Comments (6)
faustus25
commented on July 18, 2024
Config:
[Dashboard]
#hours
graph_log_refresh_rate = 1
#sec
rotation_wait_time = 30
max_img_rotation = 10
hours_spanned = 48
zoomlevel = 15
maxCacheHistory = 30
# [1->12]
size_dashboard_left_width = 5
size_openStreet_pannel_perc = 55
size_world_pannel_perc = 35
item_to_plot = Attribute.category
fieldname_order=["Event.id", "Attribute.Tag", "Attribute.category", "Attribute.type", ["Attribute.value", "Attribute.comment"]]
char_separator=||
[GEO]
#min
updateFrequency = 60
zoomlevel = 11
# ~meter
clusteringDistance = 10
[CONTRIB]
max_number_of_last_contributor = 10
min_between_reload = 5
additional_help_text = ["Sightings multiplies earned points by 2", "Editing an attribute earns you the same as creating one"]
[Log]
directory=logs
filename=logs.log
[RedisGlobal]
host=localhost
port=6250
#misp_web_url = http://192.168.56.50
misp_web_url = 'https://misp/'
#zmq_url=tcp://192.168.56.50:50000
zmq_url=tcp://localhost:50000
[RedisLIST]
db=3
listName=bufferList
[RedisLog]
db=0
streamLogCacheKey = streamLogCache
streamMapCacheKey = streamMapsCache
channel=1
channelLastContributor = lastContributor
channelLastAwards = lastAwards
[RedisMap]
db=1
channelDisp=PicToDisplay
# Database updates regularly make sure to adapt date
pathMaxMindDB=/usr/local/src/misp-dashboard/data/GeoLite2-City_20180807/GeoLite2-City.mmdb
path_countrycode_to_coord_JSON=/usr/local/src/misp-dashboard/data/country_code_lat_long.json
[RedisDB]
db=2
from misp-dashboard.
mokaddem
commented on July 18, 2024
Probably a missing link.
What you can do is to test the chain.
- MISP has a tool to check if ZMQ is working the intended way sub.py
- You can check if the dashboard receives the feed by printing the
contentvariable on the subscriber script
Can you check?
from misp-dashboard.
faustus25
commented on July 18, 2024
MISP sub.py traceback: (all good)
{"uptime": 15340, "status": "While you're dying I'll be still alive."}
{
"Log": {
"model_id": "5088178",
"description": "Attribute \"api.bing.com|13.107.5.80\" (5088178) added by User \"SYSTEM\" (0).",
"action": "add",
"change": "to_ids () => (1), distribution () => (5), type () => (domain|ip), category () => (Network activity), uuid () => (xxxx-xxxx), event_id () => (4678), value1 () => (api.bing.com), value2 () => (13.107.5.80)",
"changes": 8,
"title": "Attribute (5088178) from Event (4678): Network activity\/domain|ip api.bing.com",
"model": "Attribute",
"user_id": 0,
"email": "SYSTEM",
"org": "SYSTEM",
"created": "2018-10-12 15:05:04"
},
"action": "log"
}
{"uptime": 15350, "status": "And when you're dead I will be still alive."}
{"uptime": 15360, "status": "And believe me I am still alive."}
{"uptime": 15370, "status": "I'm doing science and I'm still alive."}
{"uptime": 15380, "status": "I feel FANTASTIC and I'm still alive."}
{"uptime": 15390, "status": "While you're dying I'll be still alive."}
{"uptime": 15400, "status": "And when you're dead I will be still alive."}
I am launching the ./start_all.sh at reboot as part of a cronjob.
Tried starting it by the cmd line and get this on the zmq_dispatcher.py:
Traceback (most recent call last):
File "./zmq_dispatcher.py", line 299, in <module>
main(args.sleeptime)
File "./zmq_dispatcher.py", line 274, in main
process_log(zmqName, content)
File "./zmq_dispatcher.py", line 256, in process_log
dico_action[topic](zmq_name, jsonevent)
File "./zmq_dispatcher.py", line 230, in handler_attribute
geo_helper.getCoordFromIpAndPublish(jsonattr['value'], jsonattr['category'])
File "/usr/local/src/misp-dashboard/helpers/geo_helper.py", line 113, in getCoordFromIpAndPublish
self.push_to_redis_geo(self.keyCategRad, coord['lon'], coord['lat'], json.dumps(ordDic))
File "/usr/local/src/misp-dashboard/helpers/geo_helper.py", line 184, in push_to_redis_geo
self.serv_redis_db.geoadd(keyname, lon, lat, content)
File "/usr/local/src/misp-dashboard/DASHENV/lib/python3.5/site-packages/redis/client.py", line 2121, in geoadd
return self.execute_command('GEOADD', name, *values)
File "/usr/local/src/misp-dashboard/DASHENV/lib/python3.5/site-packages/redis/client.py", line 668, in execute_command
return self.parse_response(connection, command_name, **options)
File "/usr/local/src/misp-dashboard/DASHENV/lib/python3.5/site-packages/redis/client.py", line 680, in parse_response
response = connection.read_response()
File "/usr/local/src/misp-dashboard/DASHENV/lib/python3.5/site-packages/redis/connection.py", line 629, in read_response
raise response
redis.exceptions.ResponseError: unknown command 'GEOADD'
Above error related this know issue:
https://github.com/MISP/misp-dashboard/issues/1
from misp-dashboard.
mokaddem
commented on July 18, 2024
For the zmq_dispatcher.py, have you tried the fix (use a redis version supporting the GEOADD command >=3.2.0)? Did it solves your problem or do you have another error message?
from misp-dashboard.
faustus25
commented on July 18, 2024
Problem resolved by commenting out line 184 in geo_helper.py
def push_to_redis_geo(self, keyCateg, lon, lat, content):
now = datetime.datetime.now()
today_str = util.getDateStrFormat(now)
keyname = "{}:{}".format(keyCateg, today_str)
#self.serv_redis_db.geoadd(keyname, lon, lat, content)
self.logger.debug('Added to redis: keyname={}, lon={}, lat={}, content={}'.format(keyname, lon, lat, content))
from misp-dashboard.
yixiangbo
commented on July 18, 2024
I have issue on the same you. Can you help me fix it
from misp-dashboard.
Related Issues (20)
- Too many redirects cause inability to display HOT 3
- Auth with Misp Saml HOT 3
- pycountry module install error HOT 1
- Dashboard not showing results HOT 2
- Do I install this on my misp server or on a different server? (aka is this a standalone tool) HOT 1
- Python Script not working. HOT 4
- Unable to connect to the MISP Dashboard, zmq_Dispatcher crashes after publishing events HOT 3
- Maps do not show HOT 1
- Redis server error HOT 1
- Question on compatibility with MISP docker
- Slight syntax error in diagnostic.py file
- Getting Error in MISP Dashboard Script( install_dependencies.sh)
- Unable to populate the Map with entries HOT 3
- Support request: Don't understand redis port
- Bug: Live dashboard - attribute with tags HOT 3
- Bug: Attribute.category panel does not work as expected HOT 1
- No data in Trendings dashboard HOT 1
- Replace maxmind with GeoOpen
- Malware
- Dispatcher stop working
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from misp-dashboard.