mirror of https://github.com/MISP/misp-book
GitHub
commit
4c6f8ada11
|
|
@ -2,6 +2,81 @@
|
|||
|
||||
## Administration
|
||||
|
||||
* [Users](#users)
|
||||
* Organisations
|
||||
* Role
|
||||
* Tools
|
||||
* Server Settings
|
||||
* Jobs
|
||||
* Scheduled Tasks
|
||||
|
||||
### Users
|
||||
As an admin, you can set up new accounts for users, edit the profiles of users, delete them, or just have a look at all the viewers’ profiles. Organisation admins are restricted to executing the same actions on their organisation’s users only.
|
||||
|
||||
#### Adding a new user:
|
||||
|
||||
To add a new user, click on the New User button in the administration menu to the left and fill out the following fields in the view that is loaded:
|
||||
|
||||
|
||||
|
||||
* **Email:** The user's e-mail address, this will be used as his/her login name and as an address to send all the automatic e-mails and e-mails sent by contacting the user as the reporter of an event.
|
||||
* **Set password:** Tick the box if you want to define a temporary password for the user. If you don't, you'll should use the action button 'reset password' on 'List Users' view for generating one and send it by email to the user.
|
||||
* **Password:** *This textbox is displayed only when 'Set password' is ticked.* A Temporary password for the user that he/she should change after the first login. Make sure that it is at least 6 characters long, includes a digit or a special character and contains at least one upper-case and at least one lower-case character.
|
||||
* **Confirm Password:** *This textbox is displayed only when 'Set password' is ticked.* This should be an exact copy of the Password field.
|
||||
* **Organisation:** A drop-down list allows you to choose an organisation for the user. To learn more about organisation, [click here](#organisation).
|
||||
* **Roles:** A drop-down list allows you to choose a role-group that the user should belong to. Roles define the privileges of the user. To learn more about roles, [click here](#managing-the-roles).
|
||||
* **Authkey:** This is assigned automatically and is the unique authentication key of the user (he/she will be able to reset this and receive a new key). It is used for exports and for connecting one server to another, but it requires the user to be assigned to a role that has auth permission enabled.
|
||||
* **NIDS Sid:** ID of network intrusion detection systems.
|
||||
* **Sync user for:** Use this option for granted the user the right to synchronize the event between MISP server. This option is available for admin, Org Admin and Sync user role.
|
||||
* **Gpgkey:** The key used for encrypting e-mails sent through the system.
|
||||
* **Fetch GPG key:** Fetch GPG public key.
|
||||
* **Receive alerts when events are published:** This option will subscribe the new user to automatically generated e-mails whenever an event is published.
|
||||
* **Receive alerts from "contact reporter" requests:** This option will subscribe the new user to e-mails that are generated when another user tries to get in touch with an event's reporting organisation that matches that of the new user.
|
||||
* **Disable this user account:** Tick it if you want to disable this user account.
|
||||
|
||||
#### Listing all users:
|
||||
|
||||
To list all current users of the system, just click on List Users under the administration menu to the left. A view will be loaded with a list of all users and the following columns of information:
|
||||
|
||||
|
||||
|
||||
* **Id:** The user's automatically assigned ID number.
|
||||
* **Org:** The organisation that the user belongs to.
|
||||
* **Email:** The e-mail address (and login name) of the user.
|
||||
* **Authkey:** Unique authentication key of the user.
|
||||
* **Autoalert:** Shows whether the user has subscribed to auto-alerts and is always receiving the mass-emails regarding newly published events that he/she is eligible for.
|
||||
* **Contactalert:** Shows whether the user has the subscription to contact reporter e-mails directed at his/her organisation turned on or off.
|
||||
* **Gpgkey:** Shows whether the user has entered a Gpgkey yet.
|
||||
* **Nids Sid:** Shows the currently assigned NIDS ID.
|
||||
* **Termsaccepted:** This flag indicates whether the user has accepted the terms of use or not.
|
||||
* **Last login:** Date of last login.
|
||||
* **Disabled:** Show the user status. Enabled or disabled.
|
||||
* **Action Buttons:** There are 4 options available: reset the password, edit the user, delete the user or display user's information. These options are also available on the left menu.
|
||||
* **Reset Password:** Use this action for reseting password. If you have created a new user without password, tick the 'First time registration' checkbox for sending a welcome message. Otherwise a reset password message will be sent.
|
||||
|
||||
* **Edit the user:** Same options of create user's view. Few options are only available here:
|
||||
* **Terms accepted:** Indicates whether the user has accepted the terms of use already or not.
|
||||
* **Change Password:** Setting this flag will require the user to change password after the next login.
|
||||
* **Reset Auth Key:** Use this link for generate a new AuthKey.
|
||||
|
||||
* **Delete the user:** If you want to delete a user.
|
||||
|
||||
* **Display the user:** Display all user's information.
|
||||
|
||||
|
||||
#### Contacting a user:
|
||||
|
||||
Site admins can use the "Contact users" feature to send all or individual user an e-mail. Users that have a PGP key set will receive their e-mails encrypted. When clicking this button on the left, you'll be presented with a form that allows you to specify the type of the e-mail, who it should reach and what the content is using the following options:
|
||||
|
||||
|
||||
|
||||
* **Action:** This defines the type of the e-mail, which can be a custom message or a password reset. Password resets automatically include a new temporary password at the bottom of the message and will automatically change the user's password accordingly.
|
||||
* **Subject:** In the case of a custom e-mail, you can enter a subject line here.
|
||||
* **Recipient:** The recipient toggle lets you contact all your users, a single user (which creates a second drop-down list with all the e-mail addresses of the users) and potential future users (which opens up a text field for the e-mail address and a text area field for a PGP public key).
|
||||
* **Custom message checkbox:** This is available for password resets or for welcome message, you can either write your own message (which will be appended with a temporary key and the signature), or let the system generate one automatically.
|
||||
|
||||
Keep in mind that all e-mails sent through this system will, in addition to your own message, will be signed in the name of the instance's host organisation's support team, will include the e-mail address of the instance's support (if the contact field is set in the bootstrap file), and will include the instance's PGP signature for users that have a PGP key set (and thus are eligible for an encrypted e-mail).
|
||||
|
||||
### Server settings and diagnostics
|
||||
|
||||
Since version 2.3, MISP has a settings and diagnostics tool that allows site-admins to manage and diagnose their MISP installation. You can access this by navigating to Administration - Server settings
|
||||
|
|
@ -74,75 +149,6 @@ When viewing the list of whitelisted addresses, the following pieces of informat
|
|||
|
||||
|
||||
|
||||
### Managing the users:
|
||||
|
||||
As an admin, you can set up new accounts for users, edit the profiles of users, delete them, or just have a look at all the viewers' profiles. Organisation admins are restricted to executing the same actions on their organisation's users only.
|
||||
|
||||
#### Adding a new user:
|
||||
|
||||
To add a new user, click on the New User button in the administration menu to the left and fill out the following fields in the view that is loaded:
|
||||
|
||||
|
||||
|
||||
* **Email:** The user's e-mail address, this will be used as his/her login name and as an address to send all the automatic e-mails and e-mails sent by contacting the user as the reporter of an event.
|
||||
* **Password:** A temporary password for the user that he/she should change after the first login. Make sure that it is at least 6 characters long, includes a digit or a special character and contains at least one upper-case and at least one lower-case character.
|
||||
* **Confirm Password:** This should be an exact copy of the Password field.
|
||||
* **Org:**The organisation of the user. Entering ADMIN into this field will give administrator privileges to the user. If you are an organisation admin, then this field will be unchangeable and be set to your own organisation.
|
||||
* **Roles:** A drop-down list allows you to choose a role-group that the user should belong to. Roles define the privileges of the user. To learn more about roles, [click here](#managing-the-roles).
|
||||
* **Receive alerts when events are published:** This option will subscribe the new user to automatically generated e-mails whenever an event is published.
|
||||
* **Receive alerts from "contact reporter" requests:** This option will subscribe the new user to e-mails that are generated when another user tries to get in touch with an event's reporting organisation that matches that of the new user.
|
||||
* **Authkey:** This is assigned automatically and is the unique authentication key of the user (he/she will be able to reset this and receive a new key). It is used for exports and for connecting one server to another, but it requires the user to be assigned to a role that has auth permission enabled.
|
||||
* **NIDS Sid:** Nids ID, not yet implemented.
|
||||
* **Gpgkey:** The key used for encrypting e-mails sent through the system.
|
||||
|
||||
#### Listing all users:
|
||||
|
||||
To list all current users of the system, just click on List Users under the administration menu to the left. A view will be loaded with a list of all users and the following columns of information:
|
||||
|
||||
|
||||
|
||||
* **Id:** The user's automatically assigned ID number.
|
||||
* **Org:** The organisation that the user belongs to.
|
||||
* **Email:** The e-mail address (and login name) of the user.
|
||||
* **Autoalert:** Shows whether the user has subscribed to auto-alerts and is always receiving the mass-emails regarding newly published events that he/she is eligible for.
|
||||
* **ontactalert:** Shows whether the user has the subscription to contact reporter e-mails directed at his/her organisation turned on or off.
|
||||
* **Gpgkey:** Shows whether the user has entered a Gpgkey yet.
|
||||
* **Nids Sid:** Shows the currently assigned NIDS ID.
|
||||
* **Termsaccepted:** This flag indicates whether the user has accepted the terms of use or not.
|
||||
* **Newsread:** The last point in time when the user has looked at the news section of the system.
|
||||
* **Action Buttons:** Here you can view a detailed view of a user, edit the basic details of a user (same view as the one used for creating a new user, but all the fields come filled out by default) or remove a user completely.
|
||||
|
||||
#### Editing a user:
|
||||
|
||||
To add a new user, click on the New User button in the administration menu to the left and fill out the following fields in the view that is loaded:
|
||||
|
||||
* **Email:** The user's e-mail address, this will be used as his/her login name and as an address to send all the automatic e-mails and e-mails sent by contacting the user as the reporter of an event.
|
||||
* **Password:** It is possible to assign a new password manually for a user. For example, in case that he/she forgot the old one a new temporary one can be assigned. Make sure to check the "Change password" field if you do give out a temporary password, so that the user will be forced to change it after login.
|
||||
* **Confirm Password:** This should be an exact copy of the Password field.
|
||||
* **Org:**The organisation of the user. Entering ADMIN into this field will give administrator privileges to the user. If you are an organisation admin, then this field will be unchangeable and be set to your own organisation.
|
||||
* **Roles:** A drop-down list allows you to choose a role-group that the user should belong to. Roles define the privileges of the user. To learn more about roles, [click here](#managing-the-roles).
|
||||
* **Receive alerts when events are published:** This option will subscribe the user to automatically generated e-mails whenever an event is published.
|
||||
* **Receive alerts from "contact reporter" requests:** This option will subscribe the user to e-mails that are generated when another user tries to get in touch with an event's reporting organisation that matches that of the user.
|
||||
* **Authkey:** It is possible to request a new authentication key for the user.
|
||||
* **NIDS Sid:** Nids ID, not yet implemented.
|
||||
* **Termsaccepted:** Indicates whether the user has accepted the terms of use already or not.
|
||||
* **Change Password:** Setting this flag will require the user to change password after the next login.
|
||||
* **Gpgkey:** The key used for encrypting e-mails sent through the system.
|
||||
|
||||
#### Contacting a user:
|
||||
|
||||
Site admins can use the "Contact users" feature to send all or an individual user an e-mail. Users that have a PGP key set will receive their e-mails encrypted. When clicking this button on the left, you'll be presented with a form that allows you to specify the type of the e-mail, who it should reach and what the content is using the following options:
|
||||
|
||||
|
||||
|
||||
* **Action:** This defines the type of the e-mail, which can be a custom message or a password reset. Password resets automatically include a new temporary password at the bottom of the message and will automatically change the user's password accordingly.
|
||||
* **Recipient:** The recipient toggle lets you contact all your users, a single user (which creates a second drop-down list with all the e-mail addresses of the users) and potential future users (which opens up a text field for the e-mail address and a text area field for a PGP public key).
|
||||
* **Subject:** In the case of a custom e-mail, you can enter a subject line here.
|
||||
* **Subject:** In the case of a custom e-mail, you can enter a subject line here.
|
||||
* **Custom message checkbox:** This is available for password resets, you can either write your own message (which will be appended with a temporary key and the signature), or let the system generate one automatically.
|
||||
|
||||
Keep in mind that all e-mails sent through this system will, in addition to your own message, will be signed in the name of the instance's host organisation's support team, will include the e-mail address of the instance's support (if the contact field is set in the bootstrap file), and will include the instance's PGP signature for users that have a PGP key set (and thus are eligible for an encrypted e-mail).
|
||||
|
||||
### Managing the roles
|
||||
|
||||
Privileges are assigned to users by assigning them to rule groups, which use one of four options determining what they can do with events and four additional privilege elevating settings. The four options for event manipulation are: Read Only, Manage My Own Events, Manage Organisation Events, Manage & Publish Organisation Events. The extra privileges are admin, sync, authentication key usage and audit permission
|
||||
|
|
|
|||
Binary file not shown.
|
Before Width: | Height: | Size: 24 KiB After Width: | Height: | Size: 25 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 67 KiB After Width: | Height: | Size: 46 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 14 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 23 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 31 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 24 KiB After Width: | Height: | Size: 46 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 17 KiB |
Loading…
Reference in New Issue