Initial commit.

.gitignore

@@ -0,0 +1,3 @@
+/files/
+/output_files/
+/parsedmarc/GeoLite2-Country*

README.md

@@ -1,2 +1,13 @@
 # dmarc-visualizer
-Analyse and visualize DMARC results using open-source tools
+
+Analyse and visualize DMARC results using open-source tools.
+
+* [parsedmarc](https://github.com/domainaware/parsedmarc) for parsing DMARC reports,
+* [Elasticsearch](https://www.elastic.co/) to store aggregated data.
+* [Grafana](https://grafana.com/) to visualize the aggregated reports.
+
+See the full blog post with instructions at https://debricked.com/blog/some-url-here.
+
+## Screenshot
+
+![Screenshot of Grafana dashboard](/big_screenshot.png?raw=true)

docker-compose.yml

@@ -0,0 +1,23 @@
+version: '3.7'
+services:
+  parsedmarc:
+    build: ./parsedmarc/
+    volumes:
+      - ./files:/input:ro
+      - ./output_files:/output
+    command: parsedmarc -c /parsedmarc.ini /input/*
+    depends_on:
+      - elasticsearch
+
+  elasticsearch:
+    image: docker.elastic.co/elasticsearch/elasticsearch:7.6.0
+    environment:
+      - discovery.type=single-node
+
+  grafana:
+    build: ./grafana/
+    ports:
+      - 3000:3000
+    environment:
+      GF_INSTALL_PLUGINS: grafana-piechart-panel,grafana-worldmap-panel
+      GF_AUTH_ANONYMOUS_ENABLED: 'true'

grafana/Dockerfile

@@ -0,0 +1,6 @@
+FROM grafana/grafana:6.7.3
+
+ADD --chown=grafana:grafana https://raw.githubusercontent.com/domainaware/parsedmarc/master/grafana/Grafana-DMARC_Reports.json /var/lib/grafana/dashboards/
+RUN chmod 644 /var/lib/grafana/dashboards/Grafana-DMARC_Reports.json
+
+COPY grafana-provisioning/ /etc/grafana/provisioning/

grafana/grafana-provisioning/dashboards/all.yml

@@ -0,0 +1,6 @@
+- name: 'default'
+  org_id: 1
+  path: ''
+  type: 'file'
+  options:
+    folder: '/var/lib/grafana/dashboards'

grafana/grafana-provisioning/datasources/all.yml

@@ -0,0 +1,16 @@
+apiVersion: 1
+
+datasources:
+- name: 'dmarc-ag'
+  type: 'elasticsearch'
+  access: 'proxy'
+  orgId: 1
+  url: 'http://elasticsearch:9200'
+  database: '[dmarc_aggregate-]YYYY-MM-DD'
+  isDefault: true
+  jsonData:
+    esVersion: 70
+    timeField: 'date_range'
+    interval: 'Daily'
+  version: 1
+  editable: false

parsedmarc/Dockerfile

@@ -0,0 +1,7 @@
+FROM python:alpine
+
+RUN apk add build-base libxml2-dev libxslt-dev \
+    && pip install parsedmarc
+
+COPY parsedmarc.ini /
+#COPY GeoLite2-Country.mmdb /usr/share/GeoIP/GeoLite2-Country.mmdb

parsedmarc/parsedmarc.ini

@@ -0,0 +1,8 @@
+[general]
+save_aggregate = True
+save_forensic = True
+output = /output/
+
+[elasticsearch]
+hosts = elasticsearch:9200
+ssl = False