From 4231cf1f6fdc31b1ae97a84e2816a1cd858cb524 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Wed, 16 Mar 2016 07:57:37 +0100
Subject: [PATCH] README updated to reflect config parameters changes

---
 README.md | 87 ++++++++++++++++++++++++++++++++++++++-----------------
 1 file changed, 61 insertions(+), 26 deletions(-)

diff --git a/README.md b/README.md
index 88db385..9493fdc 100644
--- a/README.md
+++ b/README.md
@@ -19,15 +19,21 @@ Create your module in [modules/expansion/](modules/expansion/). The module shoul
 
 * **introspection** function that returns a dict of the supported attributes (input and output) by your expansion module.
 * **handler** function which accepts a JSON document to expand the values and return a dictionary of the expanded values.
-* **version** function that returns a dict with the version and the associated meta-data of the module.
+* **version** function that returns a dict with the version and the associated meta-data including potential configurations required of the module.
 
 Don't forget to return an error key and value if an error is raised to propagate it to the MISP user-interface.
 
-If your module requires authentication, the following reserved MISP attributes are used to pass the authentication
-values from MISP towards the module:
+If your module requires additional configuration (to be exposed via the MISP user-interface), a config array is added to the meta-data output containing all the potential configuration values:
 
-* module-username
-* module-password
+~~~
+"meta": {
+      "description": "PassiveTotal expansion service to expand values with multiple Passive DNS sources",
+      "config": [
+        "username",
+        "password"
+      ],
+...
+~~~
 
 ## Testing your modules?
 
@@ -37,14 +43,14 @@ MISP uses the **modules** function to discover the available MISP modules and th
 % curl -s http://127.0.0.1:6666/modules | jq .
 [
   {
+    "name": "passivetotal",
+    "type": "expansion",
     "mispattributes": {
       "input": [
         "hostname",
         "domain",
         "ip-src",
-        "ip-dst",
-        "module-username",
-        "module-password"
+        "ip-dst"
       ],
       "output": [
         "ip-src",
@@ -54,14 +60,35 @@ MISP uses the **modules** function to discover the available MISP modules and th
       ]
     },
     "meta": {
-     "description": "PassiveTotal expansion service to expand values with multiple Passive DNS sources",
-     "author": "Alexandre Dulaunoy",
-     "version": "0.1"
-    },
-    "name": "passivetotal",
-    "type": "expansion"
+      "description": "PassiveTotal expansion service to expand values with multiple Passive DNS sources",
+      "config": [
+        "username",
+        "password"
+      ],
+      "author": "Alexandre Dulaunoy",
+      "version": "0.1"
+    }
   },
   {
+    "name": "sourcecache",
+    "type": "expansion",
+    "mispattributes": {
+      "input": [
+        "link"
+      ],
+      "output": [
+        "link"
+      ]
+    },
+    "meta": {
+      "description": "Module to cache web pages of analysis reports, OSINT sources. The module returns a link of the cached page.",
+      "author": "Alexandre Dulaunoy",
+      "version": "0.1"
+    }
+  },
+  {
+    "name": "dns",
+    "type": "expansion",
     "mispattributes": {
       "input": [
         "hostname",
@@ -73,20 +100,34 @@ MISP uses the **modules** function to discover the available MISP modules and th
       ]
     },
     "meta": {
-      "description": "Simple DNS expansion services to resolve IP address from MISP attributes",
-      "version": "0.1",
-      "author": "Alexandre Dulaunoy"
-    },
-    "name": "dns",
-    "type": "expansion"
+      "description": "Simple DNS expansion service to resolve IP address from MISP attributes",
+      "author": "Alexandre Dulaunoy",
+      "version": "0.1"
+    }
   }
 ]
+
 ~~~
 
 The MISP module service returns the available modules in a JSON array containing each module name along with their supported input attributes.
 
 Based on this information, a query can be built in a JSON format and saved as body.json:
 
+~~~json
+{
+  "hostname": "www.foo.be",
+  "module": "dns"
+}
+~~~
+
+Then you can POST this JSON format query towards the MISP object server:
+
+~~~
+curl -s http://127.0.0.1:6666/query -H "Content-Type: application/json" --data @body.json -X POST
+~~~
+
+The module should output the following JSON:
+
 ~~~json
 {
   "results": [
@@ -103,12 +144,6 @@ Based on this information, a query can be built in a JSON format and saved as bo
 }
 ~~~
 
-Then you can POST this JSON format query towards the MISP object server:
-
-~~~
-curl -s http://127.0.0.1:6666/query -H "Content-Type: application/json" --data @body.json -X POST
-~~~
-
 ## How to contribute your own module?
 
 Fork the project, add your module, test it and make a pull-request. Modules can be also private as you can add a module in your own MISP installation.