Hi, For "Scheduled Tasks", it need to start the "scheduler" work first. Navigate to "Administrator" -> "Server Settings & Maintenance" -> "Workers" tab and scroll down to "Worker type: scheduler". If no worker, just start a new worker. If it is "dead", kill it and start a new. This is let "Scheduled Tasks" works like schedule fetch feeds, etc. Remember to set "Frequency" to 1-24. Hope it helps
Great content, as is the whole series. I think there is no need to import the feed json. Clicking the "Load default feed metadata" button should do the same afaik.
For some reason, I've been unable to actually start using MISP after deployment, because the documentation and training I've seen so far is just not usable for beginners. Is there any other training that can be leveraged?
Awesome man!! MISP docker container build failed for me for some reason. (Ubuntu 22.04) I just installed on base machine instead (no docker) - that worked perfectly. Thanx for the hard work on these tutorials. Fantastic content.
Dear Taylor, could you please help me with the below questions, thank you 1.Once we deploy MISP as a stand-alone, Where to link MISP to monitor alerts? SIEM/SOAR or EDR , LDAP , AWS or any other? (In other words: If I deploy MISP in server, how does it look for threats in our environment, what logs does it to need to check, what should I link MISP to AWS? LDAP? Any other? To check all the machines) 2.Do MISP gather information from various OSINT tools and compare the risk/threat in our environment ?
Has anyone installed MISP Container on Docker using an AWS EC2 Instance loaded with Ubuntu Version 22.04? I have tried this with CoolAcid misp-docker and Harvard-itsecurity/docker-misp. I checked to ensure everything is installed, up, and running but I can't connect to the MISP Login Page with localhost, IP Address, or Port Number. I have noticed MySQL is not up and running. Should I edit this with a new IP or port number? If so, what file should I edit?
Mine wouldn't even build the docker for MISP on Ubuntu 22.04 I ended up installing it barebones on the machine via installer script from github (compiling from source) - maybe give that a try.
It doesn't look like it's still working. The .env file doesn't have the right content. Even putting the content as shown in the video would break the docker compose command
Hey there great content, thanks for your efforts. Quick question: Downloaded MISP from GitHub as per your video on Linux box, decided to run Defender scan which triggered malware alerts on 6 files, 3 of which are in tests folder. Did you also face this issue? Wanted to know if this MISP app is safe for production usage Many thanks
Hi, For "Scheduled Tasks", it need to start the "scheduler" work first. Navigate to "Administrator" -> "Server Settings & Maintenance" -> "Workers" tab and scroll down to "Worker type: scheduler". If no worker, just start a new worker. If it is "dead", kill it and start a new. This is let "Scheduled Tasks" works like schedule fetch feeds, etc. Remember to set "Frequency" to 1-24. Hope it helps
Great content, as is the whole series. I think there is no need to import the feed json. Clicking the "Load default feed metadata" button should do the same afaik.
For some reason, I've been unable to actually start using MISP after deployment, because the documentation and training I've seen so far is just not usable for beginners. Is there any other training that can be leveraged?
what an amazing series. Thanks
Awesome man!!
MISP docker container build failed for me for some reason. (Ubuntu 22.04)
I just installed on base machine instead (no docker) - that worked perfectly. Thanx for the hard work on these tutorials. Fantastic content.
Can you help me?? Did you started with the oficial MISP documentation on github??
@@Trabalhopbworks RUclips keeps deleting my reply to you. Yes I used the install script.
Just be aware that both Wazuh Dashboard and MISP uses the same port by default - you'll need to change one of them to a different one.
I am using docker-compose pull then docker-compose up -d but web page is not accessible.
I am using digital ocean .
Please give your suggestions.
Dear Taylor, could you please help me with the below questions, thank you
1.Once we deploy MISP as a stand-alone, Where to link MISP to monitor alerts? SIEM/SOAR or EDR , LDAP , AWS or any other? (In other words: If I deploy MISP in server, how does it look for threats in our environment, what logs does it to need to check, what should I link MISP to AWS? LDAP? Any other? To check all the machines)
2.Do MISP gather information from various OSINT tools and compare the risk/threat in our environment ?
Has anyone installed MISP Container on Docker using an AWS EC2 Instance loaded with Ubuntu Version 22.04? I have tried this with CoolAcid misp-docker and Harvard-itsecurity/docker-misp. I checked to ensure everything is installed, up, and running but I can't connect to the MISP Login Page with localhost, IP Address, or Port Number. I have noticed MySQL is not up and running. Should I edit this with a new IP or port number? If so, what file should I edit?
Mine wouldn't even build the docker for MISP on Ubuntu 22.04
I ended up installing it barebones on the machine via installer script from github (compiling from source) - maybe give that a try.
Can you explain better?? i am with version 22.04, How Can I start?? @@monkinsane
Awesome. Thanks from India. Please make more videos on misp and hive 👍
Does this still works, if I follow the steps?
I'm making a home lab will let you know if it works :D or you can help me if you have done the installation?
It doesn't look like it's still working. The .env file doesn't have the right content. Even putting the content as shown in the video would break the docker compose command
what CLI is he using?
Why when I have added the feeds am I only seeing events up to 2016? Are these providers not putting data anymore?
Hey there great content, thanks for your efforts.
Quick question: Downloaded MISP from GitHub as per your video on Linux box, decided to run Defender scan which triggered malware alerts on 6 files, 3 of which are in tests folder.
Did you also face this issue? Wanted to know if this MISP app is safe for production usage
Many thanks
I am running the script from the root user, are not running the script. Why please help me
In Ubuntu machine 22.4
docker build is taking very long for me. It has taken 1 hour and still counting.....
Took 1.5 hours and 3GB internet data to complete :)
Don't use docker, simple as that.
You explained how to get attributes and etc. from MISP, am I right?
How to update the feeds as my feeds was old
do you managed to do this?
Able to do it in another way
@@johnchong9660 how?
Hi everyone, I need help how can I configure my mail server, how can I send mails?
Anyone build MISP on Oracle 8 successfully? I am trying to accomplish this on an Oracle 8 server but cannot find much online
do you have course for Cysa+
MISP is great osint tool but it is not the end all be all.