MISP Docker (XME edition)
 
 
 
 
Go to file
Jason Kendall c610d0cc3e Add travisci build test 2020-01-29 09:26:44 -05:00
files Initial 2019-11-25 16:58:18 -05:00
logs Initial 2019-11-25 16:58:18 -05:00
modules Add libfuzzy to modules 2020-01-28 14:21:33 -05:00
server Bump MISP 2.4.120 2020-01-28 12:54:36 -05:00
server-configs Initial 2019-11-25 16:58:18 -05:00
ssl Initial 2019-11-25 16:58:18 -05:00
.gitignore gitignore MISP attachments 2019-11-26 09:27:15 -05:00
.travis.yml Add travisci build test 2020-01-29 09:26:44 -05:00
README.md Update readme 2020-01-28 17:42:10 -05:00
docker-compose.yml Point docker-compose at hub images 2020-01-28 16:04:09 -05:00

README.md

docker-misp

A (nearly) production ready Dockered MISP

This is based on some of the work from the DSCO docker build, nearly all of the details have been rewritten.

  • Components are split out where possible, currently this is only the MISP modules
  • Overwritable configuration files
  • Allows volumes for file store
  • Cron job runs updates, pushes, and pulls - Logs go to docker logs
  • Docker-Compose uses off the shelf images for Redis and MySQL
  • Images directly from docker hub, no build required
  • Slimmed down images by using build stages and slim parent image, removes unnecessary files from images

Getting Started:

  • Copy the "default" configs removing "default" and edit the files in server-configs
    • Note: A dry run without this step will try and make a sane DEV build for docker-compose
  • Run generate.sh in ./ssl to generate some fake certs
  • docker-compose up --build
  • Login with

Server image file sizes:

  • Core server

    • Original Image: 3.17GB
    • First attempt: 2.24GB
    • Remove chown: 1.56GB
    • PreBuild python modules, and only pull submodules we need: 800MB
    • PreBuild PHP modules: 664MB
  • Saved: 2.5GB

  • Modules:

    • Original: 1.36GB
    • Pre-build modules: 750MB
  • Saved: 640MB