search

ciscocsirt / malspider

Malspider is a web spidering framework that detects characteristics of web compromises.
BSD 3-Clause "New" or "Revised" License
420 stars 78 forks source link

Email alert capability #26

Open jasheppa5 opened 7 years ago

jasheppa5 commented 7 years ago

daily email summary of alerts

jasheppa5 commented 7 years ago

I just pushed code to enable email alert capabilities (if desired). If you are on an older version of Malspider, you'll need to make a few changes.

1) Get the latest code from github 2) start mysql with "mysql -u root -p", enter your root password and add the email alert table with the following sql:

DROP TABLE IF EXISTS email_alert; CREATE TABLE email_alert ( id int(11) NOT NULL AUTO_INCREMENT, recipients text, subject varchar(250) NOT NULL, frequency varchar(50) NOT NULL, PRIMARY KEY (id) ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;

3) from the root malspider directory, apply django model migrations with "python malspider_django/manage.py migrate"

4) Add the following cronjobs:

@hourly python /malspider_django/manage.py email_alerts hourly 0 8 /malspider_django/manage.py email_alerts daily 0 8 * 7 python /malspider_django/manage.py email_alerts weekly

jasheppa5 commented 7 years ago

Add email alerts via the admin interface: Admin Panel -> Email Alerts -> "Add Email Alert"

Provide a subject line for your email "ie. Malspider Email Summary", a list of recipients, and the frequency (daily, hourly, weekly)

jasheppa5 commented 7 years ago

Forgot one thing - you'll need to navigate to malspider_django/malspider_django/settings.py, at the bottom of the file is a variable for the EMAIL_HOST and EMAIL_PORT. Uncomment these and apply your settings.