Merge branch 'main' of github.com:MISP/misp-training into main

pull/13/head
mokaddem 2021-02-10 08:35:03 +01:00
commit f7444fbd55
7 changed files with 100 additions and 2 deletions

View File

@ -29,8 +29,8 @@
\item Private sector community
\begin{itemize}
\item Our largest sharing community
\item Over {\bf 1000 organisations}
\item {\bf ~2700 users}
\item Over {\bf 1250 organisations}
\item {\bf ~3600 users}
\item Functions as a central hub for a lot of sharing communities
\item Private organisations, Researchers, Various SoCs, some CSIRTs, etc
\end{itemize}
@ -75,11 +75,18 @@
\begin{frame}
\frametitle{Communities supported by CIRCL}
\begin{itemize}
\item ISAC / specialised community MISPs
\begin{itemize}
\item Topical or community specific instances hosted or co-managed by CIRCL
\item Examples, GSMA, FIRST.org, CSIRT network, etc
\item Often come with their {\bf own taxonomies and domain specific object definitions}
\end{itemize}
\item FIRST.org's MISP community
\item Telecom and Mobile operators' community
\item Various ad-hoc communities for exercises for example
\begin{itemize}
\item The ENISA exercise for example
\item Locked Shields exercise
\end{itemize}
\end{itemize}
\end{frame}

BIN
a.b-cli/cli.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 120 KiB

65
a.b-cli/content.tex Normal file
View File

@ -0,0 +1,65 @@
% DO NOT COMPILE THIS FILE DIRECTLY!
% This is included by the other .tex files.
\begin{frame}[t,plain]
\titlepage
\end{frame}
\begin{frame}
\frametitle{MISP CLI functionalities}
\begin{itemize}
\item The MISP API is great for remotely executing administrative tasks
\item But sometimes we want to simplify the process / avoid having to deal with authentication
\item MISP also has an extensive CLI sub-system for this reason
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Types of objectives for the scripts}
\begin{itemize}
\item Automating recurring tasks
\item Recovery from loss of access
\item Updates / initialisation
\item Background worker management
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{CLI documentation}
\begin{itemize}
\item \url{https://path.to.your.misp/events/automation}
\end{itemize}
\begin{center}
\includegraphics[scale=0.4]{cli.png}
\end{center}
\end{frame}
\begin{frame}
\frametitle{Usage}
\texttt{/var/www/MISP/app/Console/cake [Shell] [Command] [parameters]}
\begin{itemize}
\item Example:
\begin{itemize}
\item \texttt{/var/www/MISP/app/Console/cake Password "andras.iklody@gmail.com" "Nutella"}
\item Change password to "Nutella" for my user
\item Some shells are single use and don't need a command parameter
\end{itemize}
\item Also used by the background processing
\item Automation is meant to be used via cron jobs
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Automation via crontab}
\begin{itemize}
\item Edit crontab of www-data user
\item \texttt{crontab -u www-data -e}
\item \texttt{0 3,9,15,21 * * * /var/www/MISP/app/Console/cake Server pull 1 30 full}
\item Pull server ID \#30 as user \#1 every 6 hours
\item \texttt{@hourly /var/www/MISP/app/Console/cake Server cacheFeed 1 csv full}
\item Cache all csv feeds as user \#1 every hour
\end{itemize}
\end{frame}

BIN
a.b-cli/logo-circl.pdf Normal file

Binary file not shown.

BIN
a.b-cli/misplogo.pdf Executable file

Binary file not shown.

BIN
a.b-cli/pics/param-ui.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 49 KiB

26
a.b-cli/slide.tex Normal file
View File

@ -0,0 +1,26 @@
\documentclass{beamer}
\usetheme[numbering=progressbar]{focus}
\definecolor{main}{RGB}{47, 161, 219}
\definecolor{textcolor}{RGB}{128, 128, 128}
\definecolor{background}{RGB}{240, 247, 255}
\usepackage[utf8]{inputenc}
\usepackage{tikz}
\usepackage{listings}
\usepackage{adjustbox}
\usetikzlibrary{positioning}
\usetikzlibrary{shapes,arrows}
%\usepackage[T1]{fontenc}
%\usepackage[scaled]{beramono}
\author{\small{\input{../includes/authors.txt}}}
\title{MISP CLI}
\subtitle{Automate all the things}
\institute{\includegraphics[scale=0.5]{misplogo.pdf}}
\date{\input{../includes/location.txt}}
\begin{document}
\include{content}
\end{document}