Improvements and bug fixes

README.md

@@ -130,6 +130,7 @@ the installation of MISP itself, for the database, for the configuration and for
 * `stix_git_tag`- Version of the STIX module. By default "v1.1.1.4".
 * `cybox_git_repo`- Git url of the CyBox repository. By default "https://github.com/CybOXProject/python-cybox.git".
 * `cybox_git_tag`- Version of the CyBox module. By default "v2.1.0.12".
+* `cake_resque_version`- Version of Cake Resque. By default "4.1.2".
 * `timezone`- Timezone where the instance has been placed. By default "UTC".
 * `default_user`- User as which to run the installation of MISP. By default apache.
 * `default_group`- Group as which to run the installation of MISP. By default apache.
@@ -230,6 +231,7 @@ By default set to "Rooraenietu8Eeyo<Qu2eeNfterd-dd+".
 * `language` - The language MISP should use. The default is english.
 * `enable_advanced_correlations` - Enable some performance heavy correlations (currently CIDR correlation). By default false.
 * `max_correlations_per_event` - Sets the maximum number of correlations that can be fetched with a single event. For extreme edge cases this can prevent memory issues. The default value is 5000.
+* `python_bin` - The path to the Python binary. It is highly recommended to install all the python dependencies in a virtualenv.
 * `maintenance_message` - The message that users will see if the instance is not live. By default set to 'Great things are happening! MISP is undergoing maintenance,
 but will return shortly. You can contact the administration at \\$email.'.
 * `footermidleft` - Footer text prepending the "Powered by MISP" text. Empty by default.
@@ -264,7 +266,8 @@ By defualt set to false.
 community only, 2 means contacted communities and 3 is all communities. By default set to 1.
 * `default_attribute_distribution` - The default distribution setting for attributes, set it to 'event' if you would like
 the attributes to default to the event distribution level. (0-3 or "event"). By default set to 'event'.
-* `default_event_threat_level` - The default threat level setting when creating events. By default set to 1.
+* `default_event_threat_level` - The default threat level setting when creating events. By default set to 4 (undefined).
+* `default_event_tag_collection` - The tag collection to be applied to all events created manually.
 * `tagging` - Enable the tagging feature of MISP. By default set to true.
 * `full_tags_on_event_index` - Show the full tag names on the event index. By default set to true.
 * `welcome_text_top` - Used on the login page, before the MISP logo. Empty by default.

manifests/dependencies.pp

@@ -12,6 +12,7 @@
     'haveged',
     'sclo-php56-php-pecl-redis', # Redis connection from PHP
     'php-pear-crypt-gpg', # Crypto GPG
+    'php-pear-Console-CommandLine',
     'python-magic', # Advance attachment handler
     'ssdeep', 'ssdeep-libs', 'ssdeep-devel', #For pydeep
   ].each |String $pkg| {

manifests/init.pp

@@ -9,7 +9,7 @@
   # MISP installation
   # # MISP repositories
   $misp_git_repo = 'https://github.com/MISP/MISP.git',
-  $misp_git_tag = 'v2.4.71',
+  $misp_git_tag = 'v2.4.102',
   $stix_git_repo = 'https://github.com/STIXProject/python-stix.git',
   $stix_git_tag = 'v1.2.0.6',
   $cybox_git_repo = 'https://github.com/CybOXProject/python-cybox.git',
@@ -20,6 +20,7 @@
   $maec_git_tag = 'v4.1.0.14',
   $pydeep_git_repo = 'https://github.com/kbandla/pydeep.git',
   $pydeep_git_tag = 'e4ce348566293475016ca7fa9fb7fc4f61f1997f', # Using SHA from latest commit in 0.2 tag, because there is also a 0.2 branch
+  $cake_resque_version = '4.1.2',
   # Whether to manage Python or not. Please note that python dev needs to be
   # present in order to be able to install some of the MISP dependencies
   $manage_python = true,
@@ -68,6 +69,7 @@
   $enable_advanced_correlations = false,
   $ssdeep_correlation_threshold = 40,
   $max_correlations_per_event = 5000,
+  $python_bin = undef,
   $maintenance_message = 'Great things are happening! MISP is undergoing maintenance, but will return shortly. You can contact the administration at \\$email.',
   $footermidleft = '',
   $footermidright = '',
@@ -93,7 +95,8 @@
   $extended_alert_subject = true,
   $default_event_distribution = '1',
   $default_attribute_distribution = 'event',
-  $default_event_threat_level = '1',
+  $default_event_threat_level = '4',
+  $default_event_tag_collection = 0,
   $tagging = true,
   $full_tags_on_event_index = true,
   $welcome_text_top = '',
@@ -158,7 +161,7 @@
   $secure_auth_amount = 5,
   $secure_auth_expire = 300,
   # # Session
-  $session_auto_regenerate = true,
+  $session_auto_regenerate = false,
   $session_check_agent = false,
   $session_defaults = 'php',
   $session_timeout = '60',

manifests/install.pp

@@ -119,7 +119,7 @@
   }
 
   exec {'CakeResque kamisama':
-    command     => '/usr/bin/php composer.phar require kamisama/cake-resque:4.1.2',
+    command     => "/usr/bin/php composer.phar require kamisama/cake-resque:${misp::cake_resque_version}",
     cwd         => "${misp::install_dir}/app/",
     environment => ["COMPOSER_HOME=${misp::install_dir}/app/"],
     refreshonly => true,

templates/config.php.erb

@@ -25,6 +25,7 @@ $config = array (
       'live'  => <%= @live -%>,
       'language' => '<%= @language -%>',
       'enable_advanced_correlations' => <%= @enable_advanced_correlations -%>,
+<% unless @python_bin.nil? -%>      'python_bin' => '<%= @python_bin -%>',<%= "\n" %><% end -%>
       'ssdeep_correlation_threshold' => <%= @ssdeep_correlation_threshold -%>,
       'max_correlations_per_event' => <%= @max_correlations_per_event -%>,
       'maintenance_message' => '<%= @maintenance_message -%>',
@@ -53,6 +54,7 @@ $config = array (
       'default_event_distribution' => '<%= @default_event_distribution -%>',
       'default_attribute_distribution' => '<%= @default_attribute_distribution -%>',
       'default_event_threat_level' => '<%= @default_event_threat_level -%>',
+      'default_event_tag_collection' => <%= @default_event_tag_collection -%>,
       'tagging' => <%= @tagging -%>,
       'full_tags_on_event_index' => <%= @full_tags_on_event_index -%>,
       'welcome_text_top' => '<%= @welcome_text_top -%>',
@@ -132,10 +134,10 @@ $config = array (
   'Session' =>
     array (
       'autoRegenerate' => <%= @session_auto_regenerate -%>,
-      'checkAgent' => '<%= @session_check_agent -%>',
+      'checkAgent' => <%= @session_check_agent -%>,
       'defaults' => '<%= @session_defaults -%>',
       'timeout' => '<%= @session_timeout -%>',
-      'cookie_timeout' => '<%= @session_cookie_timeout -%>'
+      'cookie_timeout' => <%= @session_cookie_timeout -%>
     ),
   'Plugin' =>
     array (
@@ -165,8 +167,8 @@ $config = array (
       'ZeroMQ_tag_notifications_enable' => <%= @zeromq_tag_notifications_enable -%>,
       'ZeroMQ_audit_notifications_enable' => <%= @zeromq_audit_notifications_enable -%>,
       'ElasticSearch_logging_enable' => <%= @elasticsearch_logging_enable -%>,
-      'ElasticSearch_connection_string' => <%= @elasticsearch_connection_string -%>,
-      'ElasticSearch_log_index' => <%= @elasticsearch_log_index -%>,
+      'ElasticSearch_connection_string' => '<%= @elasticsearch_connection_string -%>',
+      'ElasticSearch_log_index' => '<%= @elasticsearch_log_index -%>',
       'syslog' => <%= @syslog -%>,
       'Sightings_enable' => <%= @sightings_enable -%>,
       'Sightings_policy' => <%= @sightings_policy -%>,