A dashboard for a real-time overview of threat intelligence from MISP instances
 
 
 
 
 
Go to file
mokaddem 577eca8819
Update README.md
2017-11-10 16:22:05 +01:00
config removed initial config.cfg 2017-11-10 13:39:59 +01:00
screenshots Added screenshots geo and live 2017-11-10 16:16:38 +01:00
static Fixed UI button bug 2017-11-10 15:51:30 +01:00
templates Fixed UI button bug 2017-11-10 15:51:30 +01:00
LICENSE add: LICENSE added 2017-10-28 10:33:24 +02:00
README.md Update README.md 2017-11-10 16:22:05 +01:00
contributor_helper.py Added count for proposal and sighting 2017-11-10 15:03:33 +01:00
give_honors_to_org.py Added helper script to give ranks/badges 2017-11-09 16:31:34 +01:00
install_dependencies.sh Merged upstream 2017-11-10 13:57:00 +01:00
retreive_map_pic.py Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00
server.py Updated non-test function + minor UI fix 2017-11-09 10:58:18 +01:00
start.sh Display the number of log message in a dynamic chart + started support of multiple feeds 2017-08-24 16:02:28 +02:00
util.py Updated org contrib. overtime to display the date 2017-11-10 11:15:31 +01:00
zmq_subscriber.py Added support of Discusison 2017-11-10 14:33:10 +01:00

README.md

MISP-Dashboard

An experimental Dashboard showing live data and statistics from the MISP ZMQ

Installation

  • Launch ./install_dependencies.sh from the MISP-Dashboard directory
  • Update the configuration file config.cfg so that it matches your system
    • Fields that you may change:
      • RedisGlobal -> host
      • RedisGlobal -> port
      • RedisGlobal -> zmq_url
      • RedisGlobal -> misp_web_url

Starting the System

  • Activate your virtualenv . ./DASHENV/bin/activate
  • Listen to the MISP feed by starting the zmq_subscriber ./zmq_subscriber.py
  • Start the Flask server ./server.py
  • Access the interface at http://localhost:8001/

zmq_subscriber options


A zmq subscriber. It subscribe to a ZMQ then redispatch it to the MISP-dashboard

optional arguments:
  -h, --help            show this help message and exit
  -n ZMQNAME, --name ZMQNAME
                        The ZMQ feed name
  -u ZMQURL, --url ZMQURL
                        The URL to connect to

Screenshots

Live Dashboard

MISP event view

Geo Dashboard

MISP event view

Contributors Dashboard

Dashboard-contributor2 Dashboard-contributor3

License

Images and logos are handmade for:

  • rankingMISPOrg/
  • rankingMISPMonthly/
  • MISPHonorableIcons/

Note that:

  • Part of MISPHonorableIcons/1.svg comes from octicons.github.com (CC0 - No Rights Reserved)
  • Part of MISPHonorableIcons/2.svg comes from Zeptozephyr (CC0 - No Rights Reserved)
Copyright (C) 2017 CIRCL - Computer Incident Response Center Luxembourg (c/o smile, security made in Lëtzebuerg, Groupement d'Intérêt Economique)
Copyright (c) 2017 Sami Mokaddem


This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.