Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MISP Docker support #2

Open
kanekennedy opened this issue Aug 31, 2023 · 2 comments
Open

MISP Docker support #2

kanekennedy opened this issue Aug 31, 2023 · 2 comments
Assignees
@righel

Comments

@kanekennedy
Copy link

Hi, I have tried to get this running in the "official" MISP Docker image and can not get the python script to run.

I have tried creating the env variables in the grafana and misp_web containers but have hit the end of my knowledge and google-fu.

My Grafana is connecting to InfluxDB with 3 buckets _monitoring _tasks and misp, I have also tried tcp://misp_web:50000 with the same error message.

root@b77ea19b6cc3:/var/www/MISP# python3 push_zmq_to_influxdb.py -id=external --url=tcp://localhost:50000
[INFO] [2023-08-31 09:49:14,372] - Subscribed to ZMQ
Traceback (most recent call last):
File "push_zmq_to_influxdb.py", line 187, in
main()
File "push_zmq_to_influxdb.py", line 166, in main
client = InfluxDBClient(
File "/usr/local/lib/python3.8/dist-packages/influxdb_client/client/influxdb_client.py", line 63, in init
super().init(url=url, token=token, debug=debug, timeout=timeout, enable_gzip=enable_gzip, org=org,
File "/usr/local/lib/python3.8/dist-packages/influxdb_client/client/_base.py", line 56, in init
if self.url.endswith("/"):
AttributeError: 'NoneType' object has no attribute 'endswith'
Exception ignored in: <function InfluxDBClient.del at 0x7f40123a8670>
Traceback (most recent call last):
File "/usr/local/lib/python3.8/dist-packages/influxdb_client/client/influxdb_client.py", line 319, in del
if self.api_client:
AttributeError: 'InfluxDBClient' object has no attribute 'api_client'
@righel righel self-assigned this Aug 31, 2023
@righel
Copy link
Collaborator

righel commented Aug 31, 2023
edited
Loading

Hello @kanekennedy ,

  1. Which MISP docker repo do you mean by "official"?
  2. Have you run pip install -r requirements.txt ? Can you run this and share the output? 
    $ python3 -c "import influxdb_client; print(influxdb_client.__version__)"
1.37.0
  3. If your MISP instance is running inside docker, you may need to set Plugin.ZeroMQ_host to 0.0.0.0 or * and add a port forward in the docker-compose.yml file, example: 
      ...
  misp:
    ports:
      - "80:80"
      - "443:443"
      - "50000:50000"
  4. The script push_zmq_to_influxdb.py should be able to access InfluxDB container, so if you run it from inside the MISP docker container instead of your host machine, you will have to create a network so the MISP container can reach the InfluxDB.

Let me know if that helps.

@kanekennedy
Copy link
Author

Thanks,

That has sent me down a slightly different direction. Upgraded the instance from Amazon Linux2 to AL2023 and running the python script outside of docker with the ports all opened.

I have the same influxdb client.

[root@ip-10-0-1-146 /]# python3 -c "import influxdb_client; print(influxdb_client.__version__)"
1.37.0

Upgrading from AL2 to AL2023 introduces some different errors with the requirements around liburl3 so i need to work out the requirements it needs to run on the native os Python (3.9.16)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@righel righel

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@righel @kanekennedy