Initial commit.

zozs · zozs · commit 05949f7b94df · 2020-05-06T10:57:45.000+02:00
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,3 @@
+/files/
+/output_files/
+/parsedmarc/GeoLite2-Country*
diff --git a/README.md b/README.md
@@ -1,2 +1,13 @@
 # dmarc-visualizer
-Analyse and visualize DMARC results using open-source tools
+
+Analyse and visualize DMARC results using open-source tools.
+
+* [parsedmarc](https://github.com/domainaware/parsedmarc) for parsing DMARC reports,
+* [Elasticsearch](https://www.elastic.co/) to store aggregated data.
+* [Grafana](https://grafana.com/) to visualize the aggregated reports.
+
+See the full blog post with instructions at https://debricked.com/blog/some-url-here.
+
+## Screenshot
+
+![Screenshot of Grafana dashboard](/big_screenshot.png?raw=true)
diff --git a/big_screenshot.png b/big_screenshot.png
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,23 @@
+version: '3.7'
+services:
+  parsedmarc:
+    build: ./parsedmarc/
+    volumes:
+      - ./files:/input:ro
+      - ./output_files:/output
+    command: parsedmarc -c /parsedmarc.ini /input/*
+    depends_on:
+      - elasticsearch
+
+  elasticsearch:
+    image: docker.elastic.co/elasticsearch/elasticsearch:7.6.0
+    environment:
+      - discovery.type=single-node
+
+  grafana:
+    build: ./grafana/
+    ports:
+      - 3000:3000
+    environment:
+      GF_INSTALL_PLUGINS: grafana-piechart-panel,grafana-worldmap-panel
+      GF_AUTH_ANONYMOUS_ENABLED: 'true'
diff --git a/grafana/Dockerfile b/grafana/Dockerfile
@@ -0,0 +1,6 @@
+FROM grafana/grafana:6.7.3
+
+ADD --chown=grafana:grafana https://raw.githubusercontent.com/domainaware/parsedmarc/master/grafana/Grafana-DMARC_Reports.json /var/lib/grafana/dashboards/
+RUN chmod 644 /var/lib/grafana/dashboards/Grafana-DMARC_Reports.json
+
+COPY grafana-provisioning/ /etc/grafana/provisioning/
diff --git a/grafana/grafana-provisioning/dashboards/all.yml b/grafana/grafana-provisioning/dashboards/all.yml
@@ -0,0 +1,6 @@
+- name: 'default'
+  org_id: 1
+  path: ''
+  type: 'file'
+  options:
+    folder: '/var/lib/grafana/dashboards'
diff --git a/grafana/grafana-provisioning/datasources/all.yml b/grafana/grafana-provisioning/datasources/all.yml
@@ -0,0 +1,16 @@
+apiVersion: 1
+
+datasources:
+- name: 'dmarc-ag'
+  type: 'elasticsearch'
+  access: 'proxy'
+  orgId: 1
+  url: 'http://elasticsearch:9200'
+  database: '[dmarc_aggregate-]YYYY-MM-DD'
+  isDefault: true
+  jsonData:
+    esVersion: 70
+    timeField: 'date_range'
+    interval: 'Daily'
+  version: 1
+  editable: false
diff --git a/parsedmarc/Dockerfile b/parsedmarc/Dockerfile
@@ -0,0 +1,7 @@
+FROM python:alpine
+
+RUN apk add build-base libxml2-dev libxslt-dev \
+    && pip install parsedmarc
+
+COPY parsedmarc.ini /
+#COPY GeoLite2-Country.mmdb /usr/share/GeoIP/GeoLite2-Country.mmdb
diff --git a/parsedmarc/parsedmarc.ini b/parsedmarc/parsedmarc.ini
@@ -0,0 +1,8 @@
+[general]
+save_aggregate = True
+save_forensic = True
+output = /output/
+
+[elasticsearch]
+hosts = elasticsearch:9200
+ssl = False

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+/files/`
	`2`	`+/output_files/`
	`3`	`+/parsedmarc/GeoLite2-Country*`