misp-grafana
misp-grafana copied to clipboard
MISP
MISP Docker support
Hi, I have tried to get this running in the "official" MISP Docker image and can not get the python script to run.
I have tried creating the env variables in the grafana and misp_web containers but have hit the end of my knowledge and google-fu.
My Grafana is connecting to InfluxDB with 3 buckets _monitoring _tasks and misp, I have also tried tcp://misp_web:50000 with the same error message.
root@b77ea19b6cc3:/var/www/MISP# python3 push_zmq_to_influxdb.py -id=external --url=tcp://localhost:50000
[INFO] [2023-08-31 09:49:14,372] - Subscribed to ZMQ
Traceback (most recent call last):
File "push_zmq_to_influxdb.py", line 187, in
Hello @kanekennedy ,
- Which MISP docker repo do you mean by "official"?
- Have you run
pip install -r requirements.txt? Can you run this and share the output?$ python3 -c "import influxdb_client; print(influxdb_client.__version__)" 1.37.0 - If your MISP instance is running inside docker, you may need to set
Plugin.ZeroMQ_hostto0.0.0.0or*and add a port forward in thedocker-compose.ymlfile, example:... misp: ports: - "80:80" - "443:443" - "50000:50000" - The script
push_zmq_to_influxdb.pyshould be able to access InfluxDB container, so if you run it from inside the MISP docker container instead of your host machine, you will have to create a network so the MISP container can reach the InfluxDB.
Let me know if that helps.
Thanks,
That has sent me down a slightly different direction. Upgraded the instance from Amazon Linux2 to AL2023 and running the python script outside of docker with the ports all opened.
I have the same influxdb client.
[root@ip-10-0-1-146 /]# python3 -c "import influxdb_client; print(influxdb_client.__version__)"
1.37.0
Upgrading from AL2 to AL2023 introduces some different errors with the requirements around liburl3 so i need to work out the requirements it needs to run on the native os Python (3.9.16)