MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity
misp-website/content/blog/2022-09-12_periodic_notific...

2.3 KiB
Raw Blame History

title date layout banner
Periodic summaries - Visualize summaries of MISP data 2022-09-12 post /img/blog/periodic-summary/periodic-summary-1.png

Periodic summaries - Visualize summaries of MISP data

As of version 2.4.162, MISP includes a periodic summary feature allowing users to consult a summary based on a requested time-frame for data the user has access to.

Currently, the summaries can be generated for 3 different periods: daily, weekly and monthly and then sent to all users that subscribed one of these periods.

In addition to choose which period users want to subscribed to, they can also specify filtering options such as tags or distribution level to be used to generate the summary.

Periodic summary Periodic summary

Viewing summaries

There are currently two ways to view a periodic summary:

  • In the MISP ui, click on the View periodic summary link when browsing events
  • Subscribe to one of the available period and receive the summary directly in the user's mailbox

Automatic delivery

In order to have MISP send periodic mails, the periodic notification task should be scheduled. One of the easiest way to schedule recurring task is to use CRON jobs.

For example, this entry could be added

0 6 * * * /var/www/MISP/app/Console/cake Server sendPeriodicSummaryToUsers >/dev/null 2>&1

The sendPeriodicSummaryToUsers should be called daily and takes care of sending the summary to every users that subscribed to the daily notification. For the weekly and monthly, they will be sent on Mondays and on the first day of the month respectively.

More details about setting the scheduled task and the CLI tool can be found in the automation page (/events/automation).

Extending / Overriding

Site administrators of MISP can also extend, replace or remove parts of each periodic summary. The notification templates can be found under the app/View/Emails/html folder. Each template extend a parametrized common template allowing site-admins to customize the summary to fit theirs needs. For example, the default monthly notification template is configured to only include a subset of the detailed summary. Options and developer documentation can be found in the notification_common.ctp file.