mirror of https://github.com/MISP/MISP
Merge remote-tracking branch 'upstream/2.4' into 2.4
commit
112323f49a
|
@ -1353,7 +1353,7 @@ class UsersController extends AppController {
|
|||
// shows some statistics about the instance
|
||||
public function statistics($page = 'data') {
|
||||
$this->set('page', $page);
|
||||
$pages = array('data' => 'Usage data', 'orgs' => 'Organisations', 'tags' => 'Tags', 'attributehistogram' => 'Attribute histogram', 'sightings' => 'Sightings toplists', 'attackMatrix' => 'ATT&CK Matrix');
|
||||
$pages = array('data' => 'Usage data', 'orgs' => 'Organisations', 'users' => 'User and Organisation statistics', 'tags' => 'Tags', 'attributehistogram' => 'Attribute histogram', 'sightings' => 'Sightings toplists', 'attackMatrix' => 'ATT&CK Matrix');
|
||||
if (!$this->_isSiteAdmin() && !empty(Configure::read('Security.hide_organisation_index_from_users'))) {
|
||||
unset($pages['orgs']);
|
||||
}
|
||||
|
@ -1366,6 +1366,8 @@ class UsersController extends AppController {
|
|||
throw new MethodNotAllowedException('This feature is currently disabled.');
|
||||
}
|
||||
$result = $this->__statisticsOrgs($this->params['named']);
|
||||
} else if ($page == 'users') {
|
||||
$result = $this->__statisticsUsers($this->params['named']);
|
||||
} else if ($page == 'tags') {
|
||||
$result = $this->__statisticsTags($this->params['named']);
|
||||
} else if ($page == 'attributehistogram') {
|
||||
|
@ -1549,6 +1551,52 @@ class UsersController extends AppController {
|
|||
}
|
||||
}
|
||||
|
||||
private function __statisticsUsers($params = array()) {
|
||||
$this->loadModel('Organisation');
|
||||
$this->loadModel('User');
|
||||
$this_month = strtotime(date('Y/m') . '/01');
|
||||
$this_year = strtotime(date('Y') . '/01/01');
|
||||
$ranges = array(
|
||||
'total' => null,
|
||||
'month' => $this_month,
|
||||
'year' => $this_year
|
||||
);
|
||||
$scopes = array(
|
||||
'user' => array(
|
||||
'conditions' => null,
|
||||
'model' => 'User',
|
||||
'date_created' => 'timestamp'
|
||||
),
|
||||
'org_local' => array(
|
||||
'conditions' => array('Organisation.local' => 1),
|
||||
'model' => 'Organisation',
|
||||
'date_created' => 'datetime'
|
||||
),
|
||||
'org_external' => array(
|
||||
'conditions' => array('Organisation.local' => 0),
|
||||
'model' => 'Organisation',
|
||||
'date_created' => 'datetime'
|
||||
)
|
||||
);
|
||||
$statistics = array();
|
||||
foreach ($scopes as $scope => $scope_data) {
|
||||
foreach ($ranges as $range => $condition) {
|
||||
$params = array(
|
||||
'recursive' => -1
|
||||
);
|
||||
if (!empty($condition)) {
|
||||
if ($scope_data['date_created'] === 'datetime') {
|
||||
$condition = date('Y-m-d H:i:s', $condition);
|
||||
}
|
||||
$params['conditions'] = array($scope_data['model'] . '.date_created >=' => $condition);
|
||||
}
|
||||
$statistics[$scope]['data'][$range] = $this->{$scope_data['model']}->find('count', $params);
|
||||
}
|
||||
}
|
||||
$this->set('statistics', $statistics);
|
||||
$this->render('statistics_users');
|
||||
}
|
||||
|
||||
public function tagStatisticsGraph() {
|
||||
$this->loadModel('EventTag');
|
||||
$tags = $this->EventTag->getSortedTagList();
|
||||
|
|
|
@ -14,6 +14,7 @@
|
|||
);
|
||||
$types[$scope]['selected'] = true;
|
||||
?>
|
||||
<h4><?php echo __('Organisation list');?></h4>
|
||||
<p><?php echo __('Quick overview over the organisations residing on or known by this instance.');?></p>
|
||||
<div class="tabMenuFixedContainer" style="display:inline-block;">
|
||||
<?php
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
<div class = "index">
|
||||
<h2><?php echo __('Statistics');?></h2>
|
||||
<?php
|
||||
echo $this->element('Users/statisticsMenu');
|
||||
?>
|
||||
<h4><?php echo __('User and Organisation Statistics');?></h4>
|
||||
<div style="width:250px;">
|
||||
<dl>
|
||||
<?php
|
||||
foreach ($statistics as $type => $data) {
|
||||
foreach ($data['data'] as $time_frame => $count) {
|
||||
$extra = '';
|
||||
$icon = '';
|
||||
if ($count && $time_frame !== 'total') {
|
||||
$extra = 'green';
|
||||
$icon = '<span class="fa fa-angle-up"></span>';
|
||||
}
|
||||
echo sprintf('<dt>%s (%s)</dt>', Inflector::humanize(h($type)), Inflector::humanize(h($time_frame)));
|
||||
echo sprintf('<dd class="bold %s">%s %s</dd>', $extra, h($count), $icon);
|
||||
}
|
||||
}
|
||||
?>
|
||||
</dl>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->element('side_menu', array('menuList' => 'globalActions', 'menuItem' => 'statistics'));
|
||||
?>
|
|
@ -73,7 +73,11 @@ not_implemented_attributes = ['yara', 'snort', 'pattern-in-traffic', 'pattern-in
|
|||
|
||||
non_indicator_attributes = ['text', 'comment', 'other', 'link', 'target-user', 'target-email', 'target-machine', 'target-org', 'target-location', 'target-external', 'vulnerability']
|
||||
|
||||
hash_type_attributes = {"single":["md5", "sha1", "sha224", "sha256", "sha384", "sha512", "sha512/224", "sha512/256", "ssdeep", "imphash", "authentihash", "pehash", "tlsh", "x509-fingerprint-sha1"], "composite": ["filename|md5", "filename|sha1", "filename|sha224", "filename|sha256", "filename|sha384", "filename|sha512", "filename|sha512/224", "filename|sha512/256", "filename|authentihash", "filename|ssdeep", "filename|tlsh", "filename|imphash", "filename|pehash"]}
|
||||
hash_type_attributes = {"single": ["md5", "sha1", "sha224", "sha256", "sha384", "sha512", "sha512/224", "sha512/256", "ssdeep",
|
||||
"imphash", "authentihash", "pehash", "tlsh", "x509-fingerprint-sha1"],
|
||||
"composite": ["filename|md5", "filename|sha1", "filename|sha224", "filename|sha256", "filename|sha384",
|
||||
"filename|sha512", "filename|sha512/224", "filename|sha512/256", "filename|authentihash",
|
||||
"filename|ssdeep", "filename|tlsh", "filename|imphash", "filename|pehash"]}
|
||||
|
||||
# mapping for the attributes that can go through the simpleobservable script
|
||||
misp_cybox_name = {"domain" : "DomainName", "hostname" : "Hostname", "url" : "URI", "AS" : "AutonomousSystem", "mutex" : "Mutex",
|
||||
|
@ -1108,7 +1112,7 @@ class StixBuilder(object):
|
|||
fuzzy = False
|
||||
f, h = [""] * 2
|
||||
attribute_type = attribute.type
|
||||
if attribute_type in (hash_type_attributes['composite'], "malware-sample"):
|
||||
if attribute_type in hash_type_attributes['composite'] or attribute_type == "malware-sample":
|
||||
f, h = attribute.value.split('|')
|
||||
composite = attribute_type.split('|')
|
||||
if len(composite) > 1 and composite[1] == "ssdeep":
|
||||
|
|
Loading…
Reference in New Issue