mirror of https://github.com/MISP/MISP
Fixed a serious issue with the snort/suricata export which would keep appending all eligible attributes over and over to the file instead of properly fetching them event by event resulting in a massive export file
parent
181566bafb
commit
3061b37fc3
|
@ -210,8 +210,7 @@ class EventShell extends AppShell
|
|||
$this->Job->id = $id;
|
||||
$format = $this->args[2];
|
||||
$sid = $this->args[3];
|
||||
// TEMP: change to passing an options array with the user!!
|
||||
$eventIds = $this->Event->fetchEventIds($user);
|
||||
$eventIds = array_values($this->Event->fetchEventIds($user, false, false, false, true));
|
||||
$eventCount = count($eventIds);
|
||||
$dir = new Folder(APP . DS . '/tmp/cached_exports/' . $format);
|
||||
if ($user['Role']['perm_site_admin']) {
|
||||
|
@ -222,9 +221,9 @@ class EventShell extends AppShell
|
|||
$file->write('');
|
||||
foreach ($eventIds as $k => $eventId) {
|
||||
if ($k == 0) {
|
||||
$temp = $this->Attribute->nids($user, $format, $eventId['Event']['id']);
|
||||
$temp = $this->Attribute->nids($user, $format, $eventId);
|
||||
} else {
|
||||
$temp = $this->Attribute->nids($user, $format, $eventId['Event']['id'], true);
|
||||
$temp = $this->Attribute->nids($user, $format, $eventId, true);
|
||||
}
|
||||
foreach ($temp as $line) {
|
||||
$file->append($line . PHP_EOL);
|
||||
|
|
|
@ -1362,11 +1362,6 @@ class Attribute extends AppModel {
|
|||
$tag = ClassRegistry::init('Tag');
|
||||
$args = $this->dissectArgs($tags);
|
||||
$tagArray = $tag->fetchEventTagIds($args[0], $args[1]);
|
||||
if ($id) {
|
||||
foreach ($eventIds as $k => $v) {
|
||||
if ($v['Event']['id'] !== $id) unset($eventIds[$k]);
|
||||
}
|
||||
}
|
||||
if (!empty($tagArray[0])) {
|
||||
foreach ($eventIds as $k => $v) {
|
||||
if (!in_array($v['Event']['id'], $tagArray[0])) unset($eventIds[$k]);
|
||||
|
@ -1378,6 +1373,12 @@ class Attribute extends AppModel {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ($id) {
|
||||
foreach ($eventIds as $k => $v) {
|
||||
if ($v['Event']['id'] !== $id) unset($eventIds[$k]);
|
||||
}
|
||||
}
|
||||
|
||||
if ($format == 'suricata') App::uses('NidsSuricataExport', 'Export');
|
||||
else App::uses('NidsSnortExport', 'Export');
|
||||
|
@ -1485,8 +1486,6 @@ class Attribute extends AppModel {
|
|||
array('type' => $v),
|
||||
),
|
||||
'fields' => array('Attribute.value'), //array of field names
|
||||
'order' => array('Attribute.value'), //string or array defining order
|
||||
'group' => array('Attribute.value'), //fields to GROUP BY
|
||||
)
|
||||
);
|
||||
if ($k == 'hostname') {
|
||||
|
|
|
@ -1125,12 +1125,12 @@ class Server extends AppModel {
|
|||
// get rid of events that are the same timestamp as ours or older, we don't want to transfer the attributes for those
|
||||
// The event's timestamp also matches the newest attribute timestamp by default
|
||||
if ($this->Event->checkIfNewer($event)) {
|
||||
if ($force_uuid) $eventIds[] = $event['uuid'];
|
||||
else $eventIds[] = $event['id'];
|
||||
}
|
||||
if ($force_uuid) $eventIds[] = $event['uuid'];
|
||||
else $eventIds[] = $event['id'];
|
||||
}
|
||||
}
|
||||
return $eventIds;
|
||||
}
|
||||
return $eventIds;
|
||||
}
|
||||
if ($response->code == '403') {
|
||||
return 403;
|
||||
|
|
|
@ -78,7 +78,7 @@ foreach ($servers as $server):
|
|||
<?php
|
||||
echo $this->Html->link('', array('action' => 'previewIndex', $server['Server']['id']), array('class' => 'icon-search', 'title' => 'Explore'));
|
||||
if ($server['Server']['pull'])
|
||||
echo $this->Html->link('', array('action' => 'pull', $server['Server']['id'], 'update'), array('class' => 'icon-refresh', 'title' => 'Pull updates only'));
|
||||
echo $this->Html->link('', array('action' => 'pull', $server['Server']['id'], 'update'), array('class' => 'icon-refresh', 'title' => 'Pull updates to events that already exist locally'));
|
||||
echo $this->Html->link('', array('action' => 'pull', $server['Server']['id'], 'full'), array('class' => 'icon-download', 'title' => 'Pull all'));
|
||||
if ($server['Server']['push'])
|
||||
echo $this->Html->link('', array('action' => 'push', $server['Server']['id'], 'full'), array('class' => 'icon-upload', 'title' => 'Push all'));
|
||||
|
|
Loading…
Reference in New Issue