Installing MISP on Red Hat / CentOS base systems is a bit difficult, as they provide either older versions like PHP (e.g. 5.6), or the newer versions are installed into different paths on the systems.
We know, with our RPMs we break a number of rules for Red Hat based systems, but on the same time they simplify the process of getting MISP running on RHEL systems. From our tests we got very good results to operate MISP on RHEL servers without any big issues. So if you can profit from our work, please feel free to do so!
The idea is to install minimal CentOS or Red Hat system and enable the provided repository on it. Combining MISP with other PHP applications might work, but was not the intention for this project. The intended setup is to just use MISP on this server.
We provide the following components as RPMs
- misp
- pymisp
- misp-modules
- all needed sub-modules
- php 7.4.x (will be installed from external remi repository)
- mariadb 10.3.x (will be installed from external mariadb repository)
With our RPMs there's no need to use git to install MISP and you don't need a to install from github.com. All you is to be able to include our repository on your systems. MariaDB will be installed from the official mariadb repository.
Use the installation instructions to install MISP from our repository on RHEL7 / CentOS7 Systems
Use the installation instructions for RHEL8 to install MISP from our repository on RHEL8 Systems (not checked on CentOS8!)
Use the configuration recommendations to configure your system for MISP. This settings are not provided by the RPMS but will help to improve operating your MISP installation.
See the upgrading instructions to upgrade MISP from our repository
See the official documentation how to activate the SimpleBackgroundJobs. Most important settings are
/etc/supervisord.conf
[inet_http_server]
port=127.0.0.1:9001
username=supervisor
password=securePasswordHere
-
/etc/supervisord.d/misp-workers.inisee the official documentation for this file -
start and enable supervisord
systemctl enable supervisord
systemctl start supervisord
- enable SimpleBackgroundJobs in MISP
'SimpleBackgroundJobs' => array(
'enabled' => true,
'redis_host' => 'localhost',
'redis_port' => 6379,
'redis_password' => '',
'redis_database' => 13,
'redis_namespace' => 'background_jobs',
'max_job_history_ttl' => 86400,
'supervisor_host' => 'localhost',
'supervisor_port' => 9001,
'supervisor_user' => 'supervisor',
'supervisor_password' => 'securePasswordHere',
),
- check the workers are started, status should be 'RUNNING' for all workers
supervisorctl -s http://localhost:9001 -u supervisor -p securePasswordHere status