diff --git a/404.html b/404.html index f82c463e..75e620ed 100644 --- a/404.html +++ b/404.html @@ -290,6 +290,27 @@ + + + + + + +
  • + + + + + Action Modules + + + + +
    • + + + + @@ -446,7 +467,7 @@

    404 - Not found

    - Copyright © 2019-2023 MISP Project + Copyright © 2019-2024 MISP Project
    diff --git a/action_mod/index.html b/action_mod/index.html new file mode 100644 index 00000000..08565dff --- /dev/null +++ b/action_mod/index.html @@ -0,0 +1,684 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Action Modules - MISP Modules Documentation + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + + + + Skip to content + + +
    +
    + +
    + + + + + + +
    + + +
    + +
    + + + + + + +
    +
    + + + +
    +
    +
    + + + + + +
    +
    +
    + + + +
    +
    +
    + + + +
    +
    +
    + + + +
    +
    + + + + + + + +

    Action Modules

    + +

    Mattermost

    +

    Simplistic module to send message to a Mattermost channel. +- features:

    +
    +
      +
    • config: +{'params': {'mattermost_hostname': {'type': 'string', 'description': 'The Mattermost domain or URL', 'value': 'example.mattermost.com'}, 'bot_access_token': {'type': 'string', 'description': 'Access token generated when you created the bot account'}, 'channel_id': {'type': 'string', 'description': 'The channel you added the bot to'}, 'message_template': {'type': 'large_string', 'description': 'The template to be used to generate the message to be posted', 'value': 'The template will be rendered using Jinja2!', 'jinja_supported': True}}, 'blocking': False, 'support_filters': True, 'expect_misp_core_format': False}
      • +
    +
    +
    +

    Slack

    +

    Simplistic module to send messages to a Slack channel. +- features:

    +
    +
      +
    • config: +{'params': {'slack_bot_token': {'type': 'string', 'description': 'The Slack bot token generated when you created the bot account'}, 'channel_id': {'type': 'string', 'description': 'The channel ID you want to post messages to'}, 'message_template': {'type': 'large_string', 'description': 'The template to be used to generate the message to be posted', 'value': 'The template will be rendered using Jinja2!', 'jinja_supported': True}}, 'blocking': False, 'support_filters': True, 'expect_misp_core_format': False}
      • +
    +
    +
    +

    Test action

    +

    This module is merely a test, always returning true. Triggers on event publishing. +- features:

    +
    +
      +
    • config: +{'params': {'foo': {'type': 'string', 'description': 'blablabla', 'value': 'xyz'}, 'Data extraction path': {'type': 'hash_path', 'description': 'Only post content extracted from this path', 'value': 'Attribute.{n}.AttributeTag.{n}.Tag.name'}}, 'blocking': False, 'support_filters': False, 'expect_misp_core_format': False}
      • +
    +
    +
    + + + + + + + + + + + + + +
    +
    + + + +
    + +
    + + + +
    +
    +
    +
    + + + + + + + + + + \ No newline at end of file diff --git a/contribute/index.html b/contribute/index.html index ad872e8f..bc032bab 100644 --- a/contribute/index.html +++ b/contribute/index.html @@ -301,6 +301,27 @@ + + + + + + +
  • + + + + + Action Modules + + + + +
    • + + + + @@ -485,9 +506,18 @@
  • - + - Documentation + Install misp-module on an offline instance. + + + +
    • + +
  • + + + How to contribute your own module? @@ -500,6 +530,24 @@ +
    • + +
  • + + + Documentation + + + +
    • + +
  • + + + Licenses + + +
    • @@ -706,9 +754,18 @@
  • - + - Documentation + Install misp-module on an offline instance. + + + +
    • + +
  • + + + How to contribute your own module? @@ -721,6 +778,24 @@ +
    • + +
  • + + + Documentation + + + +
    • + +
  • + + + Licenses + + +
    • @@ -744,7 +819,7 @@

    Contribute

    How to add your own MISP modules?

    -

    Create your module in misp_modules/modules/expansion/, misp_modules/modules/export_mod/, or misp_modules/modules/import_mod/. The module should have at minimum three functions:

    +

    Create your module in misp_modules/modules/expansion/, misp_modules/modules/export_mod/, or misp_modules/modules/import_mod/. The module should have at minimum three functions:

    Set any other required settings for your module

    In this same menu set any other plugin settings that are required for testing.

    -

    Documentation

    -

    In order to provide documentation about some modules that require specific input / output / configuration, the doc directory contains detailed information about the general purpose, requirements, features, input and output of each of these modules:

    - -

    In addition to the module documentation please add your module to docs/index.md.

    -

    There are also complementary slides for the creation of MISP modules.

    +

    Install misp-module on an offline instance.

    +

    First, you need to grab all necessary packages for example like this :

    +

    Use pip wheel to create an archive +

    mkdir misp-modules-offline
+pip3 wheel -r REQUIREMENTS shodan --wheel-dir=./misp-modules-offline
+tar -cjvf misp-module-bundeled.tar.bz2 ./misp-modules-offline/*
+
    +On offline machine : +
    mkdir misp-modules-bundle
+tar xvf misp-module-bundeled.tar.bz2 -C misp-modules-bundle
+cd misp-modules-bundle
+ls -1|while read line; do sudo pip3 install --force-reinstall --ignore-installed --upgrade --no-index --no-deps ${line};done
+
    +Next you can follow standard install procedure.

    +

    How to contribute your own module?

    +

    Fork the project, add your module, test it and make a pull-request. Modules can be also private as you can add a module in your own MISP installation.

    Tips for developers creating modules

    Download a pre-built virtual image from the MISP training materials.

    @@ -1014,18 +1093,32 @@

    Tips for developers creating modul sudo git checkout MyModBranch

    Remove the contents of the build directory and re-install misp-modules.

    -
    sudo rm -fr build/*
-sudo pip3 install --upgrade .
+
    sudo rm -fr build/*
+sudo -u www-data /var/www/MISP/venv/bin/pip install --upgrade .
 
    
 
    SSH in with a different terminal and run misp-modules with debugging enabled.
    
-
    sudo killall misp-modules
-misp-modules -d
+
    # In case misp-modules is not a service do:
+# sudo killall misp-modules
+sudo systemctl disable --now misp-modules
+sudo -u www-data /var/www/MISP/venv/bin/misp-modules -d
 
    
 
    In your original terminal you can now run your tests manually and see any errors that arrive
    
 
    cd tests/
 curl -s http://127.0.0.1:6666/query -H "Content-Type: application/json" --data @MY_TEST_FILE.json -X POST
 cd ../
 
    
+
    Documentation
    
+
    In order to provide documentation about some modules that require specific input / output / configuration, the index.md file within the docs directory contains detailed information about the general purpose, requirements, features, input and ouput of each of these modules:
    
+
      
+
    • ***description** - quick description of the general purpose of the module, as the one given by the moduleinfo
      • 
+
    • requirements - special libraries needed to make the module work
      • 
+
    • features - description of the way to use the module, with the required MISP features to make the module give the intended result
      • 
+
    • references - link(s) giving additional information about the format concerned in the module
      • 
+
    • input - description of the format of data used in input
      • 
+
    • output - description of the format given as the result of the module execution
      • 
+
    
+
    Licenses
    
+
    For further Information see also the license file.
    
 
 
 
@@ -1055,7 +1148,7 @@ 
    Tips for developers creating modul
       
    
   
     
    
-      Copyright © 2019-2023 MISP Project
+      Copyright © 2019-2024 MISP Project
     
    
   
   
diff --git a/expansion/index.html b/expansion/index.html
index 5b0f60d6..670ef2c0 100644
--- a/expansion/index.html
+++ b/expansion/index.html
@@ -76,7 +76,7 @@
     
    
       
         
-        
+        
           Skip to content
         
       
@@ -289,9 +289,18 @@
     
         
       
@@ -1374,9 +1467,18 @@
     
    
 
    How to use an MISP modules Docker container
    
 
    Docker build
    
 
    docker build -t misp-modules \
@@ -768,8 +796,8 @@ 
    Docker-composeInstall misp-module on an of
       
    
   
     
    
-      Copyright © 2019-2023 MISP Project
+      Copyright © 2019-2024 MISP Project
     
    
   
   
diff --git a/license/index.html b/license/index.html
index 38f4c6cd..6f2a21ac 100644
--- a/license/index.html
+++ b/license/index.html
@@ -294,6 +294,27 @@
 
               
             
+              
+                
+  
+  
+  
+  
+    
  • 
+      
+        
+  
+  
+    Action Modules
+  
+  
+
+      
+    
    • 
+  
+
+              
+            
           
         
       
@@ -1091,7 +1112,7 @@ 
    License
    
       
    
   
     
    
-      Copyright © 2019-2023 MISP Project
+      Copyright © 2019-2024 MISP Project
     
    
   
   
diff --git a/sitemap.xml b/sitemap.xml
index 89c0a82c..f179622d 100644
--- a/sitemap.xml
+++ b/sitemap.xml
@@ -2,37 +2,42 @@
 
     
          https://www.misp-project.org/
-         2024-07-23
+         2024-08-13
+         daily
+    
+    
+         https://www.misp-project.org/action_mod/
+         2024-08-13
          daily
     
     
          https://www.misp-project.org/contribute/
-         2024-07-23
+         2024-08-13
          daily
     
     
          https://www.misp-project.org/expansion/
-         2024-07-23
+         2024-08-13
          daily
     
     
          https://www.misp-project.org/export_mod/
-         2024-07-23
+         2024-08-13
          daily
     
     
          https://www.misp-project.org/import_mod/
-         2024-07-23
+         2024-08-13
          daily
     
     
          https://www.misp-project.org/install/
-         2024-07-23
+         2024-08-13
          daily
     
     
          https://www.misp-project.org/license/
-         2024-07-23
+         2024-08-13
          daily
     
 
\ No newline at end of file
diff --git a/sitemap.xml.gz b/sitemap.xml.gz
index c9ad0be0..e1cfa320 100644
Binary files a/sitemap.xml.gz and b/sitemap.xml.gz differ