From 61ed443fc3a46c07cf1c5ccd99e6a1e073c4d17b Mon Sep 17 00:00:00 2001 From: Rick Rankin Date: Tue, 5 May 2015 15:42:45 -0700 Subject: [PATCH 1/2] Update, correct installation instructions and fix errors in config files --- docs/source/installation.rst | 26 ++++++++++++++++++++------ examples/demo/syncalerts.sh | 4 ++-- meteor/.meteor/release | 2 +- meteor/app/lib/settings.js | 2 +- meteor/public/css/mozdef.css | 7 ++++++- requirements.txt | 2 +- 6 files changed, 31 insertions(+), 12 deletions(-) diff --git a/docs/source/installation.rst b/docs/source/installation.rst index 3f3268a3..bd7e0602 100644 --- a/docs/source/installation.rst +++ b/docs/source/installation.rst @@ -164,6 +164,13 @@ Step by Step:: .. _installing docker: https://docs.docker.com/installation/#installation .. _instructions: http://mozdef.readthedocs.org/en/latest/installation.html#dockerfile +MozDef manual installation process +---------------------------------- +This section explains the manual installation process for the MozDef system. + git clone https://github.com/jeffbryner/MozDef.git + + + Elasticsearch nodes ------------------- @@ -225,6 +232,8 @@ Then:: make make install + cd /home/mozdef + wget https://raw.github.com/pypa/pip/master/contrib/get-pip.py export LD_LIBRARY_PATH=/home/mozdef/python2.7/lib/ ./python2.7/bin/python get-pip.py @@ -251,8 +260,8 @@ On Yum-based systems:: You can then install the rabbitmq server:: - rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc - yum install rabbitmq-server-3.2.4-1.noarch.rpm + sudo rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc + sudo yum install rabbitmq-server To start rabbitmq at startup:: @@ -300,13 +309,13 @@ For meteor, in a terminal:: cd node-v0.10.26 ./configure make - make install + sudo make install -Make sure you have meteorite/mrt:: +Make sure you have meteorite/mrt (run as root/admin):: npm install -g meteorite -Then from the meteor subdirectory of this git repository run:: +Then from the meteor subdirectory of this git repository (/home/mozdef/MozDef/meteor) run:: mrt add iron-router mrt add accounts-persona @@ -403,12 +412,17 @@ We use `uwsgi`_ to interface python and nginx:: wget http://projects.unbit.it/downloads/uwsgi-2.0.2.tar.gz tar zxvf uwsgi-2.0.2.tar.gz + cd uwsgi-2.0.2 ~/python2.7/bin/python uwsgiconfig.py --build ~/python2.7/bin/python uwsgiconfig.py --plugin plugins/python core cp python_plugin.so ~/envs/mozdef/bin/ cp uwsgi ~/envs/mozdef/bin/ - cd rest + cp -r ~/MozDef/rest ~/envs/mozdef/ + cp -r ~/MozDef/loginput ~/envs/mozdef/ + mkdir ~/envs/mozdef/logs + + cd ~/envs/mozdef/rest # modify settings.py vim settings.py # modify uwsgi.ini diff --git a/examples/demo/syncalerts.sh b/examples/demo/syncalerts.sh index 83064f11..c12d4d86 100755 --- a/examples/demo/syncalerts.sh +++ b/examples/demo/syncalerts.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash while true do - /opt/MozDef/cron/syncAlertsToMongo.py - /opt/MozDef/cron/collectAttackers.py + ~/MozDef/cron/syncAlertsToMongo.py + ~/MozDef/cron/collectAttackers.py sleep 10 done diff --git a/meteor/.meteor/release b/meteor/.meteor/release index fdc65835..dab6b552 100644 --- a/meteor/.meteor/release +++ b/meteor/.meteor/release @@ -1 +1 @@ -METEOR@1.0.2.1 +METEOR@1.1.0.2 diff --git a/meteor/app/lib/settings.js b/meteor/app/lib/settings.js index 1d4f2b77..f2dd5c26 100644 --- a/meteor/app/lib/settings.js +++ b/meteor/app/lib/settings.js @@ -16,7 +16,7 @@ mozdef = { port: "3000", rootAPI: "http://localhost:8081", kibanaURL: "http://localhost:9090", - enableBlockIP: true + enableBlockIP: true, enableClientAccountCreation: true } diff --git a/meteor/public/css/mozdef.css b/meteor/public/css/mozdef.css index a9438c6a..47d922e8 100644 --- a/meteor/public/css/mozdef.css +++ b/meteor/public/css/mozdef.css @@ -187,7 +187,7 @@ td{ } -/*login ui css to hide the local account/password signup options */ +/* uncomment this login ui css to hide the local account/password signup options .logins-wrapper .svgtextlabel { font-size: 20px; color: white; @@ -205,6 +205,11 @@ td{ .or { display: none; } +*/ +/* don't float the 'create account' link*/ +#login-buttons #signup-link{ + float: none; +} /* d3 circle styles */ .successcircle{ diff --git a/requirements.txt b/requirements.txt index a9860d5f..48e94597 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,7 +3,7 @@ anyjson==0.3.3 boto==2.26.1 bottle==0.12.4 configlib==1.0.0 -configparser==3.3.0r2 +configparser==3.5.0b2 docutils==0.11 elasticutils==0.8.2 futures==2.1.6 From 98a78f0a2c1909c19ca583f047261fcd560f715e Mon Sep 17 00:00:00 2001 From: Rick Rankin Date: Tue, 19 May 2015 08:56:07 -0700 Subject: [PATCH 2/2] Additional services to start --- docs/source/installation.rst | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/docs/source/installation.rst b/docs/source/installation.rst index bd7e0602..a84b40e7 100644 --- a/docs/source/installation.rst +++ b/docs/source/installation.rst @@ -459,3 +459,26 @@ To initialize elasticsearch indices and load some sample data:: .. _Kibana: http://www.elasticsearch.org/overview/kibana +Start Services +****** + +Start the following services + + cd ~/MozDef/mq + ./esworker.py + + cd ~/MozDef/alerts + celery -A celeryconfig worker --loglevel=info --beat + + cd ~/MozDef/examples/demo + ./syncalerts.sh + ./sampleevents.sh + + + + + + + + +