IntelMQ Manager is a graphical interface to manage configurations for the IntelMQ framework. A IntelMQ configuration is a set of config files which describe which bots and processing steps should be run in which order. It is similar to describing the dataflow in dataflow oriented languages. IntelMQ Manager is therefore an intuitive tool to allow non-programmers to specify the data flow in IntelMQ.
Note: The backend of IntelMQ Manager is currently being changed from PHP to Python. For production, please use the PHP backend, available via packages and the branches master and maintenance, not develop (the default branch when cloning the repository).
See INSTALL. Read the security considerations in this document carefully.
This interface lets you visually configure the whole IntelMQ pipeline and the parameters of every single bot. You will be able to see the pipeline in a graph-like visualisation similar to the following screenshot (click to enlarge):
When you add a node or edit one you'll be presented with a form with the available parameters for a bot. There you can easily change the parameters as shown in the screenshot:
After editing the bots' configuration and pipeline, simply click "Save Configuration" to automatically write the changes to the correct files. The configurations are now ready to be deployed.
Note well: if you do not press "Save Configuration" your changes will be lost whenever you reload the web page or move between different tabs within the IntelMQ manager page.
When you save a configuration you can go to the 'Management' section to see what bots are running and start/stop the entire botnet, or a single bot.
You can also monitor the logs of individual bots or see the status of the queues for the entire system or for single bots.
In this next example we can see the number of queued messages for all the queues in the system.
The following example we can see the status information of a single bot. Namely, the number of queued messages in the queues that are related to that bot and also the last 20 log lines of that single bot.
This software (IntelMQ and its components) is licensed under these licenses:
- Apache License 2.0
- GNU Affero Public License version v3.0
- MIT License
See LICENSES for all license texts and debian/copyright for a list of components and it's licenses.