MISP Docker Setup

This repository contains a Docker Compose setup for running MISP (Malware Information Sharing Platform).

Prerequisites

• Docker
• Docker Compose
• Python 3 (for the setup script)

Setup

You need to configure the environment variables before starting the services. You can do this automatically or manually.

Option 1: Automatic Setup (Recommended)

We provide a Python script to generate a secure .env file with random passwords and keys.

1. Run the setup script:

   python3 setup_env.py

   This will create a .env file in the current directory.

Option 2: Manual Setup

1. Copy the example environment file:

   cp .env.example .env

2. Edit .env and replace all CHANGE_ME placeholders with secure values.

   • Ensure SECURITY_SALT and CRYPT_KEY are random 32-character strings.
   • Set strong passwords for the database and Redis.

Running MISP

1. Start the containers:

   docker compose up -d

2. Check the logs to ensure everything started correctly:

   docker compose logs -f

Accessing MISP

Once the containers are running, you can access MISP at:

https://localhost:8443

Note: You may see a browser warning about the self-signed certificate. This is expected for a local development setup.

Default Credentials

If this is a fresh installation, the default MISP credentials are usually:

• Email: admin@admin.test
• Password: admin

Please change these credentials immediately after your first login.

Services

• misp-core: The main MISP application.
• db: MariaDB database for storing MISP data.
• redis: Redis for caching and session management.
• misp-modules: Expansion modules for MISP.
• mail: SMTP service for sending emails.