = preg_replace_callback(
|
||||
|
|
|
@ -774,6 +774,10 @@ class Attribute extends AppModel
|
|||
if (is_array($this->data['Attribute']['value'])) {
|
||||
return false;
|
||||
}
|
||||
App::uses('ComplexTypeTool', 'Tools');
|
||||
$this->complexTypeTool = new ComplexTypeTool();
|
||||
$this->data['Attribute']['value'] = $this->complexTypeTool->refangValue($this->data['Attribute']['value'], $this->data['Attribute']['type']);
|
||||
|
||||
|
||||
if (!empty($this->data['Attribute']['object_id']) && empty($this->data['Attribute']['object_relation'])) {
|
||||
return false;
|
||||
|
@ -1585,7 +1589,7 @@ class Attribute extends AppModel
|
|||
}
|
||||
}
|
||||
|
||||
public function base64EncodeAttachment($attribute)
|
||||
public function getAttachment($attribute, $path_suffix='')
|
||||
{
|
||||
$attachments_dir = Configure::read('MISP.attachments_dir');
|
||||
if (empty($attachments_dir)) {
|
||||
|
@ -1596,21 +1600,20 @@ class Attribute extends AppModel
|
|||
// S3 - we have to first get the object then we can encode it
|
||||
$s3 = $this->getS3Client();
|
||||
// This will return the content of the object
|
||||
$content = $s3->download($attribute['event_id'] . DS . $attribute['id']);
|
||||
$content = $s3->download($attribute['event_id'] . DS . $attribute['id'] . $path_suffix);
|
||||
} else {
|
||||
// Standard filesystem
|
||||
$filepath = $attachments_dir . DS . $attribute['event_id'] . DS . $attribute['id'];
|
||||
$filepath = $attachments_dir . DS . $attribute['event_id'] . DS . $attribute['id'] . $path_suffix;
|
||||
$file = new File($filepath);
|
||||
if (!$file->readable()) {
|
||||
return '';
|
||||
}
|
||||
$content = $file->read();
|
||||
}
|
||||
|
||||
return base64_encode($content);
|
||||
return $content;
|
||||
}
|
||||
|
||||
public function saveBase64EncodedAttachment($attribute)
|
||||
public function saveAttachment($attribute, $path_suffix='')
|
||||
{
|
||||
$attachments_dir = Configure::read('MISP.attachments_dir');
|
||||
if (empty($attachments_dir)) {
|
||||
|
@ -1622,17 +1625,17 @@ class Attribute extends AppModel
|
|||
// We don't need your fancy directory structures and
|
||||
// PEE AICH PEE meddling
|
||||
$s3 = $this->getS3Client();
|
||||
$data = base64_decode($attribute['data']);
|
||||
$key = $attribute['event_id'] . DS . $attribute['id'];
|
||||
$data = $attribute['data'];
|
||||
$key = $attribute['event_id'] . DS . $attribute['id'] . $path_suffix;
|
||||
$s3->upload($key, $data);
|
||||
return true;
|
||||
} else {
|
||||
// Plebian filesystem operations
|
||||
$rootDir = $attachments_dir . DS . $attribute['event_id'];
|
||||
$dir = new Folder($rootDir, true); // create directory structure
|
||||
$destpath = $rootDir . DS . $attribute['id'];
|
||||
$destpath = $rootDir . DS . $attribute['id'] . $path_suffix;
|
||||
$file = new File($destpath, true); // create the file
|
||||
$decodedData = base64_decode($attribute['data']); // decode
|
||||
$decodedData = $attribute['data']; // decode
|
||||
if ($file->write($decodedData)) { // save the data
|
||||
return true;
|
||||
} else {
|
||||
|
@ -1642,6 +1645,73 @@ class Attribute extends AppModel
|
|||
}
|
||||
}
|
||||
|
||||
public function base64EncodeAttachment($attribute)
|
||||
{
|
||||
return base64_encode($this->getAttachment($attribute));
|
||||
}
|
||||
|
||||
public function saveBase64EncodedAttachment($attribute)
|
||||
{
|
||||
$attribute['data'] = base64_decode($attribute['data']);
|
||||
return $this->saveAttachment($attribute);
|
||||
}
|
||||
|
||||
public function getPictureData($attribute, $thumbnail=false, $width=200, $height=200)
|
||||
{
|
||||
$extension = explode('.', $attribute['Attribute']['value']);
|
||||
$extension = end($extension);
|
||||
if (extension_loaded('gd')) {
|
||||
if (!$thumbnail) {
|
||||
$data = $this->getAttachment($attribute['Attribute']);
|
||||
$image = ImageCreateFromString($data);
|
||||
ob_start ();
|
||||
switch ($extension) {
|
||||
case 'gif':
|
||||
// php-gd doesn't support animated gif. Skipping...
|
||||
break;
|
||||
case 'jpg':
|
||||
case 'jpeg':
|
||||
imagejpeg($image);
|
||||
break;
|
||||
case 'png':
|
||||
imagepng($image);
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
$image_data = $extension != 'gif' ? ob_get_contents() : $data;
|
||||
ob_end_clean ();
|
||||
} else { // thumbnail requested, resample picture with desired dimension and save result
|
||||
$thumbnail_exists = $this->getAttachment($attribute['Attribute'], $path_suffix='_thumbnail');
|
||||
if ($width == 200 && $height == 200 && $thumbnail_exists !== '') { // check if thumbnail already exists
|
||||
$image_data = $thumbnail_exists;
|
||||
} else {
|
||||
$data = $this->getAttachment($attribute['Attribute']);
|
||||
if ($extension == 'gif') {
|
||||
$image_data = $data;
|
||||
} else {
|
||||
$image = ImageCreateFromString($data);
|
||||
$extension = 'jpg';
|
||||
$imageTC = ImageCreateTrueColor($width, $height);
|
||||
ImageCopyResampled($imageTC, $image, 0, 0, 0, 0, $width, $height, ImageSX($image), ImageSY($image));
|
||||
ob_start ();
|
||||
imagejpeg ($imageTC);
|
||||
$image_data = ob_get_contents();
|
||||
ob_end_clean ();
|
||||
imagedestroy($image);
|
||||
imagedestroy($imageTC);
|
||||
}
|
||||
// save thumbnail for later reuse
|
||||
$attribute['Attribute']['data'] = $image_data;
|
||||
$this->saveAttachment($attribute['Attribute'], '_thumbnail');
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$image_data = $this->getAttachment($attribute['Attribute']);
|
||||
}
|
||||
return $image_data;
|
||||
}
|
||||
|
||||
public function __beforeSaveCorrelation($a)
|
||||
{
|
||||
// (update-only) clean up the relation of the old value: remove the existing relations related to that attribute, we DO have a reference, the id
|
||||
|
@ -3527,13 +3597,6 @@ class Attribute extends AppModel
|
|||
if ($attribute['value'] == $tmpfile->name) {
|
||||
$result['Object'][$k]['Attribute'][$k2]['value'] = $filename;
|
||||
}
|
||||
if (!empty($attribute['encrypt'])) {
|
||||
if (!empty($attribute['encrypt']) && $attribute['encrypt']) {
|
||||
$encrypted = $this->handleMaliciousBase64($event_id, $filename, $attribute['data'], array('md5'));
|
||||
$result['Object'][$k]['Attribute'][$k2]['data'] = $encrypted['data'];
|
||||
$result['Object'][$k]['Attribute'][$k2]['value'] = $filename . '|' . $encrypted['md5'];
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1647,7 +1647,6 @@ class Event extends AppModel
|
|||
'last',
|
||||
'to_ids',
|
||||
'includeAllTags',
|
||||
'withAttachments',
|
||||
'includeAttachments',
|
||||
'event_uuid',
|
||||
'distribution',
|
||||
|
@ -3841,7 +3840,7 @@ class Event extends AppModel
|
|||
}
|
||||
}
|
||||
|
||||
private function __getPrioWorkerIfPossible()
|
||||
public function __getPrioWorkerIfPossible()
|
||||
{
|
||||
$this->ResqueStatus = new ResqueStatus\ResqueStatus(Resque::redis());
|
||||
$workers = $this->ResqueStatus->getWorkers();
|
||||
|
|
|
@ -42,7 +42,7 @@ class Job extends AppModel
|
|||
$this->save($data);
|
||||
$id = $this->id;
|
||||
$this->Event = ClassRegistry::init('Event');
|
||||
if (in_array($type, array_keys($this->Event->export_types))) {
|
||||
if (in_array($type, array_keys($this->Event->export_types)) && $type !== 'bro') {
|
||||
$process_id = CakeResque::enqueue(
|
||||
'cache',
|
||||
$shell . 'Shell',
|
||||
|
@ -50,13 +50,11 @@ class Job extends AppModel
|
|||
true
|
||||
);
|
||||
} elseif ($type === 'bro') {
|
||||
$extra = $type;
|
||||
$type = 'bro';
|
||||
$extra2 = isset($user['nids_sid']) ? $user['nids_sid'] : 0;
|
||||
$process_id = CakeResque::enqueue(
|
||||
'cache',
|
||||
$shell . 'Shell',
|
||||
array('cachebro' . $type, $user['id'], $id, $extra, $extra2),
|
||||
array('cachebro', $user['id'], $id),
|
||||
true
|
||||
);
|
||||
} else {
|
||||
|
|
|
@ -47,7 +47,7 @@ class ObjectTemplate extends AppModel
|
|||
return true;
|
||||
}
|
||||
|
||||
public function update($user, $type = false, $force = false)
|
||||
public function update($user = false, $type = false, $force = false)
|
||||
{
|
||||
$objectsDir = APP . 'files/misp-objects/objects';
|
||||
$directories = glob($objectsDir . '/*', GLOB_ONLYDIR);
|
||||
|
@ -94,7 +94,7 @@ class ObjectTemplate extends AppModel
|
|||
return $updated;
|
||||
}
|
||||
|
||||
private function __updateObjectTemplate($template, $current, $user)
|
||||
private function __updateObjectTemplate($template, $current, $user = false)
|
||||
{
|
||||
$success = false;
|
||||
$template['requirements'] = array();
|
||||
|
@ -104,8 +104,13 @@ class ObjectTemplate extends AppModel
|
|||
$template['requirements'][$field] = $template[$field];
|
||||
}
|
||||
}
|
||||
$template['user_id'] = $user['id'];
|
||||
$template['org_id'] = $user['org_id'];
|
||||
if (!empty($user)) {
|
||||
$template['user_id'] = $user['id'];
|
||||
$template['org_id'] = $user['org_id'];
|
||||
} else {
|
||||
$template['user_id'] = 0;
|
||||
$template['org_id'] = 0;
|
||||
}
|
||||
$template['fixed'] = 1;
|
||||
$this->create();
|
||||
$result = $this->save($template);
|
||||
|
|
|
@ -105,33 +105,44 @@ class Server extends AppModel
|
|||
$this->command_line_functions = array(
|
||||
'console_admin_tasks' => array(
|
||||
'data' => array(
|
||||
'getSettings' => 'MISP/app/Console/cake Admin getSetting [setting]',
|
||||
'setSettings' => 'MISP/app/Console/cake Admin setSetting [setting] [value]',
|
||||
'getAuthkey' => 'MISP/app/Console/cake Admin getAuthkey [email]',
|
||||
'setBaseurl' => 'MISP/app/Console/cake Baseurl [baseurl]',
|
||||
'changePassword' => 'MISP/app/Console/cake Password [email] [new_password] [--override_password_change]',
|
||||
'clearBruteforce' => 'MISP/app/Console/cake Admin clearBruteforce [user_email]',
|
||||
'updateDatabase' => 'MISP/app/Console/cake Admin updateDatabase',
|
||||
'updateGalaxies' => 'MISP/app/Console/cake Admin updateGalaxies',
|
||||
'updateTaxonomies' => 'MISP/app/Console/cake Admin updateTaxonomies',
|
||||
'updateObjectTemplates' => 'MISP/app/Console/cake Admin updateObjectTemplates',
|
||||
'updateWarningLists' => 'MISP/app/Console/cake Admin updateWarningLists',
|
||||
'updateNoticeLists' => 'MISP/app/Console/cake Admin updateNoticeLists',
|
||||
'setDefaultRole' => 'MISP/app/Console/cake Admin setDefaultRole [role_id]'
|
||||
'Get setting' => 'MISP/app/Console/cake Admin getSetting [setting]',
|
||||
'Set setting' => 'MISP/app/Console/cake Admin setSetting [setting] [value]',
|
||||
'Get authkey' => 'MISP/app/Console/cake Admin getAuthkey [email]',
|
||||
'Set baseurl' => 'MISP/app/Console/cake Baseurl [baseurl]',
|
||||
'Change password' => 'MISP/app/Console/cake Password [email] [new_password] [--override_password_change]',
|
||||
'Clear Bruteforce Entries' => 'MISP/app/Console/cake Admin clearBruteforce [user_email]',
|
||||
'Run database update' => 'MISP/app/Console/cake Admin updateDatabase',
|
||||
'Update all JSON structures' => 'MISP/app/Console/cake Admin updateJSON',
|
||||
'Update Galaxy definitions' => 'MISP/app/Console/cake Admin updateGalaxies',
|
||||
'Update taxonomy definitions' => 'MISP/app/Console/cake Admin updateTaxonomies',
|
||||
'Update object templates' => 'MISP/app/Console/cake Admin updateObjectTemplates',
|
||||
'Update Warninglists' => 'MISP/app/Console/cake Admin updateWarningLists',
|
||||
'Update Noticelists' => 'MISP/app/Console/cake Admin updateNoticeLists',
|
||||
'Set default role' => 'MISP/app/Console/cake Admin setDefaultRole [role_id]'
|
||||
),
|
||||
'description' => __('Certain administrative tasks are exposed to the API, these help with maintaining and configuring MISP in an automated way / via external tools.'),
|
||||
'header' => __('Administering MISP via the CLI')
|
||||
),
|
||||
'console_automation_tasks' => array(
|
||||
'data' => array(
|
||||
'pull' => 'MISP/app/Console/cake Server pull [user_id] [server_id] [full|update]',
|
||||
'push' => 'MISP/app/Console/cake Server push [user_id] [server_id]',
|
||||
'cacheFeed' => 'MISP/app/Console/cake Server cacheFeed [user_id] [feed_id|all|csv|text|misp]',
|
||||
'fetchFeed' => 'MISP/app/Console/cake Server fetchFeed [user_id] [feed_id|all|csv|text|misp]',
|
||||
'enrichment' => 'MISP/app/Console/cake Event enrichEvent [user_id] [event_id] [json_encoded_module_list]'
|
||||
'Pull' => 'MISP/app/Console/cake Server pull [user_id] [server_id] [full|update]',
|
||||
'Push' => 'MISP/app/Console/cake Server push [user_id] [server_id]',
|
||||
'Cache feeds for quick lookups' => 'MISP/app/Console/cake Server cacheFeed [user_id] [feed_id|all|csv|text|misp]',
|
||||
'Fetch feeds as local data' => 'MISP/app/Console/cake Server fetchFeed [user_id] [feed_id|all|csv|text|misp]',
|
||||
'Run enrichment' => 'MISP/app/Console/cake Event enrichEvent [user_id] [event_id] [json_encoded_module_list]'
|
||||
),
|
||||
'description' => __('If you would like to automate tasks such as caching feeds or pulling from server instances, you can do it using the following command line tools. Simply execute the given commands via the command line / create cron jobs easily out of them.'),
|
||||
'header' => __('Automating certain console tasks')
|
||||
),
|
||||
'worker_management_tasks' => array(
|
||||
'data' => array(
|
||||
'Get list of workers' => 'MISP/app/Console/cake Admin getWorkers [all|dead]',
|
||||
'Start a worker' => 'MISP/app/Console/cake Admin startWorker [queue_name]',
|
||||
'Restart a worker' => 'MISP/app/Console/cake Admin restartWorker [worker_pid]',
|
||||
'Kill a worker' => 'MISP/app/Console/cake Admin killWorker [worker_pid]',
|
||||
),
|
||||
'description' => __('The background workers can be managed via the CLI in addition to the UI / API management tools'),
|
||||
'header' => __('Managing the background workers')
|
||||
)
|
||||
);
|
||||
|
||||
|
@ -4637,24 +4648,90 @@ class Server extends AppModel
|
|||
return $status;
|
||||
}
|
||||
|
||||
public function updateSubmodule($submodule_name=false) {
|
||||
public function updateSubmodule($user, $submodule_name=false) {
|
||||
$path = APP . '../';
|
||||
if ($submodule_name == false) {
|
||||
$command = sprintf('cd %s; git submodule update 2>&1', $path);
|
||||
exec($command, $output, $return_code);
|
||||
$output = implode("\n", $output);
|
||||
$res = array('status' => ($return_code==0 ? true : false), 'output' => $output);
|
||||
if ($return_code == 0) { // update all DB
|
||||
$res = array_merge($res, $this->updateDatabaseAfterPullRouter($submodule_name, $user));
|
||||
}
|
||||
} else if ($this->_isAcceptedSubmodule($submodule_name)) {
|
||||
$command = sprintf('cd %s; git submodule update -- %s 2>&1', $path, $submodule_name);
|
||||
exec($command, $output, $return_code);
|
||||
$output = implode("\n", $output);
|
||||
$res = array('status' => ($return_code==0 ? true : false), 'output' => $output);
|
||||
if ($return_code == 0) { // update DB if necessary
|
||||
$res = array_merge($res, $this->updateDatabaseAfterPullRouter($submodule_name, $user));
|
||||
}
|
||||
} else {
|
||||
$res = array('status' => false, 'output' => __('Invalid submodule.'));
|
||||
$res = array('status' => false, 'output' => __('Invalid submodule.'), 'job_sent' => false, 'sync_result' => __('unknown'));
|
||||
}
|
||||
return $res;
|
||||
}
|
||||
|
||||
public function updateDatabaseAfterPullRouter($submodule_name, $user) {
|
||||
if (Configure::read('MISP.background_jobs')) {
|
||||
$job = ClassRegistry::init('Job');
|
||||
$job->create();
|
||||
$eventModel = ClassRegistry::init('Event');
|
||||
$data = array(
|
||||
'worker' => $eventModel->__getPrioWorkerIfPossible(),
|
||||
'job_type' => __('update_after_pull'),
|
||||
'job_input' => __('Updating: ' . $submodule_name),
|
||||
'status' => 0,
|
||||
'retries' => 0,
|
||||
'org_id' => $user['org_id'],
|
||||
'org' => $user['Organisation']['name'],
|
||||
'message' => 'Update database after PULL.',
|
||||
);
|
||||
$job->save($data);
|
||||
$jobId = $job->id;
|
||||
$process_id = CakeResque::enqueue(
|
||||
'prio',
|
||||
'AdminShell',
|
||||
array('updateAfterPull', $submodule_name, $jobId, $user['id']),
|
||||
true
|
||||
);
|
||||
$job->saveField('process_id', $process_id);
|
||||
return array('job_sent' => true, 'sync_result' => __('unknown'));
|
||||
} else {
|
||||
$result = $this->updateAfterPull($submodule_name, $user['id']);
|
||||
return array('job_sent' => false, 'sync_result' => $result);
|
||||
}
|
||||
}
|
||||
|
||||
public function updateAfterPull($submodule_name, $userId) {
|
||||
$user = $this->User->getAuthUser($userId);
|
||||
$result = array();
|
||||
if ($user['Role']['perm_site_admin']) {
|
||||
$updateAll = empty($submodule_name);
|
||||
if ($submodule_name == 'app/files/misp-galaxy' || $updateAll) {
|
||||
$this->Galaxy = ClassRegistry::init('Galaxy');
|
||||
$result[] = ($this->Galaxy->update() ? 'Update `' . h($submodule_name) . '` Sucessful.' : 'Update `'. h($submodule_name) . '` failed.') . PHP_EOL;
|
||||
}
|
||||
if ($submodule_name == 'app/files/misp-objects' || $updateAll) {
|
||||
$this->ObjectTemplate = ClassRegistry::init('ObjectTemplate');
|
||||
$result[] = ($this->ObjectTemplate->update($user, false, false) ? 'Update `' . h($submodule_name) . '` Sucessful.' : 'Update `'. h($submodule_name) . '` failed.') . PHP_EOL;
|
||||
}
|
||||
if ($submodule_name == 'app/files/noticelists' || $updateAll) {
|
||||
$this->Noticelist = ClassRegistry::init('Noticelist');
|
||||
$result[] = ($this->Noticelist->update() ? 'Update `' . h($submodule_name) . '` Sucessful.' : 'Update `'. h($submodule_name) . '` failed.') . PHP_EOL;
|
||||
}
|
||||
if ($submodule_name == 'app/files/taxonomies' || $updateAll) {
|
||||
$this->Taxonomy = ClassRegistry::init('Taxonomy');
|
||||
$result[] = ($this->Taxonomy->update() ? 'Update `' . h($submodule_name) . '` Sucessful.' : 'Update `'. h($submodule_name) . '` failed.') . PHP_EOL;
|
||||
}
|
||||
if ($submodule_name == 'app/files/warninglists' || $updateAll) {
|
||||
$this->Warninglist = ClassRegistry::init('Warninglist');
|
||||
$result[] = ($this->Warninglist->update() ? 'Update `' . h($submodule_name) . '` Sucessful.' : 'Update `'. h($submodule_name) . '` failed.') . PHP_EOL;
|
||||
}
|
||||
}
|
||||
return implode('\n', $result);
|
||||
}
|
||||
|
||||
public function update($status)
|
||||
{
|
||||
$final = '';
|
||||
|
@ -4709,6 +4786,37 @@ class Server extends AppModel
|
|||
return true;
|
||||
}
|
||||
|
||||
public function restartWorker($pid)
|
||||
{
|
||||
if (Configure::read('MISP.background_jobs')) {
|
||||
$this->ResqueStatus = new ResqueStatus\ResqueStatus(Resque::redis());
|
||||
$workers = $this->ResqueStatus->getWorkers();
|
||||
$pid = intval($pid);
|
||||
if (!isset($workers[$pid])) {
|
||||
return __('Invalid worker.');
|
||||
}
|
||||
$currentWorker = $workers[$pid];
|
||||
$this->killWorker($pid, false);
|
||||
$this->startWorker($currentWorker['queue']);
|
||||
return true;
|
||||
}
|
||||
return __('Background workers not enabled.');
|
||||
}
|
||||
|
||||
public function startWorker($queue)
|
||||
{
|
||||
$validTypes = array('default', 'email', 'scheduler', 'cache', 'prio');
|
||||
if (!in_array($queue, $validTypes)) {
|
||||
return __('Invalid worker type.');
|
||||
}
|
||||
if ($queue != 'scheduler') {
|
||||
shell_exec(APP . 'Console' . DS . 'cake CakeResque.CakeResque start --interval 5 --queue ' . $queue .' > /dev/null 2>&1 &');
|
||||
} else {
|
||||
shell_exec(APP . 'Console' . DS . 'cake CakeResque.CakeResque startscheduler -i 5 > /dev/null 2>&1 &');
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
public function cacheServerInitiator($user, $id = 'all', $jobId = false)
|
||||
{
|
||||
$params = array(
|
||||
|
@ -4810,4 +4918,16 @@ class Server extends AppModel
|
|||
}
|
||||
return $data;
|
||||
}
|
||||
|
||||
public function updateJSON()
|
||||
{
|
||||
$toUpdate = array('Galaxy', 'Noticelist', 'Warninglist', 'Taxonomy', 'ObjectTemplate');
|
||||
$results = array();
|
||||
foreach ($toUpdate as $target) {
|
||||
$this->$target = ClassRegistry::init($target);
|
||||
$result = $this->$target->update();
|
||||
$results[$target] = $result === false ? false : true;
|
||||
}
|
||||
return $results;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -44,7 +44,7 @@ in the list given by apache.
|
|||
If used with Apache as webserver it might be useful to make a distinction to filter out API/Syncs from SSO login. It can be added to the vhost as follows:
|
||||
|
||||
```Apache
|
||||
<If "-T reqenv('HTTP_AUTHORIZATION')">
|
||||
<If "-T req('Authorization')">
|
||||
Require all granted
|
||||
AuthType None
|
||||
</If>
|
||||
|
|
|
@ -169,7 +169,7 @@ $(document).ready(function () {
|
|||
object_id = selected.join('|');
|
||||
}
|
||||
url = "<?php echo $baseurl; ?>" + "/sightings/advanced/" + object_id + "/" + object_context;
|
||||
genericPopup(url, '#screenshot_box');
|
||||
genericPopup(url, '#popover_box');
|
||||
});
|
||||
$('.correlation-toggle').click(function() {
|
||||
var attribute_id = $(this).data('attribute-id');
|
||||
|
|
|
@ -317,7 +317,7 @@ attributes or the appropriate distribution level. If you think there is a mistak
|
|||
object_id = selected.join('|');
|
||||
}
|
||||
url = "<?php echo $baseurl; ?>" + "/sightings/advanced/" + object_id + "/" + object_context;
|
||||
genericPopup(url, '#screenshot_box');
|
||||
genericPopup(url, '#popover_box');
|
||||
});
|
||||
});
|
||||
$('#attributesFilterField').bind("keydown", function(e) {
|
||||
|
|
|
@ -594,7 +594,7 @@
|
|||
));
|
||||
echo $this->element('/genericElements/SideMenu/side_menu_post_link', array(
|
||||
'event_id' => 'deleteUser',
|
||||
'url' => '/admin/delete/' . h($id),
|
||||
'url' => '/admin/users/delete/' . h($id),
|
||||
'text' => __('Delete User'),
|
||||
'message' => __('Are you sure you want to delete # %s? It is highly recommended to never delete users but to disable them instead.', h($id))
|
||||
));
|
||||
|
|
|
@ -3,7 +3,6 @@
|
|||
* Generic select picker
|
||||
*/
|
||||
/** Config **/
|
||||
$select_threshold = 7; // threshold above which pills will be replace by a select (unused if multiple is > 1)
|
||||
$defaults_options = array(
|
||||
'select_options' => array(
|
||||
// 'multiple' => '', // set to add possibility to pick multiple options in the select
|
||||
|
@ -19,6 +18,7 @@
|
|||
'allow_single_deselect' => true,
|
||||
),
|
||||
'multiple' => 0,
|
||||
'select_threshold' => 7, // threshold above which pills will be replace by a select (unused if multiple is > 1)
|
||||
'functionName' => '', // function to be called on submit
|
||||
'submitButtonText' => 'Submit',
|
||||
'disabledSubmitButton' => false, // wether to not draw the submit button
|
||||
|
@ -45,9 +45,9 @@
|
|||
} else { // multiple enabled
|
||||
$defaults['chosen_options']['max_selected_options'] = $defaults['multiple'] == -1 ? 'Infinity' : $defaults['multiple'];
|
||||
$defaults['select_options']['multiple'] = '';
|
||||
$select_threshold = 0;
|
||||
$defaults['select_threshold'] = 0;
|
||||
}
|
||||
$use_select = count($items) > $select_threshold;
|
||||
$use_select = count($items) > $defaults['select_threshold'];
|
||||
$countThresholdReached = count($items) > 1000;
|
||||
$option_templates = array();
|
||||
$options_additionalData = array();
|
||||
|
|
|
@ -61,7 +61,10 @@
|
|||
<pre class="hidden green bold" id="gitResult"></pre>
|
||||
<button title="<?php echo __('Pull the latest MISP version from github');?>" class="btn btn-inverse" style="padding-top:1px;padding-bottom:1px;" onClick = "updateMISP();"><?php echo __('Update MISP');?></button>
|
||||
</div>
|
||||
<h3><?php echo __('Submodules version');?><it id="refreshSubmoduleStatus" class="fas fa-sync useCursorPointer" style="font-size: small; margin-left: 5px;"></it></h3>
|
||||
<h3><?php echo __('Submodules version');?>
|
||||
<it id="refreshSubmoduleStatus" class="fas fa-sync useCursorPointer" style="font-size: small; margin-left: 5px;" title="<?php echo __('Refresh submodules version.'); ?>"></it>
|
||||
<it id="updateAllJson" class="fas fa-file-upload useCursorPointer" style="font-size: small; margin-left: 5px;" title="<?php echo __('Load all JSON into the database.'); ?>"></it>
|
||||
</h3>
|
||||
<div id="divSubmoduleVersions" style="background-color:#f7f7f9;">
|
||||
</div>
|
||||
|
||||
|
@ -365,16 +368,50 @@
|
|||
<script>
|
||||
$(document).ready(function() {
|
||||
updateSubModulesStatus();
|
||||
$('#refreshSubmoduleStatus').click(function() { updateSubModulesStatus(); });
|
||||
$('#updateAllJson').click(function() { updateAllJson(); });
|
||||
});
|
||||
|
||||
$('#refreshSubmoduleStatus').click(function() { updateSubModulesStatus(); });
|
||||
function updateSubModulesStatus(message) {
|
||||
function updateSubModulesStatus(message, job_sent, sync_result) {
|
||||
job_sent = job_sent === undefined ? false : job_sent;
|
||||
sync_result = sync_result === undefined ? '' : sync_result;
|
||||
$('#divSubmoduleVersions').empty().append('<it class="fa fa-spin fa-spinner" style="font-size: large; left: 50%; top: 50%;"></it>');
|
||||
$.get('<?php echo $baseurl . '/servers/getSubmodulesStatus/'; ?>', function(html){
|
||||
$('#divSubmoduleVersions').html(html);
|
||||
if (message !== undefined) {
|
||||
$('#submoduleGitResultDiv').show();
|
||||
$('#submoduleGitResult').text(message);
|
||||
|
||||
var $clone = $('#submoduleGitResultDiv').clone();
|
||||
$clone.find('strong').text('Synchronization result:');
|
||||
if (job_sent) {
|
||||
$clone.find('#submoduleGitResult')
|
||||
.html('> Synchronizing DB with <a href="/jobs/index/" target="_blank">workers</a>...');
|
||||
} else {
|
||||
$clone.find('#submoduleGitResult')
|
||||
.text(sync_result);
|
||||
}
|
||||
$clone.appendTo($('#submoduleGitResultDiv').parent());
|
||||
}
|
||||
});
|
||||
}
|
||||
function updateAllJson() {
|
||||
$.ajax({
|
||||
url: '<?php echo $baseurl . '/servers/updateJSON/'; ?>',
|
||||
type: "get",
|
||||
beforeSend: function() {
|
||||
$('#submoduleGitResultDiv').show();
|
||||
$('#submoduleGitResult').append('<it class="fa fa-spin fa-spinner" style="font-size: large; left: 50%; top: 50%;"></it>');
|
||||
},
|
||||
success: function(data, statusText, xhr) {
|
||||
Object.keys(data).forEach(function(k) {
|
||||
var val = data[k];
|
||||
data[k] = val ? 'Updated' : 'Update failed';
|
||||
});
|
||||
$('#submoduleGitResult').html(syntaxHighlightJson(data));
|
||||
},
|
||||
complete: function() {
|
||||
$('#submoduleGitResult').find('fa-spinner').remove();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
|
|
@ -22,6 +22,8 @@
|
|||
'setting' => array(
|
||||
'html' => h($setting['setting']),
|
||||
'class' => 'short live_filter_target',
|
||||
'ondblclick' => 'serverSettingsActivateField',
|
||||
'ondblclickParams' => array(h($setting['setting']), h($k))
|
||||
),
|
||||
'value_passive' => array(
|
||||
'html' => nl2br(h($setting['value'])),
|
||||
|
|
|
@ -9,19 +9,21 @@
|
|||
<?php
|
||||
$cnt = 0;
|
||||
foreach ($typeDb as $type => $colour):
|
||||
if (isset($data[0]['data'][$type])):
|
||||
?>
|
||||
<div class="attributehistogram-legend-line">
|
||||
<div class="attributehistogram-legend-box" style="display: block;float: left;margin: 4px 6px 0 0;background-color:<?php echo $colour; ?>"> </div>
|
||||
<div style="display: inline-block;cursor: pointer;<?php if (in_array($type, $selectedTypes)) echo 'font-weight:bold';?>" role="button" tabindex="0" aria-label="<?php echo __('Toggle histogram');?>" tite="<?php echo __('Toggle histogram');?>" onClick='toggleHistogramType("<?php echo h($type); ?>", [<?php foreach ($selectedTypes as $t) echo '"' . $t . '", ' ?>]);'><?php echo h($type);?></div>
|
||||
</div>
|
||||
<div class="attributehistogram-legend-line">
|
||||
<div class="attributehistogram-legend-box" style="display: block;float: left;margin: 4px 6px 0 0;background-color:<?php echo $colour; ?>"> </div>
|
||||
<div style="display: inline-block;cursor: pointer;<?php if (in_array($type, $selectedTypes)) echo 'font-weight:bold';?>" role="button" tabindex="0" aria-label="<?php echo __('Toggle histogram');?>" tite="<?php echo __('Toggle histogram');?>" onClick='toggleHistogramType("<?php echo h($type); ?>", [<?php foreach ($selectedTypes as $t) echo '"' . $t . '", ' ?>]);'><?php echo h($type);?></div>
|
||||
</div>
|
||||
<?php
|
||||
if ($cnt % 12 == 11):
|
||||
$cnt++;
|
||||
endif;
|
||||
if ($cnt % 12 == 0):
|
||||
?>
|
||||
</div>
|
||||
<div class="attributehistogram-legend-line col">
|
||||
</div>
|
||||
<div class="attributehistogram-legend-line col">
|
||||
<?php
|
||||
endif;
|
||||
$cnt++;
|
||||
endif;
|
||||
endforeach;
|
||||
?>
|
||||
</div>
|
||||
|
|
|
@ -88,16 +88,9 @@
|
|||
)
|
||||
)
|
||||
);
|
||||
echo $this->element('/genericElements/ListTopBar/scaffold', array('data' => $data));
|
||||
?>
|
||||
<div id="attributeList" class="attributeListContainer">
|
||||
<div class="tabMenu tabMenuFiltersBlock noPrint" style="padding-right:0px !important;">
|
||||
<span id="filter_header" class="attribute_filter_header"><?php echo __('Filters');?>: </span>
|
||||
<div id="filter_all" title="<?php echo __('Show all queues');?>" role="button" tabindex="0" aria-label="<?php echo __('Show all queues');?>" class="attribute_filter_text<?php if (!$queue) echo '_active';?>" onClick="window.location='/jobs/index';"><?php echo __('All');?></div>
|
||||
<div id="filter_default" title="<?php echo __('Show default queue');?>" role="button" tabindex="0" aria-label="<?php echo __('Show default queue');?>" class="attribute_filter_text<?php if ($queue === 'default') echo '_active';?>" onClick="window.location='/jobs/index/default';"><?php echo __('Default');?></div>
|
||||
<div id="filter_email" title="<?php echo __('Show email queue');?>" role="button" tabindex="0" aria-label="<?php echo __('Show email queue');?>" class="attribute_filter_text<?php if ($queue === 'email') echo '_active';?>" onClick="window.location='/jobs/index/email';"><?php echo __('Email');?></div>
|
||||
<div id="filter_cache" title="<?php echo __('Show cache queue');?>" role="button" tabindex="0" aria-label="<?php echo __('Show cache queue');?>" class="attribute_filter_text<?php if ($queue === 'cache') echo '_active';?>" onClick="window.location='/jobs/index/cache';"><?php echo __('Cache');?></div>
|
||||
</div>
|
||||
<?php echo $this->element('/genericElements/ListTopBar/scaffold', array('data' => $data)); ?>
|
||||
<table class="table table-striped table-hover table-condensed">
|
||||
<tr>
|
||||
<th><?php echo $this->Paginator->sort('id');?></th>
|
||||
|
|
|
@ -40,6 +40,7 @@
|
|||
<body>
|
||||
<div id="popover_form" class="ajax_popover_form"></div>
|
||||
<div id="popover_form_large" class="ajax_popover_form ajax_popover_form_large"></div>
|
||||
<div id="popover_box" class="popover_box"></div>
|
||||
<div id="screenshot_box" class="screenshot_box"></div>
|
||||
<div id="confirmation_box" class="confirmation_box"></div>
|
||||
<div id="gray_out" class="gray_out"></div>
|
||||
|
|
|
@ -109,6 +109,7 @@
|
|||
}
|
||||
$options = array(
|
||||
'functionName' => 'changeObjectReferenceSelectOption',
|
||||
'select_threshold' => 0,
|
||||
'chosen_options' => array('width' => '334px'),
|
||||
'select_options' => array('data-targetselect' => 'targetSelect')
|
||||
);
|
||||
|
|
|
@ -87,6 +87,10 @@ $buttonModifyStatus = $mayModify ? 'button_on':'button_off';
|
|||
'class' => empty($user['User']['disabled']) ? '' : 'background-red',
|
||||
'boolean' => $user['User']['disabled']
|
||||
);
|
||||
echo $this->element('genericElements/assetLoader', array(
|
||||
'css' => array('vis', 'distribution-graph'),
|
||||
'js' => array('vis', 'network-distribution-graph')
|
||||
));
|
||||
echo sprintf(
|
||||
'<div class="users view row-fluid"><div class="span8" style="margin:0px;">%s%s</div>%s</div>%s',
|
||||
sprintf(
|
||||
|
|
|
@ -1 +1 @@
|
|||
Subproject commit ac6276a906d0658ff3e021208db7f0d25316c65d
|
||||
Subproject commit e0a5224bbb37608bd3f20c6ee992254f02b2c794
|
|
@ -1 +1 @@
|
|||
Subproject commit bfcfe7aae9a13db637281c8ccd10f9d89d33b593
|
||||
Subproject commit 81924c519f2d5899023da427cc2d5f8cf29e076b
|
|
@ -70,7 +70,7 @@ class StixBuilder():
|
|||
'created_by_ref': self.identity_id, 'created': self.misp_event['date'],
|
||||
'published': self.get_datetime_from_timestamp(self.misp_event['publish_timestamp']),
|
||||
'interoperability': True}
|
||||
labels = _MISP_event_tags
|
||||
labels = [tag for tag in _MISP_event_tags]
|
||||
if self.misp_event.get('Tag'):
|
||||
markings = []
|
||||
for tag in self.misp_event['Tag']:
|
||||
|
|
|
@ -1 +1 @@
|
|||
Subproject commit 7697111df5285a537a217bcc205d614355dc2127
|
||||
Subproject commit 4092752c2ef60eba1df4a8bfdd55dbc68db10b73
|
|
@ -1 +1 @@
|
|||
Subproject commit 3ededf3ddf92573e1037305859857418f73fdf25
|
||||
Subproject commit 945b151b0b6258458fc0a8c3eb42f7401a30e5e8
|
|
@ -846,6 +846,16 @@ a.proposal_link_red:hover {
|
|||
left: calc(50% - 700px);
|
||||
}
|
||||
|
||||
.popover_box {
|
||||
display:none;
|
||||
position: fixed;
|
||||
top:150px;
|
||||
background-color:#f4f4f4;
|
||||
border-radius: 11px 11px 10px 10px;
|
||||
box-shadow: 4px 4px 4px #333;
|
||||
z-index:5;
|
||||
}
|
||||
|
||||
.screenshot_box {
|
||||
display:none;
|
||||
position: absolute;
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -1265,6 +1265,7 @@ function cancelPopoverForm(id) {
|
|||
$("#popover_form").fadeOut();
|
||||
$("#popover_form_large").fadeOut();
|
||||
$("#screenshot_box").fadeOut();
|
||||
$("#popover_box").fadeOut();
|
||||
$("#confirmation_box").fadeOut();
|
||||
$('#gray_out').fadeOut();
|
||||
$('#popover_form').fadeOut();
|
||||
|
@ -1912,16 +1913,6 @@ function quickFilterRemoteEvents(passedArgs, id) {
|
|||
window.location.href=url;
|
||||
}
|
||||
|
||||
$('#quickFilterField').bind("enterKey",function(e){
|
||||
$('#quickFilterButton').trigger("click");
|
||||
});
|
||||
$('#quickFilterField').keyup(function(e){
|
||||
if(e.keyCode == 13)
|
||||
{
|
||||
$('#quickFilterButton').trigger("click");
|
||||
}
|
||||
});
|
||||
|
||||
function remoteIndexApplyFilters() {
|
||||
var url = actionUrl + '/' + $("#EventFilter").val();
|
||||
window.location.href = url;
|
||||
|
@ -3272,7 +3263,7 @@ $(".cortex-json").click(function() {
|
|||
|
||||
// add the same as below for click popup
|
||||
$(document).on( "click", ".eventViewAttributePopup", function() {
|
||||
$('#screenshot_box').empty();
|
||||
$('#popover_box').empty();
|
||||
type = $(this).attr('data-object-type');
|
||||
id = $(this).attr('data-object-id');
|
||||
if (!(type + "_" + id in ajaxResults["persistent"])) {
|
||||
|
@ -3288,16 +3279,16 @@ $(document).on( "click", ".eventViewAttributePopup", function() {
|
|||
if (type + "_" + id in ajaxResults["persistent"]) {
|
||||
var enrichment_popover = ajaxResults["persistent"][type + "_" + id];
|
||||
enrichment_popover += '<div class="close-icon useCursorPointer popup-close-icon" onClick="closeScreenshot();"></div>';
|
||||
$('#screenshot_box').html('<div class="screenshot_content">' + enrichment_popover + '</div>');
|
||||
$('#screenshot_box').show();
|
||||
$('#popover_box').html('<div class="screenshot_content">' + enrichment_popover + '</div>');
|
||||
$('#popover_box').show();
|
||||
$("#gray_out").fadeIn();
|
||||
$('#screenshot_box').css({'padding': '5px'});
|
||||
$('#screenshot_box').css( "maxWidth", ( $( window ).width() * 0.9 | 0 ) + "px" );
|
||||
$('#screenshot_box').css( "maxHeight", ( $( window ).width() - 300 | 0 ) + "px" );
|
||||
$('#screenshot_box').css( "overflow-y", "auto");
|
||||
$('#popover_box').css({'padding': '5px'});
|
||||
$('#popover_box').css( "maxWidth", ( $( window ).width() * 0.9 | 0 ) + "px" );
|
||||
$('#popover_box').css( "maxHeight", ( $( window ).width() - 300 | 0 ) + "px" );
|
||||
$('#popover_box').css( "overflow-y", "auto");
|
||||
|
||||
var left = ($(window).width() / 2) - ($('#screenshot_box').width() / 2);
|
||||
$('#screenshot_box').css({'left': left + 'px'});
|
||||
var left = ($(window).width() / 2) - ($('#popover_box').width() / 2);
|
||||
$('#popover_box').css({'left': left + 'px'});
|
||||
}
|
||||
$('#' + currentPopover).popover('destroy');
|
||||
});
|
||||
|
@ -3311,33 +3302,6 @@ function flashErrorPopover() {
|
|||
$("#gray_out").fadeIn();
|
||||
}
|
||||
|
||||
$(".eventViewAttributeHover").mouseenter(function() {
|
||||
$('#' + currentPopover).popover('destroy');
|
||||
var type = $(this).attr('data-object-type');
|
||||
var id = $(this).attr('data-object-id');
|
||||
|
||||
if (type + "_" + id in ajaxResults["hover"]) {
|
||||
var element = $('#' + type + '_' + id + '_container');
|
||||
element.popover({
|
||||
title: attributeHoverTitle(id, type),
|
||||
content: ajaxResults["hover"][type + "_" + id],
|
||||
placement: attributeHoverPlacement(element),
|
||||
html: true,
|
||||
trigger: 'manual',
|
||||
container: 'body'
|
||||
}).popover('show');
|
||||
currentPopover = type + '_' + id + '_container';
|
||||
} else {
|
||||
timer = setTimeout(function () {
|
||||
runHoverLookup(type, id)
|
||||
},
|
||||
500
|
||||
);
|
||||
}
|
||||
}).mouseout(function() {
|
||||
clearTimeout(timer);
|
||||
});
|
||||
|
||||
function attributeHoverTitle(id, type) {
|
||||
return `<span>Lookup results:</span>
|
||||
<i class="fa fa-search-plus useCursorPointer eventViewAttributePopup"
|
||||
|
@ -3378,15 +3342,6 @@ $('body').on('click', function (e) {
|
|||
});
|
||||
});
|
||||
|
||||
$(".queryPopover").click(function() {
|
||||
url = $(this).data('url');
|
||||
id = $(this).data('id');
|
||||
$.get(url + '/' + id, function(data) {
|
||||
$('#popover_form').html(data);
|
||||
openPopup('#popover_form');
|
||||
});
|
||||
});
|
||||
|
||||
function serverOwnerOrganisationChange(host_org_id) {
|
||||
if ($('#ServerOrganisationType').val() == "0" && $('#ServerLocal').val() == host_org_id) {
|
||||
$('#InternalDiv').show();
|
||||
|
@ -3488,26 +3443,6 @@ function feedFormUpdate() {
|
|||
}
|
||||
}
|
||||
|
||||
$('.servers_default_role_checkbox').click(function() {
|
||||
var id = $(this).data("id");
|
||||
var state = $(this).is(":checked");
|
||||
$(".servers_default_role_checkbox").not(this).attr('checked', false);
|
||||
$.ajax({
|
||||
beforeSend: function (XMLHttpRequest) {
|
||||
$(".loading").show();
|
||||
},
|
||||
success:function (data, textStatus) {
|
||||
handleGenericAjaxResponse(data);
|
||||
},
|
||||
complete:function() {
|
||||
$(".loading").hide();
|
||||
},
|
||||
type:"get",
|
||||
cache: false,
|
||||
url: '/admin/roles/set_default/' + (state ? id : ""),
|
||||
});
|
||||
});
|
||||
|
||||
function setContextFields() {
|
||||
if (showContext) {
|
||||
$('.context').show();
|
||||
|
@ -3736,6 +3671,7 @@ $(document).keyup(function(e){
|
|||
$("#popover_form").fadeOut();
|
||||
$("#popover_form_large").fadeOut();
|
||||
$("#screenshot_box").fadeOut();
|
||||
$("#popover_box").fadeOut();
|
||||
$("#confirmation_box").fadeOut();
|
||||
$(".loading").hide();
|
||||
resetForms();
|
||||
|
@ -3766,16 +3702,6 @@ function checkRolePerms() {
|
|||
}
|
||||
}
|
||||
|
||||
// clicking on an element with this class will select all of its contents in a
|
||||
// single click
|
||||
$('.quickSelect').click(function() {
|
||||
var range = document.createRange();
|
||||
var selection = window.getSelection();
|
||||
range.selectNodeContents(this);
|
||||
selection.removeAllRanges();
|
||||
selection.addRange(range);
|
||||
});
|
||||
|
||||
function updateMISP() {
|
||||
$.get( "/servers/update", function(data) {
|
||||
$("#confirmation_box").html(data);
|
||||
|
@ -3822,7 +3748,9 @@ function submitSubmoduleUpdate(clicked) {
|
|||
data: formData,
|
||||
success:function (data, textStatus) {
|
||||
if (data.status) {
|
||||
updateSubModulesStatus(data.output);
|
||||
var job_sent = data.job_sent !== undefined ? data.job_sent : false;
|
||||
var sync_result = data.sync_result !== undefined ? data.sync_result : '';
|
||||
updateSubModulesStatus(data.output, job_sent, sync_result);
|
||||
} else {
|
||||
showMessage('error', 'Something went wrong');
|
||||
$('#submoduleGitResultDiv').show();
|
||||
|
@ -3847,24 +3775,6 @@ function submitSubmoduleUpdate(clicked) {
|
|||
});
|
||||
}
|
||||
|
||||
$(".cortex-json").click(function() {
|
||||
var cortex_data = $(this).data('cortex-json');
|
||||
cortex_data = htmlEncode(JSON.stringify(cortex_data, null, 2));
|
||||
var popupHtml = '<pre class="simplepre">' + cortex_data + '</pre>';
|
||||
popupHtml += '<div class="close-icon useCursorPointer" onClick="closeScreenshot();"></div>';
|
||||
$('#screenshot_box').html(popupHtml);
|
||||
$('#screenshot_box').show();
|
||||
$('#screenshot_box').css({'padding': '5px'});
|
||||
left = ($(window).width() / 2) - ($('#screenshot_box').width() / 2);
|
||||
if (($('#screenshot_box').height() + 250) > $(window).height()) {
|
||||
$('#screenshot_box').height($(window).height() - 250);
|
||||
$('#screenshot_box').css("overflow-y", "scroll");
|
||||
$('#screenshot_box').css("overflow-x", "hidden");
|
||||
}
|
||||
$('#screenshot_box').css({'left': left + 'px'});
|
||||
$("#gray_out").fadeIn();
|
||||
});
|
||||
|
||||
// Show $(id) if the enable parameter evaluates to true. Hide it otherwise
|
||||
function checkAndEnable(id, enable) {
|
||||
if (enable) {
|
||||
|
@ -4005,22 +3915,6 @@ function previewEventBasedOnUuids() {
|
|||
}
|
||||
}
|
||||
|
||||
$('.add_object_attribute_row').click(function() {
|
||||
var template_id = $(this).data('template-id');
|
||||
var object_relation = $(this).data('object-relation');
|
||||
var k = $('#last-row').data('last-row');
|
||||
var k = k+1;
|
||||
$('#last-row').data('last-row', k);
|
||||
url = "/objects/get_row/" + template_id + "/" + object_relation + "/" + k;
|
||||
$.get(url, function(data) {
|
||||
$('#row_' + object_relation + '_expand').before($(data).fadeIn()).html();
|
||||
});
|
||||
});
|
||||
|
||||
$('.quickToggleCheckbox').toggle(function() {
|
||||
var url = $(this).data('checkbox-url');
|
||||
});
|
||||
|
||||
function checkNoticeList(type) {
|
||||
var fields_to_check = {
|
||||
"attribute": ["category", "type"]
|
||||
|
@ -4049,6 +3943,108 @@ function checkNoticeList(type) {
|
|||
}
|
||||
|
||||
$(document).ready(function() {
|
||||
$('#quickFilterField').bind("enterKey",function(e){
|
||||
$('#quickFilterButton').trigger("click");
|
||||
});
|
||||
$('#quickFilterField').keyup(function(e){
|
||||
if(e.keyCode == 13)
|
||||
{
|
||||
$('#quickFilterButton').trigger("click");
|
||||
}
|
||||
});
|
||||
$(".eventViewAttributeHover").mouseenter(function() {
|
||||
$('#' + currentPopover).popover('destroy');
|
||||
var type = $(this).attr('data-object-type');
|
||||
var id = $(this).attr('data-object-id');
|
||||
|
||||
if (type + "_" + id in ajaxResults["hover"]) {
|
||||
var element = $('#' + type + '_' + id + '_container');
|
||||
element.popover({
|
||||
title: attributeHoverTitle(id, type),
|
||||
content: ajaxResults["hover"][type + "_" + id],
|
||||
placement: attributeHoverPlacement(element),
|
||||
html: true,
|
||||
trigger: 'manual',
|
||||
container: 'body'
|
||||
}).popover('show');
|
||||
currentPopover = type + '_' + id + '_container';
|
||||
} else {
|
||||
timer = setTimeout(function () {
|
||||
runHoverLookup(type, id)
|
||||
},
|
||||
500
|
||||
);
|
||||
}
|
||||
}).mouseout(function() {
|
||||
clearTimeout(timer);
|
||||
});
|
||||
$(".queryPopover").click(function() {
|
||||
url = $(this).data('url');
|
||||
id = $(this).data('id');
|
||||
$.get(url + '/' + id, function(data) {
|
||||
$('#popover_form').html(data);
|
||||
openPopup('#popover_form');
|
||||
});
|
||||
});
|
||||
$('.servers_default_role_checkbox').click(function() {
|
||||
var id = $(this).data("id");
|
||||
var state = $(this).is(":checked");
|
||||
$(".servers_default_role_checkbox").not(this).attr('checked', false);
|
||||
$.ajax({
|
||||
beforeSend: function (XMLHttpRequest) {
|
||||
$(".loading").show();
|
||||
},
|
||||
success:function (data, textStatus) {
|
||||
handleGenericAjaxResponse(data);
|
||||
},
|
||||
complete:function() {
|
||||
$(".loading").hide();
|
||||
},
|
||||
type:"get",
|
||||
cache: false,
|
||||
url: '/admin/roles/set_default/' + (state ? id : ""),
|
||||
});
|
||||
});
|
||||
// clicking on an element with this class will select all of its contents in a
|
||||
// single click
|
||||
$('.quickSelect').click(function() {
|
||||
var range = document.createRange();
|
||||
var selection = window.getSelection();
|
||||
range.selectNodeContents(this);
|
||||
selection.removeAllRanges();
|
||||
selection.addRange(range);
|
||||
});
|
||||
$(".cortex-json").click(function() {
|
||||
var cortex_data = $(this).data('cortex-json');
|
||||
cortex_data = htmlEncode(JSON.stringify(cortex_data, null, 2));
|
||||
var popupHtml = '<pre class="simplepre">' + cortex_data + '</pre>';
|
||||
popupHtml += '<div class="close-icon useCursorPointer" onClick="closeScreenshot();"></div>';
|
||||
$('#popover_box').html(popupHtml);
|
||||
$('#popover_box').show();
|
||||
$('#popover_box').css({'padding': '5px'});
|
||||
left = ($(window).width() / 2) - ($('#popover_box').width() / 2);
|
||||
if (($('#popover_box').height() + 250) > $(window).height()) {
|
||||
$('#popover_box').height($(window).height() - 250);
|
||||
$('#popover_box').css("overflow-y", "scroll");
|
||||
$('#popover_box').css("overflow-x", "hidden");
|
||||
}
|
||||
$('#popover_box').css({'left': left + 'px'});
|
||||
$("#gray_out").fadeIn();
|
||||
});
|
||||
$('.add_object_attribute_row').click(function() {
|
||||
var template_id = $(this).data('template-id');
|
||||
var object_relation = $(this).data('object-relation');
|
||||
var k = $('#last-row').data('last-row');
|
||||
var k = k+1;
|
||||
$('#last-row').data('last-row', k);
|
||||
url = "/objects/get_row/" + template_id + "/" + object_relation + "/" + k;
|
||||
$.get(url, function(data) {
|
||||
$('#row_' + object_relation + '_expand').before($(data).fadeIn()).html();
|
||||
});
|
||||
});
|
||||
$('.quickToggleCheckbox').toggle(function() {
|
||||
var url = $(this).data('checkbox-url');
|
||||
});
|
||||
$(".correlation-expand-button").on("click", function() {
|
||||
$(this).parent().children(".correlation-expanded-area").show();
|
||||
$(this).parent().children(".correlation-collapse-button").show();
|
||||
|
@ -4105,7 +4101,6 @@ function insertHTMLRestResponse() {
|
|||
function insertJSONRestResponse() {
|
||||
$('#rest-response-container').append('<p id="json-response-container" style="border: 1px solid blue; padding:5px;" />');
|
||||
var parsedJson = syntaxHighlightJson($('#rest-response-hidden-container').text());
|
||||
console.log(parsedJson);
|
||||
$('#json-response-container').html(parsedJson);
|
||||
}
|
||||
|
||||
|
|
|
@ -9,8 +9,7 @@
|
|||
The core MISP team cannot verify if this guide is working or not. Please help us in keeping it up to date and accurate.
|
||||
Thus we also have difficulties in supporting RHEL issues but will do a best effort on a similar yet slightly different setup.
|
||||
|
||||
This document details the steps to install MISP on Red Hat Enterprise Linux 7.x (RHEL 7.x). At time of this writing it
|
||||
was tested on version 7.6.
|
||||
This document details the steps to install MISP on Red Hat Enterprise Linux 7.x (RHEL 7.x). At time of this writing it was tested on version 7.6.
|
||||
|
||||
The following assumptions with regard to this installation have been made.
|
||||
|
||||
|
@ -19,13 +18,24 @@ The following assumptions with regard to this installation have been made.
|
|||
### 0.3/ This system will have direct or proxy access to the Internet for updates. Or connected to a Red Hat Satellite Server
|
||||
### 0.4/ This document is to get a MISP instance up and running over HTTP. I haven't done a full test of all features
|
||||
|
||||
{!generic/globalVariables.md!}
|
||||
|
||||
```bash
|
||||
# RHEL/CentOS Specific
|
||||
RUN_PHP='/usr/bin/scl enable rh-php72'
|
||||
RUN_PYTHON='/usr/bin/scl enable rh-python36'
|
||||
SUDO_WWW='sudo -H -u apache'
|
||||
|
||||
PHP_INI=/etc/opt/rh/rh-php72/php.ini
|
||||
```
|
||||
|
||||
# 1/ OS Install and additional repositories
|
||||
|
||||
## 1.1/ Complete a minimal RHEL installation, configure IP address to connect automatically.
|
||||
|
||||
## 1.2/ Configure system hostname
|
||||
```bash
|
||||
sudo hostnamectl set-hostname misp # Your choice, in a production environment, it's best to use a FQDN
|
||||
sudo hostnamectl set-hostname misp.local # Your choice, in a production environment, it's best to use a FQDN
|
||||
```
|
||||
|
||||
## 1.3/ Register the system for updates with Red Hat Subscription Manager
|
||||
|
@ -48,19 +58,12 @@ sudo yum install deltarpm -y
|
|||
|
||||
## 1.5/ Update the system and reboot
|
||||
```bash
|
||||
yum update -y
|
||||
sudo yum update -y
|
||||
```
|
||||
|
||||
!!! note
|
||||
As time of writing performing a yum update results in the rhel-7-server-rt-beta-rpms being forbidden.<br />
|
||||
The repo can be disabled using the following command
|
||||
```bash
|
||||
subscription-manager repos --disable rhel-7-server-rt-beta-rpms
|
||||
```
|
||||
|
||||
## 1.6/ Install the EPEL repo
|
||||
```bash
|
||||
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm -y
|
||||
sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm -y
|
||||
```
|
||||
|
||||
# 2/ Install Dependencies
|
||||
|
@ -68,21 +71,20 @@ Once the system is installed and updated, the following steps can be performed a
|
|||
|
||||
## 2.01/ Install some base system dependencies
|
||||
```bash
|
||||
yum install gcc git httpd zip python-devel libxslt-devel zlib-devel python-pip ssdeep-devel
|
||||
sudo yum install gcc git httpd zip python-devel libxslt-devel zlib-devel python-pip ssdeep-devel
|
||||
```
|
||||
|
||||
## 2.02/ Install MariaDB 10.2 from SCL
|
||||
```bash
|
||||
yum install rh-mariadb102
|
||||
sudo yum install rh-mariadb102
|
||||
```
|
||||
|
||||
## 2.03/ Start the MariaDB service and enable it to start on boot
|
||||
```bash
|
||||
systemctl enable --now rh-mariadb102-mariadb.service
|
||||
sudo systemctl enable --now rh-mariadb102-mariadb.service
|
||||
```
|
||||
|
||||
!!! note
|
||||
MISP 2.4 requires PHP 5.6 as a minimum, so we need a higher version than base RHEL provides.<br />
|
||||
This guide installs PHP 7.2 from SCL
|
||||
|
||||
!!! warning
|
||||
|
@ -90,7 +92,7 @@ systemctl enable --now rh-mariadb102-mariadb.service
|
|||
|
||||
## 2.04/ Install PHP 7.2 from SCL
|
||||
```bash
|
||||
yum install rh-php72 rh-php72-php-fpm rh-php72-php-devel rh-php72-php-mysqlnd rh-php72-php-mbstring rh-php72-php-xml rh-php72-php-bcmath rh-php72-php-opcache rh-php72-php-gd
|
||||
sudo yum install rh-php72 rh-php72-php-fpm rh-php72-php-devel rh-php72-php-mysqlnd rh-php72-php-mbstring rh-php72-php-xml rh-php72-php-bcmath rh-php72-php-opcache rh-php72-php-gd
|
||||
```
|
||||
|
||||
!!! note
|
||||
|
@ -98,80 +100,86 @@ yum install rh-php72 rh-php72-php-fpm rh-php72-php-devel rh-php72-php-mysqlnd rh
|
|||
|
||||
## 2.05/ Start the PHP FPM service and enable to start on boot
|
||||
```bash
|
||||
systemctl enable --now rh-php72-php-fpm.service
|
||||
sudo systemctl enable --now rh-php72-php-fpm.service
|
||||
```
|
||||
|
||||
## 2.06/ Install redis 3.2 from SCL
|
||||
```bash
|
||||
yum install rh-redis32
|
||||
sudo yum install rh-redis32
|
||||
```
|
||||
|
||||
## 2.07/ Start redis service and enable to start on boot
|
||||
```bash
|
||||
systemctl enable --now rh-redis32-redis.service
|
||||
sudo systemctl enable --now rh-redis32-redis.service
|
||||
```
|
||||
|
||||
## 2.08/ Secure the MariaDB installation
|
||||
```bash
|
||||
scl enable rh-mariadb102 'mysql_secure_installation'
|
||||
sudo scl enable rh-mariadb102 'mysql_secure_installation'
|
||||
```
|
||||
|
||||
## 2.09/ Update the PHP extension repository and install required package
|
||||
```bash
|
||||
scl enable rh-php72 rh-redis32 bash
|
||||
pear channel-update pear.php.net
|
||||
pear install Crypt_GPG
|
||||
sudo scl enable rh-php72 rh-redis32 bash
|
||||
sudo pear channel-update pear.php.net
|
||||
sudo pear install Crypt_GPG
|
||||
exit
|
||||
```
|
||||
|
||||
## 2.10/ Install haveged and enable to start on boot to provide entropy for GPG
|
||||
```bash
|
||||
yum install haveged
|
||||
systemctl enable --now haveged
|
||||
sudo yum install haveged
|
||||
sudo systemctl enable --now haveged
|
||||
```
|
||||
Only do this if you're not running rngd to provide randomness and your kernel randomness is not sufficient.
|
||||
|
||||
## 2.10/ Install Python 3.6 from SCL
|
||||
```bash
|
||||
sudo yum install rh-python36
|
||||
```
|
||||
|
||||
## 2.11/ Install Python 3.6 from SCL
|
||||
## 2.11/ Install Git 2.18 from SCL
|
||||
```bash
|
||||
yum install rh-python36
|
||||
sudo yum install rh-git218
|
||||
```
|
||||
|
||||
# 3/ MISP Download
|
||||
## 3.01/ Download MISP code using git in /var/www/ directory
|
||||
```bash
|
||||
cd /var/www
|
||||
git clone https://github.com/MISP/MISP.git
|
||||
cd MISP
|
||||
git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||
sudo mkdir $PATH_TO_MISP
|
||||
sudo chown apache:apache $PATH_TO_MISP
|
||||
sudo -u apache git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
|
||||
sudo -u apache git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||
# if the last shortcut doesn't work, specify the latest version manually
|
||||
# example: git checkout tags/v2.4.XY
|
||||
# the message regarding a "detached HEAD state" is expected behaviour
|
||||
# (you only have to create a new branch, if you want to change stuff and do a pull request for example)
|
||||
git submodule update --init --recursive
|
||||
sudo -u apache git submodule update --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
git submodule foreach --recursive git config core.filemode false
|
||||
sudo -u apache git submodule foreach --recursive git config core.filemode false
|
||||
```
|
||||
|
||||
## 3.02/ Make git ignore filesystem permission differences
|
||||
```bash
|
||||
git config core.filemode false
|
||||
sudo -u apache git config core.filemode false
|
||||
```
|
||||
|
||||
## 3.03/ Install Mitre's STIX, STIX2 and their dependencies by running the following commands
|
||||
```bash
|
||||
yum install python-six
|
||||
cd /var/www/MISP/app/files/scripts
|
||||
git clone https://github.com/CybOXProject/python-cybox.git
|
||||
git clone https://github.com/STIXProject/python-stix.git
|
||||
sudo -u apache git clone https://github.com/CybOXProject/python-cybox.git
|
||||
sudo -u apache git clone https://github.com/STIXProject/python-stix.git
|
||||
cd /var/www/MISP/app/files/scripts/python-cybox
|
||||
git config core.filemode false
|
||||
sudo -u apache git config core.filemode false
|
||||
# If your umask has been changed from the default, it is a good idea to reset it to 0022 before installing python modules
|
||||
UMASK=$(umask)
|
||||
umask 0022
|
||||
scl enable rh-python36 'python3 setup.py install'
|
||||
sudo scl enable rh-python36 'python3 setup.py install'
|
||||
cd /var/www/MISP/app/files/scripts/python-stix
|
||||
git config core.filemode false
|
||||
scl enable rh-python36 'python3 setup.py install'
|
||||
sudo -u www-data git config core.filemode false
|
||||
sudo scl enable rh-python36 'python3 setup.py install'
|
||||
cd /var/www/MISP/cti-python-stix2
|
||||
scl enable rh-python36 'python3 setup.py install'
|
||||
sudo scl enable rh-python36 'python3 setup.py install'
|
||||
```
|
||||
|
||||
|
||||
|
@ -188,17 +196,18 @@ umask $UMASK
|
|||
## 3.05/ Enable python3 for php-fpm
|
||||
```bash
|
||||
echo 'source scl_source enable rh-python36' >> /etc/opt/rh/rh-php72/sysconfig/php-fpm
|
||||
sed -i.org -e 's/^;\(clear_env = no\)/\1/' /etc/opt/rh/rh-php72/php-fpm.d/www.conf
|
||||
systemctl restart rh-php72-php-fpm.service
|
||||
sudo sed -i.org -e 's/^;\(clear_env = no\)/\1/' /etc/opt/rh/rh-php72/php-fpm.d/www.conf
|
||||
sudo systemctl restart rh-php72-php-fpm.service
|
||||
```
|
||||
|
||||
## 3.06/ Enable dependencies detection in the diagnostics page
|
||||
Add the following content to `/etc/opt/rh/rh-php72/php-fpm.d/www.conf` :
|
||||
```
|
||||
env[PATH] =/opt/rh/rh-redis32/root/usr/bin:/opt/rh/rh-python36/root/usr/bin:/opt/rh/rh-php72/root/usr/bin:/usr/local/bin:/usr/bin:/bin
|
||||
env[PATH]=/opt/rh/rh-git218/root/usr/bin:/opt/rh/rh-redis32/root/usr/bin:/opt/rh/rh-python36/root/usr/bin:/opt/rh/rh-php72/root/usr/bin:/usr/local/bin:/usr/bin:/bin
|
||||
env[LD_LIBRARY_PATH]=/opt/rh/httpd24/root/usr/lib64/
|
||||
```
|
||||
Then run `systemctl restart rh-php72-php-fpm.service`.
|
||||
This allows MISP to detect GnuPG, the Python modules' versions and to read the PHP settings.
|
||||
This allows MISP to detect GnuPG, the Python modules' versions and to read the PHP settings. The LD_LIBRARY_PATH setting is needed for rh-git218 to work, one might think to install httpd24 and not just httpd ...
|
||||
|
||||
# 4/ CakePHP
|
||||
## 4.01/ Install CakeResque along with its dependencies if you intend to use the built in background jobs
|
||||
|
@ -254,8 +263,6 @@ chown -R apache:apache /var/www/MISP/app/webroot/img/orgs
|
|||
chown -R apache:apache /var/www/MISP/app/webroot/img/custom
|
||||
```
|
||||
|
||||
|
||||
|
||||
# 6/ Create database and user
|
||||
## 6.01/ Set database to listen on localhost only
|
||||
```bash
|
||||
|
@ -290,14 +297,10 @@ cp /var/www/MISP/INSTALL/apache.misp.centos7 /etc/httpd/conf.d/misp.conf
|
|||
|
||||
## 7.02/ Since SELinux is enabled, we need to allow httpd to write to certain directories
|
||||
```bash
|
||||
chcon -t httpd_sys_rw_content_t /var/www/MISP/app/files
|
||||
chcon -t httpd_sys_rw_content_t /var/www/MISP/app/files/terms
|
||||
chcon -t httpd_sys_rw_content_t /var/www/MISP/app/files/scripts/tmp
|
||||
chcon -t httpd_sys_rw_content_t /var/www/MISP/app/Plugin/CakeResque/tmp
|
||||
chcon -R -t httpd_sys_rw_content_t /var/www/MISP/app/tmp
|
||||
chcon -R -t httpd_sys_rw_content_t /var/www/MISP/app/webroot/img/orgs
|
||||
chcon -R -t httpd_sys_rw_content_t /var/www/MISP/app/webroot/img/custom
|
||||
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/MISP(/.*)?"
|
||||
restorecon -R /var/www/MISP/
|
||||
```
|
||||
We're providing write access to the whole MISP tree, otherwise updates via the web interface won't work.
|
||||
|
||||
## 7.03/ Allow httpd to connect to the redis server and php-fpm over tcp/ip
|
||||
```bash
|
||||
|
@ -329,13 +332,7 @@ cp INSTALL/misp.logrotate /etc/logrotate.d/misp
|
|||
chmod 0640 /etc/logrotate.d/misp
|
||||
```
|
||||
|
||||
## 8.02/ Allow logrotate to work under SELinux and modify the log files
|
||||
```bash
|
||||
semanage fcontext -a -t httpd_log_t "/var/www/MISP/app/tmp/logs(/.*)?"
|
||||
chcon -R -t httpd_log_t /var/www/MISP/app/tmp/logs
|
||||
```
|
||||
|
||||
## 8.03/ Allow logrotate to read /var/www
|
||||
## 8.02/ Allow logrotate to read /var/www
|
||||
```bash
|
||||
checkmodule -M -m -o /tmp/misplogrotate.mod INSTALL/misplogrotate.te
|
||||
semodule_package -o /tmp/misplogrotate.pp -m /tmp/misplogrotate.mod
|
||||
|
@ -381,17 +378,13 @@ cp -a config.default.php config.php
|
|||
```
|
||||
|
||||
## 9.03/ If you want to be able to change configuration parameters from the webinterface:
|
||||
```
|
||||
chown apache:apache /var/www/MISP/app/Config/config.php
|
||||
chcon -t httpd_sys_rw_content_t /var/www/MISP/app/Config/config.php
|
||||
```
|
||||
Handled by 7.02
|
||||
|
||||
## 9.04/ Generate an encryption key
|
||||
```bash
|
||||
gpg --gen-key
|
||||
mv ~/.gnupg /var/www/MISP/
|
||||
chown -R apache:apache /var/www/MISP/.gnupg
|
||||
chcon -R -t httpd_sys_rw_content_t /var/www/MISP/.gnupg
|
||||
restorecon -R /var/www/MISP
|
||||
```
|
||||
|
||||
!!! note
|
||||
|
@ -443,16 +436,7 @@ systemctl enable --now misp-workers.service
|
|||
{!generic/recommended.actions.md!}
|
||||
|
||||
# 10/ Post Install
|
||||
## 10.01/ Allow apache to write to /var/www/MISP/app/tmp/logs
|
||||
If the result from the diagnostic page is that the directory is not writable, try the following.
|
||||
```
|
||||
chcon -R -t httpd_sys_rw_content_t /var/www/MISP/app/tmp/logs/
|
||||
```
|
||||
|
||||
!!! note
|
||||
This may mean that logrotate cannot access the logs directory, will require further investigation
|
||||
|
||||
## 10.02/ Change php.ini settings to suggested limits from diagnostic page.
|
||||
## 10.01/ Change php.ini settings to suggested limits from diagnostic page.
|
||||
```bash
|
||||
# Edit /etc/opt/rh/rh-php72/php.ini and set the following settings
|
||||
max_execution_time = 300
|
||||
|
@ -461,12 +445,12 @@ upload_max_filesize = 50M
|
|||
post_max_size = 50M
|
||||
```
|
||||
|
||||
## 10.03/ Restart rh-php72 for settings to take effect
|
||||
## 10.02/ Restart rh-php72 for settings to take effect
|
||||
```bash
|
||||
systemctl restart rh-php72-php-fpm
|
||||
```
|
||||
|
||||
## 10.04/ Install pydeep and pymisp
|
||||
## 10.03/ Install pydeep and pymisp
|
||||
```bash
|
||||
scl enable rh-python36 'python3 -m pip install pymisp git+https://github.com/kbandla/pydeep.git'
|
||||
```
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
```
|
||||
or on CentOS
|
||||
```bash
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.python_bin" "${PATH_TO_MISP}/venv/bin/python""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.python_bin" "${PATH_TO_MISP}/venv/bin/python""
|
||||
```
|
||||
|
||||
!!! warning
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
#### Initialize MISP configuration and set some defaults
|
||||
```bash
|
||||
# Initialize user and fetch Auth Key
|
||||
sudo -E $RUN_PHP "$CAKE userInit -q"
|
||||
sudo -u apache -E $RUN_PHP "$CAKE userInit -q"
|
||||
AUTH_KEY=$(mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP misp -e "SELECT authkey FROM users;" | tail -1)
|
||||
|
||||
# A small sleep to make sure all the db migrations are done, in case of copy-pasta
|
||||
|
@ -10,149 +10,142 @@ sleep 30
|
|||
# Setup some more MISP default via cake CLI
|
||||
|
||||
# Change base url, either with this CLI command or in the UI
|
||||
sudo $RUN_PHP "$CAKE Baseurl $MISP_BASEURL"
|
||||
sudo -u apache $RUN_PHP "$CAKE Baseurl $MISP_BASEURL"
|
||||
# example: 'baseurl' => 'https://<your.FQDN.here>',
|
||||
# alternatively, you can leave this field empty if you would like to use relative pathing in MISP
|
||||
# 'baseurl' => '',
|
||||
|
||||
# Tune global time outs
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Session.autoRegenerate" 0"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Session.timeout" 600"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Session.cookie_timeout" 3600"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Session.autoRegenerate" 0"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Session.timeout" 600"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Session.cookieTimeout" 3600"
|
||||
|
||||
# Enable GnuPG
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "GnuPG.email" "admin@admin.test""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "GnuPG.homedir" "$PATH_TO_MISP/.gnupg""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "GnuPG.password" "Password1234""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "GnuPG.email" "admin@admin.test""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "GnuPG.homedir" "$PATH_TO_MISP/.gnupg""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "GnuPG.password" "Password1234""
|
||||
|
||||
# Enable Enrichment set better timeouts
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_services_enable" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_hover_enable" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_timeout" 300"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_hover_timeout" 150"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_cve_enabled" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_dns_enabled" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_services_url" "http://127.0.0.1""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_services_port" 6666"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_services_enable" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_hover_enable" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_timeout" 300"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_hover_timeout" 150"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_cve_enabled" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_dns_enabled" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_services_url" "http://127.0.0.1""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Enrichment_services_port" 6666"
|
||||
|
||||
# Enable Import modules set better timout
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Import_services_enable" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Import_services_url" "http://127.0.0.1""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Import_services_port" 6666"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Import_timeout" 300"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Import_ocr_enabled" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Import_csvimport_enabled" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Import_services_enable" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Import_services_url" "http://127.0.0.1""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Import_services_port" 6666"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Import_timeout" 300"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Import_ocr_enabled" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Import_csvimport_enabled" true"
|
||||
|
||||
# Enable Export modules set better timout
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Export_services_enable" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Export_services_url" "http://127.0.0.1""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Export_services_port" 6666"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Export_timeout" 300"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Export_pdfexport_enabled" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Export_services_enable" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Export_services_url" "http://127.0.0.1""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Export_services_port" 6666"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Export_timeout" 300"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Export_pdfexport_enabled" true"
|
||||
|
||||
# Enable installer org and tune some configurables
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.host_org_id" 1"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.email" "info@admin.test""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.disable_emailing" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.contact" "info@admin.test""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.disablerestalert" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.showCorrelationsOnIndex" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.default_event_tag_collection" 0"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.host_org_id" 1"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.email" "info@admin.test""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.disable_emailing" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.contact" "info@admin.test""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.disablerestalert" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.showCorrelationsOnIndex" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.default_event_tag_collection" 0"
|
||||
|
||||
# Provisional Cortex tunes
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_services_enable" false"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_services_url" "http://127.0.0.1""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_services_port" 9000"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_timeout" 120"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_services_url" "http://127.0.0.1""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_services_port" 9000"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_services_timeout" 120"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_services_authkey" """
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_ssl_verify_peer" false"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_ssl_verify_host" false"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_ssl_allow_self_signed" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_services_enable" false"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_services_url" "http://127.0.0.1""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_services_port" 9000"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_timeout" 120"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_services_url" "http://127.0.0.1""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_services_port" 9000"
|
||||
sudo -u apache $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_authkey" ""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_ssl_verify_peer" false"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_ssl_verify_host" false"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Cortex_ssl_allow_self_signed" true"
|
||||
|
||||
# Various plugin sightings settings
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Sightings_policy" 0"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Sightings_anonymise" false"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.Sightings_range" 365"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Sightings_policy" 0"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Sightings_anonymise" false"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.Sightings_range" 365"
|
||||
|
||||
# Plugin CustomAuth tuneable
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.CustomAuth_disable_logout" false"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.CustomAuth_disable_logout" false"
|
||||
|
||||
# RPZ Plugin settings
|
||||
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_policy" "DROP""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_walled_garden" "127.0.0.1""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_serial" "\$date00""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_refresh" "2h""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_retry" "30m""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_expiry" "30d""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_minimum_ttl" "1h""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_ttl" "1w""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_ns" "localhost.""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_ns_alt" """
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_email" "root.localhost""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_policy" "DROP""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_walled_garden" "127.0.0.1""
|
||||
sudo -u apache $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_serial" "\$date00"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_refresh" "2h""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_retry" "30m""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_expiry" "30d""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_minimum_ttl" "1h""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_ttl" "1w""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_ns" "localhost.""
|
||||
sudo -u apache $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_ns_alt" ""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Plugin.RPZ_email" "root.localhost""
|
||||
|
||||
# Force defaults to make MISP Server Settings less RED
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.language" "eng""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.proposals_block_attributes" false"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.language" "eng""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.proposals_block_attributes" false"
|
||||
|
||||
## Redis block
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.redis_host" "127.0.0.1""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.redis_port" 6379"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.redis_database" 13"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.redis_password" """
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.redis_host" "127.0.0.1""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.redis_port" 6379"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.redis_database" 13"
|
||||
sudo -u apache $RUN_PHP -- $CAKE Admin setSetting "MISP.redis_password" ""
|
||||
|
||||
# Force defaults to make MISP Server Settings less YELLOW
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.ssdeep_correlation_threshold" 40"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.extended_alert_subject" false"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.default_event_threat_level" 4"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.ssdeep_correlation_threshold" 40"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.extended_alert_subject" false"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.default_event_threat_level" 4"
|
||||
|
||||
##sudo $RUN_PHP '$CAKE Admin setSetting "MISP.newUserText" "Dear new MISP user,\\n\\nWe would hereby like to welcome you to the \$org MISP community.\\n\\n Use the credentials below to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nPassword: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"'
|
||||
##sudo $CAKE Admin setSetting "MISP.passwordResetText" "Dear MISP user,\\n\\nA password reset has been triggered for your account. Use the below provided temporary password to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nYour temporary password: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.enableEventBlacklisting" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.enableOrgBlacklisting" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.log_client_ip" false"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.log_auth" false"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.disableUserSelfManagement" false"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.block_event_alert" false"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.block_event_alert_tag" "no-alerts=\"true\"""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "MISP.block_old_event_alert" false"
|
||||
##sudo $RUN_PHP "$CAKE Admin setSetting "MISP.block_old_event_alert_age" """
|
||||
##sudo $RUN_PHP "$CAKE Admin setSetting "MISP.incoming_tags_disabled_by_default" false"
|
||||
##sudo $RUN_PHP "$CAKE Admin setSetting "MISP.footermidleft" "This is an initial install""
|
||||
##sudo $RUN_PHP "$CAKE Admin setSetting "MISP.footermidright" "Please configure and harden accordingly""
|
||||
##sudo $RUN_PHP "$CAKE Admin setSetting "MISP.welcome_text_top" "Initial Install, please configure""
|
||||
##sudo $RUN_PHP "$CAKE Admin setSetting "MISP.welcome_text_bottom" "Welcome to MISP, change this message in MISP Settings""
|
||||
# TODO: Fix substitions
|
||||
##sudo -u apache $RUN_PHP -- $CAKE Admin setSetting "MISP.newUserText" "Dear new MISP user,\\n\\nWe would hereby like to welcome you to the \$org MISP community.\\n\\n Use the credentials below to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nPassword: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
|
||||
##sudo -u apache $RUN_PHP -- $CAKE Admin setSetting "MISP.passwordResetText" "Dear MISP user,\\n\\nA password reset has been triggered for your account. Use the below provided temporary password to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nYour temporary password: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.enableEventBlacklisting" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.enableOrgBlacklisting" true"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.log_client_ip" false"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.log_auth" false"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.disableUserSelfManagement" false"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.block_event_alert" false"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.block_event_alert_tag" "no-alerts=\"true\"""
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.block_old_event_alert" false"
|
||||
sudo -u apache $RUN_PHP -- $CAKE Admin setSetting "MISP.block_old_event_alert_age" ""
|
||||
sudo -u apache $RUN_PHP -- $CAKE Admin setSetting "MISP.incoming_tags_disabled_by_default" false
|
||||
sudo -u apache $RUN_PHP -- $CAKE Admin setSetting "MISP.footermidleft" "This is an initial install"
|
||||
sudo -u apache $RUN_PHP -- $CAKE Admin setSetting "MISP.footermidright" "Please configure and harden accordingly"
|
||||
sudo -u apache $RUN_PHP -- $CAKE Admin setSetting "MISP.welcome_text_top" "Initial Install, please configure"
|
||||
sudo -u apache $RUN_PHP -- $CAKE Admin setSetting "MISP.welcome_text_bottom" "Welcome to MISP, change this message in MISP Settings"
|
||||
|
||||
# Force defaults to make MISP Server Settings less GREEN
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Security.password_policy_length" 12"
|
||||
##sudo $RUN_PHP "$CAKE Admin setSetting "Security.password_policy_complexity" '/^((?=.*\d)|(?=.*\W+))(?![\n])(?=.*[A-Z])(?=.*[a-z]).*$|.{16,}/'"
|
||||
# Tune global time outs
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Session.autoRegenerate" 0"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Session.timeout" 600"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Session.cookie_timeout" 3600"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "Security.password_policy_length" 12"
|
||||
sudo -u apache $RUN_PHP -- $CAKE Admin setSetting "Security.password_policy_complexity" '/^((?=.*\d)|(?=.*\W+))(?![\n])(?=.*[A-Z])(?=.*[a-z]).*$|.{16,}/'
|
||||
|
||||
# Update the galaxies…
|
||||
##sudo $RUN_PHP "$CAKE Admin updateGalaxies"
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/galaxies/update
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin updateGalaxies"
|
||||
|
||||
# Updating the taxonomies…
|
||||
sudo $RUN_PHP "$CAKE Admin updateTaxonomies"
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin updateTaxonomies"
|
||||
|
||||
# Updating the warning lists…
|
||||
##sudo $RUN_PHP "$CAKE Admin updateWarningLists"
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/warninglists/update
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin updateWarningLists"
|
||||
|
||||
# Updating the notice lists…
|
||||
## sudo $RUN_PHP "$CAKE Admin updateNoticeLists"
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/noticelists/update
|
||||
sudo -u apache $RUN_PHP "$CAKE Admin updateNoticeLists"
|
||||
|
||||
# Updating the object templates…
|
||||
##sudo $RUN_PHP "$CAKE Admin updateObjectTemplates"
|
||||
##sudo -u apache $RUN_PHP "$CAKE Admin updateObjectTemplates"
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/objectTemplates/update
|
||||
|
||||
# Set MISP Live
|
||||
sudo $RUN_PHP "$CAKE Live $MISP_LIVE"
|
||||
sudo -u apache $RUN_PHP "$CAKE Live $MISP_LIVE"
|
||||
```
|
||||
|
|
|
@ -2,6 +2,8 @@
|
|||
|
||||
```bash
|
||||
# <snippet-begin 0_global-vars.sh>
|
||||
# $ eval "$(curl -fsSL https://raw.githubusercontent.com/MISP/MISP/2.4/docs/generic/globalVariables.md | grep -v \`\`\`)"
|
||||
# $ MISPvars
|
||||
MISPvars () {
|
||||
debug "Setting generic ${LBLUE}MISP${NC} variables shared by all flavours"
|
||||
# Local non-root MISP user
|
||||
|
|
|
@ -1,10 +1,14 @@
|
|||
#### MISP Dashboard on CentOS
|
||||
--------------
|
||||
|
||||
!!! warning
|
||||
Currently defunct.
|
||||
|
||||
```bash
|
||||
cd /var/www
|
||||
sudo mkdir misp-dashboard
|
||||
sudo chown www-data:www-data misp-dashboard
|
||||
sudo -u www-data git clone https://github.com/MISP/misp-dashboard.git
|
||||
sudo chown apache:apache misp-dashboard
|
||||
sudo -u apache git clone https://github.com/MISP/misp-dashboard.git
|
||||
cd misp-dashboard
|
||||
sudo -H /var/www/misp-dashboard/install_dependencies.sh
|
||||
sudo sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
|
||||
|
@ -53,23 +57,23 @@ sudo a2ensite misp-dashboard
|
|||
sudo systemctl reload apache2
|
||||
|
||||
# Add misp-dashboard to rc.local to start on boot.
|
||||
sudo sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh > /tmp/misp-dashboard_rc.local.log\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \sudo -u apache bash /var/www/misp-dashboard/start_all.sh > /tmp/misp-dashboard_rc.local.log\n' /etc/rc.local
|
||||
|
||||
# Enable ZeroMQ for misp-dashboard
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_enable" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_event_notifications_enable" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_object_notifications_enable" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_object_reference_notifications_enable" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_attribute_notifications_enable" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_sighting_notifications_enable" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_user_notifications_enable" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_organisation_notifications_enable" true"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_port" 50000"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_redis_host" "localhost""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_redis_port" 6379"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_redis_database" 1"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_redis_namespace" "mispq""
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_include_attachments" false"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_tag_notifications_enable" false"
|
||||
sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_audit_notifications_enable" false"
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_enable" true"
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_event_notifications_enable" true"
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_object_notifications_enable" true"
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_object_reference_notifications_enable" true"
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_attribute_notifications_enable" true"
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_sighting_notifications_enable" true"
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_user_notifications_enable" true"
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_organisation_notifications_enable" true"
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_port" 50000"
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_redis_host" "localhost""
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_redis_port" 6379"
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_redis_database" 1"
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_redis_namespace" "mispq""
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_include_attachments" false"
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_tag_notifications_enable" false"
|
||||
$SUDO_WWW $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_audit_notifications_enable" false"
|
||||
```
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# INSTALLATION INSTRUCTIONS
|
||||
## for CentOS 6.x
|
||||
## for CentOS 6.10
|
||||
|
||||
### 0/ MISP CentOS 6 Minimal NetInstall - Status
|
||||
--------------------------------------------
|
||||
|
@ -12,6 +12,8 @@
|
|||
Semi-maintained and tested by @SteveClement, CentOS 6.10 on 20181025<br />
|
||||
It is still considered experimental as not everything works seemlessly.
|
||||
|
||||
!!! notice
|
||||
Maintenance will end on: November 30th, 2020 [Source[0]](https://wiki.centos.org/About/Product) [Source[1]](https://linuxlifecycle.com/)
|
||||
|
||||
CentOS 6.10 [NetInstallURL](http://mirrors.sonic.net/centos/6.10/os/x86_64/)
|
||||
|
||||
|
@ -37,7 +39,7 @@ Install a minimal CentOS 6.x system with the software:
|
|||
|
||||
```bash
|
||||
# Make sure you set your hostname CORRECTLY vs. like an brute (manually in /etc/hostname)
|
||||
sudo hostnamectl set-hostname misp.local # or whatever you want it to be
|
||||
sudo hostnamectl set-hostname misp.local # Your choice, in a production environment, it's best to use a FQDN
|
||||
|
||||
# Make sure your system is up2date:
|
||||
sudo yum update -y
|
||||
|
|
|
@ -9,20 +9,23 @@
|
|||
{!generic/rhelVScentos.md!}
|
||||
|
||||
!!! notice
|
||||
Semi-maintained and tested by @SteveClement, CentOS 7.5-1804 on 20181113<br />
|
||||
Semi-maintained and tested by @SteveClement, CentOS 7.6-1804 on 20190410<br />
|
||||
It is still considered experimental as not everything works seemlessly.
|
||||
|
||||
!!! notice
|
||||
Maintenance will end on: June 30th, 2024 [Source[0]](https://wiki.centos.org/About/Product) [Source[1]](https://linuxlifecycle.com/)
|
||||
|
||||
CentOS 7.5-1804 [NetInstallURL](http://mirror.centos.org/centos/7.5.1804/os/x86_64/)
|
||||
CentOS 7.6-1810 [NetInstallURL](http://mirror.centos.org/centos/7.6.1810/os/x86_64/)
|
||||
|
||||
{!generic/globalVariables.md!}
|
||||
|
||||
```bash
|
||||
# CentOS Specific
|
||||
RUN_PHP='/usr/bin/scl enable rh-php71 '
|
||||
RUN_PHP='/usr/bin/scl enable rh-php72 '
|
||||
RUN_PYTHON='/usr/bin/scl enable rh-python36 '
|
||||
SUDO_WWW='sudo -H -u apache'
|
||||
|
||||
PHP_INI=/etc/opt/rh/rh-php71/php.ini
|
||||
PHP_INI=/etc/opt/rh/rh-php72/php.ini
|
||||
```
|
||||
|
||||
### 1/ Minimal CentOS install
|
||||
|
@ -37,7 +40,7 @@ Install a minimal CentOS 7.x system with the software:
|
|||
|
||||
```bash
|
||||
# Make sure you set your hostname CORRECTLY vs. like an brute (manually in /etc/hostname)
|
||||
sudo hostnamectl set-hostname misp.local # or whatever you want it to be
|
||||
sudo hostnamectl set-hostname misp.local # Your choice, in a production environment, it's best to use a FQDN
|
||||
|
||||
# Make sure your system is up2date:
|
||||
sudo yum update -y
|
||||
|
@ -67,19 +70,19 @@ sudo yum install gcc git zip \
|
|||
python-devel python-pip python-zmq \
|
||||
libxslt-devel zlib-devel ssdeep-devel -y
|
||||
|
||||
# Install PHP 7.1 from SCL, see https://www.softwarecollections.org/en/scls/rhscl/rh-php71/
|
||||
sudo yum install rh-php71 rh-php71-php-fpm rh-php71-php-devel rh-php71-php-mysqlnd rh-php71-php-mbstring rh-php71-php-xml rh-php71-php-bcmath rh-php71-php-opcache rh-php71-php-gd -y
|
||||
# Install PHP 7.2 from SCL, see https://www.softwarecollections.org/en/scls/rhscl/rh-php72/
|
||||
sudo yum install rh-php72 rh-php72-php-fpm rh-php72-php-devel rh-php72-php-mysqlnd rh-php72-php-mbstring rh-php72-php-xml rh-php72-php-bcmath rh-php72-php-opcache rh-php72-php-gd -y
|
||||
|
||||
# Install Python 3.6 from SCL, see
|
||||
# https://www.softwarecollections.org/en/scls/rhscl/rh-python36/
|
||||
sudo yum install rh-python36 -y
|
||||
|
||||
sudo systemctl enable rh-php71-php-fpm.service
|
||||
sudo systemctl start rh-php71-php-fpm.service
|
||||
sudo systemctl enable rh-php72-php-fpm.service
|
||||
sudo systemctl start rh-php72-php-fpm.service
|
||||
```
|
||||
|
||||
!!! notice
|
||||
$RUN_PHP makes php available for you if using rh-php71. e.g: sudo $RUN_PHP "pear list | grep Crypt_GPG"
|
||||
$RUN_PHP makes php available for you if using rh-php72. e.g: sudo $RUN_PHP "pear list | grep Crypt_GPG"
|
||||
|
||||
```bash
|
||||
# GPG needs lots of entropy, haveged provides entropy
|
||||
|
@ -100,74 +103,102 @@ sudo systemctl start redis.service
|
|||
sudo mkdir $PATH_TO_MISP
|
||||
sudo chown apache:apache $PATH_TO_MISP
|
||||
cd /var/www
|
||||
sudo -u apache git clone https://github.com/MISP/MISP.git
|
||||
$SUDO_WWW git clone https://github.com/MISP/MISP.git
|
||||
cd $PATH_TO_MISP
|
||||
##sudo -u apache git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||
##$SUDO_WWW git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||
# if the last shortcut doesn't work, specify the latest version manually
|
||||
# example: git checkout tags/v2.4.XY
|
||||
# the message regarding a "detached HEAD state" is expected behaviour
|
||||
# (you only have to create a new branch, if you want to change stuff and do a pull request for example)
|
||||
|
||||
# Fetch submodules
|
||||
sudo -u apache git submodule update --init --recursive
|
||||
$SUDO_WWW git submodule update --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
sudo -u apache git submodule foreach --recursive git config core.filemode false
|
||||
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# Install packaged pears
|
||||
sudo $RUN_PHP "pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml"
|
||||
sudo $RUN_PHP "pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml"
|
||||
|
||||
# Create a python3 virtualenv
|
||||
sudo -u apache $RUN_PYTHON "virtualenv -p python3 $PATH_TO_MISP/venv"
|
||||
$SUDO_WWW $RUN_PYTHON "virtualenv -p python3 $PATH_TO_MISP/venv"
|
||||
sudo mkdir /usr/share/httpd/.cache
|
||||
sudo chown apache:apache /usr/share/httpd/.cache
|
||||
sudo -u apache $PATH_TO_MISP/venv/bin/pip install -U pip setuptools
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U pip setuptools
|
||||
|
||||
# install Mitre's STIX and its dependencies by running the following commands:
|
||||
sudo yum install python-importlib python-lxml python-dateutil python-six -y
|
||||
cd /var/www/MISP/app/files/scripts
|
||||
sudo -u apache git clone https://github.com/CybOXProject/python-cybox.git
|
||||
sudo -u apache git clone https://github.com/STIXProject/python-stix.git
|
||||
cd /var/www/MISP/app/files/scripts/python-cybox
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
|
||||
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
||||
# If you umask is has been changed from the default, it is a good idea to reset it to 0022 before installing python modules
|
||||
UMASK=$(umask)
|
||||
umask 0022
|
||||
cd /var/www/MISP/app/files/scripts/python-stix
|
||||
sudo -u apache $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
|
||||
# install maec
|
||||
sudo -u apache $PATH_TO_MISP/venv/bin/pip install -U maec
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U maec
|
||||
|
||||
# install zmq
|
||||
sudo -u apache $PATH_TO_MISP/venv/bin/pip install -U zmq
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U zmq
|
||||
|
||||
# install redis
|
||||
sudo -u apache $PATH_TO_MISP/venv/bin/pip install -U redis
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U redis
|
||||
|
||||
# install magic, lief, pydeep
|
||||
sudo -u apache $PATH_TO_MISP/venv/bin/pip install -U python-magic lief git+https://github.com/kbandla/pydeep.git
|
||||
# lief needs manual compilation
|
||||
sudo yum install devtoolset-7 cmake3 -y
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
$SUDO_WWW git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
|
||||
|
||||
# TODO: Fix static path with PATH_TO_MISP
|
||||
cd $PATH_TO_MISP/app/files/scripts/lief
|
||||
$SUDO_WWW mkdir build
|
||||
cd build
|
||||
$SUDO_WWW scl enable devtoolset-7 rh-python36 'bash -c "cmake3 \
|
||||
-DLIEF_PYTHON_API=on \
|
||||
-DLIEF_DOC=off \
|
||||
-DCMAKE_INSTALL_PREFIX=$LIEF_INSTALL \
|
||||
-DCMAKE_BUILD_TYPE=Release \
|
||||
-DPYTHON_VERSION=3.6 \
|
||||
-DPYTHON_EXECUTABLE=/var/www/MISP/venv/bin/python \
|
||||
.."'
|
||||
$SUDO_WWW make -j3
|
||||
sudo make install
|
||||
cd api/python/lief_pybind11-prefix/src/lief_pybind11
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/python setup.py install
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install https://github.com/lief-project/packages/raw/lief-master-latest/pylief-0.9.0.dev.zip
|
||||
|
||||
# install magic, pydeep
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic git+https://github.com/kbandla/pydeep.git
|
||||
|
||||
# install mixbox to accommodate the new STIX dependencies:
|
||||
cd /var/www/MISP/app/files/scripts/
|
||||
sudo -u apache git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd /var/www/MISP/app/files/scripts/mixbox
|
||||
sudo -u apache $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
|
||||
# install STIX2.0 library to support STIX 2.0 export:
|
||||
cd /var/www/MISP/cti-python-stix2
|
||||
sudo -u apache $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/cti-python-stix2
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
|
||||
# install PyMISP
|
||||
cd /var/www/MISP/PyMISP
|
||||
sudo -u apache $PATH_TO_MISP/venv/bin/pip install enum34
|
||||
sudo -u apache $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/PyMISP
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
|
||||
# Enable python3 for php-fpm
|
||||
echo 'source scl_source enable rh-python36' | sudo tee -a /etc/opt/rh/rh-php71/sysconfig/php-fpm
|
||||
sudo sed -i.org -e 's/^;\(clear_env = no\)/\1/' /etc/opt/rh/rh-php71/php-fpm.d/www.conf
|
||||
sudo systemctl restart rh-php71-php-fpm.service
|
||||
echo 'source scl_source enable rh-python36' | sudo tee -a /etc/opt/rh/rh-php72/sysconfig/php-fpm
|
||||
sudo sed -i.org -e 's/^;\(clear_env = no\)/\1/' /etc/opt/rh/rh-php72/php-fpm.d/www.conf
|
||||
sudo systemctl restart rh-php72-php-fpm.service
|
||||
|
||||
umask $UMASK
|
||||
|
||||
# Enable dependencies detection in the diagnostics page
|
||||
# This allows MISP to detect GnuPG, the Python modules' versions and to read the PHP settings.
|
||||
echo "env[PATH] =/opt/rh/rh-python36/root/usr/bin:/opt/rh/rh-php72/root/usr/bin:/usr/local/bin:/usr/bin:/bin" |sudo tee -a /etc/opt/rh/rh-php72/php-fpm.d/www.conf
|
||||
sudo systemctl restart rh-php72-php-fpm.service
|
||||
```
|
||||
|
||||
### 4/ CakePHP
|
||||
|
@ -175,27 +206,32 @@ umask $UMASK
|
|||
#### CakePHP is now included as a submodule of MISP and has been fetch by a previous step.
|
||||
#### Install CakeResque along with its dependencies if you intend to use the built in background jobs.
|
||||
```bash
|
||||
sudo chown -R apache:apache /var/www/MISP
|
||||
sudo chown -R apache:apache $PATH_TO_MISP
|
||||
sudo mkdir /usr/share/httpd/.composer
|
||||
sudo chown apache:apache /usr/share/httpd/.composer
|
||||
cd /var/www/MISP/app
|
||||
sudo -u apache $RUN_PHP "php composer.phar require kamisama/cake-resque:4.1.2"
|
||||
sudo -u apache $RUN_PHP "php composer.phar config vendor-dir Vendor"
|
||||
sudo -u apache $RUN_PHP "php composer.phar install"
|
||||
cd $PATH_TO_MISP/app
|
||||
# Update composer.phar (optional)
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '48e3236262b34d30969dca3c37281b3b4bbe3221bda826ac6a9a62d6444cdb0dcd0615698a5cbe587c3f0fe57a54d8f5') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#$SUDO_WWW $RUN_PHP "php composer-setup.php"
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "unlink('composer-setup.php');"
|
||||
$SUDO_WWW $RUN_PHP "php composer.phar require kamisama/cake-resque:4.1.2"
|
||||
$SUDO_WWW $RUN_PHP "php composer.phar config vendor-dir Vendor"
|
||||
$SUDO_WWW $RUN_PHP "php composer.phar install"
|
||||
|
||||
# CakeResque normally uses phpredis to connect to redis, but it has a (buggy)
|
||||
# fallback connector through Redisent.
|
||||
# It is highly advised to install phpredis using "yum install php-redis"
|
||||
sudo $RUN_PHP "pecl install redis"
|
||||
echo "extension=redis.so" |sudo tee /etc/opt/rh/rh-php71/php-fpm.d/redis.ini
|
||||
sudo ln -s ../php-fpm.d/redis.ini /etc/opt/rh/rh-php71/php.d/99-redis.ini
|
||||
sudo systemctl restart rh-php71-php-fpm.service
|
||||
echo "extension=redis.so" |sudo tee /etc/opt/rh/rh-php72/php-fpm.d/redis.ini
|
||||
sudo ln -s ../php-fpm.d/redis.ini /etc/opt/rh/rh-php72/php.d/99-redis.ini
|
||||
sudo systemctl restart rh-php72-php-fpm.service
|
||||
|
||||
# If you have not yet set a timezone in php.ini
|
||||
echo 'date.timezone = "Europe/Luxembourg"' |sudo tee /etc/opt/rh/rh-php71/php-fpm.d/timezone.ini
|
||||
sudo ln -s ../php-fpm.d/timezone.ini /etc/opt/rh/rh-php71/php.d/99-timezone.ini
|
||||
echo 'date.timezone = "Europe/Luxembourg"' |sudo tee /etc/opt/rh/rh-php72/php-fpm.d/timezone.ini
|
||||
sudo ln -s ../php-fpm.d/timezone.ini /etc/opt/rh/rh-php72/php.d/99-timezone.ini
|
||||
|
||||
# Recommended: Change some PHP settings in /etc/opt/rh/rh-php71/php.ini
|
||||
# Recommended: Change some PHP settings in /etc/opt/rh/rh-php72/php.ini
|
||||
# max_execution_time = 300
|
||||
# memory_limit = 512M
|
||||
# upload_max_filesize = 50M
|
||||
|
@ -204,33 +240,33 @@ for key in upload_max_filesize post_max_size max_execution_time max_input_time m
|
|||
do
|
||||
sudo sed -i "s/^\($key\).*/\1 = $(eval echo \${$key})/" $PHP_INI
|
||||
done
|
||||
sudo systemctl restart rh-php71-php-fpm.service
|
||||
sudo systemctl restart rh-php72-php-fpm.service
|
||||
|
||||
# To use the scheduler worker for scheduled tasks, do the following:
|
||||
sudo cp -fa /var/www/MISP/INSTALL/setup/config.php /var/www/MISP/app/Plugin/CakeResque/Config/config.php
|
||||
sudo cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
|
||||
```
|
||||
|
||||
### 5/ Set the permissions
|
||||
----------------------
|
||||
```bash
|
||||
# Make sure the permissions are set correctly using the following commands as root:
|
||||
sudo chown -R root:apache /var/www/MISP
|
||||
sudo find /var/www/MISP -type d -exec chmod g=rx {} \;
|
||||
sudo chmod -R g+r,o= /var/www/MISP
|
||||
sudo chmod -R 750 /var/www/MISP
|
||||
sudo chmod -R g+xws /var/www/MISP/app/tmp
|
||||
sudo chmod -R g+ws /var/www/MISP/app/files
|
||||
sudo chmod -R g+ws /var/www/MISP/app/files/scripts/tmp
|
||||
sudo chmod -R g+rw /var/www/MISP/venv
|
||||
sudo chmod -R g+rw /var/www/MISP/.git
|
||||
sudo chown apache:apache /var/www/MISP/app/files
|
||||
sudo chown apache:apache /var/www/MISP/app/files/terms
|
||||
sudo chown apache:apache /var/www/MISP/app/files/scripts/tmp
|
||||
sudo chown apache:apache /var/www/MISP/app/Plugin/CakeResque/tmp
|
||||
sudo chown -R apache:apache /var/www/MISP/app/Config
|
||||
sudo chown -R apache:apache /var/www/MISP/app/tmp
|
||||
sudo chown -R apache:apache /var/www/MISP/app/webroot/img/orgs
|
||||
sudo chown -R apache:apache /var/www/MISP/app/webroot/img/custom
|
||||
sudo chown -R apache:apache $PATH_TO_MISP
|
||||
sudo find $PATH_TO_MISP -type d -exec chmod g=rx {} \;
|
||||
sudo chmod -R g+r,o= $PATH_TO_MISP
|
||||
sudo chmod -R 750 $PATH_TO_MISP
|
||||
sudo chmod -R g+xws $PATH_TO_MISP/app/tmp
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chmod -R g+rw $PATH_TO_MISP/venv
|
||||
sudo chmod -R g+rw $PATH_TO_MISP/.git
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/files
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/files/terms
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/Plugin/CakeResque/tmp
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/app/Config
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/app/tmp
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/app/webroot/img/orgs
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/app/webroot/img/custom
|
||||
```
|
||||
|
||||
### 6/ Create a database and user
|
||||
|
@ -243,14 +279,14 @@ sudo systemctl start mariadb.service
|
|||
sudo yum install expect -y
|
||||
|
||||
# Add your credentials if needed, if sudo has NOPASS, comment out the relevant lines
|
||||
#pw="Password1234"
|
||||
pw="Password1234"
|
||||
|
||||
expect -f - <<-EOF
|
||||
set timeout 10
|
||||
|
||||
spawn sudo mysql_secure_installation
|
||||
#expect "*?assword*"
|
||||
#send -- "$pw\r"
|
||||
expect "*?assword*"
|
||||
send -- "$pw\r"
|
||||
expect "Enter current password for root (enter for none):"
|
||||
send -- "\r"
|
||||
expect "Set root password?"
|
||||
|
@ -302,7 +338,7 @@ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
|
|||
|
||||
#### Import the empty MySQL database from MYSQL.sql
|
||||
```bash
|
||||
sudo -u apache cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
```
|
||||
|
||||
|
||||
|
@ -321,15 +357,17 @@ sudo -u apache cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DB
|
|||
This guide only copies a stock **NON-SSL** configuration file.
|
||||
|
||||
```bash
|
||||
# Now configure your apache server with the DocumentRoot /var/www/MISP/app/webroot/
|
||||
# A sample vhost can be found in /var/www/MISP/INSTALL/apache.misp.centos7
|
||||
# Now configure your apache server with the DocumentRoot $PATH_TO_MISP/app/webroot/
|
||||
# A sample vhost can be found in $PATH_TO_MISP/INSTALL/apache.misp.centos7
|
||||
|
||||
sudo cp /var/www/MISP/INSTALL/apache.misp.centos7.ssl /etc/httpd/conf.d/misp.ssl.conf
|
||||
sudo cp $PATH_TO_MISP/INSTALL/apache.misp.centos7.ssl /etc/httpd/conf.d/misp.ssl.conf
|
||||
sudo rm /etc/httpd/conf.d/ssl.conf
|
||||
sudo chmod 644 /etc/httpd/conf.d/misp.ssl.conf
|
||||
sudo sed -i '/Listen 80/a Listen 443' /etc/httpd/conf/httpd.conf
|
||||
echo $OPENSSL_CN
|
||||
sudo systemctl start httpd.service
|
||||
|
||||
# If a valid SSL certificate is not already created for the server, create a self-signed certificate:
|
||||
echo "The Common Name used below will be: ${OPENSSL_CN}"
|
||||
# This will take a rather long time, be ready. (13min on a VM, 8GB Ram, 1 core)
|
||||
sudo openssl dhparam -out /etc/pki/tls/certs/dhparam.pem 4096
|
||||
sudo openssl genrsa -des3 -passout pass:x -out /tmp/misp.local.key 4096
|
||||
sudo openssl rsa -passin pass:x -in /tmp/misp.local.key -out /etc/pki/tls/private/misp.local.key
|
||||
|
@ -341,34 +379,35 @@ cat /etc/pki/tls/certs/dhparam.pem |sudo tee -a /etc/pki/tls/certs/misp.local.cr
|
|||
|
||||
sudo systemctl restart httpd.service
|
||||
|
||||
# If a valid SSL certificate is not already created for the server, create a self-signed certificate:
|
||||
sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
|
||||
-subj "/C=${OPENSSL_C}/ST=${OPENSSL_ST}/L=${OPENSSL_L}/O=${OPENSSL_O}/OU=${OPENSSL_OU}/CN=${OPENSSL_CN}/emailAddress=${OPENSSL_EMAILADDRESS}" \
|
||||
-keyout /etc/pki/tls/private/misp.local.key -out /etc/pki/tls/certs/misp.local.crt
|
||||
|
||||
# Since SELinux is enabled, we need to allow httpd to write to certain directories
|
||||
sudo chcon -t usr_t /var/www/MISP/venv
|
||||
sudo chcon -t httpd_sys_rw_content_t /var/www/MISP/app/files
|
||||
sudo chcon -t httpd_sys_rw_content_t /var/www/MISP/app/files/terms
|
||||
sudo chcon -t httpd_sys_rw_content_t /var/www/MISP/app/files/scripts/tmp
|
||||
sudo chcon -t httpd_sys_rw_content_t /var/www/MISP/app/Plugin/CakeResque/tmp
|
||||
sudo chcon -t httpd_sys_script_exec_t /var/www/MISP/app/Console/cake
|
||||
sudo chcon -R -t usr_t /var/www/MISP/venv
|
||||
sudo chcon -R -t httpd_sys_rw_content_t /var/www/MISP/.git
|
||||
sudo chcon -R -t httpd_sys_rw_content_t /var/www/MISP/app/tmp
|
||||
sudo chcon -R -t httpd_sys_rw_content_t /var/www/MISP/app/Config
|
||||
sudo chcon -R -t httpd_sys_rw_content_t /var/www/MISP/app/tmp/logs
|
||||
sudo chcon -R -t httpd_sys_rw_content_t /var/www/MISP/app/webroot/img/orgs
|
||||
sudo chcon -R -t httpd_sys_rw_content_t /var/www/MISP/app/webroot/img/custom
|
||||
sudo chcon -t usr_t $PATH_TO_MISP/venv
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/terms
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Plugin/CakeResque/tmp
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/Console/cake
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/files/scripts/mispzmq/mispzmq.py
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/files/scripts/mispzmq/mispzmqtest.py
|
||||
sudo chcon -t httpd_sys_script_exec_t /usr/bin/ps
|
||||
sudo chcon -t httpd_sys_script_exec_t /usr/bin/grep
|
||||
sudo chcon -t httpd_sys_script_exec_t /usr/bin/awk
|
||||
sudo chcon -t httpd_sys_script_exec_t /usr/bin/gpg
|
||||
sudo chcon -R -t usr_t $PATH_TO_MISP/venv
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/.git
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/tmp
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Lib
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Config
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/tmp
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/webroot/img/orgs
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/webroot/img/custom
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/scripts/mispzmq
|
||||
```
|
||||
|
||||
!!! warning
|
||||
Revise all permissions so update in Web UI works.
|
||||
Todo: Revise all permissions so update in Web UI works.
|
||||
|
||||
```bash
|
||||
sudo chcon -R -t httpd_sys_rw_content_t /var/www/MISP/app/tmp
|
||||
|
||||
|
||||
# Allow httpd to connect to the redis server and php-fpm over tcp/ip
|
||||
sudo setsebool -P httpd_can_network_connect on
|
||||
|
||||
|
@ -389,14 +428,10 @@ sudo firewall-cmd --reload
|
|||
# Check out the apache.misp.ssl file for an example
|
||||
```
|
||||
|
||||
!!! warning
|
||||
To be fixed - Place holder
|
||||
|
||||
|
||||
### 8/ Log rotation
|
||||
---------------
|
||||
```bash
|
||||
# MISP saves the stdout and stderr of it's workers in /var/www/MISP/app/tmp/logs
|
||||
# MISP saves the stdout and stderr of it's workers in $PATH_TO_MISP/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
|
@ -404,8 +439,9 @@ sudo chmod 0640 /etc/logrotate.d/misp
|
|||
|
||||
# Now make logrotate work under SELinux as well
|
||||
# Allow logrotate to modify the log files
|
||||
sudo semanage fcontext -a -t httpd_log_t "/var/www/MISP/app/tmp/logs(/.*)?"
|
||||
sudo chcon -R -t httpd_log_t /var/www/MISP/app/tmp/logs
|
||||
sudo semanage fcontext -a -t httpd_log_t "$PATH_TO_MISP/app/tmp/logs(/.*)?"
|
||||
sudo chcon -R -t httpd_log_t $PATH_TO_MISP/app/tmp/logs
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/tmp/logs
|
||||
|
||||
# Allow logrotate to read /var/www
|
||||
sudo checkmodule -M -m -o /tmp/misplogrotate.mod $PATH_TO_MISP/INSTALL/misplogrotate.te
|
||||
|
@ -417,10 +453,10 @@ sudo semodule -i /tmp/misplogrotate.pp
|
|||
---------------------
|
||||
```bash
|
||||
# There are 4 sample configuration files in $PATH_TO_MISP/app/Config that need to be copied
|
||||
sudo -u apache cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
|
||||
sudo -u apache cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
|
||||
sudo -u apache cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
|
||||
sudo -u apache cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
|
||||
|
||||
echo "<?php
|
||||
class DATABASE_CONFIG {
|
||||
|
@ -437,7 +473,7 @@ class DATABASE_CONFIG {
|
|||
'prefix' => '',
|
||||
'encoding' => 'utf8',
|
||||
);
|
||||
}" | sudo -u apache tee $PATH_TO_MISP/app/Config/database.php
|
||||
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
|
||||
|
||||
# Configure the fields in the newly created files:
|
||||
# config.php : baseurl (example: 'baseurl' => 'http://misp',) - don't use "localhost" it causes issues when browsing externally
|
||||
|
@ -459,14 +495,14 @@ class DATABASE_CONFIG {
|
|||
# );
|
||||
#}
|
||||
|
||||
# Important! Change the salt key in /var/www/MISP/app/Config/config.php
|
||||
# Important! Change the salt key in $PATH_TO_MISP/app/Config/config.php
|
||||
# The admin user account will be generated on the first login, make sure that the salt is changed before you create that user
|
||||
# If you forget to do this step, and you are still dealing with a fresh installation, just alter the salt,
|
||||
# delete the user from mysql and log in again using the default admin credentials (admin@admin.test / admin)
|
||||
|
||||
# If you want to be able to change configuration parameters from the webinterface:
|
||||
sudo chown apache:apache /var/www/MISP/app/Config/config.php
|
||||
sudo chcon -t httpd_sys_rw_content_t /var/www/MISP/app/Config/config.php
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/Config/config.php
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Config/config.php
|
||||
|
||||
# Generate a GPG encryption key.
|
||||
cat >/tmp/gen-key-script <<EOF
|
||||
|
@ -484,17 +520,17 @@ cat >/tmp/gen-key-script <<EOF
|
|||
%echo done
|
||||
EOF
|
||||
|
||||
sudo gpg --homedir /var/www/MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
sudo gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
sudo rm -f /tmp/gen-key-script
|
||||
sudo chown -R apache:apache /var/www/MISP/.gnupg
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/.gnupg
|
||||
|
||||
# And export the public key to the webroot
|
||||
sudo gpg --homedir /var/www/MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee /var/www/MISP/app/webroot/gpg.asc
|
||||
sudo chown apache:apache /var/www/MISP/app/webroot/gpg.asc
|
||||
sudo gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
|
||||
# Start the workers to enable background jobs
|
||||
sudo chmod +x /var/www/MISP/app/Console/worker/start.sh
|
||||
sudo -u apache $RUN_PHP /var/www/MISP/app/Console/worker/start.sh
|
||||
sudo chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
$SUDO_WWW $RUN_PHP $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
|
||||
if [ ! -e /etc/rc.local ]
|
||||
then
|
||||
|
@ -503,7 +539,8 @@ then
|
|||
sudo chmod u+x /etc/rc.local
|
||||
fi
|
||||
|
||||
sudo sed -i -e '$i \su -s /bin/bash apache -c "scl enable rh-php71 /var/www/MISP/app/Console/worker/start.sh" > /tmp/worker_start_rc.local.log\n' /etc/rc.local
|
||||
# TODO: Fix static path with PATH_TO_MISP
|
||||
sudo sed -i -e '$i \su -s /bin/bash apache -c "scl enable rh-php72 /var/www/MISP/app/Console/worker/start.sh" > /tmp/worker_start_rc.local.log\n' /etc/rc.local
|
||||
# Make sure it will execute
|
||||
sudo chmod +x /etc/rc.local
|
||||
|
||||
|
@ -518,21 +555,22 @@ sudo yum install -y openjpeg-devel
|
|||
sudo chmod 2777 /usr/local/src
|
||||
sudo chown root:users /usr/local/src
|
||||
cd /usr/local/src/
|
||||
sudo -u apache git clone https://github.com/MISP/misp-modules.git
|
||||
$SUDO_WWW git clone https://github.com/MISP/misp-modules.git
|
||||
cd misp-modules
|
||||
# pip install
|
||||
sudo -H -u apache $PATH_TO_MISP/venv/bin/pip install -I -r REQUIREMENTS
|
||||
sudo -H -u apache $PATH_TO_MISP/venv/bin/pip install .
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I -r REQUIREMENTS
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
sudo yum install rubygem-rouge rubygem-asciidoctor -y
|
||||
##sudo gem install asciidoctor-pdf --pre
|
||||
|
||||
# install additional dependencies for extended object generation and extraction
|
||||
sudo -H -u apache ${PATH_TO_MISP}/venv/bin/pip install maec lief python-magic pathlib
|
||||
sudo -H -u apache ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install maec python-magic pathlib
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
|
||||
# Start misp-modules
|
||||
sudo -u apache ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
|
||||
|
||||
# TODO: Fix static path with PATH_TO_MISP
|
||||
sudo sed -i -e '$i \sudo -u apache /var/www/MISP/venv/bin/misp-modules -l 127.0.0.1 -s &\n' /etc/rc.local
|
||||
```
|
||||
|
||||
|
|
|
@ -70,7 +70,7 @@ nav:
|
|||
- Install Guides:
|
||||
- 'Ubuntu 18.04': 'INSTALL.ubuntu1804.md'
|
||||
- 'Kali Linux': 'INSTALL.kali.md'
|
||||
- 'Redhat Enterprise Linux 7': 'INSTALL.rhel7.md'
|
||||
- 'RHEL7/CentOS7': 'INSTALL.rhel7.md'
|
||||
- xInstall Guides:
|
||||
- 'Warning': 'xINSTALL.md'
|
||||
- 'Centos 6': 'xINSTALL.centos6.md'
|
||||
|
@ -81,7 +81,7 @@ nav:
|
|||
- 'Ubuntu 18.04 \w webmin': 'xINSTALL.ubuntu1804.with.webmin.md'
|
||||
- 'Tsurugi Linux': 'xINSTALL.tsurugi.md'
|
||||
- 'OpenBSD 6.4': 'xINSTALL.OpenBSD.md'
|
||||
- 'Redhat Enterprise Linux 7.6 (BETA)': 'xINSTALL.rhel7.md'
|
||||
- 'RHEL8 (Beta)': 'xINSTALL.rhel8.md'
|
||||
- Config Guides:
|
||||
- 'Elastic Search Logging': 'CONFIG.elasticsearch-logging.md'
|
||||
- 'Amazon S3 attachments': 'CONFIG.s3-attachments.md'
|
||||
|
|
Loading…
Reference in New Issue