mirror of https://github.com/MISP/MISP
Merge branch 'master' of github.com:MISP/MISP into ncsc-nl/install-centos
commit
667ce41eca
|
@ -29,7 +29,7 @@ Once the system is installed you can perform the following steps as root:
|
|||
apt-get install vim
|
||||
|
||||
# Install the dependencies:
|
||||
apt-get install zip php-pear git redis-server make python-dev python-pip libxml2-dev libxslt-dev zlib1g-dev php5-dev
|
||||
apt-get install zip php-pear git redis-server make python-dev python-pip libxml2-dev libxslt-dev zlib1g-dev php5-dev libapache2-mod-php5
|
||||
pear install Crypt_GPG # we need version >1.3.0
|
||||
pear install Net_GeoIP
|
||||
|
||||
|
|
Binary file not shown.
After Width: | Height: | Size: 10 KiB |
Binary file not shown.
|
@ -0,0 +1,277 @@
|
|||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<!-- Created with Inkscape (http://www.inkscape.org/) -->
|
||||
|
||||
<svg
|
||||
xmlns:dc="http://purl.org/dc/elements/1.1/"
|
||||
xmlns:cc="http://creativecommons.org/ns#"
|
||||
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
|
||||
xmlns:svg="http://www.w3.org/2000/svg"
|
||||
xmlns="http://www.w3.org/2000/svg"
|
||||
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
|
||||
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
|
||||
width="744.09448819"
|
||||
height="1052.3622047"
|
||||
id="svg4883"
|
||||
version="1.1"
|
||||
inkscape:version="0.48.0 r9654"
|
||||
sodipodi:docname="New document 5">
|
||||
<defs
|
||||
id="defs4885">
|
||||
<clipPath
|
||||
clipPathUnits="userSpaceOnUse"
|
||||
id="clipPath312">
|
||||
<path
|
||||
inkscape:connector-curvature="0"
|
||||
d="m 0,0 595.276,0 0,841.89 L 0,841.89 0,0 z"
|
||||
id="path314" />
|
||||
</clipPath>
|
||||
<clipPath
|
||||
clipPathUnits="userSpaceOnUse"
|
||||
id="clipPath1086">
|
||||
<path
|
||||
inkscape:connector-curvature="0"
|
||||
d="m 0,0 595.276,0 0,841.89 L 0,841.89 0,0 z"
|
||||
id="path1088" />
|
||||
</clipPath>
|
||||
<clipPath
|
||||
clipPathUnits="userSpaceOnUse"
|
||||
id="clipPath844">
|
||||
<path
|
||||
inkscape:connector-curvature="0"
|
||||
d="m 0,0 595.276,0 0,841.89 L 0,841.89 0,0 z"
|
||||
id="path846" />
|
||||
</clipPath>
|
||||
<clipPath
|
||||
clipPathUnits="userSpaceOnUse"
|
||||
id="clipPath820">
|
||||
<path
|
||||
inkscape:connector-curvature="0"
|
||||
d="m 0,0 595.276,0 0,841.89 L 0,841.89 0,0 z"
|
||||
id="path822" />
|
||||
</clipPath>
|
||||
<clipPath
|
||||
clipPathUnits="userSpaceOnUse"
|
||||
id="clipPath536">
|
||||
<path
|
||||
inkscape:connector-curvature="0"
|
||||
d="m 0,0 595.276,0 0,841.89 L 0,841.89 0,0 z"
|
||||
id="path538" />
|
||||
</clipPath>
|
||||
<clipPath
|
||||
clipPathUnits="userSpaceOnUse"
|
||||
id="clipPath516">
|
||||
<path
|
||||
inkscape:connector-curvature="0"
|
||||
d="m 0,0 595.276,0 0,841.89 L 0,841.89 0,0 z"
|
||||
id="path518" />
|
||||
</clipPath>
|
||||
<clipPath
|
||||
clipPathUnits="userSpaceOnUse"
|
||||
id="clipPath1064">
|
||||
<path
|
||||
inkscape:connector-curvature="0"
|
||||
d="m 0,0 595.276,0 0,841.89 L 0,841.89 0,0 z"
|
||||
id="path1066" />
|
||||
</clipPath>
|
||||
<clipPath
|
||||
clipPathUnits="userSpaceOnUse"
|
||||
id="clipPath312-3">
|
||||
<path
|
||||
inkscape:connector-curvature="0"
|
||||
d="m 0,0 595.276,0 0,841.89 L 0,841.89 0,0 z"
|
||||
id="path314-8" />
|
||||
</clipPath>
|
||||
<clipPath
|
||||
clipPathUnits="userSpaceOnUse"
|
||||
id="clipPath312-3-6">
|
||||
<path
|
||||
inkscape:connector-curvature="0"
|
||||
d="m 0,0 595.276,0 0,841.89 L 0,841.89 0,0 z"
|
||||
id="path314-8-6" />
|
||||
</clipPath>
|
||||
<clipPath
|
||||
clipPathUnits="userSpaceOnUse"
|
||||
id="clipPath312-7">
|
||||
<path
|
||||
inkscape:connector-curvature="0"
|
||||
d="m 0,0 595.276,0 0,841.89 L 0,841.89 0,0 z"
|
||||
id="path314-0" />
|
||||
</clipPath>
|
||||
</defs>
|
||||
<sodipodi:namedview
|
||||
id="base"
|
||||
pagecolor="#ffffff"
|
||||
bordercolor="#666666"
|
||||
borderopacity="1.0"
|
||||
inkscape:pageopacity="0.0"
|
||||
inkscape:pageshadow="2"
|
||||
inkscape:zoom="1.0729879"
|
||||
inkscape:cx="275.3537"
|
||||
inkscape:cy="548.23392"
|
||||
inkscape:document-units="px"
|
||||
inkscape:current-layer="layer1"
|
||||
showgrid="false"
|
||||
inkscape:window-width="1106"
|
||||
inkscape:window-height="1267"
|
||||
inkscape:window-x="1280"
|
||||
inkscape:window-y="22"
|
||||
inkscape:window-maximized="0" />
|
||||
<metadata
|
||||
id="metadata4888">
|
||||
<rdf:RDF>
|
||||
<cc:Work
|
||||
rdf:about="">
|
||||
<dc:format>image/svg+xml</dc:format>
|
||||
<dc:type
|
||||
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
|
||||
<dc:title></dc:title>
|
||||
</cc:Work>
|
||||
</rdf:RDF>
|
||||
</metadata>
|
||||
<g
|
||||
inkscape:label="Layer 1"
|
||||
inkscape:groupmode="layer"
|
||||
id="layer1">
|
||||
<g
|
||||
id="g1076"
|
||||
transform="matrix(1.25,0,0,-1.25,138.79848,305.37465)"
|
||||
inkscape:export-filename="/home/adulau/misp.png"
|
||||
inkscape:export-xdpi="100"
|
||||
inkscape:export-ydpi="100">
|
||||
<path
|
||||
d="M 0,0 14.014,0 22.629,-14.129 31.245,0 l 14.013,0 0,-40.204 -13.383,0 0,19.93 -9.246,-14.302 -0.23,0 -9.247,14.302 0,-19.93 L 0,-40.204 0,0 z"
|
||||
style="fill:#5f6062;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
id="path1078"
|
||||
inkscape:connector-curvature="0" />
|
||||
</g>
|
||||
<path
|
||||
d="m 203.68939,305.37465 16.8,0 0,50.255 -16.8,0 0,-50.255 z"
|
||||
style="fill:#5f6062;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
id="path1080"
|
||||
inkscape:connector-curvature="0"
|
||||
inkscape:export-filename="/home/adulau/misp.png"
|
||||
inkscape:export-xdpi="100"
|
||||
inkscape:export-ydpi="100" />
|
||||
<g
|
||||
id="g1082"
|
||||
transform="matrix(1.25,0,0,-1.25,-147.17662,827.47954)"
|
||||
inkscape:export-filename="/home/adulau/misp.png"
|
||||
inkscape:export-xdpi="100"
|
||||
inkscape:export-ydpi="100">
|
||||
<g
|
||||
id="g1084"
|
||||
clip-path="url(#clipPath1086)">
|
||||
<g
|
||||
id="g1090"
|
||||
transform="translate(297.5875,384.2569)">
|
||||
<path
|
||||
d="m 0,0 7.18,8.558 c 4.365,-3.332 9.361,-4.71 14.071,-4.71 2.412,0 3.446,0.631 3.446,1.723 l 0,0.115 c 0,1.148 -1.263,1.78 -5.571,2.642 C 10.108,10.166 2.183,12.75 2.183,21.25 l 0,0.115 c 0,7.639 5.973,13.555 17.058,13.555 7.753,0 13.497,-1.838 18.149,-5.514 l -6.547,-9.074 c -3.791,2.756 -8.328,3.962 -12.062,3.962 -2.009,0 -2.928,-0.689 -2.928,-1.665 l 0,-0.115 c 0,-1.091 1.09,-1.781 5.34,-2.585 10.282,-1.895 17.173,-4.882 17.173,-12.98 l 0,-0.115 C 38.366,-1.608 31.417,-6.777 20.619,-6.777 12.464,-6.777 5.112,-4.48 0,0"
|
||||
style="fill:#5f6062;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
id="path1092"
|
||||
inkscape:connector-curvature="0" />
|
||||
</g>
|
||||
<g
|
||||
id="g1094"
|
||||
transform="translate(340.0289,418.4302)">
|
||||
<path
|
||||
d="m 0,0 18.091,0 c 10.683,0 17.977,-4.767 17.977,-14.301 l 0,-0.115 c 0,-9.707 -7.409,-14.876 -18.264,-14.876 l -4.365,0 0,-10.912 L 0,-40.204 0,0 z m 17.058,-19.7 c 3.446,0 5.743,1.551 5.743,4.422 l 0,0.115 c 0,2.929 -2.125,4.423 -5.686,4.423 l -3.676,0 0,-8.96 3.619,0 z"
|
||||
style="fill:#5f6062;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
id="path1096"
|
||||
inkscape:connector-curvature="0" />
|
||||
</g>
|
||||
</g>
|
||||
</g>
|
||||
<text
|
||||
xml:space="preserve"
|
||||
style="font-size:28px;font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;text-align:start;line-height:125%;letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;text-anchor:start;fill:#5f6062;fill-opacity:1;stroke:none;font-family:Sans;-inkscape-font-specification:Sans Bold"
|
||||
x="144.31558"
|
||||
y="381.55212"
|
||||
id="text4094"
|
||||
sodipodi:linespacing="125%"
|
||||
inkscape:export-filename="/home/adulau/misp.png"
|
||||
inkscape:export-xdpi="100"
|
||||
inkscape:export-ydpi="100"><tspan
|
||||
sodipodi:role="line"
|
||||
id="tspan4096"
|
||||
x="144.31558"
|
||||
y="381.55212">Threat Sharing</tspan></text>
|
||||
<g
|
||||
style="fill:#5f6062;fill-opacity:1"
|
||||
clip-path="url(#clipPath312-3)"
|
||||
id="g310-6"
|
||||
transform="matrix(0.82342066,0,0,-0.82342066,115.76578,1231.1964)">
|
||||
<g
|
||||
style="fill:#5f6062;fill-opacity:1"
|
||||
transform="translate(385.579,529.5928)"
|
||||
id="g316-3">
|
||||
<path
|
||||
inkscape:connector-curvature="0"
|
||||
id="path318-4"
|
||||
style="fill:#5f6062;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
d="m 0,0 -5.184,0 0,-56.985 c 0,-8.879 -5.16,-16.902 -15.523,-16.902 l -101.465,0 0,-2.709 c 0,-7.851 8.922,-15.763 18.084,-15.763 l 77.581,0 29.678,-17.449 -4.31,17.449 1.139,0 c 9.156,0 13.287,7.906 13.287,15.763 l 0,63.068 C 13.287,-5.683 9.156,0 0,0" />
|
||||
</g>
|
||||
<g
|
||||
style="fill:#5f6062;fill-opacity:1"
|
||||
transform="translate(349.7253,569.1839)"
|
||||
id="g320-9">
|
||||
<path
|
||||
inkscape:connector-curvature="0"
|
||||
id="path322-7"
|
||||
style="fill:#5f6062;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
d="m 0,0 -117.85,0 c -10.369,0 -22.301,-9.211 -22.301,-18.09 l 0,-71.424 c 0,-8.177 10.11,-14.082 19.807,-14.987 l -6.311,-23.958 40.441,23.786 86.214,0 c 10.363,0 19.937,6.286 19.937,15.159 l 0,57.786 0,13.638 C 19.937,-9.211 10.363,0 0,0 m -99.871,-60.292 c -5.88,0 -10.645,4.766 -10.645,10.646 0,5.88 4.765,10.646 10.645,10.646 5.874,0 10.646,-4.766 10.646,-10.646 0,-5.88 -4.772,-10.646 -10.646,-10.646 m 39.764,0 c -5.88,0 -10.646,4.766 -10.646,10.646 0,5.88 4.766,10.646 10.646,10.646 5.88,0 10.646,-4.766 10.646,-10.646 0,-5.88 -4.766,-10.646 -10.646,-10.646 m 39.77,0 c -5.881,0 -10.652,4.766 -10.652,10.646 0,5.88 4.771,10.646 10.652,10.646 5.868,0 10.645,-4.766 10.645,-10.646 0,-5.88 -4.777,-10.646 -10.645,-10.646" />
|
||||
</g>
|
||||
</g>
|
||||
<g
|
||||
style="fill:#5f6062;fill-opacity:1"
|
||||
clip-path="url(#clipPath312-3-6)"
|
||||
id="g310-6-1"
|
||||
transform="matrix(0.48862293,0,0,-0.48862293,41.474353,1067.6624)">
|
||||
<g
|
||||
style="fill:#5f6062;fill-opacity:1"
|
||||
transform="translate(385.579,529.5928)"
|
||||
id="g316-3-5">
|
||||
<path
|
||||
inkscape:connector-curvature="0"
|
||||
id="path318-4-6"
|
||||
style="fill:#5f6062;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
d="m 0,0 -5.184,0 0,-56.985 c 0,-8.879 -5.16,-16.902 -15.523,-16.902 l -101.465,0 0,-2.709 c 0,-7.851 8.922,-15.763 18.084,-15.763 l 77.581,0 29.678,-17.449 -4.31,17.449 1.139,0 c 9.156,0 13.287,7.906 13.287,15.763 l 0,63.068 C 13.287,-5.683 9.156,0 0,0" />
|
||||
</g>
|
||||
<g
|
||||
style="fill:#5f6062;fill-opacity:1"
|
||||
transform="translate(349.7253,569.1839)"
|
||||
id="g320-9-9">
|
||||
<path
|
||||
inkscape:connector-curvature="0"
|
||||
id="path322-7-1"
|
||||
style="fill:#5f6062;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
d="m 0,0 -117.85,0 c -10.369,0 -22.301,-9.211 -22.301,-18.09 l 0,-71.424 c 0,-8.177 10.11,-14.082 19.807,-14.987 l -6.311,-23.958 40.441,23.786 86.214,0 c 10.363,0 19.937,6.286 19.937,15.159 l 0,57.786 0,13.638 C 19.937,-9.211 10.363,0 0,0 m -99.871,-60.292 c -5.88,0 -10.645,4.766 -10.645,10.646 0,5.88 4.765,10.646 10.645,10.646 5.874,0 10.646,-4.766 10.646,-10.646 0,-5.88 -4.772,-10.646 -10.646,-10.646 m 39.764,0 c -5.88,0 -10.646,4.766 -10.646,10.646 0,5.88 4.766,10.646 10.646,10.646 5.88,0 10.646,-4.766 10.646,-10.646 0,-5.88 -4.766,-10.646 -10.646,-10.646 m 39.77,0 c -5.881,0 -10.652,4.766 -10.652,10.646 0,5.88 4.771,10.646 10.652,10.646 5.868,0 10.645,-4.766 10.645,-10.646 0,-5.88 -4.777,-10.646 -10.645,-10.646" />
|
||||
</g>
|
||||
</g>
|
||||
<g
|
||||
id="g308"
|
||||
transform="matrix(0.62542299,0,0,-0.62542299,101.24703,567.9731)">
|
||||
<g
|
||||
id="g310-5"
|
||||
clip-path="url(#clipPath312-7)">
|
||||
<g
|
||||
id="g316"
|
||||
transform="translate(385.579,529.5928)">
|
||||
<path
|
||||
d="m 0,0 -5.184,0 0,-56.985 c 0,-8.879 -5.16,-16.902 -15.523,-16.902 l -101.465,0 0,-2.709 c 0,-7.851 8.922,-15.763 18.084,-15.763 l 77.581,0 29.678,-17.449 -4.31,17.449 1.139,0 c 9.156,0 13.287,7.906 13.287,15.763 l 0,63.068 C 13.287,-5.683 9.156,0 0,0"
|
||||
style="fill:#2fa1db;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
id="path318"
|
||||
inkscape:connector-curvature="0" />
|
||||
</g>
|
||||
<g
|
||||
id="g320-4"
|
||||
transform="translate(349.7253,569.1839)">
|
||||
<path
|
||||
d="m 0,0 -117.85,0 c -10.369,0 -22.301,-9.211 -22.301,-18.09 l 0,-71.424 c 0,-8.177 10.11,-14.082 19.807,-14.987 l -6.311,-23.958 40.441,23.786 86.214,0 c 10.363,0 19.937,6.286 19.937,15.159 l 0,57.786 0,13.638 C 19.937,-9.211 10.363,0 0,0 m -99.871,-60.292 c -5.88,0 -10.645,4.766 -10.645,10.646 0,5.88 4.765,10.646 10.645,10.646 5.874,0 10.646,-4.766 10.646,-10.646 0,-5.88 -4.772,-10.646 -10.646,-10.646 m 39.764,0 c -5.88,0 -10.646,4.766 -10.646,10.646 0,5.88 4.766,10.646 10.646,10.646 5.88,0 10.646,-4.766 10.646,-10.646 0,-5.88 -4.766,-10.646 -10.646,-10.646 m 39.77,0 c -5.881,0 -10.652,4.766 -10.652,10.646 0,5.88 4.771,10.646 10.652,10.646 5.868,0 10.645,-4.766 10.645,-10.646 0,-5.88 -4.777,-10.646 -10.645,-10.646"
|
||||
style="fill:#2fa1db;fill-opacity:1;fill-rule:nonzero;stroke:none"
|
||||
id="path322-8"
|
||||
inkscape:connector-curvature="0" />
|
||||
</g>
|
||||
</g>
|
||||
</g>
|
||||
</g>
|
||||
</svg>
|
After Width: | Height: | Size: 12 KiB |
|
@ -1,5 +1,8 @@
|
|||
MISP - Malware Information Sharing Platform
|
||||
--------------------------------------------
|
||||
-------------------------------------------
|
||||
|
||||
![logo](./INSTALL/logos/misp-logo.png?raw=true "MISP")
|
||||
|
||||
The problem that we experienced in the past was the difficulty to exchange information about (targeted) malwares and attacks within a group of trusted partners, or a bilateral agreement.
|
||||
Even today much of the information exchange happens in unstructured reports where you have to copy-paste the information in your own text-files that you then have to parse to export to (N)IDS and systems like log-searches, etc...
|
||||
|
||||
|
|
|
@ -1 +1 @@
|
|||
{"major":2, "minor":3, "hotfix":47}
|
||||
{"major":2, "minor":3, "hotfix":52}
|
||||
|
|
|
@ -1814,8 +1814,6 @@ class EventsController extends AppController {
|
|||
if (!$this->Auth->user('id')) {
|
||||
throw new UnauthorizedException('You have to be logged in to do that.');
|
||||
}
|
||||
$user = $this->checkAuthUser($this->Auth->user('authkey'));
|
||||
if (!$user) throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
$user = array('User' => $this->Auth->user());
|
||||
$user['User']['siteAdmin'] = $this->_isSiteAdmin();
|
||||
}
|
||||
|
@ -1858,8 +1856,8 @@ class EventsController extends AppController {
|
|||
// Usage: csv($key, $eventid) - key can be a valid auth key or the string 'download'. Download requires the user to be logged in interactively and will generate a .csv file
|
||||
// $eventid can be one of 3 options: left empty it will get all the visible to_ids attributes,
|
||||
// $ignore is a flag that allows the export tool to ignore the ids flag. 0 = only IDS signatures, 1 = everything.
|
||||
public function csv($key, $eventid=false, $ignore=false, $tags = false, $category=false, $type=false, $includeInfo=false, $from=false, $to=false) {
|
||||
$simpleFalse = array('eventid', 'ignore', 'tags', 'category', 'type', 'includeInfo', 'from', 'to');
|
||||
public function csv($key, $eventid=false, $ignore=false, $tags = false, $category=false, $type=false, $includeContext=false, $from=false, $to=false) {
|
||||
$simpleFalse = array('eventid', 'ignore', 'tags', 'category', 'type', 'includeContext', 'from', 'to');
|
||||
foreach ($simpleFalse as $sF) {
|
||||
if (${$sF} === 'null' || ${$sF} == '0' || ${$sF} === false || strtolower(${$sF}) === 'false') ${$sF} = false;
|
||||
}
|
||||
|
@ -1900,13 +1898,17 @@ class EventsController extends AppController {
|
|||
$list[] = $attribute['Attribute']['id'];
|
||||
}
|
||||
}
|
||||
$attributes = $this->Event->csv($org, $isSiteAdmin, $eventid, $ignore, $list, $tags, $category, $type, $includeInfo, $from, $to);
|
||||
$attributes = $this->Event->csv($org, $isSiteAdmin, $eventid, $ignore, $list, $tags, $category, $type, $includeContext, $from, $to);
|
||||
$this->loadModel('Whitelist');
|
||||
$final = array();
|
||||
$attributes = $this->Whitelist->removeWhitelistedFromArray($attributes, true);
|
||||
foreach ($attributes as $attribute) {
|
||||
$line = $attribute['Attribute']['uuid'] . ',' . $attribute['Attribute']['event_id'] . ',' . $attribute['Attribute']['category'] . ',' . $attribute['Attribute']['type'] . ',' . $attribute['Attribute']['value'] . ',' . intval($attribute['Attribute']['to_ids']) . ',' . $attribute['Attribute']['timestamp'];
|
||||
if ($includeInfo) $line .= ',' . $attribute['Attribute']['event_info'];
|
||||
if ($includeContext) {
|
||||
foreach($this->Event->csv_event_context_fields_to_fetch as $field => $header) {
|
||||
$line .= ',' . $attribute['Attribute'][$header];
|
||||
}
|
||||
}
|
||||
$final[] = $line;
|
||||
}
|
||||
|
||||
|
@ -1920,7 +1922,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
$this->layout = 'text/default';
|
||||
$headers = array('uuid', 'event_id', 'category', 'type', 'value', 'to_ids', 'date');
|
||||
if ($includeInfo) $headers[] = 'event_info';
|
||||
if ($includeContext) $headers = array_merge($headers, array_values($this->Event->csv_event_context_fields_to_fetch));
|
||||
$this->set('headers', $headers);
|
||||
$this->set('final', $final);
|
||||
}
|
||||
|
@ -2365,7 +2367,6 @@ class EventsController extends AppController {
|
|||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
}
|
||||
$value = str_replace('|', '/', $value);
|
||||
|
||||
// request handler for POSTed queries. If the request is a post, the parameters (apart from the key) will be ignored and replaced by the terms defined in the posted json or xml object.
|
||||
// The correct format for both is a "request" root element, as shown by the examples below:
|
||||
// For Json: {"request":{"value": "7.7.7.7&&1.1.1.1","type":"ip-src"}}
|
||||
|
@ -2392,16 +2393,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
if ($tags) $tags = str_replace(';', ':', $tags);
|
||||
if ($searchall === 'true') $searchall = "1";
|
||||
|
||||
if (!isset($this->request->params['ext']) || $this->request->params['ext'] !== 'json') {
|
||||
$this->response->type('xml'); // set the content type
|
||||
$this->layout = 'xml/default';
|
||||
$this->header('Content-Disposition: download; filename="misp.search.events.results.xml"');
|
||||
} else {
|
||||
$this->response->type('json'); // set the content type
|
||||
$this->layout = 'json/default';
|
||||
$this->header('Content-Disposition: download; filename="misp.search.events.results.json"');
|
||||
}
|
||||
|
||||
$conditions['AND'] = array();
|
||||
$subcondition = array();
|
||||
$this->loadModel('Attribute');
|
||||
|
@ -2474,13 +2466,14 @@ class EventsController extends AppController {
|
|||
}
|
||||
$conditions['AND'][] = $temp;
|
||||
}
|
||||
$params = array(
|
||||
'conditions' => $conditions,
|
||||
'fields' => array('Attribute.event_id'),
|
||||
);
|
||||
|
||||
if ($from) $conditions['AND'][] = array('Event.date >=' => $from);
|
||||
if ($to) $conditions['AND'][] = array('Event.date <=' => $to);
|
||||
|
||||
$params = array(
|
||||
'conditions' => $conditions,
|
||||
'fields' => array('DISTINCT(Attribute.event_id)'),
|
||||
);
|
||||
$attributes = $this->Attribute->find('all', $params);
|
||||
$eventIds = array();
|
||||
foreach ($attributes as $attribute) {
|
||||
|
@ -2488,14 +2481,42 @@ class EventsController extends AppController {
|
|||
}
|
||||
}
|
||||
if (!empty($eventIds)) {
|
||||
$results = $this->__fetchEvent(null, $eventIds, $user['User']['org'], true);
|
||||
$this->loadModel('Whitelist');
|
||||
if ((!isset($this->request->params['ext']) || $this->request->params['ext'] !== 'json') && $this->response->type() !== 'application/json') {
|
||||
App::uses('XMLConverterTool', 'Tools');
|
||||
$converter = new XMLConverterTool();
|
||||
$final = "";
|
||||
$final .= '<?xml version="1.0" encoding="UTF-8"?>' . PHP_EOL . '<response>' . PHP_EOL;
|
||||
foreach ($eventIds as $currentEventId) {
|
||||
$result = $this->__fetchEvent($currentEventId, null, $user['User']['org'], true);
|
||||
$result = $this->Whitelist->removeWhitelistedFromArray($result, false);
|
||||
$final .= $converter->event2XML($result[0]) . PHP_EOL;
|
||||
}
|
||||
$final .= '</response>' . PHP_EOL;
|
||||
$final_filename="misp.search.events.results.xml";
|
||||
$this->response->body($final);
|
||||
$this->response->type('xml');
|
||||
$this->response->download($final_filename);
|
||||
} else {
|
||||
App::uses('JSONConverterTool', 'Tools');
|
||||
$converter = new JSONConverterTool();
|
||||
$temp = array();
|
||||
$final = '{"response":[';
|
||||
foreach ($eventIds as $k => $currentEventId) {
|
||||
$result = $this->__fetchEvent($currentEventId, null, $user['User']['org'], true);
|
||||
$final .= $converter->event2JSON($result[0]);
|
||||
if ($k < count($eventIds) -1 ) $final .= ',';
|
||||
}
|
||||
$final .= ']}';
|
||||
$final_filename="misp.search.events.results.json";
|
||||
$this->response->body($final);
|
||||
$this->response->type('json');
|
||||
$this->response->download($final_filename);
|
||||
}
|
||||
} else {
|
||||
throw new NotFoundException('No matches.');
|
||||
}
|
||||
$this->loadModel('Whitelist');
|
||||
$results = $this->Whitelist->removeWhitelistedFromArray($results, false);
|
||||
$this->response->type('xml');
|
||||
$this->set('results', $results);
|
||||
return $this->response;
|
||||
}
|
||||
|
||||
public function downloadOpenIOCEvent($eventid) {
|
||||
|
@ -2860,24 +2881,23 @@ class EventsController extends AppController {
|
|||
if (!$this->_isSiteAdmin() && !empty($event) && $event['Event']['orgc'] != $this->Auth->user('org')) throw new MethodNotAllowedException('Event not found or you don\'t have permissions to create attributes');
|
||||
$saved = 0;
|
||||
$failed = 0;
|
||||
foreach ($this->request->data['Attribute'] as $k => $attribute) {
|
||||
if ($attribute['save'] == '1') {
|
||||
if ($attribute['type'] == 'ip-src/ip-dst') {
|
||||
$types = array('ip-src', 'ip-dst');
|
||||
$attributes = json_decode($this->request->data['Attribute']['JsonObject'], true);
|
||||
foreach ($attributes as $k => $attribute) {
|
||||
if ($attribute['type'] == 'ip-src/ip-dst') {
|
||||
$types = array('ip-src', 'ip-dst');
|
||||
} else {
|
||||
$types = array($attribute['type']);
|
||||
}
|
||||
foreach ($types as $type) {
|
||||
$this->Event->Attribute->create();
|
||||
$attribute['type'] = $type;
|
||||
$attribute['distribution'] = $event['Event']['distribution'];
|
||||
if (empty($attribute['comment'])) $attribute['comment'] = 'Imported via the freetext import.';
|
||||
$attribute['event_id'] = $id;
|
||||
if ($this->Event->Attribute->save($attribute)) {
|
||||
$saved++;
|
||||
} else {
|
||||
$types = array($attribute['type']);
|
||||
}
|
||||
foreach ($types as $type) {
|
||||
$this->Event->Attribute->create();
|
||||
$attribute['type'] = $type;
|
||||
$attribute['distribution'] = $event['Event']['distribution'];
|
||||
if (empty($attribute['comment'])) $attribute['comment'] = 'Imported via the freetext import.';
|
||||
$attribute['event_id'] = $id;
|
||||
if ($this->Event->Attribute->save($attribute)) {
|
||||
$saved++;
|
||||
} else {
|
||||
$failed++;
|
||||
}
|
||||
$failed++;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,44 @@
|
|||
<?php
|
||||
class JSONConverterTool {
|
||||
public function event2JSON($event, $isSiteAdmin=false) {
|
||||
$event['Event']['Attribute'] = $event['Attribute'];
|
||||
$event['Event']['ShadowAttribute'] = $event['ShadowAttribute'];
|
||||
$event['Event']['RelatedEvent'] = $event['RelatedEvent'];
|
||||
|
||||
//
|
||||
// cleanup the array from things we do not want to expose
|
||||
//
|
||||
unset($event['Event']['user_id']);
|
||||
// hide the org field is we are not in showorg mode
|
||||
if (!Configure::read('MISP.showorg') && !$isSiteAdmin) {
|
||||
unset($event['Event']['org']);
|
||||
unset($event['Event']['orgc']);
|
||||
unset($event['Event']['from']);
|
||||
}
|
||||
|
||||
if (isset($event['Event']['Attribute'])) {
|
||||
// remove value1 and value2 from the output and remove invalid utf8 characters for the xml parser
|
||||
foreach ($event['Event']['Attribute'] as $key => $value) {
|
||||
unset($event['Event']['Attribute'][$key]['value1']);
|
||||
unset($event['Event']['Attribute'][$key]['value2']);
|
||||
unset($event['Event']['Attribute'][$key]['category_order']);
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($event['Event']['RelatedEvent'])) {
|
||||
foreach ($event['Event']['RelatedEvent'] as $key => $value) {
|
||||
$temp = $value['Event'];
|
||||
unset($event['Event']['RelatedEvent'][$key]['Event']);
|
||||
$event['Event']['RelatedEvent'][$key]['Event'][0] = $temp;
|
||||
unset($event['Event']['RelatedEvent'][$key]['Event'][0]['user_id']);
|
||||
if (!Configure::read('MISP.showorg') && !$isSiteAdmin) {
|
||||
unset($event['Event']['RelatedEvent'][$key]['Event'][0]['org']);
|
||||
unset($event['Event']['RelatedEvent'][$key]['Event'][0]['orgc']);
|
||||
}
|
||||
unset($temp);
|
||||
}
|
||||
}
|
||||
$result = array('Event' => $event['Event']);
|
||||
return json_encode($result);
|
||||
}
|
||||
}
|
|
@ -1,5 +1,4 @@
|
|||
<?php
|
||||
|
||||
class XMLConverterTool {
|
||||
public function recursiveEcho($array) {
|
||||
$text = "";
|
||||
|
@ -24,7 +23,7 @@ class XMLConverterTool {
|
|||
return $text;
|
||||
}
|
||||
|
||||
public function event2xmlArray($event) {
|
||||
public function event2xmlArray($event, $isSiteAdmin=false) {
|
||||
$toEscape = array("&", "<", ">", "\"", "'");
|
||||
$escapeWith = array('&', '<', '>', '"', ''');
|
||||
$event['Event']['Attribute'] = $event['Attribute'];
|
||||
|
@ -81,7 +80,7 @@ class XMLConverterTool {
|
|||
unset($event['Event']['RelatedEvent'][$key]['Event'][0]['user_id']);
|
||||
$event['Event']['RelatedEvent'][$key]['Event'][0]['info'] = preg_replace ('/[^\x{0009}\x{000a}\x{000d}\x{0020}-\x{D7FF}\x{E000}-\x{FFFD}]+/u', ' ', $event['Event']['RelatedEvent'][$key]['Event'][0]['info']);
|
||||
$event['Event']['RelatedEvent'][$key]['Event'][0]['info'] = str_replace($toEscape, $escapeWith, $event['Event']['RelatedEvent'][$key]['Event'][0]['info']);
|
||||
if (!Configure::read('MISP.showorg') && !$isAdmin) {
|
||||
if (!Configure::read('MISP.showorg') && !$isSiteAdmin) {
|
||||
unset($event['Event']['RelatedEvent'][$key]['Event'][0]['org']);
|
||||
unset($event['Event']['RelatedEvent'][$key]['Event'][0]['orgc']);
|
||||
}
|
||||
|
@ -91,8 +90,8 @@ class XMLConverterTool {
|
|||
return array('Event' => $event['Event']);
|
||||
}
|
||||
|
||||
public function event2XML($event) {
|
||||
$xmlArray = $this->event2xmlArray($event);
|
||||
public function event2XML($event, $isSiteAdmin=false) {
|
||||
$xmlArray = $this->event2xmlArray($event, $isSiteAdmin);
|
||||
return $this->recursiveEcho(array('Event' => array(0 => $xmlArray['Event'])));
|
||||
}
|
||||
}
|
|
@ -90,6 +90,13 @@ class Attribute extends AppModel {
|
|||
public $uploadDefinitions = array(
|
||||
'attachment'
|
||||
);
|
||||
|
||||
// skip Correlation for the following types
|
||||
public $nonCorrelatingTypes = array(
|
||||
'vulnerability',
|
||||
'comment',
|
||||
'http-method'
|
||||
);
|
||||
|
||||
public $typeDefinitions = array(
|
||||
'md5' => array('desc' => 'A checksum in md5 format', 'formdesc' => "You are encouraged to use filename|md5 instead. A checksum in md5 format, only use this if you don't know the correct filename"),
|
||||
|
@ -946,8 +953,8 @@ class Attribute extends AppModel {
|
|||
}
|
||||
|
||||
public function __afterSaveCorrelation($a) {
|
||||
// Don't do any correlation if the type is vulnerability or comment
|
||||
if ($a['type'] !== 'vulnerability' && $a['type'] !== 'comment') {
|
||||
// Don't do any correlation if the type is a non correlating type
|
||||
if (!in_array($a['type'], $this->nonCorrelatingTypes)) {
|
||||
$this->Correlation = ClassRegistry::init('Correlation');
|
||||
// When we add/update an attribute we need to
|
||||
// - (beforeSave) (update-only) clean up the relation of the old value: remove the existing relations related to that attribute, we DO have a reference, the id
|
||||
|
@ -970,8 +977,7 @@ class Attribute extends AppModel {
|
|||
'Attribute.value2' => $a[$value_name]
|
||||
),
|
||||
'AND' => array(
|
||||
'Attribute.type !=' => 'vulnerability',
|
||||
'Attribute.type !=' => 'comment',
|
||||
'Attribute.type !=' => $this->nonCorrelatingTypes,
|
||||
)),
|
||||
'recursive' => 0,
|
||||
//'contain' => 'Event',
|
||||
|
|
|
@ -115,6 +115,16 @@ class Event extends AppModel {
|
|||
)
|
||||
);
|
||||
|
||||
public $csv_event_context_fields_to_fetch = array(
|
||||
'info' => 'event_info',
|
||||
'org' => 'event_member_org',
|
||||
'orgc' => 'event_source_org',
|
||||
'distribution' => 'event_distribution',
|
||||
'threat_level_id' => 'event_threat_level_id',
|
||||
'analysis' => 'event_analysis',
|
||||
'date' => 'event_date',
|
||||
);
|
||||
|
||||
/**
|
||||
* Validation rules
|
||||
*
|
||||
|
@ -920,7 +930,7 @@ class Event extends AppModel {
|
|||
}
|
||||
return $results;
|
||||
}
|
||||
public function csv($org, $isSiteAdmin, $eventid=false, $ignore=false, $attributeIDList = array(), $tags = false, $category = false, $type = false, $includeInfo = false, $from = false, $to = false) {
|
||||
public function csv($org, $isSiteAdmin, $eventid=false, $ignore=false, $attributeIDList = array(), $tags = false, $category = false, $type = false, $includeContext = false, $from = false, $to = false) {
|
||||
$final = array();
|
||||
$attributeList = array();
|
||||
$conditions = array();
|
||||
|
@ -996,26 +1006,51 @@ class Event extends AppModel {
|
|||
$attribute['Attribute']['value'] = '"' . $attribute['Attribute']['value'] . '"';
|
||||
$attribute['Attribute']['timestamp'] = date('Ymd', $attribute['Attribute']['timestamp']);
|
||||
}
|
||||
if ($includeInfo) $attributes = $this->attachEventInfoToAttributes($attributes);
|
||||
if ($includeContext) $attributes = $this->attachEventInfoToAttributes($attributes, $isSiteAdmin);
|
||||
return $attributes;
|
||||
}
|
||||
|
||||
private function attachEventInfoToAttributes($attributes) {
|
||||
private function attachEventInfoToAttributes($attributes, $isSiteAdmin) {
|
||||
$TLs = $this->ThreatLevel->find('all', array(
|
||||
'recursive' => -1,
|
||||
));
|
||||
$event_ids = array();
|
||||
foreach ($attributes as &$attribute) {
|
||||
if (!in_array($attribute['Attribute']['event_id'], $event_ids)) $event_ids[] = $attribute['Attribute']['event_id'];
|
||||
}
|
||||
$context_fields = array('id' => null);
|
||||
$context_fields = array_merge($context_fields, $this->csv_event_context_fields_to_fetch);
|
||||
if (!Configure::read('MISP.showorg') && !$isSiteAdmin) {
|
||||
unset($context_fields['orgc']);
|
||||
unset($context_fields['org']);
|
||||
} else if (!Configure::read('MISP.showorgalternate') && !$isSiteAdmin) {
|
||||
$context_fields['orgc'] = 'event_org';
|
||||
$context_fields['org'] = 'event_owner_org';
|
||||
unset($context_fields['orgc']);
|
||||
}
|
||||
|
||||
$events = $this->find('all', array(
|
||||
'recursive' => -1,
|
||||
'fields' => array('id', 'info'),
|
||||
'fields' => array_keys($context_fields),
|
||||
'conditions' => array('id' => $event_ids),
|
||||
));
|
||||
$event_id_info = array();
|
||||
$event_id_data = array();
|
||||
unset($context_fields['id']);
|
||||
foreach ($events as $event) {
|
||||
$event_id_info[$event['Event']['id']] = $event['Event']['info'];
|
||||
foreach ($context_fields as $field => $header_name) $event_id_data[$event['Event']['id']][$header_name] = $event['Event'][$field];
|
||||
}
|
||||
foreach ($attributes as &$attribute) {
|
||||
$attribute['Attribute']['event_info'] = $event_id_info[$attribute['Attribute']['event_id']];
|
||||
foreach ($context_fields as $field => $header_name) {
|
||||
if ($header_name == 'event_threat_level_id') {
|
||||
$attribute['Attribute'][$header_name] = $TLs[$event_id_data[$attribute['Attribute']['event_id']][$header_name]]['ThreatLevel']['name'];
|
||||
} else if ($header_name == 'event_distribution') {
|
||||
$attribute['Attribute'][$header_name] = $this->distributionLevels[$event_id_data[$attribute['Attribute']['event_id']][$header_name]];
|
||||
} else if ($header_name == 'event_analysis') {
|
||||
$attribute['Attribute'][$header_name] = $this->analysisLevels[$event_id_data[$attribute['Attribute']['event_id']][$header_name]];
|
||||
} else {
|
||||
$attribute['Attribute'][$header_name] = $event_id_data[$attribute['Attribute']['event_id']][$header_name];
|
||||
}
|
||||
}
|
||||
}
|
||||
return $attributes;
|
||||
}
|
||||
|
|
|
@ -0,0 +1,11 @@
|
|||
<?php
|
||||
$jsonArray = array();
|
||||
foreach ($results as $k => $v) {
|
||||
unset (
|
||||
$results[$k]['value1'],
|
||||
$results[$k]['value2'],
|
||||
$results[$k]['category_order']
|
||||
);
|
||||
$jsonArray['response']['Attribute'][] = $results[$k];
|
||||
}
|
||||
echo json_encode($jsonArray);
|
|
@ -43,13 +43,16 @@ Use semicolons instead (the search will automatically search for colons instead)
|
|||
<p>You can configure your tools to automatically download the following file:</p>
|
||||
<pre><?php echo Configure::read('MISP.baseurl');?>/events/csv/download/</pre>
|
||||
<p>You can specify additional flags for CSV exports as follows::</p>
|
||||
<pre><?php echo Configure::read('MISP.baseurl');?>/events/csv/download/[eventid]/[ignore]/[tags]/[category]/[type]/[includeInfo]/[from]/[to]</pre>
|
||||
<pre><?php echo Configure::read('MISP.baseurl');?>/events/csv/download/[eventid]/[ignore]/[tags]/[category]/[type]/[includeContext]/[from]/[to]</pre>
|
||||
<p>
|
||||
<b>eventid</b>: Restrict the download to a single event<br />
|
||||
<b>ignore</b>: Setting this flag to true will include attributes that are not marked "to_ids".<br />
|
||||
<b>tags</b>: To include a tag in the results just write its names into this parameter. To exclude a tag prepend it with a '!'.
|
||||
You can also chain several tag commands together with the '&&' operator. Please be aware the colons (:) cannot be used in the tag search.
|
||||
Use semicolons instead (the search will automatically search for colons instead). For example, to include tag1 and tag2 but exclude tag3 you would use:<br />
|
||||
<b>ignore</b>: Setting this flag to true will include attributes that are not marked "to_ids".<br />
|
||||
<b>category</b>: The attribute category, any valid MISP attribute category is accepted.<br />
|
||||
<b>type</b>: The attribute type, any valid MISP attribute type is accepted.<br />
|
||||
<b>includeContext</b>: Include the event data with each attribute.<br />
|
||||
<b>from</b>: Events with the date set to a date after the one specified in the from field (format: 2015-02-03)<br />
|
||||
<b>to</b>: Events with the date set to a date before the one specified in the to field (format: 2015-02-03)<br />
|
||||
</p>
|
||||
|
|
|
@ -1,6 +1,16 @@
|
|||
<div class="index">
|
||||
<h2>Freetext Import Results</h2>
|
||||
<p>Below you can see the attributes that are to be created based on the results of the free-text import. Make sure that the categories and the types are correct, often several options will be offered based on an inconclusive automatic resolution. </p>
|
||||
<?php
|
||||
echo $this->Form->create('Attribute', array('url' => '/events/saveFreeText/' . $event_id));
|
||||
echo $this->Form->input('JsonObject', array(
|
||||
'label' => false,
|
||||
'type' => 'text',
|
||||
'style' => 'display:none;',
|
||||
'value' => '',
|
||||
));
|
||||
echo $this->Form->end();
|
||||
?>
|
||||
<table class="table table-striped table-hover table-condensed">
|
||||
<tr>
|
||||
<th>Value</th>
|
||||
|
@ -12,23 +22,25 @@
|
|||
</tr>
|
||||
<?php
|
||||
$options = array();
|
||||
echo $this->Form->create('Attribute', array('url' => '/events/saveFreeText/' . $event_id));
|
||||
foreach ($resultArray as $k => $item):
|
||||
?>
|
||||
<tr id="row_<?php echo $k; ?>" class="freetext_row">
|
||||
<?php
|
||||
echo $this->Form->input('Attribute.' . $k . '.save', array(
|
||||
echo $this->Form->input('Attribute' . $k . 'Save', array(
|
||||
'label' => false,
|
||||
'style' => 'display:none;',
|
||||
'value' => 1,
|
||||
));
|
||||
echo $this->Form->input('Attribute.' . $k . '.value', array(
|
||||
echo $this->Form->input('Attribute' . $k . 'Value', array(
|
||||
'label' => false,
|
||||
'type' => 'hidden',
|
||||
'value' => h($item['value']),
|
||||
));
|
||||
?>
|
||||
<td><?php echo h($item['value']); ?></td>
|
||||
<td>
|
||||
<input type="hidden" id="<?php echo 'Attribute' . $k . 'Save'; ?>" value=1 >
|
||||
<div id="<?php echo 'Attribute' . $k . 'Value'; ?>"><?php echo h($item['value']); ?></div>
|
||||
</td>
|
||||
<td class="short">
|
||||
<?php
|
||||
if (!isset($item['category'])) {
|
||||
|
@ -36,53 +48,43 @@
|
|||
} else {
|
||||
$default = array_search($item['category'], $typeCategoryMapping[$item['default_type']]);
|
||||
}
|
||||
echo $this->Form->input('Attribute.' . $k . '.category', array(
|
||||
'label' => false,
|
||||
'style' => 'padding:0px;height:20px;margin-bottom:0px;',
|
||||
'options' => $typeCategoryMapping[$item['default_type']],
|
||||
'value' => $default,
|
||||
));
|
||||
?>
|
||||
<select id="<?php echo 'Attribute' . $k . 'Category'; ?>" style='padding:0px;height:20px;margin-bottom:0px;'>
|
||||
<?php
|
||||
foreach ($typeCategoryMapping[$item['default_type']] as $type) {
|
||||
echo '<option value="' . $type . '" ';
|
||||
if ($type == $default) echo 'selected="selected"';
|
||||
echo '>' . $type . '</option>';
|
||||
}
|
||||
?>
|
||||
</select>
|
||||
</td>
|
||||
<td class="short">
|
||||
<?php
|
||||
$divVisibility = '';
|
||||
$selectVisibility = '';
|
||||
if (count($item['types']) == 1) {
|
||||
echo h($item['default_type']);
|
||||
echo $this->Form->input('Attribute.' . $k . '.type', array(
|
||||
'label' => false,
|
||||
'type' => 'hidden',
|
||||
'value' => $item['default_type'],
|
||||
));
|
||||
$selectVisibility = 'display:none;';
|
||||
} else {
|
||||
echo $this->Form->input('Attribute.' . $k . '.type', array(
|
||||
'label' => false,
|
||||
'style' => 'padding:0px;height:20px;margin-bottom:0px;',
|
||||
'options' => $item['types'],
|
||||
'value' => $item['default_type'],
|
||||
'class' => 'typeToggle',
|
||||
));
|
||||
if (!in_array(array_keys($item['types']), $options)) $options[] = array_keys($item['types']);
|
||||
$divVisibility = 'style="display:none;"';
|
||||
if (!in_array(array_keys($item['types']), $options)) $options[] = array_keys($item['types']);
|
||||
}
|
||||
?>
|
||||
<div id = "<?php echo 'Attribute' . $k . 'TypeStatic'; ?>" <?php echo $divVisibility; ?> ><?php echo h($item['default_type']); ?></div>
|
||||
<select id = "<?php echo 'Attribute' . $k . 'Type'; ?>" class='typeToggle' style='padding:0px;height:20px;margin-bottom:0px;<?php echo $selectVisibility; ?>'>
|
||||
<?php
|
||||
foreach ($item['types'] as $type) {
|
||||
echo '<option value="' . $type . '" ';
|
||||
echo ($type == $item['default_type'] ? 'selected="selected"' : '') . '>' . $type . '</option>';
|
||||
}
|
||||
?>
|
||||
</select>
|
||||
</td>
|
||||
<td class="short" style="width:30px;">
|
||||
<?php
|
||||
echo $this->Form->input('Attribute.' . $k . '.to_ids', array(
|
||||
'label' => false,
|
||||
'type' => 'checkbox',
|
||||
'checked' => $item['to_ids'],
|
||||
));
|
||||
?>
|
||||
<input type="checkbox" id="<?php echo 'Attribute' . $k . 'To_ids'; ?>" <?php if ($item['to_ids']) echo 'checked'; ?>/>
|
||||
</td>
|
||||
<td class="short">
|
||||
<?php
|
||||
echo $this->Form->input('Attribute.' . $k . '.comment', array(
|
||||
'label' => false,
|
||||
'style' => 'padding:0px;height:20px;margin-bottom:0px;',
|
||||
'type' => 'text',
|
||||
'placeholder' => 'Imported via the freetext import.',
|
||||
));
|
||||
?>
|
||||
<input type="text" id="<?php echo 'Attribute' . $k . 'Comment'; ?>" style="padding:0px;height:20px;margin-bottom:0px;" placeholder="Imported via the freetext import." />
|
||||
</td>
|
||||
<td class="action short">
|
||||
<span class="icon-remove pointer" onClick="freetextRemoveRow('<?php echo $k; ?>', '<?php echo $event_id; ?>');"></span>
|
||||
|
@ -101,9 +103,8 @@
|
|||
}
|
||||
?>
|
||||
</table>
|
||||
<button class="btn btn-primary" onClick="freetextImportResultsSubmit('<?php echo h($event_id); ?>', '<?php echo count($resultArray); ?>');">Submit</button>
|
||||
<?php
|
||||
echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
|
||||
echo $this->Form->end();
|
||||
if (!empty($optionsRearranged)):
|
||||
?>
|
||||
<span style="float:right">
|
||||
|
|
|
@ -167,7 +167,7 @@
|
|||
|
||||
if ($isSiteAdmin || ($isAclModify && $event['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $event['Event']['org'] == $me['org'])) {
|
||||
?>
|
||||
<a href='/events/view/<?php echo $event['Event']['id'];?>' class = "icon-edit" title = "Edit"></a>
|
||||
<a href='/events/edit/<?php echo $event['Event']['id'];?>' class = "icon-edit" title = "Edit"></a>
|
||||
<?php
|
||||
echo $this->Form->postLink('', array('action' => 'delete', $event['Event']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete # %s?', $event['Event']['id']));
|
||||
}
|
||||
|
|
|
@ -1,37 +1,4 @@
|
|||
<?php
|
||||
$event['Event']['Attribute'] = $event['Attribute'];
|
||||
unset($event['Attribute']);
|
||||
$event['Event']['ShadowAttribute'] = $event['ShadowAttribute'];
|
||||
unset($event['ShadowAttribute']);
|
||||
|
||||
unset($event['Event']['user_id']);
|
||||
// hide the org field is we are not in showorg mode
|
||||
if (!Configure::read('MISP.showorg') && !$isAdmin) {
|
||||
unset($event['Event']['org']);
|
||||
unset($event['Event']['orgc']);
|
||||
unset($event['Event']['from']);
|
||||
}
|
||||
|
||||
// remove value1 and value2 from the output
|
||||
foreach ($event['Event']['Attribute'] as $key => $value) {
|
||||
unset($event['Event']['Attribute'][$key]['value1']);
|
||||
unset($event['Event']['Attribute'][$key]['value2']);
|
||||
unset($event['Event']['Attribute'][$key]['category_order']);
|
||||
}
|
||||
if (isset($event['Event']['RelatedEvent'])) {
|
||||
foreach ($event['Event']['RelatedEvent'] as $key => $value) {
|
||||
unset($event['Event']['RelatedEvent'][$key]['user_id']);
|
||||
if (!Configure::read('MISP.showorg') && !$isAdmin) {
|
||||
unset($event['Event']['RelatedEvent'][$key]['org']);
|
||||
unset($event['Event']['RelatedEvent'][$key]['orgc']);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($relatedEvents)) {
|
||||
foreach ($relatedEvents as $relatedEvent) {
|
||||
$event['Event']['RelatedEvent'][] = $relatedEvent['Event'];
|
||||
}
|
||||
}
|
||||
$result['Event'] = $event['Event'];
|
||||
echo json_encode($result);
|
||||
App::uses('JSONConverterTool', 'Tools');
|
||||
$converter = new JSONConverterTool();
|
||||
echo json_encode($converter->event2JSON($event));
|
|
@ -1,47 +1,7 @@
|
|||
<?php
|
||||
$xmlArray = array();
|
||||
// rearrange things to be compatible with the Xml::fromArray()
|
||||
$event['Event']['Attribute'] = $event['Attribute'];
|
||||
unset($event['Attribute']);
|
||||
$event['Event']['ShadowAttribute'] = $event['ShadowAttribute'];
|
||||
unset($event['ShadowAttribute']);
|
||||
|
||||
// build up a list of the related events
|
||||
if (isset($relatedEvents)) {
|
||||
foreach ($relatedEvents as $relatedEvent) {
|
||||
$event['Event']['RelatedEvent'][] = $relatedEvent['Event'];
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
// cleanup the array from things we do not want to expose
|
||||
//
|
||||
unset($event['Event']['user_id']);
|
||||
// hide the org field is we are not in showorg mode
|
||||
if (!Configure::read('MISP.showorg') && !$isAdmin) {
|
||||
unset($event['Event']['org']);
|
||||
unset($event['Event']['orgc']);
|
||||
unset($event['Event']['from']);
|
||||
}
|
||||
|
||||
// remove value1 and value2 from the output
|
||||
foreach ($event['Event']['Attribute'] as $key => $value) {
|
||||
unset($event['Event']['Attribute'][$key]['value1']);
|
||||
unset($event['Event']['Attribute'][$key]['value2']);
|
||||
unset($event['Event']['Attribute'][$key]['category_order']);
|
||||
}
|
||||
if (isset($event['Event']['RelatedEvent'])) {
|
||||
foreach ($event['Event']['RelatedEvent'] as $key => $value) {
|
||||
unset($event['Event']['RelatedEvent'][$key]['user_id']);
|
||||
if (!Configure::read('MISP.showorg') && !$isAdmin) {
|
||||
unset($event['Event']['RelatedEvent'][$key]['org']);
|
||||
unset($event['Event']['RelatedEvent'][$key]['orgc']);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// display the XML to the user
|
||||
$xmlArray['response']['Event'][] = $event['Event'];
|
||||
$xmlArray['response']['xml_version'] = $mispVersion;
|
||||
$xmlObject = Xml::fromArray($xmlArray, array('format' => 'tags'));
|
||||
echo $xmlObject->asXML();
|
||||
App::uses('XMLConverterTool', 'Tools');
|
||||
$converter = new XMLConverterTool();
|
||||
echo '<?xml version="1.0" encoding="UTF-8"?>' . PHP_EOL . '<response>' . PHP_EOL;
|
||||
echo $converter->event2XML($event) . PHP_EOL;
|
||||
echo '<xml_version>' . $mispVersion . '</xml_version>';
|
||||
echo '</response>' . PHP_EOL;
|
||||
|
|
|
@ -1292,13 +1292,22 @@ function changeFreetextImportExecute() {
|
|||
var to = $('#changeTo').val();
|
||||
$('.typeToggle').each(function() {
|
||||
if ($( this ).val() == from) {
|
||||
if ($('#' + $(this).attr('id') + " option[value='" + from + "']").length > 0) {
|
||||
$( this ).val(to);
|
||||
}
|
||||
if (selectContainsOption("#" + $(this).attr('id'), to)) $( this ).val(to);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
function selectContainsOption(selectid, value) {
|
||||
var exists = false;
|
||||
$(selectid + ' option').each(function(){
|
||||
if (this.value == value) {
|
||||
exists = true;
|
||||
return false;
|
||||
}
|
||||
});
|
||||
return exists;
|
||||
}
|
||||
|
||||
function exportChoiceSelect(url, elementId, checkbox) {
|
||||
if (checkbox == 1) {
|
||||
if ($('#' + elementId + '_toggle').prop('checked')) {
|
||||
|
@ -1306,4 +1315,38 @@ function exportChoiceSelect(url, elementId, checkbox) {
|
|||
}
|
||||
}
|
||||
document.location.href = url;
|
||||
}
|
||||
}
|
||||
|
||||
function freetextImportResultsSubmit(id, count) {
|
||||
var attributeArray = [];
|
||||
var temp;
|
||||
for (i = 0; i < count; i++) {
|
||||
if ($('#Attribute' + i + 'Save').val() == 1) {
|
||||
temp = {
|
||||
value:$('#Attribute' + i + 'Value').val(),
|
||||
category:$('#Attribute' + i + 'Category').val(),
|
||||
type:$('#Attribute' + i + 'Type').val(),
|
||||
to_ids:$('#Attribute' + i + 'To_ids')[0].checked,
|
||||
comment:$('#Attribute' + i + 'Comment').val(),
|
||||
}
|
||||
attributeArray[attributeArray.length] = temp;
|
||||
}
|
||||
}
|
||||
$("#AttributeJsonObject").val(JSON.stringify(attributeArray));
|
||||
var formData = $("#AttributeFreeTextImportForm").serialize();
|
||||
$.ajax({
|
||||
type: "post",
|
||||
cache: false,
|
||||
url: "/events/saveFreeText/" + id,
|
||||
data: formData,
|
||||
beforeSend: function (XMLHttpRequest) {
|
||||
$(".loading").show();
|
||||
},
|
||||
success:function (data, textStatus) {
|
||||
window.location = '/events/view/' + id;
|
||||
},
|
||||
complete:function() {
|
||||
$(".loading").hide();
|
||||
},
|
||||
});
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue