Merge pull request #2661 from sebix/docs

Documentation updates: Contrib overview, remove obsolete link, some smaller stuff

Author: sebix

CHANGELOG.md

@@ -31,6 +31,7 @@ Please refer to the [NEWS](NEWS.md) for a list of changes which have an affect o
 #### Outputs
 
 ### Documentation
+- Updates to Contrib and Overview pages (PR#2672 by Sebastian Wagner).
 
 ### Packaging
 

contrib/README.md

@@ -1,5 +1,5 @@
 <!--
-SPDX-FileCopyrightText: 2016-2022 aaronkaplan <aaron@lo-res.org>, Sebastian Wagner <sebix@sebix.at>
+SPDX-FileCopyrightText: 2016-2021 CERT.at GmbH <intelmq@cert.at>, 2023-2025 Institute for Common Good Technology
 
 SPDX-License-Identifier: AGPL-3.0-or-later
 -->
@@ -8,9 +8,24 @@ SPDX-License-Identifier: AGPL-3.0-or-later
 
 This directory contains contributed scripts which are helpful for maintaining an IntelMQ instance.
 
-* **cron-jobs**: cron job files for pulling in newer versions of supporting databases such as pyasn
-* **logcheck**: logcheck ruleset to filter logs for error messages
-* **config-backup**: simple Makefile for doing a `make backup` inside of `/opt/intelmq` in order to preserve the latest configurations
-* **logrotate**: an example configuration for *logrotate* (`/etc/logrotate.d/` directory).
+* **autostart**: Contains the start scripts and systemd units for the package `intelmq-autostart`.
+* **bash-completion**: Bash completion scripts for the command line interfaces. Part of the package `intelmq`.
 * **check_mk**: Scripts for monitoring an IntelMQ instance with Check_MK.
+* **config-backup**: simple Makefile for doing a `make backup` inside of `/opt/intelmq` in order to preserve the latest configurations
+* **cron-jobs**: cron job files for pulling in newer versions of supporting databases such as pyasn
 * **development-tools**: Tools useful for development
+* **elasticsearch**: Generate an ElasticSearch mapping
+* **eventdb**: Some scripts related to the EventDB, see https://docs.intelmq.org/latest/admin/database/postgresql/#eventdb-utilities
+* **example-extension-package**: An example bot extension package, see https://docs.intelmq.org/latest/dev/extensions-packages/
+* **feeds-config-generator**: Outdated tool to generate configuration snippets for feeds
+* **logcheck**: logcheck ruleset to filter logs for error messages
+* **logrotate**: an example configuration for *logrotate* (`/etc/logrotate.d/` directory). Part of the package `intelmq`.
+* **malware_name_mapping**: Script to download the malware name mapping and convert it to IntelMQ syntax
+* **systemd**: Scripts to generate systemd unit files
+* **tmpfiles.d**: systemd `tmpfiles.d` configuration
+
+## Packages
+
+When you have IntelMQ installed via packages, these scripts are part of the package `intelmq-contrib`.
+
+The logcheck rules are directly installed to `/etc/logcheck/`, and the other files are in `/usr/share/intelmq/contrib/`.

contrib/feeds-config-generator/README.md

@@ -4,7 +4,10 @@ SPDX-FileCopyrightText: 2018 SYNchroACK
 SPDX-License-Identifier: AGPL-3.0-or-later
 -->
 
-# Feeds Configuration Generator
+# Feeds Configuration Generator (outdated)
+
+**Note: This tool is outdated is no longer useful and generates the configuration in the wrong format.**
+https://github.com/certtools/intelmq/issues/2677
 
 Quickly generate feeds configurations (runtime and pipeline configs).
 
@@ -29,7 +32,9 @@ optional arguments:
                         /tmp/pipeline.conf
 
 ```
+
 ### Generate a bot configuration
+
 ```
 ./intelmq_gen_feeds_conf --feeds-file=../../intelmq/etc/feeds.yaml 
 ```

docs/dev/release.md

@@ -23,7 +23,7 @@ different.
 
 These apply to all projects:
 
-- CHANGELOG.MD and NEWS.MD: Update the latest header, fix the order, remove empty sections and (re)group the entries if necessary.
+- `CHANGELOG.MD` and `NEWS.MD`: Update the latest header, fix the order, remove empty sections and (re)group the entries if necessary.
 - debian/changelog: Insert a new section for the new version with the tool `dch` or update the version of the existing last item if yet unreleased. Don't forget the revision after the version number!
 
 ### IntelMQ
@@ -68,12 +68,7 @@ rm -r build/
 python3 setup.py sdist bdist_wheel
 ```
 
-* Upload the files including signatures to PyPI with e.g. twine: `twine upload -u __token__ -p $APITOKEN dist/intelmq...` (or set the API Token in `.pypirc`).
-
-
-## Documentation
-
-Since using mkdocs (see https://docs.intelmq.org) nothing needs to be done anymore.
+* Upload the files including signatures to PyPI with e.g. twine: `twine upload dist/intelmq...` (set the API Token in `~/.pypirc`).
 
 ## Packages
 

docs/overview.md

@@ -47,15 +47,13 @@ A web-based interface to ingest CSV data into IntelMQ with on-line validation an
 
 This interface allows inserting "one-shot" data feeds into IntelMQ without the need to configure bots in IntelMQ.
 
-Developed and maintained by [CERT.at](https://cert.at).
-
 → [Repository: intelmq-webinput-csv](https://github.com/certat/intelmq-webinput-csv)
 
 ![IntelMQ Webinput CSV Preview page](https://raw.githubusercontent.com/certat/intelmq-webinput-csv/c20413a401c2077140dd17fb7651db1132fde648/docs/images/screenshot.png)
 
 ### IntelMQ Mailgen
 
-A solution allowing an IntelMQ setup with a complex contact database, managed by a web interface and sending out aggregated email reports. In different words: To send grouped notifications to network owners using SMTP.
+A solution allowing an IntelMQ setup with a sophisticated contact database, managed by a web interface and sending out aggregated email reports. In different words: To send grouped notifications to network owners using SMTP.
 
 Developed and maintained by [Intevation](https://intevation.de), initially funded by [BSI](https://bsi.bund.de/).
 
@@ -65,13 +63,16 @@ It consists of the following three components, which can also be used on their o
 
 The certbund-contact consists of two IntelMQ expert bots, which fetch and process the information from the contact database, and scripts to import RIPE data into the contact database. Based on user-defined rules, the experts determine to which contact the event is to be sent to, and which e-mail template and attachment format to use.
 
+The contact database handles contact information for Autonomous systems (AS), Network ranges (CIDR) and single IP addresses, and domains.
+The component also includes scripts to import network information and contact data directly from RIPE.
+
 → [Repository: intelmq-certbund-contact](https://github.com/Intevation/intelmq-certbund-contact)
 
 #### IntelMQ Fody
 
 Fody is a web based interface for Mailgen. It allows to read and edit contacts, query sent mails (tickets) and call up data from the PostgreSQL database.
 
-It can also be used to just query the database without using Mailgen.
+It can also be used to just query the IntelMQ Event database without using Mailgen.
 
 ![IntelMQ Fody Dashboard](https://raw.githubusercontent.com/Intevation/intelmq-fody/6e41b836d0a2c350a5f2c5c95a4b3be4d3f46027/docs/images/landing_page.png)
 
@@ -82,8 +83,10 @@ intelmq-fody-backend](https://github.com/Intevation/intelmq-fody-backend)
 
 #### intelmq-mailgen
 
-Sends emails with grouped event data to the contacts determined by the certbund-contact. Mails can be encrypted with
-PGP.
+Sends emails with grouped event data to the contacts determined by the certbund-contact
+Mails can be encrypted with OpenPGP.
+
+Formatting scripts and templates define how the e-mails are created, their content and the included data.
 
 → [Repository:
 intelmq-mailgen](https://github.com/Intevation/intelmq-mailgen)
@@ -98,21 +101,9 @@ If features organizational hierarchies, contact roles, self-administration and n
 
 → [Repository: tuency](https://gitlab.com/Intevation/tuency/tuency)
 
-### "Constituency Portal" do-portal (deprecated)
-
-!!! warning
-    The *do-portal* is deprecated and succeeded by *tuency*.
-
-A contact portal with organizational hierarchies, role functionality and network objects based on RIPE, allows
-self-administration by the contacts. Can be queried from IntelMQ and integrates the stats-portal.
-
-Originally developed by [CERT-EU](https://cert.europa.eu/), then adapted by [CERT.at](https://cert.at).
-
-→ [Repository: do-portal](https://github.com/certat/do-portal)
-
 ### Stats Portal
 
-A Grafana-based statistics portal for the `eventdb`{.interpreted-text role="doc"}. Can be integrated into do-portal. It uses aggregated data to serve statistical data quickly.
+A Grafana-based statistics portal for the `eventdb`{.interpreted-text role="doc"}. It uses aggregated data to serve statistical data quickly.
 
 ![Stats Portal Architecture](https://raw.githubusercontent.com/certtools/stats-portal/38515266aabdf661a0b4becd8e921b03f32429fa/architecture-overview-stats-portal-screen.png)
 

intelmq/bin/intelmqctl.py

@@ -206,6 +206,9 @@ def __init__(self, interactive: bool = False, returntype: ReturnType = ReturnTyp
 Get some debugging output on the settings and the environment (to be extended):
     intelmqctl debug --get-paths
     intelmqctl debug --get-environment-variables
+
+Looking for help from the community?
+Find IntelMQ's support channels at https://docs.intelmq.org/latest/help/
 '''
 
         self._processmanagertype = getattr(self._parameters, 'process_manager', 'intelmq')