search

juju4 / ansible-MISP

ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
BSD 2-Clause "Simplified" License
51 stars 21 forks source link

Some modules don'tr appear to be installed properly #4

Closed lhirlimann closed 5 years ago

lhirlimann commented 5 years ago

Adminsitration -> Server Settings -> Diagnostic : Advanced attachment handler : PyMisp : Not installed or version outdated.
[root@machine PyMISP]# git status HEAD detached at 1dc2f66

Some of the libraries related to STIX are not installed. Make sure that all libraries listed below are correctly installed.

How do I figure which ones ?

Cortex module system…System not enabled

juju4 commented 5 years ago

I would need a command line check to confirm. sometime php detections disagrees with system state. I usually try to follow INSTALL README like https://github.com/MISP/MISP/blob/2.4/INSTALL/INSTALL.rhel7.txt but I may miss some updates.

I'm not using cortex/thehive and integration would probably fall in a separate role.

lhirlimann commented 5 years ago

What command do I need to run, to verify?

juju4 commented 5 years ago

no idea if there is a equivalent of the php detections in cli... but pymisp is install. check a pip3 freeze

lhirlimann commented 5 years ago

[lhirlimann@misp1. ~]$ pip3 freeze aiohttp==2.3.6 antlr4-python3-runtime==4.7.1 asnhistory==2.0.4 async-timeout==3.0.1 beautifulsoup4==4.6.3 bs4==0.0.1 certifi==2018.8.24 chardet==3.0.4 Click==7.0 click-plugins==1.0.4 colorama==0.3.9 cybox==2.1.0.17 dateutils==0.6.6 dnspython==1.15.0 dnspython3==1.15.0 domaintools-api==0.2.4 ez-setup==0.9 future==0.16.0 httplib2==0.11.3 idna==2.7 ipasn-redis==2.0 isodate==0.6.0 jsonschema==2.6.0 lxml==4.2.5 maclookup==1.0.3 maec==4.1.0.14 misp-modules==1.0 mixbox==1.0.3 multidict==4.4.2 oauth2==1.9.0.post1 ordered-set==3.0.2 passivetotal==1.0.30 Pillow==5.3.0 pydnstrails==1.0 pyeupi==1.0 pygeoip==0.3.2 pymisp==2.4.95.1 pyonyphe==1.0 pyparsing==2.2.2 pypdns==1.3 pypssl==2.1 pytesseract==0.2.5 python-dateutil==2.7.3 pytz==2018.5 PyYAML==3.13 rdflib==4.2.2 redis==2.10.5 requests==2.19.1 requests-cache==0.4.13 shodan==1.10.4 sigmatools==0.6 six==1.11.0 SPARQLWrapper==1.8.2 stix==1.2.0.6 stix2-patterns==1.0.0 tornado==5.1.1 url-normalize==1.3.3 urlarchiver==0.2 urllib3==1.23 uwhois==0.5 vulners==1.3.6 Wand==0.4.4 XlsxWriter==1.1.1 yara==1.7.7 yarl==1.2.6 [lhirlimann@misp1. ~]

juju4 commented 5 years ago

pymisp fine here...

juju4 commented 5 years ago

is it still an issue? Thanks

lhirlimann commented 5 years ago

is it still an issue? Thanks

Not that I'm aware of. Haven't access to that machine anymore.

juju4 commented 5 years ago

Thanks. closing