Add an illustration to the MISP synchronisation mechanism

2018-04-02 17:07:27 +02:00 · 2018-04-02 17:07:27 +02:00 · 6aa91e5cfc
parent 201de6f33b
commit 6aa91e5cfc
2 changed files with 1652 additions and 12 deletions
--- a/sharing/README.md
+++ b/sharing/README.md
@ -4,7 +4,7 @@

 * [Explanation](#users)
 * [Setup](#setup)
-* [Roles](#roles)
+* [Rules](#rules)
 * [Tools](#tools)
 * [Server Settings](#server-settings)
 * [Events](#events)
@ -22,6 +22,25 @@ The following figure shows the concept how different MISP instances could tie to
 ![Scenario example](figures/MISP_scenario_example.png)

 ## Setup
+### Introduction
+
+In MISP, two ways exist to get events:
+
+* **Use case 1**: From another MISP server (also called MISP instance), by synchronising two MISP servers.
+* **Use case 2**: From a link, by using [Feeds](../managing-feeds).
+
+The example below illustrate the synchronisation between two MISP servers (use case 1).
+An organisation B (OrgB) wants to synchronise its MISP server, called ServerB, with the MISP server of an organisation A (Org A), called ServerA. The following steps can be taken to syncronise ServerB with ServerA:
+
+<p align="center">
+  <img src="./figures/misp-sync-servers.svg" alt="Synchronisation between two MISP servers" style="width: 100%;"/>
+</p>
+
+* **Step 1**: Add OrgB as a local organisation on ServerA (OrgB.ServerA).
+* **Step 2**: Add a Sync User (syncuser@OrgB.ServerA) in the organisation OrgB.ServerA on the MISP ServerA.
+* **Step 3**: [Set up a sync server](###adding-a-server) on MISP ServerB using the key (called Authkey) from the sync user (syncuser@OrgB.ServerA) created on MISP serverA.
+
+For additional information on the synchronisation process, refer to the [MISP GitHub issues](https://github.com/MISP/MISP/issues), for example [issue 2595](https://github.com/MISP/MISP/issues/2595).

 ### Adding a server

--- a/sharing/figures/misp-sync-servers.svg
+++ b/sharing/figures/misp-sync-servers.svg