mirror of https://github.com/MISP/MISP
chg: [galaxy_matrix] TEMPORARY - Merge scores of both deprecated and mitre-attack
galaxy namespace for the matrix view. This commit aims to still have correct scores in the galaxy_matrix until the fixMitreTags functions is not live and runningpull/4164/head
mokaddem
parent
fdc8b8c47e
commit
7a2010fb0e
|
|
@ -4704,6 +4704,51 @@ class EventsController extends AppController
|
|||
}
|
||||
|
||||
$scores = $scoresData;
|
||||
// FIXME: temporary fix: add the score of deprecated mitre galaxies to the new one (for the stats)
|
||||
if ($matrixData['galaxy']['id'] == $mitreAttackGalaxyId) {
|
||||
$mergedScore = array();
|
||||
foreach ($scoresData as $tag => $v) {
|
||||
$predicateValue = explode(':', $tag, 2)[1];
|
||||
$predicateValue = explode('=', $predicateValue, 2);
|
||||
$predicate = $predicateValue[0];
|
||||
$clusterValue = $predicateValue[1];
|
||||
$mappedTag = '';
|
||||
$mappingWithoutExternalId = array();
|
||||
if ($predicate == 'mitre-attack-pattern'
|
||||
|| $predicate == 'mitre-mobile-attack-pattern'
|
||||
|| $predicate == 'mitre-pre-attack-pattern'
|
||||
) {
|
||||
$mappedTag = $tag;
|
||||
$name = explode(" ", $tag);
|
||||
$name = join(" ", array_slice($name, 0, -2)); // remove " - external_id"
|
||||
$mappingWithoutExternalId[$name] = $tag;
|
||||
} else {
|
||||
$name = explode(" ", $clusterValue);
|
||||
$name = join(" ", array_slice($name, 0, -2)); // remove " - external_id"
|
||||
if (isset($mappingWithoutExternalId[$name])) {
|
||||
$mappedTag = $mappingWithoutExternalId[$name];
|
||||
} else {
|
||||
$adjustedTagName = $this->Galaxy->GalaxyCluster->find('list', array(
|
||||
'group' => array('GalaxyCluster.id', 'GalaxyCluster.tag_name'),
|
||||
'conditions' => array('GalaxyCluster.tag_name LIKE' => 'misp-galaxy:mitre-attack-pattern=' . $name . '% T%'),
|
||||
'fields' => array('GalaxyCluster.tag_name')
|
||||
));
|
||||
$adjustedTagName = array_values($adjustedTagName)[0];
|
||||
$mappingWithoutExternalId[$name] = $adjustedTagName;
|
||||
$mappedTag = $mappingWithoutExternalId[$name];
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($mergedScore[$mappedTag])) {
|
||||
$mergedScore[$mappedTag] += $v;
|
||||
} else {
|
||||
$mergedScore[$mappedTag] = $v;
|
||||
}
|
||||
}
|
||||
$scores = $mergedScore;
|
||||
$maxScore = max(array_values($mergedScore));
|
||||
}
|
||||
// end FIXME
|
||||
|
||||
if ($this->_isRest()) {
|
||||
$json = array('matrix' => $tabs, 'scores' => $scores, 'instance-uuid' => $instanceUUID);
|
||||
|
|
|
|||
|
|
@ -1876,6 +1876,51 @@ class UsersController extends AppController
|
|||
}
|
||||
$maxScore = max($scoresDataAttr['maxScore'], $scoresDataEvent['maxScore']);
|
||||
$scores = $scoresData;
|
||||
// FIXME: temporary fix: add the score of deprecated mitre galaxies to the new one (for the stats)
|
||||
if ($matrixData['galaxy']['id'] == $galaxy_id) {
|
||||
$mergedScore = array();
|
||||
foreach ($scoresData as $tag => $v) {
|
||||
$predicateValue = explode(':', $tag, 2)[1];
|
||||
$predicateValue = explode('=', $predicateValue, 2);
|
||||
$predicate = $predicateValue[0];
|
||||
$clusterValue = $predicateValue[1];
|
||||
$mappedTag = '';
|
||||
$mappingWithoutExternalId = array();
|
||||
if ($predicate == 'mitre-attack-pattern'
|
||||
|| $predicate == 'mitre-mobile-attack-pattern'
|
||||
|| $predicate == 'mitre-pre-attack-pattern'
|
||||
) {
|
||||
$mappedTag = $tag;
|
||||
$name = explode(" ", $tag);
|
||||
$name = join(" ", array_slice($name, 0, -2)); // remove " - external_id"
|
||||
$mappingWithoutExternalId[$name] = $tag;
|
||||
} else {
|
||||
$name = explode(" ", $clusterValue);
|
||||
$name = join(" ", array_slice($name, 0, -2)); // remove " - external_id"
|
||||
if (isset($mappingWithoutExternalId[$name])) {
|
||||
$mappedTag = $mappingWithoutExternalId[$name];
|
||||
} else {
|
||||
$adjustedTagName = $this->Galaxy->GalaxyCluster->find('list', array(
|
||||
'group' => array('GalaxyCluster.id', 'GalaxyCluster.tag_name'),
|
||||
'conditions' => array('GalaxyCluster.tag_name LIKE' => 'misp-galaxy:mitre-attack-pattern=' . $name . '% T%'),
|
||||
'fields' => array('GalaxyCluster.tag_name')
|
||||
));
|
||||
$adjustedTagName = array_values($adjustedTagName)[0];
|
||||
$mappingWithoutExternalId[$name] = $adjustedTagName;
|
||||
$mappedTag = $mappingWithoutExternalId[$name];
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($mergedScore[$mappedTag])) {
|
||||
$mergedScore[$mappedTag] += $v;
|
||||
} else {
|
||||
$mergedScore[$mappedTag] = $v;
|
||||
}
|
||||
}
|
||||
$scores = $mergedScore;
|
||||
$maxScore = max(array_values($mergedScore));
|
||||
}
|
||||
// end FIXME
|
||||
|
||||
if ($this->_isRest()) {
|
||||
$json = array('matrix' => $tabs, 'scores' => $scores, 'instance-uuid' => $instanceUUID);
|
||||
|
|
|
|||
|
|
@ -434,7 +434,7 @@ class Galaxy extends AppModel
|
|||
$cluster['external_id'] = $element['value'];
|
||||
}
|
||||
if ($toBeAdded) {
|
||||
array_push($matrixData['matrixTags'], $cluster['tag_name']);
|
||||
$matrixData['matrixTags'][$cluster['tag_name']] = 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -452,6 +452,23 @@ class Galaxy extends AppModel
|
|||
}
|
||||
}
|
||||
|
||||
// #FIXME temporary fix: retreive tag name of deprecated mitre galaxies (for the stats)
|
||||
if ($galaxy['Galaxy']['id'] == $this->getMitreAttackGalaxyId()) {
|
||||
$names = array('Enterprise Attack - Attack Pattern', 'Pre Attack - Attack Pattern', 'Mobile Attack - Attack Pattern');
|
||||
$tag_names = array();
|
||||
$gals = $this->find('all', array(
|
||||
'recursive' => -1,
|
||||
'contain' => array('GalaxyCluster.tag_name'),
|
||||
'conditions' => array('Galaxy.name' => $names)
|
||||
));
|
||||
foreach ($gals as $gal => $temp) {
|
||||
foreach ($temp['GalaxyCluster'] as $value) {
|
||||
$matrixData['matrixTags'][$value['tag_name']] = 1;
|
||||
}
|
||||
}
|
||||
$matrixData['matrixTags'] = array_keys($matrixData['matrixTags']);
|
||||
}
|
||||
|
||||
return $matrixData;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue