Automated Maintenance
We have created some useful automated tasks and shipped them with the images by default, these can be seen in the table below:
| Task | Frequency |
|---|---|
| Feed and server synchronisation | Hourly |
| Update Decay Models, Galaxies, Notice Lists, Objects, Taxonomies, Warning Lists, and Workflow Blueprints | Daily |
Custom Tasks
If you would like to create your own custom automation scripts/tasks to be run by the misp-workers
container, please see the below steps as a guide:
- Create the automation/script you require. If your automation/script needs to talk to the MISP
API, it is recommended that you read the
authkey,baseUrlandverifyTlsoptions from theDEFAULTsection of/var/www/MISPData/misp_maintenance_jobs.ini.- For an example of doing this in Python see set_org_name.py
- Place the automation/script into its own folder under
./jobs/within the/opt/misp_customvolume. - For Python automations,
- Open a shell on the container:
docker compose exec -it workers bash. - Move to your task's directory:
cd /opt/misp_custom/jobs/my_script. - Create a virtual environment:
/usr/local/bin/python3 -m venv .venv. - Install any dependencies:
./.venv/bin/python -m pip install -r requirements.txt. - Use
/opt/misp_custom/jobs/my_script/.venv/bin/pythonas the executable below.
- Open a shell on the container:
- Add a section into
misp_maintenance_jobs.iniin./jobs/of the/opt/misp_customvolume to schedule your task.- The section name must be unique and must not be
DEFAULT,rotate_logs,run_misp_sync_jobs,set_org_nameorupdate_objects. commandmust be the absolute paths to the executable and where required scripts.enabledcan be set tofalseto temporarily disable a job without deleting it.intervalsets how often the automation should be triggered, in minutes.- Setting
needsAuthKeytoTruewill prevent the automation from running until a valid Auth Key has been automatically set in/var/www/MISPData/misp_maintenance_jobs.iniby the initial setup.
- The section name must be unique and must not be
Here is an example entry in /opt/misp_custom/jobs/misp_maintenance_jobs.ini
[my_script]
command = /opt/misp_custom/jobs/my_script/.venv/bin/python /opt/misp_custom/jobs/my_script/run.py
enabled = true
interval = 15
needsAuthKey = true
Disabling Custom Tasks
Once a custom task is created, it will be populated into the main misp_maintenance_jobs.ini,
therefore if you need to disable or remove a task, you need leave it in your custom
misp_maintenance_jobs.ini but set enabled to false, for ease of maintenance, you can remove
all other options.
Example: Temporarily Disabled
[my_script]
command = /opt/misp_custom/jobs/my_script/.venv/bin/python /opt/misp_custom/jobs/my_script/run.py
enabled = false
interval = 15
needsAuthKey = true
Example: Permanently Disabled
[my_script]
enabled = false