Plugin Configuration

Before running the plugin, you need to locate the script on the server, set execution permissions, and collect connection details for both Pandora FMS and MISP.


1. Script Location and Permissions

Upload the file to the server and run the following command to make it executable:

chmod +x /usr/share/pandora_server/util/plugin/misp_to_pandora.py

2. Pandora FMS API Configuration (ACL)

For the script to inject rules via the API, the IP executing the script must be authorized.

  1. Log in to the Pandora FMS web console as an administrator.

  2. Navigate to: Management → Settings → System Settings → General Setup → Security tab.

  3. Check the field IP list with API access.

    • Ensure the IP of the server running the script (or 127.0.0.1 if running locally) is included, separated by commas.

    • You can also use * to allow any IP.

  4. Generate a V2 API authorization token following the official documentation.


3. Parameters Collection

The script requires 5 mandatory parameters that must be passed in a specific order during execution:

Recommended: use a high number to avoid conflicts with native or previously created custom rules

Once all the required data is collected, you can proceed to run the plugin.


Revision #2
Created 6 March 2026 13:06:57 by Sergio Berruetta
Updated 6 March 2026 13:34:08 by Sergio Berruetta