
225 lines
9.3 KiB
Raw Permalink Normal View History

App::uses('AppController', 'Controller');
* @property Correlation $Correlation
class CorrelationsController extends AppController
public $components = array('RequestHandler');
public function top()
$query = [
'limit' => 50,
'page' => 1
if (!empty($this->params['named']['limit'])) {
$query['limit'] = $this->params['named']['limit'];
if (!empty($this->params['named']['page'])) {
$query['page'] = $this->params['named']['page'];
if ($this->_isRest()) {
$data = $this->Correlation->findTop($query);
return $this->RestResponse->viewData($data, 'json');
} else {
$data = $this->Correlation->findTop($query);
$age = $this->Correlation->getTopTime();
$age = time() - $age;
$unit = 's';
if ($age >= 60) {
$age = ceil($age / 60);
$unit = 'm';
if ($age >= 60) {
$age = ceil($age / 60);
$unit = 'h';
if ($age >= 24) {
$age = ceil($age / 24);
$unit = 'd';
if ($age >= 365) {
$age = ceil($age / 365);
$unit = 'y';
$this->__setPagingParams($query['page'], $query['limit'], count($data), 'named');
$this->set('age', $age);
$this->set('age_unit', $unit);
$this->set('data', $data);
$this->set('title_for_layout', __('Top correlations index'));
$this->set('menuData', [
'menuList' => 'correlationExclusions',
'menuItem' => 'top'
public function generateTopCorrelations()
$result = $this->Correlation->generateTopCorrelationsRouter();
if ($this->_isRest()) {
return $this->RestResponse->viewData($result, 'json');
} else {
if ($result === false) {
$message = __('No correlations found. Nothing to rank.');
} else if ($result === true) {
$message = __('Top correlation list regenerated.');
} else {
$message = __('Top correlation list generation queued for background processing. Job ID: %s.', $result);
$this->redirect(['controller' => 'correlations', 'action' => 'top']);
public function overCorrelations()
$query = [
'limit' => 50,
'page' => 1,
'order' => 'occurrence desc'
foreach ($query as $customParam => $foo) {
if (isset($this->request->params['named'][$customParam])) {
$query[$customParam] = $this->request->params['named'][$customParam];
if (isset($this->request->params['named']['scope'])) {
$limit = $this->Correlation->OverCorrelatingValue->getLimit();
if ($this->request->params['named']['scope'] === 'over_correlating') {
$scope = 'over_correlating';
$query['conditions'][] = ['occurrence >=' => $limit];
} else if ($this->request->params['named']['scope'] === 'not_over_correlating') {
$query['conditions'][] = ['occurrence <' => $limit];
$scope = 'not_over_correlating';
} else {
$scope = 'all';
$data = $this->Correlation->OverCorrelatingValue->getOverCorrelations($query);
$data = $this->Correlation->attachExclusionsToOverCorrelations($data);
if ($this->_isRest()) {
return $this->RestResponse->viewData($data, 'json');
$this->__setPagingParams($query['page'], $query['limit'], count($data), 'named');
$this->set('data', $data);
$this->set('scope', $scope);
$this->set('title_for_layout', __('Index of over correlating values'));
$this->set('menuData', [
'menuList' => 'correlationExclusions',
'menuItem' => 'over'
public function switchEngine(string $engine)
if (!isset($this->Correlation->validEngines[$engine])) {
throw new MethodNotAllowedException(__('Not a valid engine choice. Please make sure you pass one of the following: ', implode(', ', array_keys($this->Correlation->validEngines))));
if ($this->request->is('post')) {
$setting = $this->Server->getSettingData('MISP.correlation_engine');
$result = $this->Server->serverSettingsEditValue($this->Auth->user(), $setting, $engine);
if ($result === true) {
$message = __('Engine switched.');
if ($this->_isRest()) {
return $this->RestResponse->saveSuccessResponse('Correlations', 'switchEngine', false, $this->response->type(), $message);
} else {
$this->redirect(['controller' => 'servers', 'action' => 'serverSettings', 'correlations']);
} else {
$message = __('Couldn\'t switch to the requested engine.');
if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse('Correlations', 'switchEngine', false, $message, $this->response->type());
} else {
$this->redirect(['controller' => 'servers', 'action' => 'serverSettings', 'correlations']);
} else {
$this->set('engine', $engine);
public function truncate(string $engine)
if (!isset($this->Correlation->validEngines[$engine])) {
throw new MethodNotAllowedException(__('Not a valid engine choice. Please make sure you pass one of the following: ', implode(', ', array_keys($this->Correlation->validEngines))));
if ($this->request->is('post')) {
if (!Configure::read('MISP.background_jobs')) {
$result = $this->Correlation->truncate($this->Auth->user(), $engine);
$message = $result ? __('Table truncated.') : __('Could not truncate table');
if ($this->_isRest()) {
if ($result) {
$this->RestResponse->saveSuccessResponse('Correlations', 'truncate', false, $this->response->type(), $message);
} else {
$this->RestResponse->saveFailResponse('Correlations', 'truncate', false, $message, $this->response->type());
} else {
$this->Flash->{$result ? 'success' : 'error'}($message);
$this->redirect(['controller' => 'servers', 'action' => 'serverSettings', 'correlations']);
} else {
$job = ClassRegistry::init('Job');
$jobId = $job->createJob(
'truncate table',
'Job created.'
$message = __('Job queued. You can view the progress if you navigate to the active jobs view (Administration -> Jobs).');
if ($this->_isRest()) {
return $this->RestResponse->saveSuccessResponse('Correlations', 'truncate', false, $this->response->type(), $message);
} else {
$this->redirect(['controller' => 'servers', 'action' => 'serverSettings', 'correlations']);
} else {
$this->set('engine', $engine);
$this->set('table_name', $this->Correlation->validEngines[$engine]);
public function generateOccurrences()
if (Configure::read('MISP.background_jobs')) {
$message = __('Job queued.');
} else {
$message = __('Over-correlations counted successfully.');
if ($this->_isRest()) {
return $this->RestResponse->saveSuccessResponse('Correlations', 'generateOccurrences', false, $this->response->type(), $message);
$this->redirect(['controller' => 'correlations', 'action' => 'overCorrelations']);