diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index eda79bafd..e68d64a6f 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -2,7 +2,7 @@ * One Pull Request per fix/feature/change/... * Keep the amount of commits per PR as small as possible: if for any reason, you need to fix your commit after the pull request, please squash the changes in one single commit (or tell us why not) -* Always make sure it is mergeable in the default branch (as of today 2016-06-03: branch 2.4) +* Always make sure it is mergeable in the default branch (as of today 2020-05-05: branch 2.4) * Please make sure Travis CI works on this request, or update the test cases if needed * Any major changes adding a functionality should be disabled by default in the config @@ -16,8 +16,3 @@ If it fixes an existing issue, please use github syntax: `#` - [ ] Does it require a DB change? - [ ] Are you using it in production? - [ ] Does it require a change in the API (PyMISP for example)? - -#### Release Type: -- [ ] Major -- [ ] Minor -- [X] Patch diff --git a/.gitmodules b/.gitmodules index 6fd68ebb4..7c7aa0c80 100644 --- a/.gitmodules +++ b/.gitmodules @@ -40,3 +40,6 @@ [submodule "app/files/misp-decaying-models"] path = app/files/misp-decaying-models url = https://github.com/MISP/misp-decaying-models.git +[submodule "app/files/scripts/misp-opendata"] + path = app/files/scripts/misp-opendata + url = https://github.com/MISP/misp-opendata diff --git a/.travis.yml b/.travis.yml index 38f799449..5509ecb9e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -76,6 +76,7 @@ install: - sudo cp travis/database.php app/Config/database.php - sudo cp app/Config/core.default.php app/Config/core.php - sudo cp app/Config/config.default.php app/Config/config.php + - sudo cp travis/email.php app/Config/email.php # Ensure the perms - sudo chown -R $USER:www-data `pwd`/app/Config - sudo chmod -R 770 `pwd`/app/Config @@ -107,6 +108,8 @@ install: - sudo -E su $USER -c 'app/Console/cake Admin setSetting "MISP.redis_port" 6379' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "MISP.redis_database" 13' - sudo -E su $USER -c 'app/Console/cake Admin setSetting "MISP.redis_password" ""' + - sudo -E su $USER -c 'app/Console/cake Admin setSetting "GnuPG.homedir" "`pwd`/.gnupg"' + - sudo -E su $USER -c 'app/Console/cake Admin setSetting "GnuPG.password" "travistest"' - sudo -E su $USER -c 'app/Console/cake Admin updateGalaxies' - sudo -E su $USER -c 'app/Console/cake Admin updateTaxonomies' - sudo -E su $USER -c 'app/Console/cake Admin updateWarningLists' diff --git a/INSTALL/INSTALL.sh b/INSTALL/INSTALL.sh index 7b18f5544..e86e699c5 100755 --- a/INSTALL/INSTALL.sh +++ b/INSTALL/INSTALL.sh @@ -377,18 +377,19 @@ EOF checkInstaller () { # Workaround: shasum is not available on RHEL, only checking sha512 if [[ $FLAVOUR == "rhel" ]] || [[ $FLAVOUR == "centos" ]]; then - INSTsum=$(sha512sum ${0} | cut -f1 -d\ ) - /usr/bin/wget --no-cache -q -O /tmp/INSTALL.sh.sha512 https://raw.githubusercontent.com/MISP/MISP/2.4/INSTALL/INSTALL.sh.sha512 + INSTsum=$(sha512sum ${0} | cut -f1 -d\ ) + /usr/bin/wget --no-cache -q -O /tmp/INSTALL.sh.sha512 https://raw.githubusercontent.com/MISP/MISP/2.4/INSTALL/INSTALL.sh.sha512 chsum=$(cat /tmp/INSTALL.sh.sha512) - if [[ "${chsum}" == "${INSTsum}" ]]; then - echo "SHA512 matches" - else - echo "SHA512: ${chsum} does not match the installer sum of: ${INSTsum}" - # exit 1 # uncomment when/if PR is merged - fi + if [[ "${chsum}" == "${INSTsum}" ]]; then + echo "SHA512 matches" + else + echo "SHA512: ${chsum} does not match the installer sum of: ${INSTsum}" + # exit 1 # uncomment when/if PR is merged + fi else # TODO: Implement $FLAVOUR checks and install depending on the platform we are on if [[ $(which shasum > /dev/null 2>&1 ; echo $?) != 0 ]]; then + sudo apt update sudo apt install libdigest-sha-perl -qyy fi # SHAsums to be computed, not the -- notatiation is for ease of use with rhash @@ -672,8 +673,7 @@ setBaseURL () { CONN=$(ip -br -o -4 a |grep UP |head -1 |tr -d "UP") IFACE=`echo $CONN |awk {'print $1'}` IP=`echo $CONN |awk {'print $2'}| cut -f1 -d/` - # TODO: Consider "QEMU" - if [[ "$(checkManufacturer)" != "innotek GmbH" ]] && [[ "$(checkManufacturer)" != "VMware, Inc." ]]; then + if [[ "$(checkManufacturer)" != "innotek GmbH" ]] && [[ "$(checkManufacturer)" != "VMware, Inc." ]] && [[ "$(checkManufacturer)" != "QEMU" ]]; then debug "We guess that this is a physical machine and cannot possibly guess what the MISP_BASEURL might be." if [[ "$UNATTENDED" != "1" ]]; then echo "You can now enter your own MISP_BASEURL, if you wish to NOT do that, the MISP_BASEURL will be empty, which will work, but ideally you configure it afterwards." @@ -701,12 +701,20 @@ setBaseURL () { MISP_BASEURL="https://misp.local" # Webserver configuration FQDN='misp.local' - else + elif [[ "$(checkManufacturer)" == "innotek GmbH" ]]; then MISP_BASEURL='https://localhost:8443' IP=$(ip addr show | awk '$1 == "inet" {gsub(/\/.*$/, "", $2); print $2}' |grep -v "127.0.0.1" |tail -1) sudo iptables -t nat -A OUTPUT -p tcp --dport 8443 -j DNAT --to ${IP}:443 # Webserver configuration FQDN='localhost.localdomain' + elif [[ "$(checkManufacturer)" == "VMware, Inc." ]]; then + MISP_BASEURL='""' + # Webserver configuration + FQDN='misp.local' + else + MISP_BASEURL='""' + # Webserver configuration + FQDN='misp.local' fi } @@ -1331,8 +1339,6 @@ installCore () { $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install . cd $PATH_TO_MISP/app/files/scripts/python-maec $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install . - # FIXME: Remove once stix-fixed - $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I antlr4-python3-runtime==4.7.2 # install STIX2.0 library to support STIX 2.0 export: cd ${PATH_TO_MISP}/cti-python-stix2 $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install . @@ -1340,6 +1346,23 @@ installCore () { # install PyMISP cd ${PATH_TO_MISP}/PyMISP $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install . + # FIXME: Remove libfaup etc once the egg has the library baked-in + sudo apt-get install cmake libcaca-dev liblua5.3-dev -y + cd /tmp + [[ ! -d "faup" ]] && $SUDO_CMD git clone git://github.com/stricaud/faup.git faup + [[ ! -d "gtcaca" ]] && $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca + sudo chown -R ${MISP_USER}:${MISP_USER} faup gtcaca + cd gtcaca + $SUDO_CMD mkdir -p build + cd build + $SUDO_CMD cmake .. && $SUDO_CMD make + sudo make install + cd ../../faup + $SUDO_CMD mkdir -p build + cd build + $SUDO_CMD cmake .. && $SUDO_CMD make + sudo make install + sudo ldconfig # install pydeep $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git @@ -1651,15 +1674,32 @@ WantedBy=multi-user.target" | sudo tee /etc/systemd/system/misp-workers.service # Main MISP Modules install function mispmodules () { cd /usr/local/src/ + sudo apt-get install cmake libcaca-dev liblua5.3-dev -y ## TODO: checkUsrLocalSrc in main doc debug "Cloning misp-modules" $SUDO_CMD git clone https://github.com/MISP/misp-modules.git - cd misp-modules + $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git + $SUDO_CMD git clone git://github.com/stricaud/faup.git + sudo chown -R ${MISP_USER}:${MISP_USER} faup gtcaca + # Install gtcaca + cd gtcaca + $SUDO_CMD mkdir -p build + cd build + $SUDO_CMD cmake .. && $SUDO_CMD make + sudo make install + cd ../../faup + # Install faup + $SUDO_CMD mkdir -p build + cd build + $SUDO_CMD cmake .. && $SUDO_CMD make + sudo make install + sudo ldconfig + cd ../../misp-modules # some misp-modules dependencies sudo apt install libpq5 libjpeg-dev tesseract-ocr libpoppler-cpp-dev imagemagick libopencv-dev zbar-tools libzbar0 libzbar-dev libfuzzy-dev -y # If you build an egg, the user you build it as need write permissions in the CWD sudo chgrp $WWW_USER . - sudo chmod g+w . + sudo chmod og+w . $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS sudo chgrp staff . $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install -I . @@ -1809,8 +1849,8 @@ mail2misp () { cd /usr/local/src/ sudo apt-get install cmake libcaca-dev liblua5.3-dev -y $SUDO_CMD git clone https://github.com/MISP/mail_to_misp.git - $SUDO_CMD git clone git://github.com/stricaud/faup.git faup - $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca + [[ ! -d "faup" ]] && $SUDO_CMD git clone git://github.com/stricaud/faup.git faup + [[ ! -d "gtcaca" ]] && $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca sudo chown -R ${MISP_USER}:${MISP_USER} faup mail_to_misp gtcaca cd gtcaca $SUDO_CMD mkdir -p build @@ -2018,9 +2058,6 @@ installCoreRHEL () { cd $PATH_TO_MISP/app/files/scripts/mixbox $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install . - # FIXME: Remove once stix-fixed - $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I antlr4-python3-runtime==4.7.2 - # install STIX2.0 library to support STIX 2.0 export: cd $PATH_TO_MISP/cti-python-stix2 $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install . @@ -2072,6 +2109,25 @@ installCoreRHEL () { cd $PATH_TO_MISP/PyMISP $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U . + # FIXME: Remove libfaup etc once the egg has the library baked-in + # BROKEN: This needs to be tested on RHEL/CentOS + ##sudo apt-get install cmake libcaca-dev liblua5.3-dev -y + cd /tmp + [[ ! -d "faup" ]] && $SUDO_CMD git clone git://github.com/stricaud/faup.git faup + [[ ! -d "gtcaca" ]] && $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca + sudo chown -R ${MISP_USER}:${MISP_USER} faup gtcaca + cd gtcaca + $SUDO_CMD mkdir -p build + cd build + $SUDO_CMD cmake .. && $SUDO_CMD make + sudo make install + cd ../../faup + $SUDO_CMD mkdir -p build + cd build + $SUDO_CMD cmake .. && $SUDO_CMD make + sudo make install + sudo ldconfig + # Enable dependencies detection in the diagnostics page # This allows MISP to detect GnuPG, the Python modules' versions and to read the PHP settings. # The LD_LIBRARY_PATH setting is needed for rh-git218 to work @@ -2651,21 +2707,21 @@ installSupported () { if [[ "$1" =~ ^PHP= ]]; then PHP_VER=$(echo $1 |cut -f2 -d=) - if [[ "$PHP_VER" == "7.2" ]]; then + if [[ "$PHP_VER" == 7.2 ]]; then # Install PHP 7.2 Dependencies - functionLocation('INSTALL.ubuntu1804.md') [[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp72 - elif [[ "$PHP_VER" == "7.3" ]]; then + elif [[ "$PHP_VER" == 7.3 ]]; then # Install PHP 7.4 Dependencies - functionLocation('INSTALL.ubuntu2004.md') - [[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp74 - elif [[ "$PHP_VER" == "7.4" ]]; then - # Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md') [[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp73 - elif [[ "$PHP_VER" == "7.0" ]]; then + elif [[ "$PHP_VER" == 7.4 ]]; then + # Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md') + [[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp74 + elif [[ "$PHP_VER" == 7.0 ]]; then # Install PHP 7.0 Dependencies - functionLocation('generic/supportFunctions.md') [[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp70 fi else - # Install PHP 7.2 Dependencies - functionLocation('INSTALL.ubuntu1804.md') + # Install PHP 7.2 Dependencies by dangerous default - functionLocation('INSTALL.ubuntu1804.md') [[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp72 fi progress 4 @@ -3173,6 +3229,7 @@ x86_64-fedora-30 x86_64-debian-stretch x86_64-debian-buster x86_64-ubuntu-bionic +x86_64-ubuntu-focal x86_64-kali-2019.1 x86_64-kali-2019.2 x86_64-kali-2019.3 @@ -3187,6 +3244,7 @@ armv7l-debian-jessie armv7l-debian-stretch armv7l-debian-buster armv7l-ubuntu-bionic +armv7l-ubuntu-focal " # Check if we actually support this configuration @@ -3208,12 +3266,18 @@ if [ "${FLAVOUR}" == "ubuntu" ]; then echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues" installSupported && exit || exit fi + if [ "${RELEASE}" == "20.04" ]; then + echo "Install on Ubuntu 20.04 LTS fully supported." + echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues" + installSupported PHP="7.4" && exit || exit + fi if [ "${RELEASE}" == "18.10" ]; then echo "Install on Ubuntu 18.10 partially supported, bye." + echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues" installSupported && exit || exit fi if [ "${RELEASE}" == "19.04" ]; then - echo "Install on Ubuntu 19.04 under development." + echo "Install on Ubuntu 19.04 partially supported bye." echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues" installSupported && exit || exit exit 1 diff --git a/INSTALL/INSTALL.sh.sfv b/INSTALL/INSTALL.sh.sfv index e98414656..f033f9c6a 100644 --- a/INSTALL/INSTALL.sh.sfv +++ b/INSTALL/INSTALL.sh.sfv @@ -1,5 +1,5 @@ -; Generated by RHash v1.3.8 on 2020-04-27 at 19:39.56 +; Generated by RHash v1.3.9 on 2020-05-13 at 12:47.53 ; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/ ; -; 130366 19:39.56 2020-04-27 INSTALL.sh -INSTALL.sh 8AFDDFA23C1154790947FA1C09DBC7599614F48D 1DC92AFF146065ECB85D5C5C211E252D5C54D6F86A61C29DDED37A9ECA4540E4 3F2C936AEE2773A29DD02477E463402945576DEC32C3003BFF3132B783E2C93D14EA99E8FADFEEE655C746D4C634BE08 DBBF519D97372DDD5337C1F58252BFE9A86B0C8ABB95A375420D8D543C5239D71C24287A75FAFC389DBFDC657B1B4080530D0D3CB44D5F94152F2ABBB9B23174 +; 132625 12:47.53 2020-05-13 INSTALL.sh +INSTALL.sh 39D54E983C460248BD68CEE97BA24736DDF9A479 016DDE3CF5F0199C66A23B72F8F6D5951972C2B9CF1B5AE5159D650695442D8A D245A7EB12AEC9BCEC2C391C9B7023F6C8AE3713324FC410DC42A9A9620C13E4BC9CA456F62A40AE17F864D021492750 BE6ACAE2DFD1BA7FD29ED7F73098EE54552DB91EBEE3B58E239D54D4AD7AFDD3FDB212689D550B990A253A17A37E2E8BA3C4C41C129ECBD78E0EACB97F0085D5 diff --git a/INSTALL/INSTALL.sh.sha1 b/INSTALL/INSTALL.sh.sha1 index fdbabddc8..cfc127442 100644 --- a/INSTALL/INSTALL.sh.sha1 +++ b/INSTALL/INSTALL.sh.sha1 @@ -1 +1 @@ -8afddfa23c1154790947fa1c09dbc7599614f48d INSTALL.sh +39d54e983c460248bd68cee97ba24736ddf9a479 INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha256 b/INSTALL/INSTALL.sh.sha256 index ea4bbcc5b..9cc793f46 100644 --- a/INSTALL/INSTALL.sh.sha256 +++ b/INSTALL/INSTALL.sh.sha256 @@ -1 +1 @@ -1dc92aff146065ecb85d5c5c211e252d5c54d6f86a61c29dded37a9eca4540e4 INSTALL.sh +016dde3cf5f0199c66a23b72f8f6d5951972c2b9cf1b5ae5159d650695442d8a INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha384 b/INSTALL/INSTALL.sh.sha384 index 50b08f292..6024babf8 100644 --- a/INSTALL/INSTALL.sh.sha384 +++ b/INSTALL/INSTALL.sh.sha384 @@ -1 +1 @@ -3f2c936aee2773a29dd02477e463402945576dec32c3003bff3132b783e2c93d14ea99e8fadfeee655c746d4c634be08 INSTALL.sh +d245a7eb12aec9bcec2c391c9b7023f6c8ae3713324fc410dc42a9a9620c13e4bc9ca456f62a40ae17f864d021492750 INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha512 b/INSTALL/INSTALL.sh.sha512 index d3a517d82..2acf3077f 100644 --- a/INSTALL/INSTALL.sh.sha512 +++ b/INSTALL/INSTALL.sh.sha512 @@ -1 +1 @@ -dbbf519d97372ddd5337c1f58252bfe9a86b0c8abb95a375420d8d543c5239d71c24287a75fafc389dbfdc657b1b4080530d0d3cb44d5f94152f2abbb9b23174 INSTALL.sh +be6acae2dfd1ba7fd29ed7f73098ee54552db91ebee3b58e239d54d4ad7afdd3fdb212689d550b990a253a17a37e2e8ba3c4c41c129ecbd78e0eacb97f0085d5 INSTALL.sh diff --git a/INSTALL/INSTALL.tpl.sh b/INSTALL/INSTALL.tpl.sh index d10970406..784f48c19 100755 --- a/INSTALL/INSTALL.tpl.sh +++ b/INSTALL/INSTALL.tpl.sh @@ -278,21 +278,21 @@ installSupported () { if [[ "$1" =~ ^PHP= ]]; then PHP_VER=$(echo $1 |cut -f2 -d=) - if [[ "$PHP_VER" == "7.2" ]]; then + if [[ "$PHP_VER" == 7.2 ]]; then # Install PHP 7.2 Dependencies - functionLocation('INSTALL.ubuntu1804.md') [[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp72 - elif [[ "$PHP_VER" == "7.3" ]]; then + elif [[ "$PHP_VER" == 7.3 ]]; then # Install PHP 7.4 Dependencies - functionLocation('INSTALL.ubuntu2004.md') - [[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp74 - elif [[ "$PHP_VER" == "7.4" ]]; then - # Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md') [[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp73 - elif [[ "$PHP_VER" == "7.0" ]]; then + elif [[ "$PHP_VER" == 7.4 ]]; then + # Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md') + [[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp74 + elif [[ "$PHP_VER" == 7.0 ]]; then # Install PHP 7.0 Dependencies - functionLocation('generic/supportFunctions.md') [[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp70 fi else - # Install PHP 7.2 Dependencies - functionLocation('INSTALL.ubuntu1804.md') + # Install PHP 7.2 Dependencies by dangerous default - functionLocation('INSTALL.ubuntu1804.md') [[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp72 fi progress 4 @@ -800,6 +800,7 @@ x86_64-fedora-30 x86_64-debian-stretch x86_64-debian-buster x86_64-ubuntu-bionic +x86_64-ubuntu-focal x86_64-kali-2019.1 x86_64-kali-2019.2 x86_64-kali-2019.3 @@ -814,6 +815,7 @@ armv7l-debian-jessie armv7l-debian-stretch armv7l-debian-buster armv7l-ubuntu-bionic +armv7l-ubuntu-focal " # Check if we actually support this configuration @@ -835,12 +837,18 @@ if [ "${FLAVOUR}" == "ubuntu" ]; then echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues" installSupported && exit || exit fi + if [ "${RELEASE}" == "20.04" ]; then + echo "Install on Ubuntu 20.04 LTS fully supported." + echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues" + installSupported PHP="7.4" && exit || exit + fi if [ "${RELEASE}" == "18.10" ]; then echo "Install on Ubuntu 18.10 partially supported, bye." + echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues" installSupported && exit || exit fi if [ "${RELEASE}" == "19.04" ]; then - echo "Install on Ubuntu 19.04 under development." + echo "Install on Ubuntu 19.04 partially supported bye." echo "Please report bugs/issues here: https://github.com/MISP/MISP/issues" installSupported && exit || exit exit 1 diff --git a/INSTALL/MYSQL.sql b/INSTALL/MYSQL.sql index 44c940f98..ecc782b4a 100644 --- a/INSTALL/MYSQL.sql +++ b/INSTALL/MYSQL.sql @@ -916,7 +916,7 @@ CREATE TABLE IF NOT EXISTS `shadow_attribute_correlations` ( -- Table structure for table `sharing_group_orgs` -- -CREATE TABLE `sharing_group_orgs` ( +CREATE TABLE IF NOT EXISTS `sharing_group_orgs` ( `id` int(11) NOT NULL AUTO_INCREMENT, `sharing_group_id` int(11) NOT NULL, `org_id` int(11) NOT NULL, @@ -932,7 +932,7 @@ CREATE TABLE `sharing_group_orgs` ( -- Table structure for table `sharing_group_servers` -- -CREATE TABLE `sharing_group_servers` ( +CREATE TABLE IF NOT EXISTS `sharing_group_servers` ( `id` int(11) NOT NULL AUTO_INCREMENT, `sharing_group_id` int(11) NOT NULL, `server_id` int(11) NOT NULL, @@ -948,7 +948,7 @@ CREATE TABLE `sharing_group_servers` ( -- Table structure for table `sharing_groups` -- -CREATE TABLE `sharing_groups` ( +CREATE TABLE IF NOT EXISTS `sharing_groups` ( `id` int(11) NOT NULL AUTO_INCREMENT, `name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, `releasability` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, @@ -1355,14 +1355,14 @@ CREATE TABLE IF NOT EXISTS `whitelist` ( -- Default values for initial installation -- -INSERT INTO `admin_settings` (`id`, `setting`, `value`) VALUES +INSERT IGNORE INTO `admin_settings` (`id`, `setting`, `value`) VALUES (1, 'db_version', '40'); -INSERT INTO `feeds` (`id`, `provider`, `name`, `url`, `distribution`, `default`, `enabled`) VALUES +INSERT IGNORE INTO `feeds` (`id`, `provider`, `name`, `url`, `distribution`, `default`, `enabled`) VALUES (1, 'CIRCL', 'CIRCL OSINT Feed', 'https://www.circl.lu/doc/misp/feed-osint', 3, 1, 0), (2, 'Botvrij.eu', 'The Botvrij.eu Data', 'https://www.botvrij.eu/data/feed-osint', 3, 1, 0); - INSERT INTO `regexp` (`id`, `regexp`, `replacement`, `type`) VALUES +INSERT IGNORE INTO `regexp` (`id`, `regexp`, `replacement`, `type`) VALUES (1, '/.:.ProgramData./i', '%ALLUSERSPROFILE%\\\\', 'ALL'), (2, '/.:.Documents and Settings.All Users./i', '%ALLUSERSPROFILE%\\\\', 'ALL'), (3, '/.:.Program Files.Common Files./i', '%COMMONPROGRAMFILES%\\\\', 'ALL'), @@ -1407,22 +1407,22 @@ INSERT INTO `feeds` (`id`, `provider`, `name`, `url`, `distribution`, `default`, -- 7. Read Only - read -- -INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`) +INSERT IGNORE INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`) VALUES (1, 'admin', NOW(), NOW(), 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0); -INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`) +INSERT IGNORE INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`) VALUES (2, 'Org Admin', NOW(), NOW(), 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 0); -INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`) +INSERT IGNORE INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`) VALUES (3, 'User', NOW(), NOW(), 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1); -INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`) +INSERT IGNORE INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`) VALUES (4, 'Publisher', NOW(), NOW(), 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 1, 0); -INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`) +INSERT IGNORE INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`) VALUES (5, 'Sync user', NOW(), NOW(), 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0); -INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`) +INSERT IGNORE INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`) VALUES (6, 'Read Only', NOW(), NOW(), 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); -- -------------------------------------------------------- @@ -1431,7 +1431,7 @@ VALUES (6, 'Read Only', NOW(), NOW(), 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, -- Initial threat levels -- -INSERT INTO `threat_levels` (`id`, `name`, `description`, `form_description`) +INSERT IGNORE INTO `threat_levels` (`id`, `name`, `description`, `form_description`) VALUES (1, 'High', '*high* means sophisticated APT malware or 0-day attack', 'Sophisticated APT malware or 0-day attack'), (2, 'Medium', '*medium* means APT malware', 'APT malware'), @@ -1444,13 +1444,13 @@ VALUES -- Default templates -- -INSERT INTO `templates` (`id`, `name`, `description`, `org`, `share`) VALUES +INSERT IGNORE INTO `templates` (`id`, `name`, `description`, `org`, `share`) VALUES (1, 'Phishing E-mail', 'Create a MISP event about a Phishing E-mail.', 'MISP', 1), (2, 'Phishing E-mail with malicious attachment', 'A MISP event based on Spear-phishing containing a malicious attachment. This event can include anything from the description of the e-mail itself, the malicious attachment and its description as well as the results of the analysis done on the malicious f', 'MISP', 1), (3, 'Malware Report', 'This is a template for a generic malware report. ', 'MISP', 1), (4, 'Indicator List', 'A simple template for indicator lists.', 'MISP', 1); -INSERT INTO `template_elements` (`id`, `template_id`, `position`, `element_definition`) VALUES +INSERT IGNORE INTO `template_elements` (`id`, `template_id`, `position`, `element_definition`) VALUES (1, 1, 2, 'attribute'), (2, 1, 3, 'attribute'), (3, 1, 1, 'text'), @@ -1497,7 +1497,7 @@ INSERT INTO `template_elements` (`id`, `template_id`, `position`, `element_defin (46, 4, 2, 'attribute'), (47, 4, 3, 'attribute'); -INSERT INTO `template_element_attributes` (`id`, `template_element_id`, `name`, `description`, `to_ids`, `category`, `complex`, `type`, `mandatory`, `batch`) VALUES +INSERT IGNORE INTO `template_element_attributes` (`id`, `template_element_id`, `name`, `description`, `to_ids`, `category`, `complex`, `type`, `mandatory`, `batch`) VALUES (1, 1, 'From address', 'The source address from which the e-mail was sent.', 1, 'Payload delivery', 0, 'email-src', 1, 1), (2, 2, 'Malicious url', 'The malicious url in the e-mail body.', 1, 'Payload delivery', 0, 'url', 1, 1), (3, 4, 'E-mail subject', 'The subject line of the e-mail.', 0, 'Payload delivery', 0, 'email-subject', 1, 0), @@ -1529,13 +1529,13 @@ INSERT INTO `template_element_attributes` (`id`, `template_element_id`, `name`, (29, 46, 'Network Indicators', 'Paste any combination of IP addresses, hostnames, domains or URL', 1, 'Network activity', 1, 'CnC', 0, 1), (30, 47, 'File Indicators', 'Paste any file hashes that you have (MD5, SHA1, SHA256) or filenames below. You can also add filename and hash pairs by using the following syntax for each applicable column: filename|hash ', 1, 'Payload installation', 1, 'File', 0, 1); -INSERT INTO `template_element_files` (`id`, `template_element_id`, `name`, `description`, `category`, `malware`, `mandatory`, `batch`) VALUES +INSERT IGNORE INTO `template_element_files` (`id`, `template_element_id`, `name`, `description`, `category`, `malware`, `mandatory`, `batch`) VALUES (1, 14, 'Malicious Attachment', 'The file (or files) that was (were) attached to the e-mail itself.', 'Payload delivery', 1, 0, 1), (2, 21, 'Payload installation', 'Payload installation detected during the analysis', 'Payload installation', 1, 0, 1), (3, 30, 'Malware sample', 'The sample that the report is based on', 'Payload delivery', 1, 0, 0), (4, 40, 'Artifacts dropped (Sample)', 'Upload any files that were dropped during the analysis.', 'Artifacts dropped', 1, 0, 1); -INSERT INTO `template_element_texts` (`id`, `name`, `template_element_id`, `text`) VALUES +INSERT IGNORE INTO `template_element_texts` (`id`, `name`, `template_element_id`, `text`) VALUES (1, 'Required fields', 3, 'The fields below are mandatory.'), (2, 'Optional information', 5, 'All of the fields below are optional, please fill out anything that''s applicable.'), (4, 'Required Fields', 11, 'The following fields are mandatory'), @@ -1548,6 +1548,6 @@ INSERT INTO `template_element_texts` (`id`, `name`, `template_element_id`, `text (11, 'Persistence mechanism', 41, 'The following fields allow you to describe the persistence mechanism used by the malware'), (12, 'Indicators', 45, 'Just paste your list of indicators based on type into the appropriate field. All of the fields are optional, so inputting a list of IP addresses into the Network indicator field for example is sufficient to complete this template.'); -INSERT INTO `org_blacklists` (`org_uuid`, `created`, `org_name`, `comment`) VALUES +INSERT IGNORE INTO `org_blacklists` (`org_uuid`, `created`, `org_name`, `comment`) VALUES ('58d38339-7b24-4386-b4b4-4c0f950d210f', NOW(), 'Setec Astrononomy', 'default example'), ('58d38326-eda8-443a-9fa8-4e12950d210f', NOW(), 'Acme Finance', 'default example'); diff --git a/PyMISP b/PyMISP index 0faa75824..7178d3a8a 160000 --- a/PyMISP +++ b/PyMISP @@ -1 +1 @@ -Subproject commit 0faa75824f4dbac2b14919bb17e9d0fef79026d7 +Subproject commit 7178d3a8a04e5de74e60fbb96c9c670ca527a0be diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..4b71f5294 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,11 @@ +## Reporting security vulnerabilities for MISP or related MISP project repositories + +Reporting security vulnerabilities is of great importance for us, as MISP is used in multiple critical infrastructures. + +In the case of a security vulnerability report, we ask the reporter to send it directly to [CIRCL](https://www.circl.lu/contact/), if possible encrypted with the following GnuPG key: **CA57 2205 C002 4E06 BA70 BE89 EAAD CFFC 22BD 4CD5**. We usually fix reported and confirmed security vulnerabilities in less than 48 hours, followed by a software release containing the fixes within the following days. + +If you report security vulnerabilities, do not forget to **tell us if and how you want to be acknowledged** and if you already requested CVE(s). Otherwise, we will request the CVE(s) directly. + +As one of the critical user-bases of MISP consists of the CSIRT community, it is our duty to clearly state which bug could be abused and have a security impact on a MISP instance. CVE assignment is performed even for minor bugs suspected of having a security impact. This allows every user with MISP instances set up in their environments to understand which bugs could impact their security. + +We firmly believe that, even though unfortunately it is often not regarded as common practice in our industry, being as transparent as possible about vulnerabilities, no matter how minor, is of crucial importance. At MISP Project, we care about the security of our users and prefer to have a high number of published CVEs rather than sweeping some of them under the rug. diff --git a/VERSION.json b/VERSION.json index 4ebf2a526..1071f10ac 100644 --- a/VERSION.json +++ b/VERSION.json @@ -1 +1 @@ -{"major":2, "minor":4, "hotfix":124} +{"major":2, "minor":4, "hotfix":125} diff --git a/app/Console/Command/ServerShell.php b/app/Console/Command/ServerShell.php index 85a226721..885b01cad 100644 --- a/app/Console/Command/ServerShell.php +++ b/app/Console/Command/ServerShell.php @@ -70,9 +70,13 @@ class ServerShell extends AppShell $this->Job->save($data); $jobId = $this->Job->id; } + $force = false; + if (!empty($this->args[4]) && $this->args[4] === 'force') { + $force = true; + } $this->Server->id = $serverId; $server = $this->Server->read(null, $serverId); - $result = $this->Server->pull($user, $serverId, $technique, $server, $jobId); + $result = $this->Server->pull($user, $serverId, $technique, $server, $jobId, $force); $this->Job->id = $jobId; $this->Job->save(array( 'id' => $jobId, diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index c7d0296f1..3e2eb10a9 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -46,8 +46,8 @@ class AppController extends Controller public $helpers = array('Utility', 'OrgImg', 'FontAwesome', 'UserName', 'DataPathCollector'); - private $__queryVersion = '104'; - public $pyMispVersion = '2.4.123'; + private $__queryVersion = '106'; + public $pyMispVersion = '2.4.125'; public $phpmin = '7.2'; public $phprec = '7.4'; public $pythonmin = '3.6'; @@ -57,6 +57,8 @@ class AppController extends Controller public $baseurl = ''; public $sql_dump = false; + private $isRest = null; + // Used for _isAutomation(), a check that returns true if the controller & action combo matches an action that is a non-xml and non-json automation method // This is used to allow authentication via headers for methods not covered by _isRest() - as that only checks for JSON and XML formats public $automationArray = array( @@ -361,7 +363,11 @@ class AppController extends Controller } } } else { - if ($this->params['controller'] !== 'users' || !in_array($this->params['action'], array('login', 'register'))) { + $pre_auth_actions = array('login', 'register'); + if (!empty(Configure::read('Security.email_otp_enabled'))) { + $pre_auth_actions[] = 'email_otp'; + } + if ($this->params['controller'] !== 'users' || !in_array($this->params['action'], $pre_auth_actions)) { if (!$this->request->is('ajax')) { $this->Session->write('pre_login_requested_url', $this->here); } @@ -680,6 +686,11 @@ class AppController extends Controller protected function _isRest() { + // This method is surprisingly slow and called many times for one request, so it make sense to cache the result. + if ($this->isRest !== null) { + return $this->isRest; + } + $api = $this->__isApiFunction($this->request->params['controller'], $this->request->params['action']); if (isset($this->RequestHandler) && ($api || $this->RequestHandler->isXml() || $this->_isJson() || $this->_isCsv())) { if ($this->_isJson()) { @@ -687,8 +698,10 @@ class AppController extends Controller throw new MethodNotAllowedException('Invalid JSON input. Make sure that the JSON input is a correctly formatted JSON string. This request has been blocked to avoid an unfiltered request.'); } } + $this->isRest = true; return true; } else { + $this->isRest = false; return false; } } diff --git a/app/Controller/AttributesController.php b/app/Controller/AttributesController.php index 80006607d..9336d8245 100644 --- a/app/Controller/AttributesController.php +++ b/app/Controller/AttributesController.php @@ -3,6 +3,9 @@ App::uses('AppController', 'Controller'); App::uses('Folder', 'Utility'); App::uses('File', 'Utility'); +/** + * @property Attribute $Attribute + */ class AttributesController extends AppController { public $components = array('Security', 'RequestHandler', 'Cidr'); @@ -148,6 +151,12 @@ class AttributesController extends AppController if (!isset($this->request->data['Attribute'])) { $this->request->data = array('Attribute' => $this->request->data); } + if (isset($this->request->data['Attribute']['distribution']) && $this->request->data['Attribute']['distribution'] == 4) { + $sg = $this->Event->SharingGroup->fetchAllAuthorised($this->Auth->user(), 'name', 1, $this->request->data['Attribute']['sharing_group_id']); + if (empty($sg)) { + throw new MethodNotAllowedException(__('Invalid Sharing Group or not authorised.')); + } + } // // multiple attributes in batch import // @@ -410,22 +419,19 @@ class AttributesController extends AppController public function add_attachment($eventId = null) { if ($this->request->is('post')) { - $hashes = array('md5' => 'malware-sample', 'sha1' => 'filename|sha1', 'sha256' => 'filename|sha256'); - $this->loadModel('Event'); - $this->Event->id = $this->request->data['Attribute']['event_id']; - $this->Event->recursive = -1; - $event = $this->Event->read(); + $this->Attribute->Event->id = $this->request->data['Attribute']['event_id']; + $this->Attribute->Event->recursive = -1; + $event = $this->Attribute->Event->read(); if (empty($event)) { throw new NotFoundException(__('Invalid Event.')); } - if (!$this->_isSiteAdmin() && ($this->Event->data['Event']['orgc_id'] != $this->_checkOrg() || !$this->userRole['perm_modify'])) { + if (!$this->_isSiteAdmin() && ($this->Attribute->Event->data['Event']['orgc_id'] != $this->_checkOrg() || !$this->userRole['perm_modify'])) { throw new UnauthorizedException(__('You do not have permission to do that.')); } - $partialFails = array(); $fails = array(); $success = 0; - foreach ($this->request->data['Attribute']['values'] as $k => $value) { + foreach ($this->request->data['Attribute']['values'] as $value) { // Check if there were problems with the file upload // only keep the last part of the filename, this should prevent directory attacks $filename = basename($value['name']); @@ -449,11 +455,6 @@ class AttributesController extends AppController $filename, $tmpfile ); - if ($result) { - $success++; - } else { - $fails[] = $filename; - } } else { $result = $this->Attribute->simpleAddMalwareSample( $eventId, @@ -461,15 +462,16 @@ class AttributesController extends AppController $filename, $tmpfile ); - if ($result) { - $success++; - } else { - $fails[] = $filename; - } } + + if ($result) { + $success++; + } else { + $fails[] = $filename; + } + if (!empty($result)) { foreach ($result['Object'] as $object) { - $this->loadModel('MispObject'); $object['distribution'] = $this->request->data['Attribute']['distribution']; if (!empty($this->request->data['sharing_group_id'])) { $object['sharing_group_id'] = $this->request->data['Attribute']['sharing_group_id']; @@ -477,11 +479,11 @@ class AttributesController extends AppController foreach ($object['Attribute'] as $ka => $attribute) { $object['Attribute'][$ka]['distribution'] = 5; } - $this->MispObject->captureObject(array('Object' => $object), $eventId, $this->Auth->user()); + $this->Attribute->Object->captureObject(array('Object' => $object), $eventId, $this->Auth->user()); } if (!empty($result['ObjectReference'])) { foreach ($result['ObjectReference'] as $reference) { - $this->MispObject->ObjectReference->smartSave($reference, $eventId); + $this->Attribute->Object->ObjectReference->smartSave($reference, $eventId); } } } @@ -508,20 +510,17 @@ class AttributesController extends AppController } } } - $message = 'The attachment(s) have been uploaded.'; - if (!empty($partialFails)) { - $message .= ' Some of the attributes however could not be created.'; - } + $message = __('The attachment(s) have been uploaded.'); if (!empty($fails)) { - $message = 'Some of the attachments failed to upload. The failed files were: ' . implode(', ', $fails) . ' - This can be caused by the attachments already existing in the event.'; + $message = __('Some of the attachments failed to upload. The failed files were: %s - This can be caused by the attachments already existing in the event.', implode(', ', $fails)); } if (empty($success)) { if (empty($fails)) { - $message = 'The attachment(s) could not be saved. please contact your administrator.'; + $message = __('The attachment(s) could not be saved. Please contact your administrator.'); } } else { - $this->Event->id = $this->request->data['Attribute']['event_id']; - $this->Event->saveField('published', 0); + $this->Attribute->Event->id = $this->request->data['Attribute']['event_id']; + $this->Attribute->Event->saveField('published', 0); } if (empty($success) && !empty($fails)) { $this->Flash->error($message); @@ -536,57 +535,43 @@ class AttributesController extends AppController // set the event_id in the form $this->request->data['Attribute']['event_id'] = $eventId; } + + $event = $this->Attribute->Event->findById($eventId); + if (empty($event)) { + throw new NotFoundException(__('Invalid Event.')); + } + if (!$this->_isRest()) { $this->Attribute->Event->insertLock($this->Auth->user(), $eventId); } - // combobox for categories - $categories = array_keys($this->Attribute->categoryDefinitions); - // just get them with attachments.. + + // Filter categories that contains attachment type $selectedCategories = array(); - foreach ($categories as $category) { - $types = $this->Attribute->categoryDefinitions[$category]['types']; - $alreadySet = false; - foreach ($types as $type) { - if ($this->Attribute->typeIsAttachment($type) && !$alreadySet) { - // add to the whole.. + foreach ($this->Attribute->categoryDefinitions as $category => $values) { + foreach ($values['types'] as $type) { + if ($this->Attribute->typeIsAttachment($type)) { $selectedCategories[] = $category; - $alreadySet = true; - continue; + continue 2; } } } $categories = $this->_arrayToValuesIndexArray($selectedCategories); $this->set('categories', $categories); - $this->set('attrDescriptions', $this->Attribute->fieldDescriptions); - $this->set('typeDefinitions', $this->Attribute->typeDefinitions); $this->set('categoryDefinitions', $this->Attribute->categoryDefinitions); - $this->set('zippedDefinitions', $this->Attribute->zippedDefinitions); - $this->set('uploadDefinitions', $this->Attribute->uploadDefinitions); + $this->set('advancedExtractionAvailable', $this->Attribute->isAdvancedExtractionAvailable()); // combobox for distribution - $this->loadModel('Event'); - $this->set('distributionLevels', $this->Event->Attribute->distributionLevels); - - foreach ($this->Attribute->categoryDefinitions as $key => $value) { - $info['category'][$key] = array('key' => $key, 'desc' => isset($value['formdesc'])? $value['formdesc'] : $value['desc']); - } - foreach ($this->Event->Attribute->distributionLevels as $key => $value) { - $info['distribution'][$key] = array('key' => $value, 'desc' => $this->Attribute->distributionDescriptions[$key]['formdesc']); - } - $this->set('info', $info); + $this->set('distributionLevels', $this->Attribute->distributionLevels); + $this->set('info', $this->__getInfo()); $this->loadModel('SharingGroup'); $sgs = $this->SharingGroup->fetchAllAuthorised($this->Auth->user(), 'name', 1); $this->set('sharingGroups', $sgs); - $events = $this->Event->findById($eventId); - if (empty($events)) { - throw new NotFoundException(__('Invalid Event.')); - } - $this->set('currentDist', $events['Event']['distribution']); - $this->set('published', $events['Event']['published']); + $this->set('currentDist', $event['Event']['distribution']); + $this->set('published', $event['Event']['published']); } @@ -852,6 +837,12 @@ class AttributesController extends AppController if (!isset($this->request->data['Attribute'])) { $this->request->data = array('Attribute' => $this->request->data); } + if (isset($this->request->data['Attribute']['distribution']) && $this->request->data['Attribute']['distribution'] == 4) { + $sg = $this->Attribute->Event->SharingGroup->fetchAllAuthorised($this->Auth->user(), 'name', 1, $this->request->data['Attribute']['sharing_group_id']); + if (empty($sg)) { + throw new MethodNotAllowedException(__('Invalid Sharing Group or not authorised.')); + } + } $existingAttribute = $this->Attribute->findByUuid($this->Attribute->data['Attribute']['uuid']); // check if the attribute has a timestamp already set (from a previous instance that is trying to edit via synchronisation) // check which attribute is newer @@ -3250,4 +3241,28 @@ class AttributesController extends AppController return $this->RestResponse->viewData($final, $responseType, false, true, 'search.' . $type . '.' . $responseType); } } + + private function __getInfo() + { + $info = array('category' => array(), 'type' => array(), 'distribution' => array()); + foreach ($this->Attribute->categoryDefinitions as $key => $value) { + $info['category'][$key] = array( + 'key' => $key, + 'desc' => isset($value['formdesc']) ? $value['formdesc'] : $value['desc'] + ); + } + foreach ($this->Attribute->typeDefinitions as $key => $value) { + $info['type'][$key] = array( + 'key' => $key, + 'desc' => isset($value['formdesc']) ? $value['formdesc'] : $value['desc'] + ); + } + foreach ($this->Attribute->distributionLevels as $key => $value) { + $info['distribution'][$key] = array( + 'key' => $value, + 'desc' => $this->Attribute->distributionDescriptions[$key]['formdesc'] + ); + } + return $info; + } } diff --git a/app/Controller/Component/ACLComponent.php b/app/Controller/Component/ACLComponent.php index 3c9b454e6..1a55239d3 100644 --- a/app/Controller/Component/ACLComponent.php +++ b/app/Controller/Component/ACLComponent.php @@ -285,21 +285,22 @@ class ACLComponent extends Component 'view' => array('*') ), 'objects' => array( - 'add' => array('perm_add'), - 'addValueField' => array('perm_add'), - 'delete' => array('perm_add'), - 'edit' => array('perm_add'), - 'get_row' => array('perm_add'), - 'orphanedObjectDiagnostics' => array(), - 'editField' => array('perm_add'), - 'fetchEditForm' => array('perm_add'), - 'fetchViewValue' => array('*'), - 'quickAddAttributeForm' => array('perm_add'), - 'quickFetchTemplateWithValidObjectAttributes' => array('perm_add'), - 'proposeObjectsFromAttributes' => array('*'), - 'groupAttributesIntoObject' => array('perm_add'), - 'revise_object' => array('perm_add'), - 'view' => array('*'), + 'add' => array('perm_add'), + 'addValueField' => array('perm_add'), + 'delete' => array('perm_add'), + 'edit' => array('perm_add'), + 'get_row' => array('perm_add'), + 'orphanedObjectDiagnostics' => array(), + 'editField' => array('perm_add'), + 'fetchEditForm' => array('perm_add'), + 'fetchViewValue' => array('*'), + 'quickAddAttributeForm' => array('perm_add'), + 'quickFetchTemplateWithValidObjectAttributes' => array('perm_add'), + 'restSearch' => array('*'), + 'proposeObjectsFromAttributes' => array('*'), + 'groupAttributesIntoObject' => array('perm_add'), + 'revise_object' => array('perm_add'), + 'view' => array('*'), ), 'objectReferences' => array( 'add' => array('perm_add'), @@ -569,6 +570,7 @@ class ACLComponent extends Component 'discardRegistrations' => array('perm_site_admin'), 'downloadTerms' => array('*'), 'edit' => array('*'), + 'email_otp' => array('*'), 'searchGpgKey' => array('*'), 'fetchGpgKey' => array('*'), 'histogram' => array('*'), diff --git a/app/Controller/Component/RestResponseComponent.php b/app/Controller/Component/RestResponseComponent.php index 295c166b5..071df64b3 100644 --- a/app/Controller/Component/RestResponseComponent.php +++ b/app/Controller/Component/RestResponseComponent.php @@ -72,7 +72,7 @@ class RestResponseComponent extends Component 'restSearch' => array( 'description' => "Search MISP using a list of filter parameters and return the data in the selected format. The search is available on an event and an attribute level, just select the scope via the URL (/events/restSearch vs /attributes/restSearch). Besides the parameters listed, other, format specific ones can be passed along (for example: requested_attributes and includeContext for the CSV export). This API allows pagination via the page and limit parameters.", 'mandatory' => array('returnFormat'), - 'optional' => array('page', 'limit', 'value', 'type', 'category', 'org', 'tag', 'tags', 'searchall', 'date', 'last', 'eventid', 'withAttachments', 'metadata', 'uuid', 'published', 'publish_timestamp', 'timestamp', 'enforceWarninglist', 'sgReferenceOnly', 'eventinfo', 'excludeLocalTags'), + 'optional' => array('page', 'limit', 'value', 'type', 'category', 'org', 'tag', 'tags', 'searchall', 'date', 'last', 'eventid', 'withAttachments', 'metadata', 'uuid', 'published', 'publish_timestamp', 'timestamp', 'enforceWarninglist', 'sgReferenceOnly', 'eventinfo', 'excludeLocalTags', 'threat_level_id'), 'params' => array() ) ), @@ -1080,7 +1080,7 @@ class RestResponseComponent extends Component 'input' => 'radio', 'type' => 'integer', 'values' => array(1 => 'True', 0 => 'False' ), - 'help' => __('Will not return Attributes, shadow attribute and objects') + 'help' => __('Will only return the metadata of the given query scope, contained data is omitted.') ), 'minimal' => array( 'input' => 'radio', @@ -1456,13 +1456,13 @@ class RestResponseComponent extends Component 'input' => 'select', 'type' => 'integer', 'operators' => ['equal', 'not_equal'], - 'values' => array( 1 => 'Hight', 2 => 'Medium', 3 => 'Low', 4 => 'Undefined') + 'values' => array( 1 => 'High', 2 => 'Medium', 3 => 'Low', 4 => 'Undefined') ), 'threatlevel' => array( 'input' => 'select', 'type' => 'integer', 'operators' => ['equal', 'not_equal'], - 'values' => array( 1 => 'Hight', 2 => 'Medium', 3 => 'Low', 4 => 'Undefined') + 'values' => array( 1 => 'High', 2 => 'Medium', 3 => 'Low', 4 => 'Undefined') ), 'time' => array( 'input' => 'text', diff --git a/app/Controller/Component/RestSearchComponent.php b/app/Controller/Component/RestSearchComponent.php index 420c6a9c3..c71a69cd2 100644 --- a/app/Controller/Component/RestSearchComponent.php +++ b/app/Controller/Component/RestSearchComponent.php @@ -10,13 +10,14 @@ class RestSearchComponent extends Component 'published', 'timestamp','enforceWarninglist', 'to_ids', 'deleted', 'includeEventUuid', 'event_timestamp', 'threat_level_id', 'includeEventTags', 'includeProposals', 'returnFormat', 'limit', 'page', 'requested_attributes', 'includeContext', 'headerless', 'includeWarninglistHits', 'attackGalaxy', 'object_relation', 'includeSightings', 'includeCorrelations', 'includeDecayScore', - 'decayingModel', 'excludeDecayed', 'modelOverrides', 'includeFullModel', 'score', 'attribute_timestamp', 'first_seen', 'last_seen' + 'decayingModel', 'excludeDecayed', 'modelOverrides', 'includeFullModel', 'score', 'attribute_timestamp', 'first_seen', 'last_seen', + 'threat_level_id' ), 'Event' => array( 'returnFormat', 'value', 'type', 'category', 'org', 'tags', 'searchall', 'from', 'to', 'last', 'eventid', 'withAttachments', 'metadata', 'uuid', 'publish_timestamp', 'timestamp', 'published', 'enforceWarninglist', 'sgReferenceOnly', 'limit', 'page', 'requested_attributes', 'includeContext', 'headerless', 'includeWarninglistHits', 'attackGalaxy', 'to_ids', 'deleted', - 'excludeLocalTags', 'date', 'includeSightingdb', 'tag', 'object_relation' + 'excludeLocalTags', 'date', 'includeSightingdb', 'tag', 'object_relation', 'threat_level_id' ), 'Object' => array( 'returnFormat', 'value' , 'type', 'category', 'org', 'tags', 'from', 'to', 'last', 'eventid', 'withAttachments', 'uuid', 'publish_timestamp', diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 220f1989c..238e30d86 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -1403,12 +1403,8 @@ class EventsController extends AppController $this->set($alias, $currentModel->{$variable}); } } - $cluster_names = $this->GalaxyCluster->find('list', array('fields' => array('GalaxyCluster.tag_name'), 'group' => array('GalaxyCluster.tag_name', 'GalaxyCluster.id'))); - foreach ($event['EventTag'] as $k => $eventTag) { - if (in_array($eventTag['Tag']['name'], $cluster_names)) { - unset($event['EventTag'][$k]); - } - } + + $this->Event->removeGalaxyClusterTags($event); $tagConflicts = $this->Taxonomy->checkIfTagInconsistencies($event['EventTag']); foreach ($tagConflicts['global'] as $tagConflict) { @@ -1430,11 +1426,9 @@ class EventsController extends AppController } $modDate = date("Y-m-d", $attribute['timestamp']); $modificationMap[$modDate] = empty($modificationMap[$modDate])? 1 : $modificationMap[date("Y-m-d", $attribute['timestamp'])] + 1; - foreach ($attribute['AttributeTag'] as $k2 => $attributeTag) { - if (in_array($attributeTag['Tag']['name'], $cluster_names)) { - unset($event['Attribute'][$k]['AttributeTag'][$k2]); - } - } + + $this->Event->Attribute->removeGalaxyClusterTags($event['Attribute'][$k]); + $tagConflicts = $this->Taxonomy->checkIfTagInconsistencies($attribute['AttributeTag']); foreach ($tagConflicts['global'] as $tagConflict) { $warningTagConflicts[$tagConflict['taxonomy']['Taxonomy']['namespace']] = $tagConflict['taxonomy']; @@ -1463,11 +1457,9 @@ class EventsController extends AppController } $modDate = date("Y-m-d", $attribute['timestamp']); $modificationMap[$modDate] = empty($modificationMap[$modDate])? 1 : $modificationMap[date("Y-m-d", $attribute['timestamp'])] + 1; - foreach ($attribute['AttributeTag'] as $k3 => $attributeTag) { - if (in_array($attributeTag['Tag']['name'], $cluster_names)) { - unset($event['Object'][$k]['Attribute'][$k2]['AttributeTag'][$k3]); - } - } + + $this->Event->Attribute->removeGalaxyClusterTags($event['Object'][$k]['Attribute'][$k2]); + $tagConflicts = $this->Taxonomy->checkIfTagInconsistencies($attribute['AttributeTag']); foreach ($tagConflicts['global'] as $tagConflict) { $warningTagConflicts[$tagConflict['taxonomy']['Taxonomy']['namespace']] = $tagConflict['taxonomy']; @@ -1659,7 +1651,7 @@ class EventsController extends AppController if (!empty($this->params['named']['excludeGalaxy'])) { $conditions['excludeGalaxy'] = 1; } - if (!empty($this->params['named']['extended'])) { + if (!empty($this->params['named']['extended']) || !empty($this->request->data['extended'])) { $conditions['extended'] = 1; $this->set('extended', 1); } else { @@ -2280,18 +2272,34 @@ class EventsController extends AppController } } foreach ($resultArray as $key => $result) { + if ($has_pipe = strpos($result['default_type'], '|') !== false || $result['default_type'] === 'malware-sample') { + $pieces = explode('|', $result['value']); + $or = array('Attribute.value1' => $pieces, + 'Attribute.value2' => $pieces); + } else { + $or = array('Attribute.value1' => $result['value'], 'Attribute.value2' => $result['value']); + } $options = array( - 'conditions' => array('OR' => array('Attribute.value1' => $result['value'], 'Attribute.value2' => $result['value'])), - 'fields' => array('Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.comment'), - 'order' => false + 'conditions' => array('OR' => $or), + 'fields' => array('Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.comment'), + 'order' => false ); $resultArray[$key]['related'] = $this->Event->Attribute->fetchAttributes($this->Auth->user(), $options); } + + // combobox for distribution + $distributions = $this->Event->Attribute->distributionLevels; + $sgs = $this->Event->SharingGroup->fetchAllAuthorised($this->Auth->user(), 'name', 1); + if (empty($sgs)) { + unset($distributions[4]); + } $this->set('event', array('Event' => array('id' => $target_id))); $this->set('resultArray', $resultArray); $this->set('typeList', array_keys($this->Event->Attribute->typeDefinitions)); $this->set('defaultCategories', $this->Event->Attribute->defaultCategories); $this->set('typeCategoryMapping', $typeCategoryMapping); + $this->set('distributions', $distributions); + $this->set('sgs', $sgs); $this->set('title', 'Merge Results'); $this->set('importComment', 'Merged from event ' . $source_id); $this->render('resolved_attributes'); @@ -3715,8 +3723,15 @@ class EventsController extends AppController } } foreach ($resultArray as $key => $result) { + if ($has_pipe = strpos($result['default_type'], '|') !== false || $result['default_type'] === 'malware-sample') { + $pieces = explode('|', $result['value']); + $or = array('Attribute.value1' => $pieces, + 'Attribute.value2' => $pieces); + } else { + $or = array('Attribute.value1' => $result['value'], 'Attribute.value2' => $result['value']); + } $options = array( - 'conditions' => array('OR' => array('Attribute.value1' => $result['value'], 'Attribute.value2' => $result['value'])), + 'conditions' => array('OR' => $or), 'fields' => array('Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.comment'), 'order' => false, 'flatten' => 1 @@ -3819,7 +3834,7 @@ class EventsController extends AppController $this->Event->insertLock($this->Auth->user(), $id); $attributes = json_decode($this->request->data['Attribute']['JsonObject'], true); $default_comment = $this->request->data['Attribute']['default_comment']; - $force = $this->request->data['Attribute']['force']; + $force = $this->_isSiteAdmin() && $this->request->data['Attribute']['force']; $flashMessage = $this->Event->processFreeTextDataRouter($this->Auth->user(), $attributes, $id, $default_comment, $force); $this->Flash->info($flashMessage); $this->redirect(array('controller' => 'events', 'action' => 'view', $id)); @@ -4514,16 +4529,20 @@ class EventsController extends AppController if (!in_array($type, $validTools)) { throw new MethodNotAllowedException('Invalid type.'); } - App::uses('EventTimelineTool', 'Tools'); $grapher = new EventTimelineTool(); $data = $this->request->is('post') ? $this->request->data : array(); $dataFiltering = array_key_exists('filtering', $data) ? $data['filtering'] : array(); + $scope = isset($data['scope']) ? $data['scope'] : 'seen'; $extended = isset($this->params['named']['extended']) ? 1 : 0; $grapher->construct($this->Event, $this->Auth->user(), $dataFiltering, $extended); - $json = $grapher->get_timeline($id); + if ($scope == 'seen') { + $json = $grapher->get_timeline($id); + } elseif ($scope == 'sightings') { + $json = $grapher->get_sighting_timeline($id); + } array_walk_recursive($json, function (&$item, $key) { if (!mb_detect_encoding($item, 'utf-8', true)) { @@ -4983,10 +5002,17 @@ class EventsController extends AppController } } foreach ($resultArray as $key => $result) { + if ($has_pipe = strpos($result['default_type'], '|') !== false || $result['default_type'] === 'malware-sample') { + $pieces = explode('|', $result['value']); + $or = array('Attribute.value1' => $pieces, + 'Attribute.value2' => $pieces); + } else { + $or = array('Attribute.value1' => $result['value'], 'Attribute.value2' => $result['value']); + } $options = array( - 'conditions' => array('OR' => array('Attribute.value1' => $result['value'], 'Attribute.value2' => $result['value'])), - 'fields' => array('Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.comment'), - 'order' => false + 'conditions' => array('OR' => $or), + 'fields' => array('Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.comment'), + 'order' => false ); $resultArray[$key]['related'] = $this->Event->Attribute->fetchAttributes($this->Auth->user(), $options); if (isset($result['data'])) { @@ -5166,10 +5192,17 @@ class EventsController extends AppController } } foreach ($resultArray as $key => $result) { + if ($has_pipe = strpos($result['default_type'], '|') !== false || $result['default_type'] === 'malware-sample') { + $pieces = explode('|', $result['value']); + $or = array('Attribute.value1' => $pieces, + 'Attribute.value2' => $pieces); + } else { + $or = array('Attribute.value1' => $result['value'], 'Attribute.value2' => $result['value']); + } $options = array( - 'conditions' => array('OR' => array('Attribute.value1' => $result['value'], 'Attribute.value2' => $result['value'])), - 'fields' => array('Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.comment'), - 'order' => false + 'conditions' => array('OR' => $or), + 'fields' => array('Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.comment'), + 'order' => false ); $resultArray[$key]['related'] = $this->Event->Attribute->fetchAttributes($this->Auth->user(), $options); } diff --git a/app/Controller/FeedsController.php b/app/Controller/FeedsController.php index eab8d3de0..cd8741fb1 100644 --- a/app/Controller/FeedsController.php +++ b/app/Controller/FeedsController.php @@ -364,7 +364,11 @@ class FeedsController extends AppController } } if (!isset($this->request->data['Feed']['settings'])) { - $this->request->data['Feed']['settings'] = array(); + if (!empty($this->Feed->data['Feed']['settings'])) { + $this->request->data['Feed']['settings'] = $this->Feed->data['Feed']['settings']; + } else { + $this->request->data['Feed']['settings'] = array(); + } } else { if (!empty($this->request->data['Feed']['settings']['common']['excluderegex']) && !$this->__checkRegex($this->request->data['Feed']['settings']['common']['excluderegex'])) { $this->Flash->error('Invalid exclude regex. Make sure it\'s a delimited PCRE regex pattern.'); diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index de0f5d6cc..8ad0993dd 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -992,13 +992,15 @@ class ServersController extends AppController if ($tab == 'diagnostics' || $tab == 'download' || $this->_isRest()) { $php_ini = php_ini_loaded_file(); $this->set('php_ini', $php_ini); - $advanced_attachments = shell_exec($this->Server->getPythonVersion() . ' ' . APP . 'files/scripts/generate_file_objects.py -c'); + $malwareTool = new MalwareTool(); try { - $advanced_attachments = json_decode($advanced_attachments, true); + $advanced_attachments = $malwareTool->checkAdvancedExtractionStatus($this->Server->getPythonVersion()); } catch (Exception $e) { + $this->log($e->getMessage(), LOG_NOTICE); $advanced_attachments = false; } + $this->set('advanced_attachments', $advanced_attachments); // check if the current version of MISP is outdated or not $version = $this->__checkVersion(); @@ -1622,6 +1624,7 @@ class ServersController extends AppController $result = $pubSubTool->statusCheck(); if (!empty($result)) { $this->set('events', $result['publishCount']); + $this->set('messages', $result['messageCount']); $this->set('time', date('Y/m/d H:i:s', $result['timestamp'])); $this->set('time2', date('Y/m/d H:i:s', $result['timestampSettings'])); } diff --git a/app/Controller/UsersController.php b/app/Controller/UsersController.php index cef0c01e8..108de499e 100644 --- a/app/Controller/UsersController.php +++ b/app/Controller/UsersController.php @@ -31,6 +31,9 @@ class UsersController extends AppController // what pages are allowed for non-logged-in users $allowedActions = array('login', 'logout'); + if(!empty(Configure::read('Security.email_otp_enabled'))) { + $allowedActions[] = 'email_otp'; + } if (!empty(Configure::read('Security.allow_self_registration'))) { $allowedActions[] = 'register'; } @@ -1116,33 +1119,15 @@ class UsersController extends AppController $this->Auth->constructAuthenticate(); } } + if ($this->request->is('post') && Configure::read('Security.email_otp_enabled')) { + $user = $this->Auth->identify($this->request, $this->response); + if ($user) { + $this->Session->write('email_otp_user', $user); + return $this->redirect('email_otp'); + } + } if ($this->Auth->login()) { - $this->User->extralog($this->Auth->user(), "login"); - $this->User->Behaviors->disable('SysLogLogable.SysLogLogable'); - $this->User->id = $this->Auth->user('id'); - $user = $this->User->find('first', array( - 'conditions' => array( - 'User.id' => $this->Auth->user('id') - ), - 'recursive' => -1 - )); - $lastUserLogin = $user['User']['last_login']; - unset($user['User']['password']); - $user['User']['action'] = 'login'; - $user['User']['last_login'] = $this->Auth->user('current_login'); - $user['User']['current_login'] = time(); - $this->User->save($user['User'], true, array('id', 'last_login', 'current_login')); - if (empty($this->Auth->authenticate['Form']['passwordHasher']) && !empty($passwordToSave)) { - $this->User->saveField('password', $passwordToSave); - } - $this->User->Behaviors->enable('SysLogLogable.SysLogLogable'); - if ($lastUserLogin) { - $readableDatetime = (new DateTime())->setTimestamp($lastUserLogin)->format('D, d M y H:i:s O'); // RFC822 - $this->Flash->info(sprintf('Welcome! Last login was on %s', $readableDatetime)); - } - // no state changes are ever done via GET requests, so it is safe to return to the original page: - $this->redirect($this->Auth->redirectUrl()); - // $this->redirect(array('controller' => 'events', 'action' => 'index')); + $this->_postlogin(); } else { $dataSourceConfig = ConnectionManager::getDataSource('default')->config; $dataSource = $dataSourceConfig['datasource']; @@ -1224,6 +1209,35 @@ class UsersController extends AppController } } + private function _postlogin() + { + $this->User->extralog($this->Auth->user(), "login"); + $this->User->Behaviors->disable('SysLogLogable.SysLogLogable'); + $this->User->id = $this->Auth->user('id'); + $user = $this->User->find('first', array( + 'conditions' => array( + 'User.id' => $this->Auth->user('id') + ), + 'recursive' => -1 + )); + $lastUserLogin = $user['User']['last_login']; + unset($user['User']['password']); + $user['User']['action'] = 'login'; + $user['User']['last_login'] = $this->Auth->user('current_login'); + $user['User']['current_login'] = time(); + $this->User->save($user['User'], true, array('id', 'last_login', 'current_login')); + if (empty($this->Auth->authenticate['Form']['passwordHasher']) && !empty($passwordToSave)) { + $this->User->saveField('password', $passwordToSave); + } + $this->User->Behaviors->enable('SysLogLogable.SysLogLogable'); + if ($lastUserLogin) { + $readableDatetime = (new DateTime())->setTimestamp($lastUserLogin)->format('D, d M y H:i:s O'); // RFC822 + $this->Flash->info(__('Welcome! Last login was on %s', $readableDatetime)); + } + // no state changes are ever done via GET requests, so it is safe to return to the original page: + $this->redirect($this->Auth->redirectUrl()); + } + public function routeafterlogin() { // Events list @@ -1656,6 +1670,90 @@ class UsersController extends AppController } } + public function email_otp() + { + $user = $this->Session->read('email_otp_user'); + if(empty($user)) { + $this->redirect('login'); + } + $redis = $this->User->setupRedis(); + $user_id = $user['id']; + + if ($this->request->is('post') && isset($this->request->data['User']['otp'])) { + $stored_otp = $redis->get('misp:otp:'.$user_id); + if (!empty($stored_otp) && $this->request->data['User']['otp'] == $stored_otp) { + // we invalidate the previously generated OTP + $redis->delete('misp:otp:'.$user_id); + // We login the user with CakePHP + $this->Auth->login($user); + $this->_postlogin(); + } else { + $this->Flash->error(__("The OTP is incorrect or has expired")); + } + } else { + // GET Request + + // We check for exceptions + $exception_list = Configure::read('Security.email_otp_exceptions'); + if (!empty($exception_list)) { + $exceptions = explode(",", $exception_list); + foreach ($exceptions as &$exception) { + if ($user['email'] == trim($exception)) { + // We login the user with CakePHP + $this->Auth->login($user); + $this->_postlogin(); + } + } + } + $this->loadModel('Server'); + + // Generating the OTP + $digits = !empty(Configure::read('Security.email_otp_length')) ? Configure::read('Security.email_otp_length') : $this->Server->serverSettings['Security']['email_otp_length']['value']; + $otp = ""; + for ($i=0; $i<$digits; $i++) { + $otp.= random_int(0,9); + } + // We use Redis to cache the OTP + $redis->set('misp:otp:'.$user_id, $otp); + $validity = !empty(Configure::read('Security.email_otp_validity')) ? Configure::read('Security.email_otp_validity') : $this->Server->serverSettings['Security']['email_otp_validity']['value']; + $redis->expire('misp:otp:'.$user_id, (int) $validity * 60); + + // Email construction + $body = !empty(Configure::read('Security.email_otp_text')) ? Configure::read('Security.email_otp_text') : $this->Server->serverSettings['Security']['email_otp_text']['value']; + $body = str_replace('$misp', Configure::read('MISP.baseurl'), $body); + $body = str_replace('$org', Configure::read('MISP.org'), $body); + $body = str_replace('$contact', Configure::read('MISP.contact'), $body); + $body = str_replace('$validity', $validity, $body); + $body = str_replace('$otp', $otp, $body); + $body = str_replace('$ip', $this->__getClientIP(), $body); + $body = str_replace('$username', $user['email'], $body); + $result = $this->User->sendEmail(array('User' => $user), $body, false, "[MISP] Email OTP"); + + if ( $result ) { + $this->Flash->success(__("An email containing a OTP has been sent.")); + } else { + $this->Flash->error(__("The email couldn't be sent, please reach out to your administrator.")); + } + } + } + + + /** + * Helper function to determine the IP of a client (proxy aware) + */ + private function __getClientIP() { + $x_forwarded = filter_input(INPUT_SERVER, 'HTTP_X_FORWARDED_FOR', FILTER_SANITIZE_STRING); + $client_ip = filter_input(INPUT_SERVER, 'HTTP_CLIENT_IP', FILTER_SANITIZE_STRING); + if (!empty($x_forwarded)) { + $x_forwarded = explode(",", $x_forwarded); + return $x_forwarded[0]; + } elseif(!empty($client_ip)){ + return $_client_ip; + } else { + return filter_input(INPUT_SERVER, 'REMOTE_ADDR', FILTER_SANITIZE_STRING); + } + } + // shows some statistics about the instance public function statistics($page = 'data') { @@ -1742,6 +1840,7 @@ class UsersController extends AppController $stats['user_count_pgp'] = $this->User->find('count', array('recursive' => -1, 'conditions' => array('User.gpgkey !=' => ''))); $stats['org_count'] = count($orgs); $stats['local_org_count'] = count($local_orgs); + $stats['contributing_org_count'] = $this->User->Event->find('count', array('recursive' => -1, 'group' => array('Event.orgc_id'))); $stats['average_user_per_org'] = round($stats['user_count'] / $stats['local_org_count'], 1); $this->loadModel('Thread'); @@ -2275,7 +2374,7 @@ class UsersController extends AppController $requestObject['message'] = ''; } if (empty($requestObject['email'])) { - throw new InvalidArgumentException(__('We require at least the email field to be filled.')); + throw new BadRequestException(__('We require at least the email field to be filled.')); } $this->loadModel('Inbox'); $this->Inbox->create(); @@ -2374,8 +2473,13 @@ class UsersController extends AppController $id = $this->params['named']['id']; } $this->loadModel('Inbox'); - if (Validation::uuid($id)) { - $id = $this->Toolbox->findIdByUuid($this->Inbox, $id); + if (!is_array($id)) { + $id = array($id); + } + foreach ($id as $k => $v) { + if (Validation::uuid($v)) { + $id[$k] = $this->Toolbox->findIdByUuid($this->Inbox, $v); + } } $registrations = $this->Inbox->find('all', array( 'recursive' => -1, @@ -2400,7 +2504,7 @@ class UsersController extends AppController $this->Log->save(array( 'org' => $this->Auth->user('Organisation')['name'], 'model' => 'User', - 'model_id' => $id, + 'model_id' => 0, 'email' => $this->Auth->user('email'), 'action' => 'discardRegistrations', 'title' => $message, @@ -2466,6 +2570,9 @@ class UsersController extends AppController 'perm_admin' => $role['Role']['perm_admin'] ); } + if (empty($this->request->data['User'])) { + $this->request->data = array('User' => $this->request->data); + } if (!empty($default_role)) { $this->request->data['User']['role_id'] = $default_role['Role']['id']; } @@ -2492,11 +2599,11 @@ class UsersController extends AppController if (!empty($default_role)) { $this->request->data['User']['role_id'] = $default_role['Role']['id']; } else { - throw new InvalidArgumentException(__('Role ID not provided and no default role exist on the instance')); + throw new BadRequestException(__('Role ID not provided and no default role exist on the instance')); } } if (!isset($this->request->data['User']['org_id'])) { - throw new InvalidArgumentException(__('No organisation selected. Supply an Organisation ID')); + throw new BadRequestException(__('No organisation selected. Supply an Organisation ID')); } else { if (Validation::uuid($this->request->data['User']['org_id'])) { $id = $this->Toolbox->findIdByUuid($this->User->Organisation, $this->request->data['User']['org_id']); diff --git a/app/Lib/Export/JsonExport.php b/app/Lib/Export/JsonExport.php index 525706bee..1b1fe0205 100644 --- a/app/Lib/Export/JsonExport.php +++ b/app/Lib/Export/JsonExport.php @@ -12,7 +12,7 @@ class JsonExport } else if($options['scope'] === 'Event') { return $this->__eventHandler($data, $options); } else if($options['scope'] === 'Object') { - return $this->__eventHandler($data, $options); + return $this->__objectHandler($data, $options); } else if($options['scope'] === 'Sighting') { return $this->__sightingsHandler($data, $options); } diff --git a/app/Lib/Export/OpendataExport.php b/app/Lib/Export/OpendataExport.php new file mode 100644 index 000000000..d21e34e3c --- /dev/null +++ b/app/Lib/Export/OpendataExport.php @@ -0,0 +1,130 @@ +__default_filters = $filters; + } + + public function header($options = array()) + { + $this->__scope = $options['scope']; + if (isset($this->__default_filters['auth'])) { + $this->__auth = $this->__default_filters['auth']; + unset($this->__default_filters['auth']); + } + if (isset($this->__default_filters['setup'])) { + $this->__setup = $this->__default_filters['setup']; + $this->__check_setup_filter(); + unset($this->__default_filters['setup']); + } else { + throw new Exception(__('Missing "setup" filter containing the dataset and resource(s) information.')); + } + if (isset($this->__default_filters['url'])) { + $this->__url = $this->__default_filters['url']; + unset($this->__default_filters['url']); + } else { + $external_baseurl = Configure::read('MISP.external_baseurl'); + $baseurl = !empty($external_baseurl) ? $external_baseurl : Configure::read('MISP.baseurl'); + if (empty($baseurl)) { + throw new Exception(__('Missing url of the MISP instance, and baseurl is not set.')); + } + $this->__url = $baseurl; + } + if (!empty($this->__default_filters['delete'])) { + $this->__delete = true; + unset($this->__default_filters['delete']); + } + return ''; + } + + public function footer() + { + $authParam = ' --auth ' . $this->__auth; + $my_server = ClassRegistry::init('Server'); + $cmd = $my_server->getPythonVersion() . ' ' . $this->__scripts_dir . $this->__script_name . $authParam; + return $this->__delete ? $this->__delete_query($cmd) : $this->__add_query($cmd); + } + + public function separator() + { + return ''; + } + + private function __add_query($cmd) + { + unset($this->__default_filters['returnFormat']); + $body = json_encode($this->__default_filters); + $bodyFilename = $this->__generateSetupFile($body); + $bodyParam = ' --body ' . $bodyFilename; + $levelParam = ' --level ' . strtolower($this->__scope) . 's'; + $setup = json_encode($this->__setup); + $setupFilename = $this->__generateSetupFile($setup); + $setupParam = ' --setup ' . $setupFilename; + $urlParam = ' --url ' . $this->__url; + + $cmd .= $bodyParam . $setupParam . $levelParam . $urlParam; + $results = shell_exec($cmd); + unlink($bodyFilename); + unlink($setupFilename); + return $results; + } + + private function __check_setup_filter() + { + if (empty($this->__setup['dataset'])) { + throw new Exception(__('Missing dataset filter in the setup filter. Please provide the dataset setup.')); + } + if (!empty($this->__setup['resources']) && !empty($this->__setup['resource'])) { + throw new Exception(__('Please provide the resource setup in a single field called "resources".')); + } + if (!empty($this->__setup['resource']) && empty($this->__setup['resources'])) { + $this->__setup['resources'] = $this->__setup['resource']; + unset($this->__setup['resource']); + } + } + + private function __delete_query($cmd) + { + $cmd .= " -d '" . $this->__setup['dataset'] . "'"; + if (!empty($this->__setup['resources'])) { + if (is_array($this->__setup['resources'])) { + foreach ($this->__setup['resources'] as $resource) { + $cmd .= ' ' . $resource; + } + } else { + $cmd .= " '" . $this->__setup['resources'] . "'"; + } + } + return shell_exec($cmd); + } + + private function __generateRandomFileName() + { + return (new RandomTool())->random_str(false, 12); + } + + private function __generateSetupFile($to_write) + { + $filename = $this->__scripts_dir . 'tmp/' . $this->__generateRandomFileName(); + $tmpFile = new File($filename, true, 0644); + $tmpFile->write($to_write); + $tmpFile->close(); + return $filename; + } +} diff --git a/app/Lib/Tools/EventTimelineTool.php b/app/Lib/Tools/EventTimelineTool.php index d2eb44943..46fef4604 100644 --- a/app/Lib/Tools/EventTimelineTool.php +++ b/app/Lib/Tools/EventTimelineTool.php @@ -135,4 +135,145 @@ return $this->__json; } + + /* + * Extrapolation strategy: + * - If only positive sightings: Will be from first to last sighting + * - If both positive and false positive: False positive get priority. It will be marked as false positive until next positive sighting + */ + public function get_sighting_timeline($id) + { + $event = $this->__eventModel->fetchEvent($this->__user, array( + 'eventid' => $id, + 'flatten' => 1, + 'includeTagRelations' => 1, + 'extended' => $this->__extended_view + )); + $this->__json['items'] = array(); + + if (empty($event)) { + return $this->__json; + } else { + $event = $event[0]; + } + + $lookupAttribute = array(); + foreach ($event['Attribute'] as $k => $attribute) { + $lookupAttribute[$attribute['id']] = &$event['Attribute'][$k]; + } + + // regroup sightings per attribute + $regroupedSightings = array(); + foreach ($event['Sighting'] as $k => $sighting) { + $event['Sighting'][$k]['date_sighting'] *= 1000; // adapt to use micro + $regroupedSightings[$sighting['attribute_id']][] = &$event['Sighting'][$k]; + } + // make sure sightings are ordered + uksort($regroupedSightings, function ($a, $b) { + return $a['date_sighting'] > $b['date_sighting']; + }); + // generate extrapolation + $now = time()*1000; + foreach ($regroupedSightings as $attributeId => $sightings) { + $i = 0; + while ($i < count($sightings)) { + $sighting = $sightings[$i]; + $attribute = $lookupAttribute[$attributeId]; + $fpSightingIndex = $this->getNextFalsePositiveSightingIndex($sightings, $i+1); + if ($fpSightingIndex === false) { // No next FP, extrapolate to now + $this->__json['items'][] = array( + 'attribute_id' => $attributeId, + 'id' => sprintf('%s-%s', $attributeId, $sighting['id']), + 'uuid' => $sighting['uuid'], + 'content' => $attribute['value'], + 'event_id' => $attribute['event_id'], + 'group' => 'sighting_positive', + 'timestamp' => $attribute['timestamp'], + 'first_seen' => $sighting['date_sighting'], + 'last_seen' => $now, + ); + break; + } else { + // set up until last positive + $pSightingIndex = $fpSightingIndex - 1; + $halfTime = 0; + if ($pSightingIndex == $i) { + // we have only one positive sighting, thus the UP time should be take from a pooling frequence + // for now, consider it UP only for half the time until the next FP + $halfTime = ($sightings[$i+1]['date_sighting'] - $sighting['date_sighting'])/2; + } + $pSighting = $sightings[$pSightingIndex]; + $this->__json['items'][] = array( + 'attribute_id' => $attributeId, + 'id' => sprintf('%s-%s', $attributeId, $sighting['id']), + 'uuid' => $sighting['uuid'], + 'content' => $attribute['value'], + 'event_id' => $attribute['event_id'], + 'group' => 'sighting_positive', + 'timestamp' => $attribute['timestamp'], + 'first_seen' => $sighting['date_sighting'], + 'last_seen' => $pSighting['date_sighting'] + $halfTime, + ); + // No next FP, extrapolate to now + $fpSighting = $sightings[$fpSightingIndex]; + $secondNextPSightingIndex = $this->getNextPositiveSightingIndex($sightings, $fpSightingIndex+1); + if ($secondNextPSightingIndex === false) { // No next P, extrapolate to now + $this->__json['items'][] = array( + 'attribute_id' => $attributeId, + 'id' => sprintf('%s-%s', $attributeId, $sighting['id']), + 'uuid' => $sighting['uuid'], + 'content' => $attribute['value'], + 'event_id' => $attribute['event_id'], + 'group' => 'sighting_negative', + 'timestamp' => $attribute['timestamp'], + 'first_seen' => $pSighting['date_sighting'] - $halfTime, + 'last_seen' => $now, + ); + break; + } else { + if ($halfTime > 0) { // We need to fake a previous P + $pSightingIndex = $pSightingIndex+1; + $pSighting = $sightings[$pSightingIndex]; + } + // set down until next postive + $secondNextPSighting = $sightings[$secondNextPSightingIndex]; + $this->__json['items'][] = array( + 'attribute_id' => $attributeId, + 'id' => sprintf('%s-%s', $attributeId, $sighting['id']), + 'uuid' => $pSighting['uuid'], + 'content' => $attribute['value'], + 'event_id' => $attribute['event_id'], + 'group' => 'sighting_negative', + 'timestamp' => $attribute['timestamp'], + 'first_seen' => $pSighting['date_sighting'] - $halfTime, + 'last_seen' => $secondNextPSighting['date_sighting'], + ); + $i = $secondNextPSightingIndex; + } + } + } + } + return $this->__json; + } + + private function getNextFalsePositiveSightingIndex($sightings, $startIndex) + { + for ($i=$startIndex; $i < count($sightings) ; $i++) { + $sighting = $sightings[$i]; + if ($sighting['type'] == 1) { // is false positive + return $i; + } + } + return false; + } + private function getNextPositiveSightingIndex($sightings, $startIndex) + { + for ($i=$startIndex; $i < count($sightings) ; $i++) { + $sighting = $sightings[$i]; + if ($sighting['type'] == 0) { // is false positive + return $i; + } + } + return false; + } } diff --git a/app/Lib/Tools/JSONConverterTool.php b/app/Lib/Tools/JSONConverterTool.php index 430626389..d88a365bc 100644 --- a/app/Lib/Tools/JSONConverterTool.php +++ b/app/Lib/Tools/JSONConverterTool.php @@ -45,10 +45,12 @@ class JSONConverterTool unset($event['Event']['SharingGroup']); } if ($object == 'Galaxy') { - foreach ($event['Event']['Galaxy'] as $k => $galaxy) { - foreach ($galaxy['GalaxyCluster'] as $k2 => $cluster) { - if (empty($cluster['meta'])) { - $event['Event']['Galaxy'][$k]['GalaxyCluster'][$k2]['meta'] = new stdclass(); + if (!empty($event['Event']['Galaxy'])) { + foreach ($event['Event']['Galaxy'] as $k => $galaxy) { + foreach ($galaxy['GalaxyCluster'] as $k2 => $cluster) { + if (empty($cluster['meta'])) { + $event['Event']['Galaxy'][$k]['GalaxyCluster'][$k2]['meta'] = new stdclass(); + } } } } diff --git a/app/Lib/Tools/MalwareTool.php b/app/Lib/Tools/MalwareTool.php new file mode 100644 index 000000000..5ed2a3e3b --- /dev/null +++ b/app/Lib/Tools/MalwareTool.php @@ -0,0 +1,227 @@ +encryptByExtension($originalFilename, $content, $md5); + } else { + return $this->encryptByCommand($originalFilename, $content, $md5); + } + } + + /** + * @param string $originalFilename + * @param string $content + * @param string $md5 + * @return string Content of zipped file + * @throws Exception + */ + private function encryptByCommand($originalFilename, $content, $md5) + { + $tempDir = $this->tempDir(); + + $contentsFile = new File($tempDir . DS . $md5, true); + if (!$contentsFile->write($content)) { + throw new Exception("Could not write content to file '{$contentsFile->path}'."); + } + $contentsFile->close(); + + $fileNameFile = new File($tempDir . DS . $md5 . '.filename.txt', true); + if (!$fileNameFile->write($originalFilename)) { + throw new Exception("Could not write original file name to file '{$fileNameFile->path}'."); + } + $fileNameFile->close(); + + $zipFile = new File($tempDir . DS . $md5 . '.zip'); + + $exec = [ + 'zip', + '-j', // junk (don't record) directory names + '-P', // use standard encryption + self::ZIP_PASSWORD, + escapeshellarg($zipFile->path), + escapeshellarg($contentsFile->path), + escapeshellarg($fileNameFile->path), + ]; + + try { + $this->execute($exec); + $zipContent = $zipFile->read(); + if ($zipContent === false) { + throw new Exception("Could not read content of newly created ZIP file."); + } + + return $zipContent; + + } catch (Exception $e) { + throw new Exception("Could not create encrypted ZIP file '{$zipFile->path}'.", 0, $e); + + } finally { + $fileNameFile->delete(); + $contentsFile->delete(); + $zipFile->delete(); + } + } + + /** + * @param string $originalFilename + * @param string $content + * @param string $md5 + * @return string Content of zipped file + * @throws Exception + */ + private function encryptByExtension($originalFilename, $content, $md5) + { + $zipFilePath = $this->tempFileName(); + + $zip = new ZipArchive(); + $result = $zip->open($zipFilePath, ZipArchive::CREATE); + if ($result === true) { + $zip->setPassword(self::ZIP_PASSWORD); + + $zip->addFromString($md5, $content); + $zip->setEncryptionName($md5, ZipArchive::EM_AES_128); + + $zip->addFromString("$md5.filename.txt", $originalFilename); + $zip->setEncryptionName("$md5.filename.txt", ZipArchive::EM_AES_128); + + $zip->close(); + } else { + throw new Exception("Could not create encrypted ZIP file '$zipFilePath'. Error code: $result"); + } + + $zipFile = new File($zipFilePath); + $zipContent = $zipFile->read(); + if ($zipContent === false) { + throw new Exception("Could not read content of newly created ZIP file."); + } + $zipFile->delete(); + + return $zipContent; + } + + /** + * @param string $content + * @param array $hashTypes + * @return array + * @throws InvalidArgumentException + */ + public function computeHashes($content, array $hashTypes = array()) + { + $validHashes = array('md5', 'sha1', 'sha256'); + $hashes = []; + foreach ($hashTypes as $hashType) { + if (!in_array($hashType, $validHashes)) { + throw new InvalidArgumentException("Hash type '$hashType' is not valid hash type."); + } + $hashes[$hashType] = hash($hashType, $content); + } + return $hashes; + } + + /** + * @param string $pythonBin + * @param string $filePath + * @return array + * @throws Exception + */ + public function advancedExtraction($pythonBin, $filePath) + { + return $this->executeAndParseJsonOutput([ + $pythonBin, + self::ADVANCED_EXTRACTION_SCRIPT_PATH, + '-p', + escapeshellarg($filePath), + ]); + } + + /** + * @param string $pythonBin + * @return array + * @throws Exception + */ + public function checkAdvancedExtractionStatus($pythonBin) + { + return $this->executeAndParseJsonOutput([$pythonBin, self::ADVANCED_EXTRACTION_SCRIPT_PATH, '-c']); + } + + private function tempFileName() + { + $randomName = (new RandomTool())->random_str(false, 12); + return $this->tempDir() . DS . $randomName; + } + + /** + * @return string + */ + private function tempDir() + { + return Configure::read('MISP.tmpdir') ?: sys_get_temp_dir(); + } + + /** + * @param array $command + * @return array + * @throws Exception + */ + private function executeAndParseJsonOutput(array $command) + { + $output = $this->execute($command); + + $json = json_decode($output, true); + if ($json === null) { + throw new Exception("Command output is not valid JSON: " . json_last_error_msg()); + } + return $json; + } + + /** + * This method is much more complicated than just `exec`, but it also provide stderr output, so Exceptions + * can be much more specific. + * + * @param array $command + * @return string + * @throws Exception + */ + private function execute(array $command) + { + $descriptorspec = [ + 1 => ["pipe", "w"], // stdout + 2 => ["pipe", "w"], // stderr + ]; + + $command = implode(' ', $command); + $process = proc_open($command, $descriptorspec, $pipes); + if (!$process) { + throw new Exception("Command '$command' could be started."); + } + + $stdout = stream_get_contents($pipes[1]); + if ($stdout === false) { + throw new Exception("Could not get STDOUT of command."); + } + fclose($pipes[1]); + + $stderr = stream_get_contents($pipes[2]); + fclose($pipes[2]); + + $returnCode = proc_close($process); + if ($returnCode !== 0) { + throw new Exception("Command '$command' return error code $returnCode. STDERR: '$stderr', STDOUT: '$stdout'"); + } + + return $stdout; + } +} diff --git a/app/Lib/Tools/PubSubTool.php b/app/Lib/Tools/PubSubTool.php index 7c57343ff..4cd27a534 100644 --- a/app/Lib/Tools/PubSubTool.php +++ b/app/Lib/Tools/PubSubTool.php @@ -1,66 +1,53 @@ 'localhost', - 'redis_port' => '6379', - 'redis_password' => '', - 'redis_database' => '1', - 'redis_namespace' => 'mispq', - 'port' => '50000', - ); + /** + * @var Redis + */ + private $redis; - foreach ($settings as $key => $setting) { - $temp = Configure::read('Plugin.ZeroMQ_' . $key); - if ($temp) { - $settings[$key] = $temp; - } - } - $settingsFile = new File(APP . 'files' . DS . 'scripts' . DS . 'mispzmq' . DS . 'settings.json', true, 0644); - $settingsFile->write(json_encode($settings, true)); - $settingsFile->close(); - return $settings; - } + /** + * @var array + */ + private $settings; public function initTool() { - if (!$this->__redis) { - $settings = $this->__setupPubServer(); - $redis = new Redis(); - $redis->connect($settings['redis_host'], $settings['redis_port']); - $redis_pwd = $settings['redis_password']; - if (!empty($redis_pwd)) { - $redis->auth($redis_pwd); - } - $redis->select($settings['redis_database']); - $this->__redis = $redis; - $this->__settings = $settings; - } else { - $settings = $this->__settings; + if (!$this->redis) { + $settings = $this->getSetSettings(); + $this->setupPubServer($settings); + $this->redis = $this->createRedisConnection($settings); + $this->settings = $settings; } - return $settings; } - // read the pid file, if it exists, check if the process is actually running - // if either the pid file doesn't exists or the process is not running return false - // otherwise return the pid - public function checkIfRunning() + /** + * Read the pid file, if it exists, check if the process is actually running + * if either the pid file doesn't exists or the process is not running return false + * otherwise return the pid. + * + * @param string|null $pidFilePath + * @return bool|int False when process is not running, PID otherwise. + * @throws Exception + */ + public function checkIfRunning($pidFilePath = null) { - $pidFile = new File(APP . 'files' . DS . 'scripts' . DS . 'mispzmq' . DS . 'mispzmq.pid'); - $pid = $pidFile->read(true, 'r'); + $pidFile = new File($pidFilePath ?: self::SCRIPTS_TMP . 'mispzmq.pid'); + if (!$pidFile->exists()) { + return false; + } + $pid = $pidFile->read(); if ($pid === false || $pid === '') { return false; } if (!is_numeric($pid)) { throw new Exception('Internal error (invalid PID file for the MISP zmq script)'); } - $result = trim(shell_exec('ps aux | awk \'{print $2}\' | grep "^' . $pid . '$"')); - if (empty($result)) { + $result = file_exists("/proc/$pid"); + if ($result === false) { return false; } return $pid; @@ -68,18 +55,14 @@ class PubSubTool public function statusCheck() { - $redis = new Redis(); - $settings = $this->__getSetSettings(); - $redis->connect($settings['redis_host'], $settings['redis_port']); - $redis_pwd = $settings['redis_password']; - if (!empty($redis_pwd)) { - $redis->auth($redis_pwd); - } - $redis->select($settings['redis_database']); + $settings = $this->getSetSettings(); + $redis = $this->createRedisConnection($settings); $redis->rPush($settings['redis_namespace'] . ':command', 'status'); - sleep(1); - $response = trim($redis->lPop($settings['redis_namespace'] . ':status')); - return json_decode($response, true); + $response = $redis->blPop($settings['redis_namespace'] . ':status', 5); + if ($response === null) { + throw new Exception("No response from status command returned after 5 seconds."); + } + return json_decode(trim($response[1]), true); } public function checkIfPythonLibInstalled() @@ -92,23 +75,12 @@ class PubSubTool return false; } - private function __setupPubServer() - { - App::uses('File', 'Utility'); - $my_server = ClassRegistry::init('Server'); - $settings = $this->__getSetSettings(); - if ($this->checkIfRunning() === false) { - shell_exec($my_server->getPythonVersion() . ' ' . APP . 'files' . DS . 'scripts' . DS . 'mispzmq' . DS . 'mispzmq.py > ' . APP . 'tmp' . DS . 'logs' . DS . 'mispzmq.log 2> ' . APP . 'tmp' . DS . 'logs' . DS . 'mispzmq.error.log &'); - } - return $settings; - } - public function publishEvent($event) { App::uses('JSONConverterTool', 'Tools'); $jsonTool = new JSONConverterTool(); $json = $jsonTool->convert($event); - return $this->__pushToRedis(':data:misp_json', $json); + return $this->pushToRedis(':data:misp_json', $json); } public function event_save($event, $action) @@ -116,7 +88,7 @@ class PubSubTool if (!empty($action)) { $event['action'] = $action; } - return $this->__pushToRedis(':data:misp_json_event', json_encode($event, JSON_PRETTY_PRINT)); + return $this->pushToRedis(':data:misp_json_event', json_encode($event, JSON_PRETTY_PRINT)); } public function object_save($object, $action) @@ -124,7 +96,7 @@ class PubSubTool if (!empty($action)) { $object['action'] = $action; } - return $this->__pushToRedis(':data:misp_json_object', json_encode($object, JSON_PRETTY_PRINT)); + return $this->pushToRedis(':data:misp_json_object', json_encode($object, JSON_PRETTY_PRINT)); } public function object_reference_save($object_reference, $action) @@ -132,18 +104,12 @@ class PubSubTool if (!empty($action)) { $object_reference['action'] = $action; } - return $this->__pushToRedis(':data:misp_json_object_reference', json_encode($object_reference, JSON_PRETTY_PRINT)); + return $this->pushToRedis(':data:misp_json_object_reference', json_encode($object_reference, JSON_PRETTY_PRINT)); } public function publishConversation($message) { - return $this->__pushToRedis(':data:misp_json_conversation', json_encode($message, JSON_PRETTY_PRINT)); - } - - private function __pushToRedis($ns, $data) - { - $this->__redis->rPush($this->__settings['redis_namespace'] . $ns, $data); - return true; + return $this->pushToRedis(':data:misp_json_conversation', json_encode($message, JSON_PRETTY_PRINT)); } public function attribute_save($attribute, $action = false) @@ -151,7 +117,7 @@ class PubSubTool if (!empty($action)) { $attribute['action'] = $action; } - return $this->__pushToRedis(':data:misp_json_attribute', json_encode($attribute, JSON_PRETTY_PRINT)); + return $this->pushToRedis(':data:misp_json_attribute', json_encode($attribute, JSON_PRETTY_PRINT)); } public function tag_save($tag, $action = false) @@ -159,7 +125,7 @@ class PubSubTool if (!empty($action)) { $tag['action'] = $action; } - return $this->__pushToRedis(':data:misp_json_tag', json_encode($tag, JSON_PRETTY_PRINT)); + return $this->pushToRedis(':data:misp_json_tag', json_encode($tag, JSON_PRETTY_PRINT)); } public function sighting_save($sighting, $action = false) @@ -167,7 +133,7 @@ class PubSubTool if (!empty($action)) { $sighting['action'] = $action; } - return $this->__pushToRedis(':data:misp_json_sighting', json_encode($sighting, JSON_PRETTY_PRINT)); + return $this->pushToRedis(':data:misp_json_sighting', json_encode($sighting, JSON_PRETTY_PRINT)); } public function modified($data, $type, $action = false) @@ -175,7 +141,7 @@ class PubSubTool if (!empty($action)) { $data['action'] = $action; } - return $this->__pushToRedis(':data:misp_json_' . $type, json_encode($data, JSON_PRETTY_PRINT)); + return $this->pushToRedis(':data:misp_json_' . $type, json_encode($data, JSON_PRETTY_PRINT)); } public function publish($data, $type, $action = false) @@ -183,48 +149,39 @@ class PubSubTool if (!empty($action)) { $data['action'] = $action; } - return $this->__pushToRedis(':data:misp_json_' . $type, json_encode($data, JSON_PRETTY_PRINT)); + return $this->pushToRedis(':data:misp_json_' . $type, json_encode($data, JSON_PRETTY_PRINT)); } - public function killService($settings = false) + public function killService() { - $redis = new Redis(); if ($this->checkIfRunning()) { - if ($settings == false) { - $settings = $this->__getSetSettings(); - } - $redis->connect($settings['redis_host'], $settings['redis_port']); - $redis_pwd = $settings['redis_password']; - if (!empty($redis_pwd)) { - $redis->auth($redis_pwd); - } - $redis->select($settings['redis_database']); + $settings = $this->getSetSettings(); + $redis = $this->createRedisConnection($settings); $redis->rPush($settings['redis_namespace'] . ':command', 'kill'); sleep(1); if ($this->checkIfRunning()) { + // Still running. return false; } } return true; } - // reload the server if it is running, if not, start it + /** + * Reload the server if it is running, if not, start it. + * + * @return bool|string + * @throws Exception + */ public function reloadServer() { - if (!$this->checkIfRunning()) { - $settings = $this->__setupPubServer(); - } else { - $settings = $this->__getSetSettings(); - $redis = new Redis(); - $redis->connect($settings['redis_host'], $settings['redis_port']); - $redis_pwd = $settings['redis_password']; - if (!empty($redis_pwd)) { - $redis->auth($redis_pwd); - } - $redis->select($settings['redis_database']); + $settings = $this->getSetSettings(); + $this->saveSettingToFile($settings); + + if ($this->checkIfRunning()) { + $redis = $this->createRedisConnection($settings); $redis->rPush($settings['redis_namespace'] . ':command', 'reload'); - } - if (!$this->checkIfRunning()) { + } else { return 'Setting saved, but something is wrong with the ZeroMQ server. Please check the diagnostics page for more information.'; } return true; @@ -237,10 +194,96 @@ class PubSubTool return 'Could not kill the previous instance of the ZeroMQ script.'; } } - $this->__setupPubServer(); - if (!is_numeric($this->checkIfRunning())) { + $settings = $this->getSetSettings(); + $this->setupPubServer($settings); + if ($this->checkIfRunning() === false) { return 'Failed starting the ZeroMQ script.'; } return true; } + + /** + * @param array $settings + * @throws Exception + */ + private function setupPubServer(array $settings) + { + if ($this->checkIfRunning() === false) { + if ($this->checkIfRunning(self::OLD_PID_LOCATION)) { + // Old version is running, kill it and start again new one. + $redis = $this->createRedisConnection($settings); + $redis->rPush($settings['redis_namespace'] . ':command', 'kill'); + sleep(1); + } + + $this->saveSettingToFile($settings); + $server = ClassRegistry::init('Server'); + shell_exec($server->getPythonVersion() . ' ' . APP . 'files' . DS . 'scripts' . DS . 'mispzmq' . DS . 'mispzmq.py >> ' . APP . 'tmp' . DS . 'logs' . DS . 'mispzmq.log 2>> ' . APP . 'tmp' . DS . 'logs' . DS . 'mispzmq.error.log &'); + } + } + + private function pushToRedis($ns, $data) + { + $this->redis->rPush($this->settings['redis_namespace'] . $ns, $data); + return true; + } + + /** + * @param array $settings + * @return Redis + */ + private function createRedisConnection(array $settings) + { + $redis = new Redis(); + $redis->connect($settings['redis_host'], $settings['redis_port']); + $redisPassword = $settings['redis_password']; + if (!empty($redisPassword)) { + $redis->auth($redisPassword); + } + $redis->select($settings['redis_database']); + return $redis; + } + + /** + * @param array $settings + * @throws Exception + */ + private function saveSettingToFile(array $settings) + { + $settingFilePath = self::SCRIPTS_TMP . 'mispzmq_settings.json'; + $settingsFile = new File($settingFilePath, true, 0644); + if (!$settingsFile->exists()) { + throw new Exception("Could not create zmq config file '$settingFilePath'."); + } + // Because setting file contains secrets, it should be readable just by owner. But because in Travis test, + // config file is created under one user and then changed under other user, file must be readable and writable + // also by group. + chmod($settingsFile->pwd(), 0660); + if (!$settingsFile->write(json_encode($settings))) { + throw new Exception("Could not write zmq config file '$settingFilePath'."); + } + $settingsFile->close(); + } + + private function getSetSettings() + { + $settings = array( + 'redis_host' => 'localhost', + 'redis_port' => '6379', + 'redis_password' => '', + 'redis_database' => '1', + 'redis_namespace' => 'mispq', + 'port' => '50000', + 'username' => null, + 'password' => null, + ); + + foreach ($settings as $key => $setting) { + $temp = Configure::read('Plugin.ZeroMQ_' . $key); + if ($temp) { + $settings[$key] = $temp; + } + } + return $settings; + } } diff --git a/app/Locale/zh-s/LC_MESSAGES/default.po b/app/Locale/zh-s/LC_MESSAGES/default.po index 2a68a88b6..df0ca13cd 100644 --- a/app/Locale/zh-s/LC_MESSAGES/default.po +++ b/app/Locale/zh-s/LC_MESSAGES/default.po @@ -1,7 +1,7 @@ msgid "" msgstr "" "Project-Id-Version: misp\n" -"PO-Revision-Date: 2020-04-24 01:14\n" +"PO-Revision-Date: 2020-05-03 22:36\n" "Last-Translator: NAME \n" "Language-Team: Chinese Simplified\n" "MIME-Version: 1.0\n" @@ -23,61 +23,61 @@ msgstr "无法更新数据库:" #: Console/Command/AdminShell.php:87 msgid "Worker restarted." -msgstr "Worker重新启动" +msgstr "重新启动Worker" #: Console/Command/AdminShell.php:89 msgid "Could not restart the worker. Reason: %s" -msgstr "无法重新启动worker。原因:%s" +msgstr "无法重新启动worker. 原因:%s" #: Console/Command/AdminShell.php:111 msgid "Worker killed." -msgstr "Worker被杀。" +msgstr "Worker已被杀死." #: Console/Command/AdminShell.php:128 msgid "Worker started." -msgstr "Worker已启动。" +msgstr "Worker已启动." #: Console/Command/AdminShell.php:141 msgid "%s updated." -msgstr "%s已更新。" +msgstr "%s已更新." #: Console/Command/AdminShell.php:146 msgid "Could not update %s." -msgstr "无法更新%s。" +msgstr "无法更新%s." #: Console/Command/AdminShell.php:466 msgid "Update the JSON definitions of MISP." -msgstr "更新MISP JSON定义。" +msgstr "更新MISP JSON定义." #: Console/Command/AdminShell.php:469 msgid "Update the submodules before ingestion." -msgstr "在获取前先更新子模块。" +msgstr "在提取前先更新子模块." #: Console/Command/AdminShell.php:499 msgid "Last DB num which was successfully executed: " -msgstr "最后一个成功执行的 DB 数字: " +msgstr "最后一个成功执行的 DB 数字: " #: Console/Command/AdminShell.php:508 msgid "Something went wrong. Could not find the existing db version" -msgstr "出现了错误。找不到现有的 db 版本" +msgstr "出现了错误. 找不到现有的 db 版本" #: Console/Command/AdminShell.php:511 msgid "DB was never successfully updated or we are on a fresh install" -msgstr "数据库从未更新成功,或者我们正在安装一个新的更新" +msgstr "DB从未成功更新, 或者我们正在重新安装" #: Console/Command/AdminShell.php:528 msgid "MISP mass sync authkey reset command line tool.\n\n" "Usage: %sConsole/cake resetSyncAuthkeys [user_id]" -msgstr "" +msgstr "MISP批量同步authkey重置命令行工具" #: Console/Command/AdminShell.php:536 #: Controller/UsersController.php:1234 msgid "Invalid user." -msgstr "无效用户" +msgstr "无效用户." #: Console/Command/AdminShell.php:539 msgid "User has to be a site admin." -msgstr "用户必须是站点管理员。" +msgstr "用户必须是站点管理员." #: Console/Command/AdminShell.php:563 msgid "\n" @@ -86,15 +86,15 @@ msgstr "" #: Console/Command/AdminShell.php:565 msgid "%s events purged.\n" -msgstr "" +msgstr "%s 清理事件" #: Console/Command/AdminShell.php:587 msgid "> Database schema dumped on disk" -msgstr "" +msgstr "> 数据库模式转存到磁盘上" #: Console/Command/AdminShell.php:589 msgid "Something went wrong. Could not find the existing db version or fetch the current database schema." -msgstr "" +msgstr "出了点问题. 无法找到现有的数据库版本, 也无法获取当前的数据库模式." #: Console/Command/EventShell.php:15 #: Controller/AttributesController.php:118;122;126 @@ -103,7 +103,7 @@ msgstr "" #: Controller/PostsController.php:56 #: Model/Galaxy.php:293 msgid "Invalid event" -msgstr "无效的事件" +msgstr "无效事件" #: Console/Command/PasswordShell.php:46 msgid "override password change" @@ -112,7 +112,7 @@ msgstr "覆盖密码修改" #: Console/Command/ServerShell.php:83 #: Controller/ServersController.php:674 msgid "Pull completed. %s events pulled, %s events could not be pulled, %s proposals pulled, %s sightings pulled." -msgstr "" +msgstr "拉取完成. %s 的事件被拉取, %s 的事件无法被拉取, %s 的提案被拉取, %s 的观察被拉取." #: Console/Command/ServerShell.php:85 msgid "ERROR: %s" @@ -128,7 +128,7 @@ msgstr "交互模式" #: Controller/AppController.php:377 msgid "Warning: MISP is currently disabled for all users. Enable it in Server Settings (Administration -> Server Settings -> MISP tab -> live). An update might also be in progress, you can see the progress in " -msgstr "" +msgstr "警告:目前MISP目前对所有用户禁用. 可以在服务器设置中启用它 (管理->服务器设置->MISP选项卡->实时). 更新也可能正在进行中, 您可以看到" #: Controller/AppController.php:377 #: View/Elements/genericElements/SideMenu/side_menu.ctp:761 @@ -137,51 +137,51 @@ msgstr "更新进度" #: Controller/AppController.php:384 msgid "Something went wrong. Your user account that you are authenticated with doesn't exist anymore." -msgstr "错误。通过身份验证的用户帐户不存在。" +msgstr "出了点问题. 通过身份验证的用户帐户不存在." #: Controller/AppController.php:502 msgid "WARNING: This functionality is deprecated and will be removed in the near future. " -msgstr "" +msgstr "警告:此功能已被弃用, 不久后将被删除. " #: Controller/AppController.php:710 #: Controller/AttributesController.php:1876;1985;2089 #: Controller/EventsController.php:3260 msgid "This authentication key is not authorized to be used for exports. Contact your administrator." -msgstr "此身份验证密钥无权用于导出。请联系你的管理员。" +msgstr "此身份验证密钥无权用于导出. 请与您的管理员联系." #: Controller/AppController.php:719 #: Controller/AttributesController.php:2093 #: Controller/EventsController.php:3264 msgid "You have to be logged in to do that." -msgstr "干嘛呢?伙计,你要先登陆后才可以开干。" +msgstr "您必须先登录才能执行此操作." #: Controller/AppController.php:735 #: Controller/Component/IndexFilterComponent.php:23 msgid "Either specify the search terms in the url, or POST a json with the filter parameters." -msgstr "在URL中搜索指定项,或使用过滤器参数POST json。" +msgstr "在url中指定搜索条件, 或者POST一个带有过滤器参数的json." #: Controller/AppController.php:873 msgid "All done. attribute_count generated from scratch for " -msgstr "全部完成。attribute_count 从零开始生成" +msgstr "全部完成. attribute_count从零开始生成 " #: Controller/AppController.php:996 #: Controller/AttributesController.php:2147 #: Controller/ShadowAttributesController.php:1267 msgid "Job queued. You can view the progress if you navigate to the active jobs view (administration -> jobs)." -msgstr "作业已排队。如果导航至活动作业视图(管理->作业),可以查看进度。" +msgstr "作业已排队. 您可以导航至活动作业视图(管理->作业)查看进度." #: Controller/AppController.php:1178 msgid "RestSearch is not implemented (yet) for this scope." -msgstr "" +msgstr "还没有为此范围实现RestSearch." #: Controller/AttributesController.php:109;1339 #: Controller/EventGraphController.php:19;77 msgid "No event ID set." -msgstr "未设置事件ID。" +msgstr "未设置事件ID." #: Controller/AttributesController.php:112 msgid "You do not have permissions to create attributes" -msgstr "你没有权限创建属性." +msgstr "您没有创建属性的权限" #: Controller/AttributesController.php:132;422;602;832;3127;3142 #: Controller/EventGraphController.php:88 @@ -189,7 +189,7 @@ msgstr "你没有权限创建属性." #: Controller/ObjectsController.php:837 #: Model/Attribute.php:4304;4308 msgid "You do not have permission to do that." -msgstr "你无权这样做。" +msgstr "您无权执行此操作." #: Controller/AttributesController.php:345;800;805;824;1032;1121;2163;2177;2210;2232;2800;2811;2817;2886;3024;3036;3040 #: Controller/ObjectsController.php:641 @@ -202,48 +202,48 @@ msgstr "无效属性" #: Controller/AttributesController.php:355 #: Controller/ShadowAttributesController.php:483 msgid "You do not have the permission to view this event." -msgstr "你无权浏览此事件" +msgstr "您无权浏览此事件." #: Controller/AttributesController.php:402 msgid "Attribute not an attachment or malware-sample" -msgstr "属性不是附件或恶意软件样本" +msgstr "属性不是附件或恶意样本" #: Controller/AttributesController.php:419;586;892;1348 #: Controller/EventsController.php:4414;4428;5201;5215 msgid "Invalid Event." -msgstr "无效事件。" +msgstr "无效事件." #: Controller/AttributesController.php:437;613 #: Controller/DecayingModelController.php:56 #: Controller/ShadowAttributesController.php:530 msgid "PHP says file was not uploaded. Are you attacking me?" -msgstr "PHP说文件没被上传。你要攻击我吗?" +msgstr "PHP说文件没被上传. 您要攻击我吗?" #: Controller/AttributesController.php:616 #: Controller/ShadowAttributesController.php:533;543 msgid "There was a problem to upload the file." -msgstr "上传文件出错。" +msgstr "上传文件出错." #: Controller/AttributesController.php:760 msgid "The ThreatConnect data has been imported." -msgstr "已导入ThreatConnect数据。" +msgstr "已导入ThreatConnect数据." #: Controller/AttributesController.php:763 msgid "%s entries imported." -msgstr "%s 条目已导入。" +msgstr "%s 条目已导入." #: Controller/AttributesController.php:767 msgid "%s entries could not be imported." -msgstr "%s 条目不能被导入。" +msgstr "%s 条目无法导入." #: Controller/AttributesController.php:876 msgid "Attribute could not be saved: Attribute in the request not newer than the local copy." -msgstr "无法保存属性:请求中的属性不比本地副本新。" +msgstr "无法保存属性:请求中的属性不比本地副本新." #: Controller/AttributesController.php:880;882 #: Controller/ShadowAttributesController.php:817 msgid "Invalid attribute." -msgstr "无效属性。" +msgstr "无效属性." #: Controller/AttributesController.php:909 msgid "The attribute has been saved" @@ -251,30 +251,30 @@ msgstr "属性已被保存" #: Controller/AttributesController.php:944 msgid "The attribute could not be saved. Please, try again." -msgstr "无法保存该属性。请再试一次。" +msgstr "无法保存该属性, 请重试. " #: Controller/AttributesController.php:1036 #: Controller/ObjectsController.php:515 msgid "Invalid event id." -msgstr "无效事件id。" +msgstr "无效事件id." #: Controller/AttributesController.php:1072 #: Controller/EventsController.php:2451 #: Controller/ShadowAttributesController.php:717 msgid "Invalid input." -msgstr "无效输入。" +msgstr "无效输入." #: Controller/AttributesController.php:1077 msgid "Invalid field." -msgstr "无效字段。" +msgstr "无效字段." #: Controller/AttributesController.php:1125;1161 msgid "Invalid attribute id." -msgstr "无效属性id。" +msgstr "无效属性id." #: Controller/AttributesController.php:1242;1319 msgid "This function is only accessible via POST requests." -msgstr "此功能只能通过POST请求访问。" +msgstr "此功能只能通过POST请求访问." #: Controller/AttributesController.php:1249;1259 msgid "Attribute deleted" @@ -295,19 +295,19 @@ msgstr "无法还原属性" #: Controller/AttributesController.php:1374 msgid "No matching attributes found." -msgstr "找不到匹配的属性。" +msgstr "找不到匹配的属性." #: Controller/AttributesController.php:1408 msgid "This method can only be accessed via AJAX." -msgstr "此方法只能通过AJAX访问。" +msgstr "此方法只能通过AJAX访问." #: Controller/AttributesController.php:1418 msgid "You are not authorized to edit this event." -msgstr "你无权编辑此事件。" +msgstr "您无权编辑此事件." #: Controller/AttributesController.php:1516 msgid "No event ID provided." -msgstr "未提供事件id。" +msgstr "未提供事件id." #: Controller/AttributesController.php:1561 #: Controller/GalaxiesController.php:243 @@ -316,23 +316,23 @@ msgstr "别名:" #: Controller/AttributesController.php:1871;1978 msgid "You are not authorized. Please send the Authorization header with your auth key along with an Accept header for application/xml." -msgstr "您没有被授权。请使用您的身份验证密钥以及application/xml 的Accept标头发送Authorization标头。" +msgstr "您没有被授权. 请使用您的身份验证密钥以及application/xml 的Accept标头发送Authorization标头." #: Controller/AttributesController.php:1884 msgid "Either specify the search terms in the url, or POST a json array / xml (with the root element being \"request\" and specify the correct accept and content type headers)." -msgstr "在URL中指定搜索项,或者POST一个json数组/xml(根元素为“request”并指定正确的accept和content类型头)。" +msgstr "在URL中指定搜索项, 或者POST一个json数组/xml (根元素为“request”并指定正确的accept和content类型头)." #: Controller/AttributesController.php:1904 msgid "You don't have access to that event." -msgstr "你无权访问该事件。" +msgstr "您无权访问该事件." #: Controller/AttributesController.php:1967 msgid "No matches." -msgstr "没有匹配。" +msgstr "没有匹配." #: Controller/AttributesController.php:1989;1998 msgid "Invalid attribute or no authorisation to view it." -msgstr "无效属性或者无权查看。" +msgstr "无效属性或者无权查看." #: Controller/AttributesController.php:2124 #: Controller/ShadowAttributesController.php:1245 @@ -342,15 +342,15 @@ msgstr "全部完成!" #: Controller/AttributesController.php:2156;2203 #: Controller/ShadowAttributesController.php:1053 msgid "Invalid field requested." -msgstr "请求的字段无效。" +msgstr "请求的字段无效." #: Controller/AttributesController.php:2159;2206 msgid "This function can only be accessed via AJAX." -msgstr "此功能只能通过AJAX访问。" +msgstr "此功能只能通过AJAX访问." #: Controller/AttributesController.php:2241 msgid "You do not have permission to do that" -msgstr "您无权执行此操作。" +msgstr "您无权执行此操作" #: Controller/AttributesController.php:2271;2279 #: Controller/EventsController.php:3643;3796;4999 @@ -359,38 +359,38 @@ msgstr "未找到事件或您没有创建属性的权限" #: Controller/AttributesController.php:2300 msgid "This action can only be accessed via AJAX." -msgstr "此动作只能通过AJAX访问。" +msgstr "此动作只能通过AJAX访问." #: Controller/AttributesController.php:2309;2560;2574;2585 #: Controller/OrganisationsController.php:432 #: Controller/ServersController.php:661;739 msgid "You are not authorised to do that." -msgstr "您无权执行此操作。" +msgstr "您无权执行此操作." #: Controller/AttributesController.php:2414 #: Controller/EventsController.php:4207 msgid "This functionality requires API key access." -msgstr "此功能需要API密钥访问权限。" +msgstr "此功能需要API密钥访问权限." #: Controller/AttributesController.php:2422 msgid "This action is for the API only. Please refer to the automation page for information on how to use it." -msgstr "此操作仅适用于API。 有关如何使用它的信息,请参阅自动化页面。" +msgstr "此操作仅适用于API. 有关如何使用它的信息, 请参阅自动化页面." #: Controller/AttributesController.php:2434 msgid "No hash or event ID received. You need to set at least one of the two." -msgstr "未收到任何哈希或事件ID。你需要至少设置其中一个。" +msgstr "未收到任何hash或事件ID. 您需要至少设置其中一个." #: Controller/AttributesController.php:2595 msgid "Invalid script." -msgstr "无效脚本。" +msgstr "无效脚本." #: Controller/AttributesController.php:2662 msgid "No valid enrichment options found for this attribute." -msgstr "找不到此属性的有效富集选项。" +msgstr "找不到此属性的有效丰富化选项." #: Controller/AttributesController.php:2760 msgid "Invalid type requested." -msgstr "无效请求类型。" +msgstr "无效请求类型." #: Controller/AttributesController.php:2823;3030 #: Controller/TagCollectionsController.php:254 @@ -400,209 +400,209 @@ msgstr "无效标签" #: Controller/AttributesController.php:3120 #: Controller/EventsController.php:5197 msgid "Disabling the correlation is not permitted on this instance." -msgstr "此实例不允许禁用关联。" +msgstr "此实例不允许禁用关联." #: Controller/AttributesController.php:3124;3139 #: Controller/ShadowAttributesController.php:662 msgid "Invalid Attribute." -msgstr "无效属性。" +msgstr "无效属性." #: Controller/CommunitiesController.php:150 msgid "Request sent." -msgstr "请求已发送" +msgstr "请求已发送." #: Controller/CommunitiesController.php:150 msgid "Something went wrong and the request could not be sent." -msgstr "出错了,请求无法发送。" +msgstr "出了点问题, 无法发送请求." #: Controller/CommunitiesController.php:166 msgid "The message could not be sent (either because e-mailing is disabled or because encryption is misconfigured), however, you can view the e-mail that would have been sent below. Feel free to send it manually." -msgstr "" +msgstr "无法发送该消息(由于禁用了电子邮件或加密配置不正确), 但是, 您可以在下面查看将要发送的电子邮件. 随时通过手动发送." #: Controller/DecayingModelController.php:20 msgid "Default decaying models updated" -msgstr "" +msgstr "默认衰减模型已更新" #: Controller/DecayingModelController.php:28 msgid "This method is not allowed" -msgstr "" +msgstr "此方法不被允许" #: Controller/DecayingModelController.php:36;105;207;243;264;276;354;387;399;409;430;442;452;544 #: Controller/DecayingModelMappingController.php:25 #: Model/DecayingModel.php:483;619 #: Model/DecayingModelMapping.php:30;59 msgid "No Decaying Model with the provided ID exists" -msgstr "" +msgstr "没有提供ID的衰变模型" #: Controller/DecayingModelController.php:47 msgid "Only one import field can be used" -msgstr "" +msgstr "只有一个导入字段可以使用" #: Controller/DecayingModelController.php:65 msgid "Error while decoding JSON" -msgstr "" +msgstr "解码JSON时出错" #: Controller/DecayingModelController.php:90 msgid "The model has been imported." -msgstr "" +msgstr "该模型已被导入." #: Controller/DecayingModelController.php:92 msgid "The model has been imported. However importing mapping failed." -msgstr "" +msgstr "该模型已经导入了. 但是导入映射失败." #: Controller/DecayingModelController.php:95 msgid "Error while importing model." -msgstr "" +msgstr "导入模型时出错" #: Controller/DecayingModelController.php:186 msgid "The model must have a name" -msgstr "" +msgstr "该模型必须有一个名称" #: Controller/DecayingModelController.php:198;269 msgid "The model has been saved." -msgstr "" +msgstr "该模型已保存." #: Controller/DecayingModelController.php:201 msgid "The model has been saved. However importing mapping failed." -msgstr "" +msgstr "该模型已保存. 但是导入映射失败." #: Controller/DecayingModelController.php:220;224;281 msgid "The model could not be saved. Please try again." -msgstr "" +msgstr "该模型无法保存, 请重试." #: Controller/DecayingModelController.php:308 msgid "Invalid JSON `Settings`." -msgstr "" +msgstr "无效JSON设置" #: Controller/DecayingModelController.php:314 msgid "Invalid parameter `lifetime`." -msgstr "" +msgstr "无效参数 `lifetime`." #: Controller/DecayingModelController.php:318 msgid "Invalid parameter `decay_speed`." -msgstr "" +msgstr "无效参数 `decay_speed`." #: Controller/DecayingModelController.php:322 msgid "Invalid parameter `threshold`." -msgstr "" +msgstr "无效参数 `threshold`." #: Controller/DecayingModelController.php:326 msgid "Invalid parameter `default_base_score`." -msgstr "" +msgstr "无效参数 `default_base_score`." #: Controller/DecayingModelController.php:333 msgid "Invalid parameter `base_score_config`." -msgstr "" +msgstr "无效参数 `base_score_config`." #: Controller/DecayingModelController.php:342 msgid "Missing JSON key `parameters`." -msgstr "" +msgstr "缺少JSON键 `parameters`." #: Controller/DecayingModelController.php:360 msgid "You are not authorised to delete this model." -msgstr "" +msgstr "您无权删除此模型." #: Controller/DecayingModelController.php:368 msgid "Decaying Model deleted." -msgstr "" +msgstr "衰减模型已删除." #: Controller/DecayingModelController.php:371 msgid "The Decaying Model could not be deleted." -msgstr "" +msgstr "该衰减模型无法删除." #: Controller/DecayingModelController.php:391 msgid "You are not authorised to enable this model." -msgstr "" +msgstr "您无权启用此模型." #: Controller/DecayingModelController.php:404 msgid "Decaying Model enabled." -msgstr "" +msgstr "衰减模型已启用." #: Controller/DecayingModelController.php:414;417;457 msgid "Error while enabling decaying model" -msgstr "" +msgstr "启用衰减模型时出错" #: Controller/DecayingModelController.php:434 msgid "You are not authorised to disable this model." -msgstr "" +msgstr "您无权禁用此模型" #: Controller/DecayingModelController.php:447 msgid "Decaying Model disabled." -msgstr "" +msgstr "衰减模型已禁用" #: Controller/DecayingModelController.php:460 msgid "Error while disabling decaying model" -msgstr "" +msgstr "禁用衰减模型时出错" #: Controller/DecayingModelController.php:478 #: View/DecayingModel/add.ctp:37 msgid "Lifetime" -msgstr "" +msgstr "生存周期" #: Controller/DecayingModelController.php:479 #: View/DecayingModel/add.ctp:37 msgid "Lifetime of the attribute, or time after which the score will be 0" -msgstr "" +msgstr "属性的生存周期, 或分数将为0的时间" #: Controller/DecayingModelController.php:486 #: View/DecayingModel/add.ctp:46 msgid "Decay speed" -msgstr "" +msgstr "衰减速率" #: Controller/DecayingModelController.php:487 #: View/DecayingModel/add.ctp:46 msgid "Decay speed at which an indicator will loose score" -msgstr "" +msgstr "衰减速度, 指标将失去得分的速度" #: Controller/DecayingModelController.php:494 #: View/DecayingModel/add.ctp:56 msgid "Cutoff threshold" -msgstr "" +msgstr "临界值" #: Controller/DecayingModelController.php:495 #: View/DecayingModel/add.ctp:56 msgid "Cutoff value at which an indicator will be marked as decayed instead of 0" -msgstr "" +msgstr "指标将被标记为衰减的临界值, 而不是0" #: Controller/DecayingModelController.php:563 msgid "Error Processing Request, can't parse the body" -msgstr "" +msgstr "错误处理请求, 无法解析正文" #: Controller/DecayingModelController.php:712 msgid "This method is only accessible via AJAX." -msgstr "" +msgstr "该方法只能通过AJAX访问." #: Controller/EventBlacklistsController.php:15 msgid "Event Blacklisting is not currently enabled on this instance." -msgstr "此实例当前未启用事件黑名单。" +msgstr "此实例当前未启用事件黑名单." #: Controller/EventBlacklistsController.php:76;98 msgid "Invalid event IDs." -msgstr "无效事件ID。" +msgstr "无效事件ID." #: Controller/EventBlacklistsController.php:87 msgid "Failed to delete Event from EventBlacklist. Error: " -msgstr "从 EvenBlackList 删除事件失败。错误:" +msgstr "从 EvenBlackList 删除事件失败. 错误:" #: Controller/EventsController.php:879 msgid "No x509 certificate or GnuPG key set in your profile. To receive emails, submit your public certificate or GnuPG key in your profile." -msgstr "您的个人资料中没有设置x509证书或GnuPG密钥。要接收电子邮件,请在个人资料中提交公共证书或GnuPG密钥。" +msgstr "您的个人资料中没有设置x509证书或GnuPG密钥. 要接收电子邮件, 请在个人资料中提交公共证书或GnuPG密钥." #: Controller/EventsController.php:881 msgid "No GnuPG key set in your profile. To receive emails, submit your public key in your profile." -msgstr "您的个人资料中没有设置GnuPG密钥。要接收电子邮件,请在您的个人资料中提交您的公钥。" +msgstr "您的个人资料中没有设置GnuPG密钥.要接收电子邮件, 请在您的个人资料中提交您的公钥." #: Controller/EventsController.php:887 msgid "No x509 certificate or GnuPG key set in your profile. To receive attributes in emails, submit your public certificate or GnuPG key in your profile." -msgstr "您的个人资料中没有设置x509证书或GnuPG密钥。要在电子邮件中接收属性,请在个人资料中提交公共证书或GnuPG密钥。" +msgstr "您的个人资料中没有设置x509证书或GnuPG密钥.要在电子邮件中接收属性, 请在个人资料中提交公共证书或GnuPG密钥." #: Controller/EventsController.php:889 msgid "No GnuPG key set in your profile. To receive attributes in emails, submit your public key in your profile." -msgstr "您的个人资料中没有设置GnuPG密钥。要在电子邮件中接收属性,请在个人资料中提交您的公钥。" +msgstr "您的个人资料中没有设置GnuPG密钥.要在电子邮件中接收属性, 请在个人资料中提交您的公钥." #: Controller/EventsController.php:1716 msgid "You are currently logged in as a site administrator and about to edit an event not belonging to your organisation. This goes against the sharing model of MISP. Use a normal user account for day to day work." -msgstr "" +msgstr "您目前以站点管理员的身份登录, 即将编辑一个不属于您的组织的事件. 这违背了MISP的共享模式, 请使用普通用户账号进行日常工作." #: Controller/EventsController.php:1927 msgid "You don't have permissions to create events" @@ -610,19 +610,19 @@ msgstr "您没有权限创建事件" #: Controller/EventsController.php:1933 msgid "No valid event data received." -msgstr "未收到有效的事件数据。" +msgstr "未收到有效的事件数据." #: Controller/EventsController.php:1969 msgid "Invalid Sharing Group or not authorised (Sync user is not contained in the Sharing group)." -msgstr "无效的共享组或未授权(同步用户未包含在共享组中)。" +msgstr "无效的共享组或未授权(同步用户未包含在共享组中)." #: Controller/EventsController.php:1973;1977 msgid "Invalid Sharing Group or not authorised." -msgstr "无效的共享组或未授权。" +msgstr "无效的共享组或未授权." #: Controller/EventsController.php:2001 msgid "Event blocked by local blacklist." -msgstr "事件被本地黑名单阻止。" +msgstr "事件被本地黑名单阻止." #: Controller/EventsController.php:2014;2101;2377 msgid "The event has been saved" @@ -630,63 +630,63 @@ msgstr "事件已保存" #: Controller/EventsController.php:2022 msgid "Event already exists, if you would like to edit it, use the url in the location header." -msgstr "事件已存在,如果要对其进行编辑,请使用位置标头中的url。" +msgstr "事件已存在, 如果要对其进行编辑, 请使用位置标头中的url." #: Controller/EventsController.php:2028 msgid "A blacklist entry is blocking you from creating any events. Please contact the administration team of this instance" -msgstr "黑名单条目阻止您创建任何事件。请联系此实例的管理团队" +msgstr "黑名单条目阻止您创建任何事件, 请联系此实例的管理团队" #: Controller/EventsController.php:2030;2380 msgid "The event could not be saved. Please, try again." -msgstr "该事件无法保存。请再试一次。" +msgstr "该事件无法保存, 请重试." #: Controller/EventsController.php:2079 msgid "The event created will be visible to the organisations having an account on this platform, but not synchronised to other MISP instances until it is published." -msgstr "创建的事件对于在此平台上拥有帐户的组织是可见的,但在发布之前不会与其他MISP实例同步。" +msgstr "创建的事件对于在此平台上拥有帐户的组织是可见的, 但在发布之前不会与其他MISP实例同步." #: Controller/EventsController.php:2127 msgid "You may only upload MISP XML or MISP JSON files." -msgstr "您只能上传MISP XML或MISP JSON文件。" +msgstr "您只能上传MISP XML或MISP JSON文件." #: Controller/EventsController.php:2128 msgid "File upload failed or file does not have the expected extension (.xml / .json)." -msgstr "文件上载失败或文件没有预期的扩展名(.xml / .json)。" +msgstr "文件上载失败或文件没有预期的扩展名 (.xml / .json)." #: Controller/EventsController.php:2189 msgid "STIX document imported, event's created: " -msgstr "STIX文档已导入,事件已创建:" +msgstr "STIX文档已导入, 事件已创建:" #: Controller/EventsController.php:2192 msgid "STIX document imported." -msgstr "STIX文档已导入。" +msgstr "STIX文档已导入." #: Controller/EventsController.php:2195 msgid "Could not import STIX document: " -msgstr "无法导入STIX文档:" +msgstr "无法导入STIX文档: " #: Controller/EventsController.php:2202 msgid "File upload failed. Make sure that you select a stix file to be uploaded and that the file doesn't exceed the maximum file size of " -msgstr "文件上传失败。确保选择要上载的stix文件,并且文件大小不超过" +msgstr "文件上传失败. 确保您要上传的是stix文件, 并且文件大小不能超过最大文件大小" #: Controller/EventsController.php:2226;2311 msgid "You are not authorised to do that. Please consider using the 'propose attribute' feature." -msgstr "无权执行此操作。请考虑使用“建议属性”功能。" +msgstr "无权执行此操作. 请考虑使用“建议属性”功能." #: Controller/EventsController.php:2234 msgid "Invalid event ID entered." -msgstr "输入的事件ID无效。" +msgstr "输入的事件ID无效." #: Controller/EventsController.php:2239 msgid "You are not authorised to read the selected event." -msgstr "无权阅读所选事件。" +msgstr "无权阅读所选事件." #: Controller/EventsController.php:2536;2640;2711 msgid "You don't have the permission to do that." -msgstr "您无权执行此操作。" +msgstr "您无权执行此操作." #: Controller/EventsController.php:2545 msgid "Event unpublished." -msgstr "事件未发布。" +msgstr "事件未发布." #: Controller/EventsController.php:2652;2722 msgid "Could not publish event - no tag for required taxonomies missing: %s" @@ -694,19 +694,19 @@ msgstr "无法发布事件 - 缺少所需分类标签:%s" #: Controller/EventsController.php:2804 msgid "You must specify a message." -msgstr "" +msgstr "您必须指定信息" #: Controller/EventsController.php:2823 msgid "Email sent to the reporter." -msgstr "邮件发送给reporter。" +msgstr "邮件发送给reporter." #: Controller/EventsController.php:2832 msgid "Sending of email failed." -msgstr "" +msgstr "发送邮件失败" #: Controller/EventsController.php:2883 msgid "Warning, you are logged in as a site admin, any export that you generate will contain the FULL UNRESTRICTED data-set. If you would like to generate an export for your own organisation, please log in with a different user." -msgstr "警告,您作为网站管理员登录,您生成的任何导出将包含 FULL UNRESTERUS 数据集。如果您想要生成一个导出到您自己的组织,请使用不同的用户登录。" +msgstr "警告, 您以站点管理员的身份登录, 您生成的任何导出都将包含完整的不受限制的数据集. 如果您想为自己的组织生成一个导出, 请用不同的用户登录. " #: Controller/EventsController.php:2971 msgid "This feature is currently disabled" @@ -714,15 +714,15 @@ msgstr "当前功能已禁用" #: Controller/EventsController.php:3097 msgid "Filename not allowed." -msgstr "文件名称不被允许。" +msgstr "文件名称不被允许." #: Controller/EventsController.php:3117 msgid "Problem with writing the IoC file. Please report to site admin." -msgstr "" +msgstr "编写IoC文件有问题. 请向站点管理员报告." #: Controller/EventsController.php:3211 msgid "This is not a valid MISP XML file." -msgstr "这不是一个有效的MISP XML文件。" +msgstr "这不是一个有效的MISP XML文件." #: Controller/EventsController.php:3253 msgid "Not yet implemented" @@ -730,44 +730,44 @@ msgstr "尚未实现" #: Controller/EventsController.php:3271;3275 msgid "Invalid event or not authorised." -msgstr "无效事件或未授权。" +msgstr "无效事件或未授权." #: Controller/EventsController.php:3467 #: Controller/TagCollectionsController.php:317 msgid "Invalid Tag." -msgstr "无效标签。" +msgstr "无效标签." #: Controller/EventsController.php:3483 #: Controller/TagCollectionsController.php:333 msgid "Tag is already attached to this event." -msgstr "标签已附加至此事件。" +msgstr "标签已附加至此事件." #: Controller/EventsController.php:3497 msgid "Tag is not allowed due to taxonomy exclusivity settings" -msgstr "" +msgstr "由于分类法的排他性设置, 不允许使用标签." #: Controller/EventsController.php:3528;3534 #: Controller/TagCollectionsController.php:340 msgid "Tag(s) added." -msgstr "标签已添加。" +msgstr "标签已添加." #: Controller/EventsController.php:3530 msgid "Tag could not be added." -msgstr "标签无法添加。" +msgstr "标签无法添加." #: Controller/EventsController.php:3536 #: Controller/TagCollectionsController.php:348 msgid "All tags are already present, nothing to add." -msgstr "所有标签已经存在,无须添加。" +msgstr "所有标签已经存在, 无须添加." #: Controller/EventsController.php:3800;5003;5025;5532;5536 #: Controller/ObjectsController.php:46;190;194;833;1245 msgid "Invalid event." -msgstr "无效事件。" +msgstr "无效事件." #: Controller/EventsController.php:3855;3885;3901 msgid "You do not have the permission to do that." -msgstr "你无权执行此操作。" +msgstr "您无权执行此操作." #: Controller/EventsController.php:3966;4106 msgid "Invalid ID" @@ -775,87 +775,87 @@ msgstr "无效ID" #: Controller/EventsController.php:3970;4110;4685 msgid "Event not found or you are not authorised to view it." -msgstr "事件未找到或您无权查看。" +msgstr "事件未找到或您无权查看." #: Controller/EventsController.php:4116 msgid "Freetext Import" -msgstr "" +msgstr "Freetext导入" #: Controller/EventsController.php:4122 msgid "Populate using a Template" -msgstr "" +msgstr "使用模板进行填充" #: Controller/EventsController.php:4128 msgid "OpenIOC Import" -msgstr "" +msgstr "OpenIOC导入" #: Controller/EventsController.php:4133 msgid "ThreatConnect Import" -msgstr "" +msgstr "ThreatConnect导入" #: Controller/EventsController.php:4138 msgid "(Experimental) Forensic analysis - Mactime" -msgstr "" +msgstr "(实验性) 取证分析 - Mactime" #: Controller/EventsController.php:4157 msgid "MISP standard (recommended exchange format - lossless)" -msgstr "" +msgstr "MISP标准(推荐的交换格式-无损)" #: Controller/EventsController.php:4163 msgid "STIX 1.1.1 format (lossy)" -msgstr "" +msgstr "STIX 1.1.1 格式(无损)" #: Controller/EventsController.php:4168 msgid "STIX 2.0 format (lossy)" -msgstr "" +msgstr "STIX 2.0 格式(无损)" #: Controller/EventsController.php:4210;4217 msgid "Please POST the samples as described on the automation page." -msgstr "请按照自动化页面的说明POST样本。" +msgstr "请按照自动化页面上的描述POST样本." #: Controller/EventsController.php:4246 msgid "No samples received, or samples not in the correct format. Please refer to the API documentation on the automation page." -msgstr "未收到样本,或样本格式不正确。请参阅自动化页面上的API文档。" +msgstr "未收到样本, 或样本格式不正确. 请参阅自动化页面上的API文档." #: Controller/EventsController.php:4254 msgid "Event not found" -msgstr "找不到事件。" +msgstr "找不到事件." #: Controller/EventsController.php:4277 msgid "Event not found." -msgstr "找不到事件。" +msgstr "找不到事件." #: Controller/EventsController.php:4287 msgid "Distribution level 5 is not supported when uploading a sample without passing an event ID. Distribution level 5 is meant to take on the distribution level of an existing event." -msgstr "在未传递事件ID的情况下上载样本时,不支持分发级别5。分发级别5旨在呈现现有事件的分布级别。" +msgstr "在未传递事件ID的情况下上载样本时, 不支持分发级别5. 分发级别5旨在呈现现有事件的分布级别." #: Controller/EventsController.php:4312 msgid "The creation of a new event with the supplied information has failed." -msgstr "使用提供的信息创建新事件失败。" +msgstr "使用提供的信息创建新事件失败." #: Controller/EventsController.php:4451;4472;4531;4556;4581;4611;4632 msgid "Invalid type." -msgstr "无效类型。" +msgstr "无效类型." #: Controller/EventsController.php:4750 msgid "Invalid method." -msgstr "无效方法。" +msgstr "无效方法." #: Controller/EventsController.php:4832 msgid "%s services are not enabled." -msgstr "%s 服务未启用。" +msgstr "%s 服务未启用." #: Controller/EventsController.php:4836 msgid "Attribute not found or you are not authorised to see it." -msgstr "属性未找到或您无权查看。" +msgstr "属性未找到或您无权查看." #: Controller/EventsController.php:4841 msgid "No valid %s options found for this attribute." -msgstr "找不到此属性的有效%s选项。" +msgstr "找不到此属性的有效%s选项." #: Controller/EventsController.php:4896;4942 msgid "%s service not reachable." -msgstr "%s服务无法访问。" +msgstr "%s服务无法访问." #: Controller/EventsController.php:4908 msgid ": Enriched via the " @@ -873,12 +873,12 @@ msgstr "导入服务无法访问" #: Controller/PostsController.php:60;84 #: Controller/TaxonomiesController.php:111;142;174;256;294;324;354;384;393;402 msgid "You don't have permission to do that." -msgstr "无权执行此操作。" +msgstr "您无权执行此操作." #: Controller/EventsController.php:5345 #: Controller/WarninglistsController.php:229 msgid "Invalid ID." -msgstr "无效ID。" +msgstr "无效ID." #: Controller/EventsController.php:5393 #: Controller/ShadowAttributesController.php:295;300;516 @@ -887,139 +887,139 @@ msgstr "无效事件" #: Controller/EventsController.php:5414 msgid "Enrichment task queued for background processing. Check back later to see the results." -msgstr "已将任务追加至队列进行后台处理。请稍后再检查结果。" +msgstr "丰富化任务排队进行后台处理. 请稍后再检查结果." #: Controller/EventsController.php:5665 msgid "%s event(s) deleted." -msgstr "%s 事件已删除。" +msgstr "%s 事件已删除." #: Controller/FeedsController.php:28 msgid "You don't have the required privileges to do that." -msgstr "你没有执行此操作的权限。" +msgstr "您没有执行此操作的权限." #: Controller/FeedsController.php:241;340 msgid "Feed added." -msgstr "Feed已添加。" +msgstr "订阅源已添加." #: Controller/FeedsController.php:249 msgid "Feed could not be added. Invalid field: %s" -msgstr "Feed无法添加。无效条目:%s" +msgstr "订阅源无法添加.无效条目:%s" #: Controller/FeedsController.php:274;375;397;526;567;778 msgid "Invalid feed." -msgstr "无效feed。" +msgstr "无效订阅源." #: Controller/FeedsController.php:348 msgid "Feed could not be updated. Invalid fields: %s" -msgstr "Feed无法更新。无效条目:%s" +msgstr "订阅源无法更新.无效条目:%s" #: Controller/FeedsController.php:371 #: Controller/OrganisationsController.php:237 #: Controller/SharingGroupsController.php:237 #: Controller/UsersController.php:1015 msgid "Action not allowed, post or delete request expected." -msgstr "" +msgstr "操作不被允许, 期望发布或删除请求." #: Controller/FeedsController.php:404;530 msgid "Feed is currently not enabled. Make sure you enable it." -msgstr "Feed目前尚未生效。请激活。" +msgstr "订阅源目前未启用. 请确认您已启用它." #: Controller/FeedsController.php:417;483 msgid "Starting fetch from Feed." -msgstr "开始下载Feed。" +msgstr "开始下载订阅源." #: Controller/FeedsController.php:428 msgid "Pull queued for background execution." -msgstr "从队列中导入并执行后台操作。" +msgstr "从队列中导入并执行后台操作." #: Controller/FeedsController.php:433;435 msgid "Fetching the feed has failed." -msgstr "获取更新失败。" +msgstr "获取更新失败." #: Controller/FeedsController.php:439;500 msgid "Fetching the feed has successfully completed." -msgstr "Feed获取完成。" +msgstr "订阅源获取完成." #: Controller/FeedsController.php:512 msgid "No feed enabled." -msgstr "" +msgstr "没有已启用的订阅源" #: Controller/FeedsController.php:536;555 #: Controller/ServersController.php:116;161 msgid "Download failed." -msgstr "下载失败。" +msgstr "下载失败." #: Controller/FeedsController.php:543 msgid "Event added." -msgstr "事件已添加。" +msgstr "事件已添加." #: Controller/FeedsController.php:546 msgid "Event already up to date." -msgstr "该事件已是最新。" +msgstr "该事件已是最新." #: Controller/FeedsController.php:548 msgid "Event updated." -msgstr "事件已更新。" +msgstr "事件已更新." #: Controller/FeedsController.php:552 msgid "Could not %s event." -msgstr "无法%s事件。" +msgstr "无法%s事件." #: Controller/FeedsController.php:649 msgid "Feed could not be fetched. The HTTP error code returned was: " -msgstr "无法获取Feed。返回HTTP错误代码为: " +msgstr "无法获取订阅源. 返回HTTP错误代码为: " #: Controller/FeedsController.php:688;739 msgid "Invalid feed type." -msgstr "无效feed类型。" +msgstr "无效订阅源类型." #: Controller/FeedsController.php:784;816 msgid "Could not download the selected Event" -msgstr "无法下载选定事件。" +msgstr "无法下载选定事件." #: Controller/FeedsController.php:814 msgid "This event is blocked by the Feed filters." -msgstr "此事件被Feed筛选器阻止。" +msgstr "此事件被订阅源筛选器阻止." #: Controller/FeedsController.php:852;856 msgid "Invalid Feed." -msgstr "无效Feed。" +msgstr "无效订阅源." #: Controller/FeedsController.php:877 msgid "Only POST requests are allowed." -msgstr "只允许POST请求。" +msgstr "只允许POST请求." #: Controller/FeedsController.php:881 msgid "Feed not found." -msgstr "无法找到Feed。" +msgstr "无法找到订阅源." #: Controller/FeedsController.php:890 msgid "Data pulled." -msgstr "数据已导入。" +msgstr "数据已导入." #: Controller/FeedsController.php:892 msgid "Could not pull the selected data. Reason: %s" -msgstr "无法提取所选数据。原因:%s" +msgstr "无法提取所选数据.原因:%s" #: Controller/FeedsController.php:909 msgid "Starting feed caching." -msgstr "启动feed缓存。" +msgstr "启动订阅源缓存." #: Controller/FeedsController.php:924 msgid "Caching the feeds has failed." -msgstr "缓存feed失败。" +msgstr "缓存订阅源失败." #: Controller/FeedsController.php:927 msgid "Caching the feeds has successfully completed." -msgstr "缓存feed成功。" +msgstr "缓存订阅源成功." #: Controller/FeedsController.php:961 msgid "Invalid feed list received." -msgstr "接收无效feed列表。" +msgstr "接收无效订阅源列表." #: Controller/GalaxiesController.php:124 msgid "All clusters" -msgstr "所有集群" +msgstr "所有星团" #: Controller/GalaxiesController.php:174 msgid "All namespaces" @@ -1027,43 +1027,43 @@ msgstr "所有命名空间" #: Controller/GalaxiesController.php:304 msgid "Failed to parse request or no clusters picked." -msgstr "" +msgstr "解析请求失败或没有选择星团." #: Controller/GalaxiesController.php:307 msgid "Failed to parse request." -msgstr "解析请求失败。" +msgstr "解析请求失败." #: Controller/JobsController.php:156 msgid "All completed jobs have been purged" -msgstr "所有已完成的工作已被清除。" +msgstr "所有已完成的作业已被清除." #: Controller/JobsController.php:159 msgid "All jobs have been purged" -msgstr "所有工作已被清除" +msgstr "所有作业已被清除" #: Controller/NewsController.php:51 msgid "News item added." -msgstr "新项目添加。" +msgstr "新项目已添加." #: Controller/NewsController.php:54 msgid "The news item could not be added." -msgstr "新项目无法添加。" +msgstr "新项目无法添加." #: Controller/NewsController.php:68 msgid "News item updated." -msgstr "新项目更新。" +msgstr "新项目已更新." #: Controller/NewsController.php:71 msgid "Could not update news item." -msgstr "无法更新新项目。" +msgstr "无法更新新项目." #: Controller/NewsController.php:89 msgid "News item deleted." -msgstr "新项目被删除。" +msgstr "新项目已删除." #: Controller/NewsController.php:92 msgid "News item could not be deleted." -msgstr "新项目无法删除。" +msgstr "新项目无法删除." #: Controller/ObjectReferencesController.php:37 #: Controller/ObjectsController.php:511;607;650;671;686;757;768;786 @@ -1084,11 +1084,11 @@ msgstr "无效对象模板" #: Controller/ObjectTemplatesController.php:103 msgid "Invalid object template id." -msgstr "无效对象模板id。" +msgstr "无效对象模板id." #: Controller/ObjectTemplatesController.php:143 msgid "ObjectTemplate deleted" -msgstr "对象模板已被删除。" +msgstr "对象模板已删除." #: Controller/ObjectsController.php:29 msgid "This action can only be reached via POST requests" @@ -1096,93 +1096,93 @@ msgstr "此操作只能通过POST请求实现" #: Controller/ObjectsController.php:69;82;1272 msgid "Invalid sharing group." -msgstr "无效共享组。" +msgstr "无效共享组." #: Controller/ObjectsController.php:153 msgid "You don't have permissions to create objects." -msgstr "你无权创建对象。" +msgstr "您无权创建对象." #: Controller/ObjectsController.php:181;1257;1309 #: Model/Template.php:25 msgid "Invalid template." -msgstr "无效模板。" +msgstr "无效模板." #: Controller/ObjectsController.php:295;424;430 msgid "Object could not be saved." -msgstr "" +msgstr "对象无法保存." #: Controller/ObjectsController.php:373;1006 #: Model/Event.php:6171 msgid "Invalid object." -msgstr "无效对象。" +msgstr "无效对象." #: Controller/ObjectsController.php:377 msgid "Insufficient permissions to edit this object." -msgstr "" +msgstr "没有足够的权限来编辑这个对象." #: Controller/ObjectsController.php:449 msgid "Object attributes saved." -msgstr "" +msgstr "对象属性已保存" #: Controller/ObjectsController.php:518 msgid "This function can only be accessed via POST or PUT" -msgstr "" +msgstr "该功能只能通过POST或PUT访问." #: Controller/ObjectsController.php:711 msgid "Invalid template" -msgstr "" +msgstr "无效模板" #: Controller/ObjectsController.php:789 msgid "Invalid fields" -msgstr "" +msgstr "无效字段" #: Controller/ObjectsController.php:796 msgid "Invalid field" -msgstr "" +msgstr "无效字段" #: Controller/ObjectsController.php:822 msgid "You don't have permissions to delete objects." -msgstr "你无权删除对象。" +msgstr "您无权删除对象." #: Controller/ObjectsController.php:926;933;937 msgid "Object not found or not authorised." -msgstr "对象未找到或未授权。" +msgstr "对象未找到或未授权." #: Controller/ObjectsController.php:1203 msgid "%s objects successfully reconstructed." -msgstr "%s对象成功重构。" +msgstr "%s对象成功重构." #: Controller/ObjectsController.php:1213;1249 msgid "This action can only be reached via AJAX." -msgstr "此动作只能通过AJAX访问。" +msgstr "此动作只能通过AJAX访问." #: Controller/ObjectsController.php:1290 msgid "Failed to create an Object from Attributes. Error: " -msgstr "无法从属性创建对象。错误: " +msgstr "无法从属性创建对象. 错误: " #: Controller/ObjectsController.php:1301 msgid "No Attribute selected." -msgstr "没有选择属性。" +msgstr "没有选择属性." #: Controller/OrgBlacklistsController.php:15 msgid "Organisation Blacklisting is not currently enabled on this instance." -msgstr "此实例当前未启用组织黑名单。" +msgstr "此实例当前未启用组织黑名单." #: Controller/OrganisationsController.php:28 msgid "This feature is disabled on this instance for normal users." -msgstr "此功能在此示例中已经对普通用户禁用。" +msgstr "此功能在此示例中已经对普通用户禁用." #: Controller/OrganisationsController.php:133 msgid "The organisation has been successfully added." -msgstr "组织已添加成功。" +msgstr "组织已添加成功." #: Controller/OrganisationsController.php:140 msgid "The organisation could not be added." -msgstr "组织无法添加。" +msgstr "组织无法添加." #: Controller/OrganisationsController.php:156;289;295 msgid "Invalid organisation." -msgstr "无效的组织。" +msgstr "无效组织." #: Controller/OrganisationsController.php:162;242;248;301;328;361 msgid "Invalid organisation" @@ -1190,23 +1190,23 @@ msgstr "无效组织" #: Controller/OrganisationsController.php:201 msgid "Organisation updated." -msgstr "组织已更新。" +msgstr "组织已更新." #: Controller/OrganisationsController.php:216 msgid "The organisation could not be updated." -msgstr "该组织无法更新。" +msgstr "该组织无法更新." #: Controller/OrganisationsController.php:265 msgid "Organisation deleted" -msgstr "组织已删除。" +msgstr "组织已删除." #: Controller/OrganisationsController.php:272 msgid "Organisation could not be deleted. Generally organisations should never be deleted, instead consider moving them to the known remote organisations list. Alternatively, if you are certain that you would like to remove an organisation and are aware of the impact, make sure that there are no users or events still tied to this organisation before deleting it." -msgstr "无法删除该组织。通常来说不应该删除组织,而是考虑将它们移动至已知的远程组织列表。另外,如果您确定要删除组织并了解其影响,请确保在删除组织之前没有任何用户或事件仍与该组织相关联。" +msgstr "无法删除该组织. 通常来说不应该删除组织, 而是考虑将它们移动至已知的远程组织列表. 另外, 如果您确定要删除组织并了解其影响, 请确保在删除组织之前没有任何用户或事件仍与该组织相关联." #: Controller/OrganisationsController.php:366 msgid "No landing page has been created for this organisation." -msgstr "没有为此组织创建登录页面。" +msgstr "没有为此组织创建登录页面." #: Controller/OrganisationsController.php:415 msgid "This action is restricted to sync users" @@ -1214,11 +1214,11 @@ msgstr "此操作仅限于同步用户" #: Controller/OrganisationsController.php:437 msgid "The organisation has been successfully merged." -msgstr "组织已成功合并。" +msgstr "组织已成功合并." #: Controller/OrganisationsController.php:440 msgid "There was an error while merging the organisations. To find out more about what went wrong, refer to the audit logs. If you would like to revert the changes, you can find a .sql file" -msgstr "合并组织时出错。要了解有关出错的更多信息,请参阅审核日志。如果要撤销修改,可以查找.sql文件。" +msgstr "合并组织时出错.要了解有关出错的更多信息, 请参阅审核日志. 如果要撤销修改, 可以查找.sql文件." #: Controller/PostsController.php:54 msgid "Discussion about Event #" @@ -1226,11 +1226,11 @@ msgstr "关于事件的讨论 #" #: Controller/PostsController.php:80 msgid "Invalid thread" -msgstr "无效线程" +msgstr "无效话题" #: Controller/PostsController.php:115 msgid "Cannot post an empty message." -msgstr "无法发布空消息。" +msgstr "无法发布空消息." #: Controller/PostsController.php:176 msgid "Post added" @@ -1246,7 +1246,7 @@ msgstr "无效Post" #: Controller/PostsController.php:211 msgid "This is not your event." -msgstr "这不是你的事件。" +msgstr "这不是您的事件." #: Controller/PostsController.php:219 msgid "Post edited" @@ -1254,15 +1254,15 @@ msgstr "Post已编辑" #: Controller/PostsController.php:240 msgid "The post could not be edited. Please, try again." -msgstr "该帖子无法编辑。请再试一次。" +msgstr "该帖子无法编辑, 请重试." #: Controller/PostsController.php:261 msgid "This post doesn't belong to you, so you cannot delete it." -msgstr "此帖子不属于您,因此您无法删除它。" +msgstr "此帖子不属于您, 因此您无法删除它." #: Controller/PostsController.php:274 msgid "Post and thread deleted" -msgstr "发布并删除线程" +msgstr "已删除的帖子和话题" #: Controller/PostsController.php:283 msgid "Post deleted" @@ -1270,23 +1270,23 @@ msgstr "Post已删除" #: Controller/RegexpController.php:27 msgid "The Regexp has been saved." -msgstr "正则表达式已保存。" +msgstr "正则表达式已保存." #: Controller/RegexpController.php:31 msgid "The Regexp could not be saved. Please, try again." -msgstr "正则表达式无法保存。请再试一次。" +msgstr "正则表达式无法保存, 请重试." #: Controller/RegexpController.php:45;116 msgid "The Regular expressions have been saved." -msgstr "正则表达式已保存。" +msgstr "正则表达式已保存." #: Controller/RegexpController.php:48;123 msgid "Could not create the Regex entry as no types were selected. Either check \"All\" or check the types that you wish the Regex to affect." -msgstr "由于未选择任何类型,因此无法创建正则表达式条目。选中“全部”或检查您希望Regex影响的类型。" +msgstr "由于未选择任何类型, 因此无法创建正则表达式条目. 选中“全部”或检查您希望Regex影响的类型." #: Controller/RegexpController.php:211 msgid "All done! Number of changed attributes: " -msgstr "全部完成!改变的属性数目: " +msgstr "全部完成!改变的属性数目: " #: Controller/RegexpController.php:231 msgid "All done! Found and cleaned " @@ -1294,11 +1294,11 @@ msgstr "全部完成!找到并清理完成 " #: Controller/RestClientHistoryController.php:63 msgid "Invalid entry." -msgstr "无效输入。" +msgstr "无效输入." #: Controller/RestClientHistoryController.php:66 msgid "Entry removed." -msgstr "条目已删除。" +msgstr "条目已删除." #: Controller/RolesController.php:33 msgid "Invalid role" @@ -1310,7 +1310,7 @@ msgstr "角色已保存" #: Controller/RolesController.php:67;108 msgid "The Role could not be saved. Please, try again." -msgstr "角色无法保存。请再试一次。" +msgstr "角色无法保存, 请重试." #: Controller/RolesController.php:85;151 msgid "Invalid Role" @@ -1326,27 +1326,27 @@ msgstr "角色无法删除" #: Controller/RolesController.php:200 msgid "Default role set." -msgstr "默认角色设置。" +msgstr "默认角色设置." #: Controller/RolesController.php:200 msgid "Default role unset." -msgstr "默认角色未设置。" +msgstr "默认角色未设置." #: Controller/ServersController.php:237;436 msgid "The pull filter rules must be in valid JSON format." -msgstr "拉取过滤规则必须是有效的 JSON 格式。" +msgstr "拉取过滤规则必须是有效的 JSON 格式." #: Controller/ServersController.php:247;446 msgid "The push filter rules must be in valid JSON format." -msgstr "推送过滤规则必须是有效的 JSON 格式。" +msgstr "推送过滤规则必须是有效的 JSON 格式." #: Controller/ServersController.php:302;476 msgid "That organisation could not be created as the uuid is in use already." -msgstr "由于 uuid 已经使用,无法创建该组织。" +msgstr "该组织无法创建, 因为 uuid 已经在使用中." #: Controller/ServersController.php:314 msgid "Couldn't save the new organisation, are you sure that the uuid is in the correct format? Also, make sure the organisation's name doesn't clash with an existing one." -msgstr "无法保存新组织,是否确定 uuid 格式正确?同时,请确保本组织的名称不与现有的组织发生冲突。" +msgstr "无法保存新组织, 是否确定 uuid 格式正确?同时, 请确保本组织的名称不与现有的组织发生冲突." #: Controller/ServersController.php:350;532;2154 msgid "The server has been saved" @@ -1354,7 +1354,7 @@ msgstr "服务器已保存" #: Controller/ServersController.php:357;539 msgid "The server could not be saved. Please, try again." -msgstr "服务器无法保存。请再试一次。" +msgstr "服务器无法保存, 请重试." #: Controller/ServersController.php:411;608;653;656;665;729;735;1489;1506 #: Model/Server.php:5737 @@ -1363,15 +1363,15 @@ msgstr "无效的服务器" #: Controller/ServersController.php:493 msgid "Couldn't save the new organisation, are you sure that the uuid is in the correct format?." -msgstr "无法保存新的组织,确定 uuid 格式正确?" +msgstr "无法保存新的组织, 确定 uuid 格式正确?" #: Controller/ServersController.php:604;2171;2213 msgid "This endpoint expects POST requests." -msgstr "" +msgstr "这个端点期望POST请求." #: Controller/ServersController.php:612 msgid "You don't have the privileges to do that." -msgstr "" +msgstr "您无权执行此操作." #: Controller/ServersController.php:621 msgid "Server deleted" @@ -1383,31 +1383,31 @@ msgstr "服务器未删除" #: Controller/ServersController.php:668 msgid "Pull setting not enabled for this server." -msgstr "此服务器没有启用Pull设置。" +msgstr "此服务器没有启用Pull设置." #: Controller/ServersController.php:692 msgid "Pulling." -msgstr "正在拉取。" +msgstr "正在拉取." #: Controller/ServersController.php:702 msgid "Pull queued for background execution. Job ID: %s" -msgstr "拉取队列进行后台执行。任务ID:%s" +msgstr "拉取队列进行后台执行.任务ID:%s" #: Controller/ServersController.php:748 msgid "The remote server is too outdated to initiate a push towards it. Please notify the hosting organisation of the remote instance." -msgstr "远程服务器过时,无法启动推送。请通知远程实例的托管组织。" +msgstr "远程服务器过时, 无法启动推送.请通知远程实例的托管组织." #: Controller/ServersController.php:761 msgid "Push complete. %s events pushed, %s events could not be pushed." -msgstr "推送完成。%s 事件推送,%s事件无法推送。" +msgstr "推送完成.%s 事件推送, %s事件无法推送." #: Controller/ServersController.php:776 msgid "Pushing." -msgstr "正在推送。" +msgstr "正在推送." #: Controller/ServersController.php:786 msgid "Push queued for background execution. Job ID: %s" -msgstr "推送队列后台执行。Job ID: %s" +msgstr "推送队列后台执行, Job ID: %s" #: Controller/ServersController.php:814 msgid "Filename not allowed" @@ -1415,11 +1415,11 @@ msgstr "文件名不允许" #: Controller/ServersController.php:819 msgid "Incorrect extension or empty file." -msgstr "错误的扩展或空的文件。" +msgstr "错误的扩展或空的文件." #: Controller/ServersController.php:901 msgid "No organisation selected." -msgstr "没有选择任何组织。" +msgstr "没有选择任何组织." #: Controller/ServersController.php:917;918;919;920;921;922;923;924;925;926;927;928;929;930;931 #: View/Elements/healthElements/diagnostics.ctp:26;170;184;271;331 @@ -1472,43 +1472,43 @@ msgstr "未启用 (没有测试)" #: Controller/ServersController.php:921 msgid "Python ZeroMQ library not installed correctly." -msgstr "Python ZeroMQ 库未正确安装。" +msgstr "Python ZeroMQ 库未正确安装." #: Controller/ServersController.php:921 msgid "ZeroMQ script not running." -msgstr "ZeroMQ 脚本未运行。" +msgstr "ZeroMQ 脚本未运行." #: Controller/ServersController.php:922 msgid "Some of the libraries related to STIX are not installed. Make sure that all libraries listed below are correctly installed." -msgstr "与STIX有关的库未安装。请确保以下所列的所有库都已正确安装。" +msgstr "与STIX有关的库未安装.请确保以下所列的所有库都已正确安装." #: Controller/ServersController.php:923 msgid "Incorrect STIX version installed, found $current, expecting $expected" -msgstr "已安装的 STIX 版本错误,找到 $current,出现 $expected" +msgstr "已安装的 STIX 版本错误, 找到 $current, 出现 $expected" #: Controller/ServersController.php:924 msgid "Incorrect STIX2 version installed, found $current, expecting $expected" -msgstr "已安装的 STIX2版本错误,找到 $current,出现 $expected" +msgstr "已安装的 STIX2版本错误, 找到 $current, 出现 $expected" #: Controller/ServersController.php:925 msgid "Incorrect CyBox version installed, found $current, expecting $expected" -msgstr "已安装的 CyBox 版本错误,找到 $current,发现 $expected" +msgstr "已安装的 CyBox 版本错误, 找到 $current, 发现 $expected" #: Controller/ServersController.php:926 msgid "Incorrect mixbox version installed, found $current, expecting $expected" -msgstr "安装的 mixbox 版本错误,找到 $current,期待 $expected" +msgstr "安装的 mixbox 版本错误, 找到 $current, 期待 $expected" #: Controller/ServersController.php:927 msgid "Incorrect maec version installed, found $current, expecting $expected" -msgstr "安装错误的 maec 版本,找到 $current,期待 $expected" +msgstr "安装错误的 maec 版本, 找到 $current, 期待 $expected" #: Controller/ServersController.php:928 msgid "Incorrect PyMISP version installed, found $current, expecting $expected" -msgstr "安装的 PyMIMP 版本错误,找到 $current,期待 $expected" +msgstr "安装的 PyMIMP 版本错误, 找到 $current, 期待 $expected" #: Controller/ServersController.php:929 msgid "Incorrect plyara version installed, found $current, expecting $expected" -msgstr "安装的ployara版本错误,找到 $current,期待 $expected" +msgstr "安装的ployara版本错误, 找到 $current, 期待 $expected" #: Controller/ServersController.php:930 #: View/Events/filter_event_index.ctp:32;188 @@ -1534,19 +1534,19 @@ msgstr "没有找到模块" #: Controller/ServersController.php:938 msgid "MISP will not operate correctly or will be unsecure until these issues are resolved." -msgstr "在解决这些问题之前,MISP将无法正常运行或不安全。" +msgstr "在解决这些问题之前, MISP将无法正常运行或不安全." #: Controller/ServersController.php:942 msgid "Some of the features of MISP cannot be utilised until these issues are resolved." -msgstr "在解决这些问题之前,无法使用MISP的某些功能。" +msgstr "在解决这些问题之前, 无法使用MISP的某些功能." #: Controller/ServersController.php:946 msgid "There are some optional tweaks that could be done to improve the looks of your MISP instance." -msgstr "可以进行一些可选的调整以改善MISP实例的外观。" +msgstr "可以进行一些可选的调整以改善MISP实例的外观." #: Controller/ServersController.php:1165 msgid "Only one `update` worker can run at a time" -msgstr "" +msgstr "一次只能运行一个`update` worker" #: Controller/ServersController.php:1177 msgid "Worker start signal sent" @@ -1558,91 +1558,91 @@ msgstr "Worker停止信号已发送" #: Controller/ServersController.php:1249 msgid "This setting is redacted." -msgstr "" +msgstr "此设置已编辑." #: Controller/ServersController.php:1274 msgid "This setting can only be edited via the CLI." -msgstr "此设置只能通过CLI进行编辑。" +msgstr "此设置只能通过CLI进行编辑." #: Controller/ServersController.php:1365 msgid "Restarting workers." -msgstr "" +msgstr "重启workers中" #: Controller/ServersController.php:1389 msgid "File not found." -msgstr "文件未找到。" +msgstr "文件未找到." #: Controller/ServersController.php:1395 msgid "File could not be deleted." -msgstr "文件不能删除。" +msgstr "文件无法删除." #: Controller/ServersController.php:1418;1434 msgid "Upload failed." -msgstr "上传失败。" +msgstr "上传失败." #: Controller/ServersController.php:1426 msgid "File already exists. If you would like to replace it, remove the old one first." -msgstr "文件已存在。如果您想要替换它,请先删除旧的文件。" +msgstr "文件已存在. 如果您想要替换它, 请先删除旧的文件." #: Controller/ServersController.php:1493 msgid "Invalid user or user not found." -msgstr "" +msgstr "无效的用户或找不到用户." #: Controller/ServersController.php:2040 msgid "Starting server caching." -msgstr "正在启动服务器缓存。" +msgstr "正在启动服务器缓存." #: Controller/ServersController.php:2055 msgid "Caching the servers has failed." -msgstr "缓存服务器失败。" +msgstr "缓存服务器失败." #: Controller/ServersController.php:2058 msgid "Caching the servers has successfully completed." -msgstr "缓存服务器已成功完成。" +msgstr "缓存服务器已成功完成." #: Controller/ServersController.php:2088 msgid "Cannot create sync config - no host org ID configured for the instance." -msgstr "" +msgstr "无法创建同步配置 - 没有为实例配置主机组织ID." #: Controller/ServersController.php:2097 msgid "Configured host org not found. Please make sure that the setting is current on the instance." -msgstr "" +msgstr "找不到已配置的主机组织, 请确保该设置在实例上是最新的." #: Controller/ServersController.php:2161 msgid "Could not save the server. Error: %s" -msgstr "无法保存服务器。错误: %s" +msgstr "无法保存服务器.错误: %s" #: Controller/ServersController.php:2182 msgid "API key updated." -msgstr "" +msgstr "API key已更新" #: Controller/ServersController.php:2195 msgid "ID has to be a valid server connection" -msgstr "" +msgstr "ID必须是一个有效的服务器连接" #: Controller/ServersController.php:2198 msgid "Invalid direction. Valid options: " -msgstr "" +msgstr "无效方向, 有效选项: " #: Controller/ServersController.php:2202 msgid "Priority changed." -msgstr "" +msgstr "优先级已更改." #: Controller/ServersController.php:2205 msgid "Priority could not be changed." -msgstr "" +msgstr "优先级无法更改." #: Controller/ServersController.php:2216 msgid "Only site admin accounts can release the update lock." -msgstr "" +msgstr "只有网站管理员账号才能释放更新锁." #: Controller/ServersController.php:2226 msgid "Only site admin accounts get the DB schema diagnostic." -msgstr "" +msgstr "只有网站管理员账户才能获得DB模式诊断." #: Controller/ShadowAttributesController.php:263 msgid "Could not discard proposal." -msgstr "无法放弃提案。" +msgstr "无法放弃提案." #: Controller/ShadowAttributesController.php:324 msgid "Attribute has not been added: attachments are added by \"Add attachment\" button" @@ -1658,15 +1658,15 @@ msgstr "提案已保存" #: Controller/ShadowAttributesController.php:436;749 msgid "Could not save the proposal. Errors: %s" -msgstr "无法保存提案。错误:%s" +msgstr "无法保存提案.错误:%s" #: Controller/ShadowAttributesController.php:438 msgid "The proposal could not be saved. Please, try again." -msgstr "提案无法保存。请重试。" +msgstr "提案无法保存, 请重试." #: Controller/ShadowAttributesController.php:475 msgid "Invalid Proposal" -msgstr "提案无效。" +msgstr "提案无效." #: Controller/ShadowAttributesController.php:505 msgid "Proposal not an attachment or malware-sample" @@ -1678,11 +1678,11 @@ msgstr "附件已上传" #: Controller/ShadowAttributesController.php:603 msgid "The attachment has been uploaded, but some of the proposals could not be created. The failed proposals are: " -msgstr "附件已上传,但是某些提案无法创建。失败的提案为: " +msgstr "附件已上传, 但是某些提案无法创建.失败的提案为: " #: Controller/ShadowAttributesController.php:606 msgid "The attachment could not be saved, please contact your administrator." -msgstr "附件无法保存,请联系您的管理员。" +msgstr "附件无法保存, 请联系您的管理员." #: Controller/ShadowAttributesController.php:740 msgid "The proposed Attribute has been saved" @@ -1690,11 +1690,11 @@ msgstr "提出的属性已被保存" #: Controller/ShadowAttributesController.php:751 msgid "The ShadowAttribute could not be saved. Please, try again." -msgstr "ShadowAttribute 无法保存。请重试。" +msgstr "ShadowAttribute 无法保存, 请重试." #: Controller/ShadowAttributesController.php:884;894 msgid "Invalid proposal." -msgstr "无效的提案。" +msgstr "无效的提案." #: Controller/ShadowAttributesController.php:1010 msgid "This feature is only available using the API to Sync users" @@ -1710,48 +1710,48 @@ msgstr "共享组已删除" #: Controller/SharingGroupsController.php:256 msgid "Sharing Group could not be deleted. Make sure that there are no events, attributes or threads belonging to this sharing group." -msgstr "无法删除共享组。确保在此共享组没有事件,属性或线程。" +msgstr "无法删除共享组.确保在此共享组没有事件, 属性或话题." #: Controller/SightingdbController.php:32 msgid "SightingDB connection added." -msgstr "" +msgstr "SightingDB连接已添加." #: Controller/SightingdbController.php:32 msgid "SightingDB connection could not be added." -msgstr "" +msgstr "SightingDB连接无法添加." #: Controller/SightingdbController.php:49;99;143 msgid " Reason: %s" -msgstr "" +msgstr "原因: %s" #: Controller/SightingdbController.php:71;123 #: Model/Sightingdb.php:325 msgid "Invalid SightingDB entry." -msgstr "" +msgstr "无效SightingDB条目." #: Controller/SightingdbController.php:87 msgid "SightingDB connection updated." -msgstr "" +msgstr "SightingDB连接已更新." #: Controller/SightingdbController.php:87 msgid "SightingDB connection could not be updated." -msgstr "" +msgstr "SightingDB连接无法更新." #: Controller/SightingdbController.php:128 msgid "SightingDB connection removed." -msgstr "" +msgstr "SightingDB连接已移除." #: Controller/SightingdbController.php:130 msgid "SightingDB connection could not be removed." -msgstr "" +msgstr "SightingDB连接无法移除." #: Controller/SightingdbController.php:196 msgid "Pass a valid SightingDB ID" -msgstr "" +msgstr "通过有效的SightingDB ID" #: Controller/SightingsController.php:83 msgid "Could not add the Sighting. Reason: " -msgstr "无法添加 Sighting。原因: " +msgstr "无法添加Sighting. 原因: " #: Controller/SightingsController.php:96 msgid "Sighting added" @@ -1759,7 +1759,7 @@ msgstr "Sighting已添加" #: Controller/SightingsController.php:149 msgid "You are not authorised to remove sightings data as you don't have permission to modify your organisation's data." -msgstr "您无权删除目击事件数据,因为您没有权限修改您的组织的数据。" +msgstr "您无权删除观察事件数据, 因为您没有权限修改您的组织的数据." #: Controller/SightingsController.php:155 #: Model/DecayingModel.php:464 @@ -1768,11 +1768,11 @@ msgstr "找不到属性" #: Controller/SightingsController.php:173 msgid "Invalid request." -msgstr "无效请求。" +msgstr "无效请求." #: Controller/SightingsController.php:182 msgid "Sighting added." -msgstr "Sighting已添加。" +msgstr "Sighting已添加." #: Controller/SightingsController.php:184 msgid "Sighting could not be added" @@ -1784,55 +1784,55 @@ msgstr "标签采集已保存" #: Controller/TagCollectionsController.php:64;185 msgid "The tag collection could not be added. Reason: " -msgstr "标签采集无法添加。原因: " +msgstr "标签采集无法添加.原因: " #: Controller/TagCollectionsController.php:85 msgid "%s new tag collections added." -msgstr "%s 新的标签收藏已添加。" +msgstr "%s 新的标签收藏已添加." #: Controller/TagCollectionsController.php:154 msgid "Invalid Tag Collection" -msgstr "无效的标签采集" +msgstr "无效的标签集" #: Controller/TagCollectionsController.php:161 msgid "You don't have editing rights on this Tag Collection." -msgstr "您没有编辑此标签采集的权利。" +msgstr "您没有编辑此标签采集的权利." #: Controller/TagCollectionsController.php:201;391 msgid "Invalid tag collection." -msgstr "无效的标签采集。" +msgstr "无效的标签集." #: Controller/TagCollectionsController.php:207 msgid "Tag collection deleted." -msgstr "标签采集已删除。" +msgstr "标签集已删除." #: Controller/TagCollectionsController.php:215 msgid "Tag collection could not be deleted." -msgstr "标签采集不能删除。" +msgstr "标签集无法删除." #: Controller/TagCollectionsController.php:224 msgid "You are not allowed to delete that." -msgstr "您不能删除。" +msgstr "您无法删除." #: Controller/TagCollectionsController.php:241 msgid "Invalid tag collection" -msgstr "" +msgstr "无效标签集" #: Controller/TagCollectionsController.php:342 msgid "Tag(s) could not be added." -msgstr "无法添加标签。" +msgstr "无法添加标签." #: Controller/TagCollectionsController.php:395 msgid "Insufficient privileges to remove the tag from the collection." -msgstr "权限不足以将标签从收藏夹中删除。" +msgstr "权限不足以将标签从收藏夹中删除." #: Controller/TagCollectionsController.php:406 msgid "Invalid tag or tag not associated with the collection." -msgstr "无效的标签或标签与采集无关。" +msgstr "无效标签或与集合不相关的标签." #: Controller/TagCollectionsController.php:410 msgid "Failed to remove tag from the collection." -msgstr "从采集中删除标签失败。" +msgstr "从集合中删除标签失败." #: Controller/TagsController.php:370 msgid "Tag deleted" @@ -1862,59 +1862,59 @@ msgstr "所有标签" #: Controller/TagsController.php:622 #: View/Taxonomies/view.ctp:2 msgid "Taxonomy Library" -msgstr "分类库库" +msgstr "分类库" #: Controller/TagsController.php:790 msgid "Includes: " -msgstr "包括: " +msgstr "包括: " #: Controller/TagsController.php:867 msgid "This functionality requires tagging permission." -msgstr "" +msgstr "此功能需要标记权限." #: Controller/TagsController.php:881;905 msgid "Cannot alter the tags of this data, only the organisation that has created the data (orgc) can modify global tags." -msgstr "" +msgstr "不能更改该数据的标签, 只有创建该数据的组织(orgc)才能修改全局标签." #: Controller/TagsController.php:883;907 msgid "Please consider using local tags if you are in the host organisation of the instance." -msgstr "" +msgstr "如果您在实例的主办机构中, 请考虑使用本地标签." #: Controller/TagsController.php:912;1058 msgid "Invalid Target." -msgstr "" +msgstr "无效目标" #: Controller/TagsController.php:951 msgid "Local tags can only be added by users of the host organisation." -msgstr "" +msgstr "本地标签只能由主办机构的用户添加." #: Controller/TagsController.php:964 msgid "Unable to create tag. Reason: " -msgstr "" +msgstr "无法创建标签, 标签: " #: Controller/TagsController.php:1075 msgid "Insufficient privileges to remove local tags from events you do not own." -msgstr "" +msgstr "权限不足, 无法从不属于您的事件中删除本地标签." #: Controller/TaxonomiesController.php:68 msgid "Taxonomy not found." -msgstr "找不到分类。" +msgstr "找不到分类." #: Controller/TaxonomiesController.php:134 msgid "Taxonomy enabled." -msgstr "分类已启用。" +msgstr "分类已启用." #: Controller/TaxonomiesController.php:166 msgid "Taxonomy disabled." -msgstr "分类已禁用。" +msgstr "分类已禁用." #: Controller/TaxonomiesController.php:234 msgid "All taxonomy libraries are up to date already." -msgstr "所有分类库都已为最新。" +msgstr "所有分类库都已为最新." #: Controller/TaxonomiesController.php:237 msgid "Could not update any of the taxonomy libraries" -msgstr "无法更新任何分类库。" +msgstr "无法更新任何分类库." #: Controller/TaxonomiesController.php:240 #: Controller/WarninglistsController.php:107 @@ -1923,101 +1923,101 @@ msgstr "更新成功 " #: Controller/TaxonomiesController.php:240;242 msgid " taxonomy libraries." -msgstr " 分类库。" +msgstr " 分类库." #: Controller/TaxonomiesController.php:242 #: Controller/WarninglistsController.php:109 msgid " However, could not update " -msgstr " 然而,无法更新 " +msgstr " 然而, 无法更新 " #: Controller/TaxonomiesController.php:276;314;344 msgid "The tag(s) has been saved." -msgstr "标签已保存。" +msgstr "标签已保存." #: Controller/TaxonomiesController.php:282;316;346 msgid "The tag(s) could not be saved. Please, try again." -msgstr "标签无法保存。请重试。" +msgstr "标签无法保存, 请重试." #: Controller/TaxonomiesController.php:374 msgid "The tag(s) has been hidden." -msgstr "标签已被隐藏。" +msgstr "标签已被隐藏." #: Controller/TaxonomiesController.php:376 msgid "The tag(s) could not be hidden. Please, try again." -msgstr "标签无法被隐藏。请重试。" +msgstr "标签无法被隐藏, 请重试." #: Controller/TaxonomiesController.php:413 msgid "Taxonomy successfuly deleted." -msgstr "分类成功删除。" +msgstr "分类成功删除." #: Controller/TaxonomiesController.php:416 msgid "Taxonomy could not be deleted." -msgstr "分类无法删除。" +msgstr "分类无法删除." #: Controller/TaxonomiesController.php:424 #: Controller/WarninglistsController.php:262 msgid "This function can only be reached via AJAX." -msgstr "此功能只能通过AJAX访问。" +msgstr "此功能只能通过AJAX访问." #: Controller/TemplatesController.php:408 msgid "Event populated, " -msgstr "事件已填充, " +msgstr "事件已填充, " #: Controller/TemplatesController.php:410 msgid "Event populated, but " -msgstr "事件已填充,但是 " +msgstr "事件已填充, 但是 " #: Controller/UserSettingsController.php:123;312 msgid "Invalid ID passed." -msgstr "" +msgstr "传递了无效的ID." #: Controller/UserSettingsController.php:133;137;322;326 msgid "Invalid user setting." -msgstr "" +msgstr "无效用户设置." #: Controller/UserSettingsController.php:151;192;278;290 msgid "Invalid setting." -msgstr "" +msgstr "无效设置." #: Controller/UserSettingsController.php:155;196;330 msgid "This setting is restricted and requires the following permission(s): %s" -msgstr "" +msgstr "此设置受限制, 需要以下权限:%s" #: Controller/UserSettingsController.php:189 msgid "This endpoint expects both a setting and a value to be set." -msgstr "" +msgstr "此端点期望同时设置一个设置和一个值." #: Controller/UserSettingsController.php:229 msgid "Setting saved." -msgstr "" +msgstr "设置已保存" #: Controller/UserSettingsController.php:242 msgid "Setting could not be saved." -msgstr "" +msgstr "设置无法保存" #: Controller/UserSettingsController.php:337 msgid "Setting deleted." -msgstr "" +msgstr "设置已删除" #: Controller/UserSettingsController.php:345 msgid "Setting could not be deleted." -msgstr "" +msgstr "设置无法删除" #: Controller/UserSettingsController.php:358 msgid "Expecting POST or DELETE request." -msgstr "" +msgstr "期待POST或DELETE请求." #: Controller/UsersController.php:42;310 msgid "Invalid user or not authorised." -msgstr "无效的用户或未被授权。" +msgstr "无效的用户或未被授权." #: Controller/UsersController.php:62;538;786;805;1030 msgid "Invalid user" -msgstr "无效的用户" +msgstr "无效用户" #: Controller/UsersController.php:150;693;858 msgid "Invalid e-mail domain. Your user is restricted to creating users for the following domain(s): " -msgstr "无效的电子邮件域。您的用户仅限于为以下域创建用户: " +msgstr "无效的电子邮件域, 您的用户仅限于为以下域创建用户: " #: Controller/UsersController.php:202 msgid "The profile has been updated" @@ -2025,23 +2025,23 @@ msgstr "资料已更新" #: Controller/UsersController.php:207 msgid "The profile could not be updated. Please, try again." -msgstr "资料无法更新。请重试。" +msgstr "资料无法更新, 请重试." #: Controller/UsersController.php:247 msgid "Invalid password. Please enter your current password to continue." -msgstr "密码无效。请输入当前的密码以继续。" +msgstr "密码无效, 请输入当前的密码以继续." #: Controller/UsersController.php:256 msgid "Please enter your current password to continue." -msgstr "请出入当前的密码以继续。" +msgstr "请出入当前的密码以继续." #: Controller/UsersController.php:276 msgid "Password Changed." -msgstr "密码已更改。" +msgstr "密码已更改." #: Controller/UsersController.php:285 msgid "The password could not be updated. Make sure you meet the minimum password length / complexity requirements." -msgstr "密码无法更新。确保密码符合最小密码长度或复杂性要求。" +msgstr "密码无法更新, 确保密码符合最小密码长度或复杂性要求." #: Controller/UsersController.php:422;440;547 #: Model/Log.php:370 @@ -2050,15 +2050,15 @@ msgstr "已编辑" #: Controller/UsersController.php:704 msgid "The user could not be saved. Invalid organisation." -msgstr "用户无法被保存。无效的组织。" +msgstr "用户无法被保存.无效的组织." #: Controller/UsersController.php:726 msgid "The user has been saved." -msgstr "用户已被保存。" +msgstr "用户已被保存." #: Controller/UsersController.php:735;966 msgid "The user could not be saved. Please, try again." -msgstr "用户无法被保存。请重试。" +msgstr "用户无法被保存, 请重试." #: Controller/UsersController.php:958 msgid "The user has been saved" @@ -2074,7 +2074,7 @@ msgstr "用户未被删除" #: Controller/UsersController.php:1121 msgid "Invalid username or password, try again" -msgstr "用户名或密码无效,请重试。" +msgstr "用户名或密码无效, 请重试." #: Controller/UsersController.php:1208 msgid "Good-Bye" @@ -2082,27 +2082,27 @@ msgstr "再见" #: Controller/UsersController.php:1230 msgid "Invalid action." -msgstr "" +msgstr "无效操作." #: Controller/UsersController.php:1237 msgid "New authkey generated." -msgstr "已生成新的认证密钥。" +msgstr "已生成新的认证密钥." #: Controller/UsersController.php:1248 msgid "This functionality is only accessible via POST requests." -msgstr "" +msgstr "该功能只有通过POST请求才能访问" #: Controller/UsersController.php:1252 msgid "Job initiated." -msgstr "" +msgstr "Job已启动." #: Controller/UsersController.php:1254 msgid "%s authkeys reset, %s could not be reset." -msgstr "" +msgstr "%s authkeys重置, %s无法重置" #: Controller/UsersController.php:1368 msgid "You accepted the Terms and Conditions." -msgstr "你已接受条款和条件。" +msgstr "您已接受条款和条件." #: Controller/UsersController.php:1496 msgid "Recipient email not provided" @@ -2114,11 +2114,11 @@ msgstr "未提供收件人的组织" #: Controller/UsersController.php:1538 msgid "E-mails sent, but failed to deliver the messages to the following recipients: " -msgstr "电子邮件已发送,但是无法向下列收件人发送消息: " +msgstr "电子邮件已发送, 但是无法向下列收件人发送消息: " #: Controller/UsersController.php:1540 msgid "E-mails sent." -msgstr "电子邮件已发送。" +msgstr "电子邮件已发送." #: Controller/UsersController.php:1614 msgid "Usage data" @@ -2174,11 +2174,11 @@ msgstr "显示顶部列表" #: Controller/UsersController.php:1620 msgid "Galaxy Matrix" -msgstr "Galaxy Matrix" +msgstr "星系矩阵" #: Controller/WarninglistsController.php:42 msgid "This action is only accessible via POST requests." -msgstr "此操作只能通过POST请求实现。" +msgstr "此操作只能通过POST请求实现." #: Controller/WarninglistsController.php:64 msgid "Warning list updated" @@ -2190,7 +2190,7 @@ msgstr "警告列表无法更新" #: Controller/WarninglistsController.php:81 msgid " could not be installed/updated. Error: " -msgstr " 无法安装/更新。错误: " +msgstr " 无法安装/更新.错误: " #: Controller/WarninglistsController.php:95 msgid "Warninglist update (nothing to update)" @@ -2198,11 +2198,11 @@ msgstr "警告列表已更新(已为最新)" #: Controller/WarninglistsController.php:96 msgid "Executed an update of the warning lists, but there was nothing to update." -msgstr "更新警告列表,但其无需更新。" +msgstr "更新警告列表, 但其无需更新." #: Controller/WarninglistsController.php:101 msgid "All warninglists are up to date already." -msgstr "所有警告列表都已为最新。" +msgstr "所有警告列表都已为最新." #: Controller/WarninglistsController.php:104 msgid "Could not update any of the warning lists" @@ -2210,15 +2210,15 @@ msgstr "无法更新任何警告列表" #: Controller/WarninglistsController.php:132 msgid "This function only accepts POST requests." -msgstr "此功能仅能接受POST请求。" +msgstr "此功能仅能接受POST请求." #: Controller/WarninglistsController.php:160;233 msgid "Warninglist not found." -msgstr "未找到警告列表。" +msgstr "未找到警告列表." #: Controller/WarninglistsController.php:164 msgid "Warninglist(s) not found." -msgstr "未找到警告列表。" +msgstr "未找到警告列表." #: Controller/WarninglistsController.php:190 msgid " warninglist(s) " @@ -2226,11 +2226,11 @@ msgstr " 警告列表 " #: Controller/WarninglistsController.php:192 msgid "Warninglist(s) could not be toggled." -msgstr "无法切换警告列表。" +msgstr "无法切换警告列表." #: Controller/WarninglistsController.php:200 msgid "Invalid Warninglist." -msgstr "无效的警告列表。" +msgstr "无效的警告列表." #: Controller/WarninglistsController.php:209 msgid "Warninglist disabled" @@ -2242,35 +2242,35 @@ msgstr "警告列表已启用" #: Controller/WarninglistsController.php:220 msgid "This action is available via AJAX only." -msgstr "此操作仅通过 AJAX 可用。" +msgstr "此操作仅通过 AJAX 可用." #: Controller/WarninglistsController.php:251 msgid "Warninglist successfuly deleted." -msgstr "警告列表删除成功。" +msgstr "警告列表删除成功." #: Controller/WarninglistsController.php:254 msgid "Warninglists could not be deleted." -msgstr "警告列表无法删除。" +msgstr "警告列表无法删除." #: Controller/WarninglistsController.php:272 msgid "No valid data received." -msgstr "未收到有效数据。" +msgstr "未收到有效数据." #: Controller/Component/ACLComponent.php:614 msgid "This could be an indication of an attempted privilege escalation on older vulnerable versions of MISP (<2.4.115)" -msgstr "" +msgstr "这可能表明尝试在较弱的MISP早期版本(<2.4.115)上尝试特权升级" #: Controller/Component/ACLComponent.php:668 msgid "User triggered security alert by attempting to access /%s/%s. Reason why this endpoint is of interest: %s" -msgstr "" +msgstr "用户通过尝试访问/%s/%s/%s触发了安全警报。该端点感兴趣的原因: %s" #: Controller/Component/AdminCrudComponent.php:20 msgid "The %s has been saved." -msgstr "%s已被保存。" +msgstr "%s已被保存." #: Controller/Component/AdminCrudComponent.php:24;61 msgid "The %s could not be saved. Please, try again." -msgstr "%s无法保存。请重试。" +msgstr "%s无法保存, 请重试." #: Controller/Component/AdminCrudComponent.php:52;85 msgid "Invalid %s" @@ -2278,7 +2278,7 @@ msgstr "无效的%s" #: Controller/Component/AdminCrudComponent.php:57 msgid "The %s has been saved" -msgstr "%s已被保存" +msgstr "%s已保存" #: Controller/Component/AdminCrudComponent.php:88 msgid "%s deleted" @@ -2290,11 +2290,11 @@ msgstr "%s未删除" #: Controller/Component/BlackListComponent.php:75 msgid "Done. Added %d new entries to the blacklist. %d entries could not be saved." -msgstr "完成。添加了 %d 条新条目到黑名单中。 %d 条条目不能保存。" +msgstr "完成. 添加了 %d 条新条目到黑名单中. %d 条条目无法保存." #: Controller/Component/BlackListComponent.php:126 msgid "Blacklist item added." -msgstr "黑名单项已添加。" +msgstr "黑名单项已添加." #: Controller/Component/BlackListComponent.php:133 msgid "Could not save the blacklist item" @@ -2314,432 +2314,432 @@ msgstr "无法删除黑名单条目" #: Controller/Component/DeprecationComponent.php:18 msgid "Use /attributes/restSearch to export RPZ rules." -msgstr "" +msgstr "使用/attributes/restSearch来导出RPZ规则." #: Controller/Component/DeprecationComponent.php:19 msgid "Use /attributes/restSearch to export flat indicator lists." -msgstr "" +msgstr "使用/attributes/restSearch来导出平面指标列表." #: Controller/Component/DeprecationComponent.php:22 msgid "Use MISP modules to import in OpenIOC format." -msgstr "" +msgstr "使用MISP模块以OpenIOC格式导入." #: Controller/Component/DeprecationComponent.php:23 msgid "Use /events/restSearch to export in CSV format." -msgstr "" +msgstr "使用/events/restSearch以CSV格式导出." #: Controller/Component/DeprecationComponent.php:24 msgid "Use the REST client to refine your search conditions and export in any of the given formats with much more control." -msgstr "" +msgstr "使用REST客户端来细化您的搜索条件, 并以任何给定的格式导出." #: Controller/Component/DeprecationComponent.php:25 msgid "Use /events/restSearch to export hashes." -msgstr "" +msgstr "使用/events/restSearch来导出哈希值." #: Controller/Component/DeprecationComponent.php:26 msgid "Use /events/restSearch to export in the various NIDS formats." -msgstr "" +msgstr "使用/events/restSearch以各种NIDS格式导出." #: Controller/Component/DeprecationComponent.php:27 msgid "Use /events/restSearch to export in STIX format." -msgstr "" +msgstr "使用/events/restSearch以STIX格式导出." #: Controller/Component/DeprecationComponent.php:28 msgid "Use /events/restSearch to export in STIX2 format." -msgstr "" +msgstr "使用/events/restSearch以STIX2格式导出." #: Controller/Component/DeprecationComponent.php:29 msgid "Use /events/restSearch to export in XML format. It is highly recommended to use JSON whenever possible." -msgstr "" +msgstr "使用/events/restSearch以XML格式导出, 强烈建议尽可能使用JSON格式." #: Controller/Component/RateLimitComponent.php:29 msgid "API searches are not allowed for this user role." -msgstr "" +msgstr "该用户角色不允许进行API搜索." #: Controller/Component/RateLimitComponent.php:41 msgid "Rate limit exceeded." -msgstr "" +msgstr "超出速率限制." #: Controller/Component/RestResponseComponent.php:603 msgid "The action that the user performed" -msgstr "" +msgstr "用户执行该操作." #: Controller/Component/RestResponseComponent.php:609 msgid "Is the sharing group selectable (active) when chosing distribution" -msgstr "" +msgstr "在选择分配时, 共享组是否可以选择(active)?" #: Controller/Component/RestResponseComponent.php:614;1356 msgid "Search for a full or a substring (delimited by % for substrings) in the event info, event tags, attribute tags, attribute values or attribute comment fields" -msgstr "" +msgstr "在事件信息、事件标记、属性标记、属性值或属性注释字段中搜索一个完整的或子字符串(子字符串用%分隔)" #: Controller/Component/RestResponseComponent.php:620 msgid "All organisations contained on the instance will be part of the sharing group" -msgstr "" +msgstr "实例中的所有组织都将成为共享组的一部分." #: Controller/Component/RestResponseComponent.php:626 msgid "hard-delete already soft-deleted attributes" -msgstr "" +msgstr "硬删除已被软删除的属性" #: Controller/Component/RestResponseComponent.php:633 msgid "Maturity of the event" -msgstr "" +msgstr "事件成熟度" #: Controller/Component/RestResponseComponent.php:640 msgid "Anonymise the information regarding the server on which the request was issued" -msgstr "" +msgstr "将发出请求的服务器信息匿名化" #: Controller/Component/RestResponseComponent.php:646 msgid "Filter on attribute value" -msgstr "" +msgstr "对属性值进行过滤" #: Controller/Component/RestResponseComponent.php:652 msgid "The authorisation key found on the external server" -msgstr "" +msgstr "在外部服务器上找到的授权密钥" #: Controller/Component/RestResponseComponent.php:658 msgid "The user receive alerts when events are published" -msgstr "" +msgstr "当事件发布时, 用户会收到告警" #: Controller/Component/RestResponseComponent.php:664 msgid "The email's body" -msgstr "" +msgstr "电子邮件的正文" #: Controller/Component/RestResponseComponent.php:670 msgid "The feed is cached" -msgstr "" +msgstr "订阅源已缓存" #: Controller/Component/RestResponseComponent.php:682 msgid "A valid x509 certificate " -msgstr "" +msgstr "无效的X509证书" #: Controller/Component/RestResponseComponent.php:688 msgid "The text contained in the change field" -msgstr "" +msgstr "更改字段中包含的文本" #: Controller/Component/RestResponseComponent.php:694 msgid "The user will be prompted the change the password" -msgstr "" +msgstr "用户将被提示更改密码" #: Controller/Component/RestResponseComponent.php:700 msgid "A valid hexadecimal colour `#ffffff`" -msgstr "" +msgstr "有效的十六进制颜色`#ffffffffffff`" #: Controller/Component/RestResponseComponent.php:711 msgid "Contact details for the organisation" -msgstr "" +msgstr "该组织的详细联系方式" #: Controller/Component/RestResponseComponent.php:717 msgid "The user receive alerts from `contact reporter` requests" -msgstr "" +msgstr "用户收到来自`contact reporter`请求的提醒" #: Controller/Component/RestResponseComponent.php:734 msgid "Base64 encoded file contents" -msgstr "" +msgstr "Base64编码的文件内容" #: Controller/Component/RestResponseComponent.php:746 msgid "The user set date field on the event level. If you are using restSearch, you can use any of the valid time related filters (examples: 7d, timestamps, [14d, 7d] for ranges, etc.)" -msgstr "" +msgstr "用户在事件级别上设置的日期字段. 如果您使用的是restSearch, 您可以使用任何一个有效的时间相关的过滤器(例如:7d, 时间戳, [14d, 7d]范围等)." #: Controller/Component/RestResponseComponent.php:781 msgid "The role is a default role (selected by default)" -msgstr "" +msgstr "角色为默认角色(默认选择)" #: Controller/Component/RestResponseComponent.php:787 msgid "Remove file after ingestion" -msgstr "" +msgstr "提取后删除文件" #: Controller/Component/RestResponseComponent.php:793 msgid "Include deleted elements" -msgstr "" +msgstr "包含已删除的元素" #: Controller/Component/RestResponseComponent.php:799 msgid "Merge attributes (only add new attribute, remove revoked attributes)" -msgstr "" +msgstr "合并属性(仅添加新属性, 删除已撤销的属性)" #: Controller/Component/RestResponseComponent.php:810 msgid "Disable the user account" -msgstr "" +msgstr "禁用用户账户" #: Controller/Component/RestResponseComponent.php:822 msgid "Filter on user email" -msgstr "" +msgstr "过滤用户邮件" #: Controller/Component/RestResponseComponent.php:828 msgid "Set the password manually" -msgstr "" +msgstr "手动设置密码" #: Controller/Component/RestResponseComponent.php:839 msgid "When uploading malicious samples, set this flag to tell MISP to encrpyt the sample and extract the file hashes. This will create a MISP object with the appropriate attributes." -msgstr "" +msgstr "当上传恶意样本时, 设置这个标志来告诉MISP对样本进行加密并提取文件的哈希值. 这将创建一个具有相应属性的MISP对象." #: Controller/Component/RestResponseComponent.php:850 msgid "Should the warning list be enforced. Adds `blocked` field for matching attributes" -msgstr "" +msgstr "如果警告列表被执行。为匹配属性添加`blocked`字段" #: Controller/Component/RestResponseComponent.php:863 msgid "The timestamp at which the event was last modified" -msgstr "" +msgstr "该事件最后一次修改的时间戳" #: Controller/Component/RestResponseComponent.php:870 msgid "The timestamp at which the attribute was last modified" -msgstr "" +msgstr "该属性最后一次修改的时间戳" #: Controller/Component/RestResponseComponent.php:882;1021 msgid "Quick event description" -msgstr "" +msgstr "事件简要描述" #: Controller/Component/RestResponseComponent.php:888 msgid "The tag is exported when synchronising with other instances" -msgstr "" +msgstr "在与其他实例同步时导出该标记" #: Controller/Component/RestResponseComponent.php:900 msgid "Exclude local tags from the export" -msgstr "" +msgstr "从导出中排除本地标签" #: Controller/Component/RestResponseComponent.php:906 msgid "The organisation have write access to this sharing group (they can add/remove other organisation)" -msgstr "" +msgstr "该组织对该共享组有写入权限(他们可以添加/删除其他组织)" #: Controller/Component/RestResponseComponent.php:912 msgid "An external authorisation is required for this user" -msgstr "" +msgstr "该用户需要外部授权" #: Controller/Component/RestResponseComponent.php:918 msgid "A valid external auth key" -msgstr "" +msgstr "有效的外部授权密钥" #: Controller/Component/RestResponseComponent.php:931 msgid "target_event option might be considered" -msgstr "" +msgstr "target_event选项可以考虑" #: Controller/Component/RestResponseComponent.php:943 msgid "The date from which the event was published" -msgstr "" +msgstr "事件公布的日期" #: Controller/Component/RestResponseComponent.php:949 msgid "A valid GPG key" -msgstr "" +msgstr "有效的GPG密钥" #: Controller/Component/RestResponseComponent.php:955 msgid "The event contains proposals" -msgstr "" +msgstr "该事件包含的提案" #: Controller/Component/RestResponseComponent.php:961 msgid "Headers to be passed with the requests. All separated by `\\n`" -msgstr "" +msgstr "与请求一起传递的标头, 全部用`\\ n`分隔" #: Controller/Component/RestResponseComponent.php:967 msgid "The tag is hidden (not selectable)" -msgstr "" +msgstr "该标签是隐藏的(不可选择)" #: Controller/Component/RestResponseComponent.php:979 msgid "Include matching attributes in the response" -msgstr "" +msgstr "在响应中包含匹配的属性" #: Controller/Component/RestResponseComponent.php:991 msgid "Include matching events in the response" -msgstr "" +msgstr "在响应中包含匹配的事件" #: Controller/Component/RestResponseComponent.php:997 msgid "Include matching eventUuids in the response" -msgstr "" +msgstr "在响应中包含匹配的eventUuids" #: Controller/Component/RestResponseComponent.php:1003 msgid "Include tags of matching events in the response" -msgstr "" +msgstr "在响应中包含匹配事件的标签" #: Controller/Component/RestResponseComponent.php:1015 msgid "Include proposals of matching events in the response" -msgstr "" +msgstr "在响应中包含匹配事件的提案" #: Controller/Component/RestResponseComponent.php:1028 msgid "Specify whether the source (url field) is a directory (local) or an geniun url (network)" -msgstr "" +msgstr "指定源(url字段)是目录(local)还是真实网址(network)" #: Controller/Component/RestResponseComponent.php:1034 msgid "The IP of a login attempt" -msgstr "" +msgstr "尝试登录的IP" #: Controller/Component/RestResponseComponent.php:1040 msgid "JSON containing ID, UUID and name" -msgstr "" +msgstr "JSON包含ID, UUID and name" #: Controller/Component/RestResponseComponent.php:1046 msgid "Events published within the last x amount of time, where x can be defined in days, hours, minutes (for example 5d or 12h or 30m)" -msgstr "" +msgstr "在过去X时间内发布的事件, 其中X可以用天、小时、分钟(例如5d或12h或30m)来定义" #: Controller/Component/RestResponseComponent.php:1059 msgid "Limit on the pagination" -msgstr "" +msgstr "分页限制" #: Controller/Component/RestResponseComponent.php:1065 msgid "If the organisation should have access to this instance, make sure that the Local organisation setting is checked. If you would only like to add a known external organisation for inclusion in sharing groups, uncheck the Local organisation setting." -msgstr "" +msgstr "如果该组织应该可以访问此实例, 请确保勾选本地组织设置. 如果您只想在共享组中添加一个已知的外部组织, 请取消勾选本地组织设置。" #: Controller/Component/RestResponseComponent.php:1071 msgid "The lookup will not be visible in the feed correlation" -msgstr "" +msgstr "查询将不会在订阅源相关性中显示出来" #: Controller/Component/RestResponseComponent.php:1077 msgid "Message to be included" -msgstr "" +msgstr "包含的信息" #: Controller/Component/RestResponseComponent.php:1083 msgid "Will not return Attributes, shadow attribute and objects" -msgstr "" +msgstr "将不返回属性、影子属性和对象" #: Controller/Component/RestResponseComponent.php:1089 msgid "Will only return id, timestamp, published and uuid" -msgstr "" +msgstr "只会返回id、timestamp、published和uuid" #: Controller/Component/RestResponseComponent.php:1096 msgid "Mock the query" -msgstr "" +msgstr "模拟查询" #: Controller/Component/RestResponseComponent.php:1120 msgid "The last time the sharing group was modified" -msgstr "" +msgstr "最后一次修改分享组" #: Controller/Component/RestResponseComponent.php:1138 msgid "The news are read" -msgstr "" +msgstr "阅读新闻" #: Controller/Component/RestResponseComponent.php:1145 msgid "The unique Signature Identification" -msgstr "" +msgstr "独特的签名标识" #: Controller/Component/RestResponseComponent.php:1151 msgid "Can be either the ORG_ID or the ORG_NAME" -msgstr "" +msgstr "可以是ORG_ID或ORG_NAME" #: Controller/Component/RestResponseComponent.php:1157 msgid "Describe the organisation" -msgstr "" +msgstr "描述组织" #: Controller/Component/RestResponseComponent.php:1163 msgid "Organisation identifier (name)" -msgstr "" +msgstr "组织定义(名称)" #: Controller/Component/RestResponseComponent.php:1175;1181 msgid "Globally used uuid of an organisation" -msgstr "" +msgstr "全球范围内使用的组织uuid" #: Controller/Component/RestResponseComponent.php:1187 msgid "The IDS flags will be set to off for this feed" -msgstr "" +msgstr "这个订阅源IDS的标志将被设置为关闭" #: Controller/Component/RestResponseComponent.php:1194 msgid "Page number for the pagination" -msgstr "" +msgstr "分页编号" #: Controller/Component/RestResponseComponent.php:1200 msgid "The hardcoded password" -msgstr "" +msgstr "硬编码密码" #: Controller/Component/RestResponseComponent.php:1272 msgid "The name of the feed provider" -msgstr "" +msgstr "订阅源提供者的名称" #: Controller/Component/RestResponseComponent.php:1278 msgid "The event will be published" -msgstr "" +msgstr "事件将被发布" #: Controller/Component/RestResponseComponent.php:1301 msgid "Allow the download of events and their attribute from the server" -msgstr "" +msgstr "允许从服务器上下载事件及其属性" #: Controller/Component/RestResponseComponent.php:1307 msgid "Allow the upload of events and their attribute to the server" -msgstr "" +msgstr "允许将事件及其属性上传到服务器上" #: Controller/Component/RestResponseComponent.php:1313 msgid "Allow the upload of sightings to the server" -msgstr "" +msgstr "允许将sightings上传到服务器上" #: Controller/Component/RestResponseComponent.php:1319 msgid "Concise summary for who this sharing group is releasable to" -msgstr "" +msgstr "有关此共享组可发布给谁的简明摘要" #: Controller/Component/RestResponseComponent.php:1337 msgid "Pass the event to any connected instance where the sync connection is tied to an organisation contained in the SG organisation list" -msgstr "" +msgstr "如果同步连接与SG组织列表中包含的组织绑定在一起, 则将事件传递给任何连接的实例." #: Controller/Component/RestResponseComponent.php:1362 msgid "The sector of the organisation" -msgstr "" +msgstr "组织部门" #: Controller/Component/RestResponseComponent.php:1374 msgid "Will only return the sharing group ID" -msgstr "" +msgstr "只会返回共享组ID" #: Controller/Component/RestResponseComponent.php:1387 msgid "Sharing group ID" -msgstr "" +msgstr "共享组ID" #: Controller/Component/RestResponseComponent.php:1393 msgid "The source of the Sighting (e.g. honeypot_1)" -msgstr "" +msgstr "观察的来源(例如: honeypot_1)" #: Controller/Component/RestResponseComponent.php:1405 msgid "The email's subject" -msgstr "" +msgstr "邮件的主题" #: Controller/Component/RestResponseComponent.php:1411;1417 msgid "Base64 encoded certificate" -msgstr "" +msgstr "Base64编码证书" #: Controller/Component/RestResponseComponent.php:1435 msgid "A tad ID to attach to created events" -msgstr "" +msgstr "附加到已创建事件的tad ID" #: Controller/Component/RestResponseComponent.php:1448 msgid "The provided ID will be reused as an existing event" -msgstr "" +msgstr "提供的ID将作为现有事件重复使用" #: Controller/Component/RestResponseComponent.php:1471 msgid "Time of the sighting with the form `h:i:s`" -msgstr "" +msgstr "观察时间, 形式为`h:i:s`" #: Controller/Component/RestResponseComponent.php:1483 msgid "The title of the log" -msgstr "" +msgstr "日志标题" #: Controller/Component/RestResponseComponent.php:1495 msgid "The date to which the event was published" -msgstr "" +msgstr "事件公布日期" #: Controller/Component/RestResponseComponent.php:1501 msgid "The state of the `to_ids` flag" -msgstr "" +msgstr "`to_ids`标志的状态" #: Controller/Component/RestResponseComponent.php:1507 msgid "The type of the attribute" -msgstr "" +msgstr "属性类型" #: Controller/Component/RestResponseComponent.php:1535 msgid "Placeholder containing values to sight" -msgstr "" +msgstr "占位符包含可见的值" #: Controller/Component/RestResponseComponent.php:1548 msgid "Not supported (warninglist->checkvalues) expect an array" -msgstr "" +msgstr "不支持(warninglist->checkvalues), 需要一个数组" #: Controller/Component/RestResponseComponent.php:1554 msgid "Not supported (removeTag)" -msgstr "" +msgstr "不支持(removeTag)" #: Controller/Component/RestResponseComponent.php:1560;1566;1572;1579;1585;1591;1597;1603;1614 msgid "Not supported" -msgstr "" +msgstr "不支持" #: Controller/Component/RestResponseComponent.php:1771 msgid "Seen within the last x amount of time, where x can be defined in days, hours, minutes (for example 5d or 12h or 30m)" -msgstr "" +msgstr "在过去X时间内看到的时间, 其中X可以用天、小时、分钟来定义(例如5d或12h或30m)" #: Controller/Component/ToolboxComponent.php:18;26 #: Model/Galaxy.php:220;277;287;301 msgid "Invalid %s." -msgstr "无效的 %s。" +msgstr "无效的 %s." #: Model/AppModel.php:1416 msgid "Indexing " @@ -2747,7 +2747,7 @@ msgstr "索引中 " #: Model/AppModel.php:1430 msgid "Issues executing the pre-update test `%s`. The returned error is: %s" -msgstr "" +msgstr "执行预更新测试`%s`出现问题, 返回的错误是: %s" #: Model/AppModel.php:1452 msgid "Successfuly executed the SQL query for " @@ -2755,11 +2755,11 @@ msgstr "成功执行 SQL 查询 " #: Model/AppModel.php:1453 msgid "The executed SQL query was: %s" -msgstr "" +msgstr "执行的SQL查询是: %s" #: Model/AppModel.php:1455 msgid "Successfuly executed the SQL query for %s" -msgstr "" +msgstr "成功执行SQL查询: " #: Model/AppModel.php:1466;1530 msgid "Issues executing the SQL query for %s" @@ -2767,19 +2767,19 @@ msgstr "" #: Model/AppModel.php:1467 msgid "The executed SQL query was: " -msgstr "执行的 SQL 查询为: " +msgstr "执行的 SQL 查询为: " #: Model/AppModel.php:1467 msgid " The returned error is: " -msgstr " 返回的错误是: " +msgstr " 返回的错误是: " #: Model/AppModel.php:1469 msgid "Issues executing the SQL query for `%s`. The returned error is: " -msgstr "" +msgstr "执行`%s`的SQL查询时出现问题" #: Model/AppModel.php:1478 msgid "However, as this error is whitelisted, the update went through." -msgstr "" +msgstr "不过, 由于这个错误已列入白名单, 所以更新通过了." #: Model/AppModel.php:1497 msgid "Successfuly indexed " @@ -2787,43 +2787,43 @@ msgstr "索引成功 " #: Model/AppModel.php:1500 msgid "Failed to add index" -msgstr "" +msgstr "添加索引失败" #: Model/AppModel.php:1502 msgid "The returned error is:" -msgstr "" +msgstr "返回错误是: " #: Model/AppModel.php:1531 msgid "Database updates stopped as some errors occured and the stop flag is enabled." -msgstr "" +msgstr "由于发生了一些错误, 数据库更新停止, 并且启用了停止标志." #: Model/AppModel.php:1690 msgid "Invalid JSON." -msgstr "" +msgstr "无效JSON" #: Model/AppModel.php:1783;1841 msgid "Issues executing run_updates" -msgstr "" +msgstr "执行run_updates出现问题" #: Model/AppModel.php:1784 msgid "Database updates are locked. Worker not spawned" -msgstr "" +msgstr "数据库更新被锁定, 没有生成Worker" #: Model/AppModel.php:1788;1846;1881 msgid "Update done" -msgstr "" +msgstr "更新完毕" #: Model/AppModel.php:1842 msgid "Updates are locked. Stopping worker gracefully" -msgstr "" +msgstr "更新被锁定, 优雅的终止worker" #: Model/AppModel.php:1861 msgid "Running update %s" -msgstr "" +msgstr "运行更新 %s" #: Model/AppModel.php:1887 msgid "Update done in another worker. Gracefuly stopping." -msgstr "" +msgstr "更新在另一个worker中完成, 优雅的终止" #: Model/Attribute.php:63 #: View/Events/filter_event_index.ctp:46;182 @@ -2866,7 +2866,7 @@ msgstr "内部攻击目标和折衷信息" #: Model/Attribute.php:81 msgid "Targeting information to include recipient email, infected machines, department, and or locations." -msgstr "目标信息所包括的收件人电子邮件、受感染的机器、部门和地点。" +msgstr "目标信息所包括的收件人电子邮件、受感染的机器、部门和地点." #: Model/Attribute.php:85 msgid "All the info about how the malware is detected by the antivirus products" @@ -2874,7 +2874,7 @@ msgstr "杀毒软件如何检测到恶意软件的所有信息" #: Model/Attribute.php:86 msgid "List of anti-virus vendors detecting the malware or information on detection performance (e.g. 13/43 or 67%). Attachment with list of detection or link to VirusTotal could be placed here as well." -msgstr "检测恶意软件或检测性能信息(例如:13/43或者67%)的杀毒软件供应商名单。可在这里附上检测列表或与VirusTotal相关的附件。" +msgstr "检测恶意软件或检测性能信息(例如:13/43或者67%)的杀毒软件供应商名单, 可在这里附上检测列表或与VirusTotal相关的附件." #: Model/Attribute.php:90 msgid "Information about how the malware is delivered" @@ -2882,11 +2882,11 @@ msgstr "有关恶意软件如何被传送的信息" #: Model/Attribute.php:91 msgid "Information about the way the malware payload is initially delivered, for example information about the email or web-site, vulnerability used, originating IP etc. Malware sample itself should be attached here." -msgstr "关于恶意软件有效载荷最初交付方式的信息,例如关于电子邮件或网站、使用的脆弱性、起源IP、恶意样品等信息应附于此处。" +msgstr "关于恶意软件有效载荷最初交付方式的信息, 例如关于电子邮件或网站、使用的脆弱性、起源IP、恶意样本等信息应附于此处." #: Model/Attribute.php:95 msgid "Any artifact (files, registry keys etc.) dropped by the malware or other modifications to the system" -msgstr "恶意软件或系统修改释放的各种工件(文件,注册表项等)" +msgstr "恶意软件释放的任意项目(文件, 注册表项等)或对系统的修改" #: Model/Attribute.php:99 msgid "Info on where the malware gets installed in the system" @@ -2894,7 +2894,7 @@ msgstr "恶意软件在系统中安装位置的有关信息" #: Model/Attribute.php:100 msgid "Location where the payload was placed in the system and the way it was installed. For example, a filename|md5 type attribute can be added here like this: c:\\windows\\system32\\malicious.exe|41d8cd98f00b204e9800998ecf8427e." -msgstr "有效负载在系统中存放的位置及其安装方式。 例如,可以在此处添加文件名| md5类型属性,如下所示:\n" +msgstr "有效负载在系统中存放的位置及其安装方式. 例如, 可以在此处添加文件名| md5类型属性, 如下所示:\n" "c:\\windows\\system32\\malicious.exe|41d8cd98f00b204e9800998ecf8427e" #: Model/Attribute.php:104 @@ -2903,7 +2903,7 @@ msgstr "恶意软件启动使用的机制" #: Model/Attribute.php:105 msgid "Mechanisms used by the malware to start at boot. This could be a registry key, legitimate driver modification, LNK file in startup" -msgstr "恶意软件启动使用的机制。可能是注册表键,合法的驱动程序修改,启动时的LNK文件" +msgstr "恶意软件启动使用的机制.可能是注册表键, 合法的驱动程序修改, 启动时的LNK文件" #: Model/Attribute.php:109 msgid "Information about network traffic generated by the malware" @@ -2915,19 +2915,19 @@ msgstr "关于最终有效载荷的资料" #: Model/Attribute.php:114 msgid "Information about the final payload(s). Can contain a function of the payload, e.g. keylogger, RAT, or a name if identified, such as Poison Ivy." -msgstr "关于最终有效载荷的信息。可以包含有效载荷的函数,例如键盘日志,RAT,或识别的恶意软件名称,例如Poison Ivy。" +msgstr "关于最终有效载荷的信息.可以包含有效载荷的函数, 例如键盘日志, RAT, 或识别的恶意软件名称, 例如Poison Ivy." #: Model/Attribute.php:118 msgid "Identification of the group, organisation, or country behind the attack" -msgstr "识别攻击背后的团体,组织或国家" +msgstr "识别攻击背后的团体, 组织或国家" #: Model/Attribute.php:122 msgid "Any other result from additional analysis of the malware like tools output" -msgstr "其他恶意软件的分析结果,例如工具输出" +msgstr "其他恶意软件的分析结果, 例如工具输出" #: Model/Attribute.php:123 msgid "Any other result from additional analysis of the malware like tools output Examples: pdf-parser output, automated sandbox analysis, reverse engineering report." -msgstr "其他恶意软件的分析结果,例如工具输出示例:pdf解析器输出,自动化沙箱分析,逆向工程报告。" +msgstr "其他恶意软件的分析结果, 例如工具输出示例: pdf解析器输出, 自动化沙箱分析, 逆向工程报告." #: Model/Attribute.php:127 msgid "Financial Fraud indicators" @@ -2935,7 +2935,7 @@ msgstr "金融诈骗指标" #: Model/Attribute.php:128 msgid "Financial Fraud indicators, for example: IBAN Numbers, BIC codes, Credit card numbers, etc." -msgstr "金融诈骗指标,例如:IBAN号码、BIC代码、信用卡号码等。" +msgstr "金融诈骗指标, 例如:IBAN号码、BIC代码、信用卡号码等." #: Model/Attribute.php:132 msgid "Tools supporting analysis or detection of the event" @@ -2955,11 +2955,11 @@ msgstr "不属于任何其他类别的属性或打算在将来MISS对象中作 #: Model/Attribute.php:154;243 msgid "A checksum in md5 format" -msgstr "sha5 格式的校验和" +msgstr "md5 格式的校验和" #: Model/Attribute.php:154 msgid "You are encouraged to use filename|md5 instead. A checksum in md5 format, only use this if you don't know the correct filename" -msgstr "建议您使用文件名|md5。md5 格式的校验和,仅在您不知道正确的文件名时使用" +msgstr "建议您使用 文件名|md5, md5格式的校验和, 仅在您不知道正确的文件名时使用" #: Model/Attribute.php:155 msgid "A checksum in sha1 format" @@ -2967,7 +2967,7 @@ msgstr "sha1 格式的校验和" #: Model/Attribute.php:155 msgid "You are encouraged to use filename|sha1 instead. A checksum in sha1 format, only use this if you don't know the correct filename" -msgstr "建议您使用文件名|sha1。sha1 格式的校验和,仅在您不知道正确的文件名时使用" +msgstr "建议您使用 文件名|sha1, sha1格式的校验和, 仅在您不知道正确的文件名时使用" #: Model/Attribute.php:156 msgid "A checksum in sha256 format" @@ -2975,7 +2975,7 @@ msgstr "sha256 格式的校验和" #: Model/Attribute.php:156 msgid "You are encouraged to use filename|sha256 instead. A checksum in sha256 format, only use this if you don't know the correct filename" -msgstr "建议您使用文件名|sha256。sha256 格式的校验和,仅在您不知道正确的文件名时使用" +msgstr "建议您使用 文件名|sha256, sha256格式的校验和, 仅在您不知道正确的文件名时使用" #: Model/Attribute.php:157 #: View/Elements/healthElements/files.ctp:29 @@ -3016,11 +3016,11 @@ msgstr "攻击者的源IP地址" #: Model/Attribute.php:163 msgid "A destination IP address of the attacker or C&C server" -msgstr "攻击者或C&C 服务器的目标IP地址" +msgstr "攻击者或 C&C 服务器的目标IP地址" #: Model/Attribute.php:163 msgid "A destination IP address of the attacker or C&C server. Also set the IDS flag on when this IP is hardcoded in malware" -msgstr "攻击者或 C&C 服务器的目标IP地址。当此IP被硬编码在恶意软件的时候,也设置 IDS 标志" +msgstr "攻击者或 C&C 服务器的目标IP地址, 当此IP被硬编码在恶意软件的时候, 也设置 IDS 标志" #: Model/Attribute.php:164 msgid "A full host/dnsname of an attacker" @@ -3028,7 +3028,7 @@ msgstr "攻击者的完整主机/反向解析域名" #: Model/Attribute.php:164 msgid "A full host/dnsname of an attacker. Also set the IDS flag on when this hostname is hardcoded in malware" -msgstr "攻击者的完整主机名/DNS名称。当这个主机名被硬编码在恶意软件的时候,也需要设置 IDS 标志" +msgstr "攻击者的完整主机名/DNS名称, 当这个主机名被硬编码在恶意软件的时候, 也需要设置 IDS 标志" #: Model/Attribute.php:165 msgid "A domain name used in the malware" @@ -3036,7 +3036,7 @@ msgstr "恶意软件中使用的域名" #: Model/Attribute.php:165 msgid "A domain name used in the malware. Use this instead of hostname when the upper domain is important or can be used to create links between events." -msgstr "恶意软件中使用的域名。 当上级域名很重要或可用在事件之间创建关联的时候,请使用上级域名代替主机名。" +msgstr "恶意软件中使用的域名, 当上级域名很重要或可用在事件之间创建关联的时候, 请使用上级域名代替主机名." #: Model/Attribute.php:166 msgid "A domain name and its IP address (as found in DNS lookup) separated by a |" @@ -3048,11 +3048,11 @@ msgstr "域名及其IP地址 (如在DNS lookup中发现) 用 | (无空格) 分 #: Model/Attribute.php:167 msgid "The email address used to send the malware." -msgstr "用于发送恶意软件的电子邮件地址。" +msgstr "用于发送恶意软件的电子邮件地址." #: Model/Attribute.php:168 msgid "eduPersonPrincipalName - eppn - the NetId of the person for the purposes of inter-institutional authentication. Should be stored in the form of user@univ.edu, where univ.edu is the name of the local security domain." -msgstr "" +msgstr "eduPersonPrincipalName -- -- eppn -- -- 用于机构间认证的个人NetId, 应以 user@univ.edu 的形式存储, 其中 univ.edu 是本地安全域的名称" #: Model/Attribute.php:169 msgid "A recipient email address" @@ -3060,7 +3060,7 @@ msgstr "收件人的邮箱地址" #: Model/Attribute.php:169 msgid "A recipient email address that is not related to your constituency." -msgstr "与服务对象无关的收件人电子邮件地址。" +msgstr "与服务对象无关的收件人电子邮件地址." #: Model/Attribute.php:170 msgid "The subject of the email" @@ -3068,7 +3068,7 @@ msgstr "电子邮件的主题" #: Model/Attribute.php:171 msgid "File name of the email attachment." -msgstr "电子邮件附件的文件名。" +msgstr "电子邮件附件的文件名." #: Model/Attribute.php:172 msgid "Email body" @@ -3084,23 +3084,23 @@ msgstr "url" #: Model/Attribute.php:175 msgid "HTTP method used by the malware (e.g. POST, GET, ...)." -msgstr "恶意软件使用的 HTTP 方法 (例如,POST、GET、...)。" +msgstr "恶意软件使用的 HTTP 方法 (例如, POST、GET、...)." #: Model/Attribute.php:176 msgid "The user-agent used by the malware in the HTTP request." -msgstr "HTTP请求中恶意软件使用的user-agent。" +msgstr "HTTP请求中恶意软件使用的user-agent." #: Model/Attribute.php:177 msgid "JA3 is a method for creating SSL/TLS client fingerprints that should be easy to produce on any platform and can be easily shared for threat intelligence." -msgstr "JA3是一种用于创建 SSL/TLS 客户端指纹的方法,这种指纹应易于在任何平台上生成,且可轻易地共享用于威胁情报。" +msgstr "JA3是一种用于创建 SSL/TLS 客户端指纹的方法, 这种指纹应易于在任何平台上生成, 且可轻易地共享用于威胁情报." #: Model/Attribute.php:178 msgid "hassh is a network fingerprinting standard which can be used to identify specific Client SSH implementations. The fingerprints can be easily stored, searched and shared in the form of an MD5 fingerprint." -msgstr "hassh 是一种网络指纹标准实现,可用来识别特定客户端SSH 。该指纹可以被轻松存储、搜索和以MD5指纹形式共享。" +msgstr "hassh 是一种网络指纹标准实现, 可用来识别特定客户端SSH .该指纹可以被轻松存储、搜索和以MD5指纹形式共享." #: Model/Attribute.php:179 msgid "hasshServer is a network fingerprinting standard which can be used to identify specific Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of an MD5 fingerprint." -msgstr "hasshServer 是一种网络指纹标准实现,可用来识别特定的服务器 SSH 。该指纹可以轻松存储、搜索和以MD5指纹形式共享。" +msgstr "hasshServer 是一种网络指纹标准实现, 可用来识别特定的服务器 SSH .该指纹可以轻松存储、搜索和以MD5指纹形式共享." #: Model/Attribute.php:180 msgid "Registry key or value" @@ -3120,7 +3120,7 @@ msgstr "Snort 规则格式中的 IDS 规则" #: Model/Attribute.php:183 msgid "An IDS rule in Snort rule-format. This rule will be automatically rewritten in the NIDS exports." -msgstr "Snort规则格式中的IDS规则。该规则将自动在NIDS导出中重写。" +msgstr "Snort规则格式中的IDS规则.该规则将自动在NIDS导出中重写." #: Model/Attribute.php:184 msgid "An NIDS rule in the Bro rule-format" @@ -3128,7 +3128,7 @@ msgstr "Bro规则格式中的NIDS 规则" #: Model/Attribute.php:184 msgid "An NIDS rule in the Bro rule-format." -msgstr "布尔规则格式中的NIDS规则。" +msgstr "布尔规则格式中的NIDS规则." #: Model/Attribute.php:185 msgid "An NIDS rule in the Zeek rule-format" @@ -3136,11 +3136,11 @@ msgstr "Zeek规则格式中的NIDS规则" #: Model/Attribute.php:185 msgid "An NIDS rule in the Zeek rule-format." -msgstr "Zeek规则格式中的NIDS规则。" +msgstr "Zeek规则格式中的NIDS规则." #: Model/Attribute.php:186 msgid "a community ID flow hashing algorithm to map multiple traffic monitors into common flow id" -msgstr "" +msgstr "Community ID Flow Hashing算法, 将多个流量监控器映射为公共流ID" #: Model/Attribute.php:187 msgid "Pattern in file that identifies the malware" @@ -3172,27 +3172,27 @@ msgstr "GENE - Go Evtx sigNature 引擎" #: Model/Attribute.php:194 msgid "Kusto query - Kusto from Microsoft Azure is a service for storing and running interactive analytics over Big Data." -msgstr "" +msgstr "Kusto查询 - 来自微软Azure的Kusto是一项用于存储和运行大数据交互式分析的服务." #: Model/Attribute.php:195 msgid "A media type (also MIME type and content type) is a two-part identifier for file formats and format contents transmitted on the Internet" -msgstr "介质类型(也是 MIME 类型和内容类型) 是用于文件格式和在互联网上传输的格式内容的两部分标识符" +msgstr "介质类型(也是 MIME 类型和内容类型)是用于文件格式和在互联网上传输的格式内容的两部分标识符" #: Model/Attribute.php:196 msgid "Identity card number" -msgstr "身份卡号码" +msgstr "身份证号码" #: Model/Attribute.php:197 msgid "HTTP cookie as often stored on the user web client. This can include authentication cookie or session cookie." -msgstr "HTTP cookie 通常存储在用户的网络客户端。这可以包括身份验证 cookie 或 session cookie。" +msgstr "HTTP cookie 通常存储在用户的网络客户端, 这可以包括身份验证 cookie 或 session cookie." #: Model/Attribute.php:198 msgid "A reference to the vulnerability used in the exploit" -msgstr "对漏洞的利用中所使用漏洞的引用" +msgstr "指的是在利用中使用的漏洞" #: Model/Attribute.php:199 msgid "A reference to the weakness used in the exploit" -msgstr "" +msgstr "指的是在利用中使用的薄弱点" #: Model/Attribute.php:200 msgid "Attachment with external information" @@ -3200,7 +3200,7 @@ msgstr "包含外部资料的附件" #: Model/Attribute.php:200;201 msgid "Please upload files using the Upload Attachment button." -msgstr "请使用 上传附件 按钮上传附件。" +msgstr "请使用 上传附件 按钮上传附件." #: Model/Attribute.php:201 msgid "Attachment containing encrypted malware sample" @@ -3216,7 +3216,7 @@ msgstr "人类语言的评论或描述" #: Model/Attribute.php:203 msgid "Comment or description in a human language. This will not be correlated with other attributes" -msgstr "使用人类语言的评论或描述。这不会与其他属性关联" +msgstr "使用人类语言的评论或描述, 这不会与其他属性关联" #: Model/Attribute.php:204 msgid "Name, ID or a reference" @@ -3236,7 +3236,7 @@ msgstr "已命名管道, 使用格式 \\.\\pipe\\" #: Model/Attribute.php:208 msgid "Mutex, use the format \\BaseNamedObjects\\" -msgstr "Mutex,使用格式 \\BaseNamedObjects\\" +msgstr "Mutex, 使用格式 \\BaseNamedObjects\\" #: Model/Attribute.php:209 msgid "Attack Targets Username(s)" @@ -3268,7 +3268,7 @@ msgstr "比特币地址" #: Model/Attribute.php:216 msgid "Dash Address" -msgstr "" +msgstr "短信地址" #: Model/Attribute.php:217 msgid "Monero Address" @@ -3328,7 +3328,7 @@ msgstr "验证码可执行的签名哈希码" #: Model/Attribute.php:231 msgid "You are encouraged to use filename|authentihash instead. Authenticode executable signature hash, only use this if you don't know the correct filename" -msgstr "鼓励您使用 文件名|authentihash 代替。认证可执行签名已经存在,仅在您不知道正确的文件名时使用" +msgstr "鼓励您使用 文件名|authentihash 代替, Authenticode可执行代码的签名哈希, 仅在您不知道正确的文件名时使用" #: Model/Attribute.php:232;244 msgid "A checksum in ssdeep format" @@ -3336,27 +3336,27 @@ msgstr "ssdeep格式的校验和" #: Model/Attribute.php:232 msgid "You are encouraged to use filename|ssdeep instead. A checksum in the SSDeep format, only use this if you don't know the correct filename" -msgstr "鼓励使用 文件名|ssdeep 代替。一个 SSDeep 格式的校验码,仅当您不知道正确的文件名时使用" +msgstr "鼓励使用 文件名|ssdeep 代替, 一个 SSDeep 格式的校验码, 仅当您不知道正确的文件名时使用" #: Model/Attribute.php:233;245 msgid "Import hash - a hash created based on the imports in the sample." -msgstr "导入hash-基于样本中的导入创建的hash。" +msgstr "导入hash-基于样本中的导入创建的hash." #: Model/Attribute.php:233 msgid "You are encouraged to use filename|imphash instead. A hash created based on the imports in the sample, only use this if you don't know the correct filename" -msgstr "鼓励使用文件名|imphash 代替。 基于导入样本创建的哈希,仅当您不知道正确的文件名时使用" +msgstr "鼓励使用 文件名|imphash 代替. 基于导入样本创建的哈希, 仅当您不知道正确的文件名时使用" #: Model/Attribute.php:234 msgid "PEhash - a hash calculated based of certain pieces of a PE executable file" -msgstr "Pehash - 基于某些PE 可执行文件的hash计算" +msgstr "Pehash - 根据PE可执行文件中的某些片段计算出的散列值" #: Model/Attribute.php:235 msgid "A fuzzy hash of import table of Portable Executable format" -msgstr "PE格式导入表的模糊哈希码" +msgstr "PE格式导入表的模糊哈希值" #: Model/Attribute.php:235 msgid "You are encouraged to use filename|impfuzzy instead. A fuzzy hash created based on the imports in the sample, only use this if you don't know the correct filename" -msgstr "鼓励使用文件名|impfuzzy 代替。基于样本中导入创建的模糊哈希码, 仅在您不知道正确的文件名时使用" +msgstr "鼓励使用 文件名|impfuzzy 代替, 基于样本中导入创建的模糊哈希码, 仅在您不知道正确的文件名时使用" #: Model/Attribute.php:236 msgid "A checksum in sha-224 format" @@ -3364,7 +3364,7 @@ msgstr "sha-224格式的校验和" #: Model/Attribute.php:236 msgid "You are encouraged to use filename|sha224 instead. A checksum in sha224 format, only use this if you don't know the correct filename" -msgstr "建议您使用 文件名|sha224 替代。sha224格式的校验和,仅在您不知道正确的文件名时使用" +msgstr "建议您使用 文件名|sha224 替代, sha224格式的校验和, 仅在您不知道正确的文件名时使用" #: Model/Attribute.php:237 msgid "A checksum in sha-384 format" @@ -3372,7 +3372,7 @@ msgstr "sha384 格式的校验和" #: Model/Attribute.php:237 msgid "You are encouraged to use filename|sha384 instead. A checksum in sha384 format, only use this if you don't know the correct filename" -msgstr "建议您使用文件名|sha384。sha384 格式的校验和,仅在不知道正确文件名的时候使用" +msgstr "建议您使用 文件名|sha384, sha384格式的校验和, 仅在您不知道正确文件名的时候使用" #: Model/Attribute.php:238 msgid "A checksum in sha-512 format" @@ -3380,7 +3380,7 @@ msgstr "sha512 格式的校验和" #: Model/Attribute.php:238 msgid "You are encouraged to use filename|sha512 instead. A checksum in sha512 format, only use this if you don't know the correct filename" -msgstr "建议您使用文件名|sha512。sha512 格式的校验和,仅在不知道正确文件名的时候使用" +msgstr "建议您使用 文件名|sha512, sha512格式的校验和, 仅在您不知道正确文件名的时候使用" #: Model/Attribute.php:239 msgid "A checksum in the sha-512/224 format" @@ -3388,7 +3388,7 @@ msgstr "sha-512/224 格式的校验和" #: Model/Attribute.php:239 msgid "You are encouraged to use filename|sha512/224 instead. A checksum in sha512/224 format, only use this if you don't know the correct filename" -msgstr "建议您使用文件名|sha512。sha224 格式的校验和,仅在不知道正确文件名的时候使用" +msgstr "建议您使用 文件名|sha512/sha224, sha512/sha224格式的校验和, 仅在您不知道正确文件名的时候使用" #: Model/Attribute.php:240 msgid "A checksum in the sha-512/256 format" @@ -3396,7 +3396,7 @@ msgstr "sha-512/256 格式的校验和" #: Model/Attribute.php:240 msgid "You are encouraged to use filename|sha512/256 instead. A checksum in sha512/256 format, only use this if you don't know the correct filename" -msgstr "建议您使用 文件名|sha512/256。一个sha512/256格式的校验和,仅当你不知道正确的文件名时使用" +msgstr "建议您使用 文件名|sha512/256, sha512/256格式的校验和, 仅当您不知道正确的文件名时使用" #: Model/Attribute.php:241 msgid "A checksum in the Trend Micro Locality Sensitive Hash format" @@ -3404,7 +3404,7 @@ msgstr "在 TrendMicro Locality Sensitive Hash 格式中的校验和" #: Model/Attribute.php:241 msgid "You are encouraged to use filename|tlsh instead. A checksum in the Trend Micro Locality Sensitive Hash format, only use this if you don't know the correct filename" -msgstr "建议您使用 文件名|tlsh 代替。 在 TrendMicro Locality Sensitive Hash 格式中校验和,仅当您不知道正确的文件名时使用" +msgstr "建议您使用 文件名|tlsh, TrendMicro Locality Sensitive Hash 格式中校验和, 仅当您不知道正确的文件名时使用" #: Model/Attribute.php:242 msgid "An Apple Code Directory Hash, identifying a code-signed Mach-O executable file" @@ -3412,7 +3412,7 @@ msgstr "Apple Code Directory Hash, 指明代码签署的Mach-O可执行文件" #: Model/Attribute.php:246 msgid "Import fuzzy hash - a fuzzy hash created based on the imports in the sample." -msgstr "导入模糊hash-基于导入样本创建的模糊hash。" +msgstr "导入模糊hash-基于导入样本创建的模糊hash." #: Model/Attribute.php:247 msgid "A filename and a PEhash separated by a |" @@ -3440,7 +3440,7 @@ msgstr "用一个 | 分隔的文件名和 sha-512/256 哈希值" #: Model/Attribute.php:253 msgid "A filename and a Trend Micro Locality Sensitive Hash separated by a |" -msgstr "一个文件名和 TrendMicro Locality Sensitive hash,用 | 分隔。" +msgstr "一个文件名和 TrendMicro Locality Sensitive hash, 用 | 分隔." #: Model/Attribute.php:254 msgid "A scheduled task in windows" @@ -3448,35 +3448,35 @@ msgstr "窗口中的预定任务" #: Model/Attribute.php:255 msgid "A windows service name. This is the name used internally by windows. Not to be confused with the windows-service-displayname." -msgstr "一个窗口服务名称。这是由窗口内部使用的名称。不要与窗口服务显示名称混淆。" +msgstr "一个窗口服务名称, 这是由窗口内部使用的名称, 不要与窗口服务显示名称混淆." #: Model/Attribute.php:256 msgid "A windows service's displayname, not to be confused with the windows-service-name. This is the name that applications will generally display as the service's name in applications." -msgstr "窗口服务的显示名称,不要与窗口服务名称相混淆。 在应用程序中通常显示为服务名称的名称。" +msgstr "窗口服务的显示名称, 不要与窗口服务名称相混淆, 在应用程序中通常显示为服务名称的名称." #: Model/Attribute.php:257 msgid "The e-mail of a domain's registrant, obtained from the WHOIS information." -msgstr "域名注册人的电子邮箱,来自WHOIS信息。" +msgstr "域名注册人的电子邮箱, 来自WHOIS信息." #: Model/Attribute.php:258 msgid "The phone number of a domain's registrant, obtained from the WHOIS information." -msgstr "域名注册人的电话号码,来自WHOIS信息。" +msgstr "域名注册人的电话号码, 来自WHOIS信息." #: Model/Attribute.php:259 msgid "The name of a domain's registrant, obtained from the WHOIS information." -msgstr "域名注册人的姓名,来自WHOIS信息。" +msgstr "域名注册人的姓名, 来自WHOIS信息." #: Model/Attribute.php:260 msgid "The org of a domain's registrant, obtained from the WHOIS information." -msgstr "域名注册人的组织名,来自WHOIS信息。" +msgstr "域名注册人的组织名, 来自WHOIS信息." #: Model/Attribute.php:261 msgid "The registrar of the domain, obtained from the WHOIS information." -msgstr "域名注册商,来自WHOIS信息。" +msgstr "域名注册商, 来自WHOIS信息." #: Model/Attribute.php:262 msgid "The date of domain's creation, obtained from the WHOIS information." -msgstr "域名创建日期,来自WHOIS信息。。" +msgstr "域名创建日期, 来自WHOIS信息.." #: Model/Attribute.php:267 msgid "X509 fingerprint in SHA-1 format" @@ -3492,7 +3492,7 @@ msgstr "SHA-256 格式的 X509 证书指纹" #: Model/Attribute.php:270 msgid "RFC1035 mandates that DNS zones should have a SOA (Statement Of Authority) record that contains an email address where a PoC for the domain could be contacted. This can sometimes be used for attribution/linkage between different domains even if protected by whois privacy" -msgstr "RFC1035 授权DNS区应该有一个 SOA (授权说明) 记录,其中包含一个电子邮件地址,可以联系到一个域的 PoC 。 这有时可以用于不同域之间的属性/关联,即使其受到WHOIS保护" +msgstr "RFC1035 授权DNS区应该有一个 SOA (授权说明) 记录, 其中包含一个电子邮件地址, 可以联系到一个域的 PoC . 这有时可以用于不同域之间的属性/关联, 即使其受到WHOIS保护" #: Model/Attribute.php:271 msgid "Size expressed in bytes" @@ -3500,7 +3500,7 @@ msgstr "以字节表示的大小" #: Model/Attribute.php:272 msgid "An integer counter, generally to be used in objects" -msgstr "整数计数器,通常用于对象" +msgstr "整数计数器, 通常用于对象" #: Model/Attribute.php:273 msgid "Datetime in the ISO 8601 format" @@ -3516,15 +3516,15 @@ msgstr "端口号" #: Model/Attribute.php:276 msgid "IP destination and port number separated by a |" -msgstr "" +msgstr "目的IP和端口号以 | 分隔" #: Model/Attribute.php:277 msgid "IP source and port number separated by a |" -msgstr "" +msgstr "源IP和端口号以 | 分隔" #: Model/Attribute.php:278 msgid "Hostname and port number separated by a |" -msgstr "" +msgstr "主机名称和端口号以 | 分隔" #: Model/Attribute.php:279 msgid "Mac address" @@ -3560,7 +3560,7 @@ msgstr "电子邮件mime边界将多部分电子邮件中的各个部分分开" #: Model/Attribute.php:288 msgid "The email thread index header" -msgstr "电子邮件线程索引标头" +msgstr "电子邮件话题索引标头" #: Model/Attribute.php:289 msgid "The email message ID" @@ -3608,7 +3608,7 @@ msgstr "自然人的出生地" #: Model/Attribute.php:300 msgid "The gender of a natural person (Male, Female, Other, Prefer not to say)" -msgstr "自然人的性别(男、女、其他,保密)" +msgstr "自然人的性别(男、女、其他, 保密)" #: Model/Attribute.php:301 msgid "The passport number of a natural person" @@ -3624,7 +3624,7 @@ msgstr "护照到期日期" #: Model/Attribute.php:304 msgid "The Redress Control Number is the record identifier for people who apply for redress through the DHS Travel Redress Inquiry Program (DHS TRIP). DHS TRIP is for travelers who have been repeatedly identified for additional screening and who want to file an inquiry to have erroneous information corrected in DHS systems" -msgstr "补偿控制编号是通过DHS旅行补偿查询计划(DHS TRIP)申请补偿的人员的记录标识符。 DHS TRIP适用于已被反复识别以进行额外筛查并且想要提出查询以在DHS系统中更正错误信息的旅行者" +msgstr "补偿控制编号是通过DHS旅行补偿查询计划(DHS TRIP)申请补偿的人员的记录标识符. DHS TRIP适用于已被反复识别以进行额外筛查并且想要提出查询以在DHS系统中更正错误信息的旅行者" #: Model/Attribute.php:305 msgid "The nationality of a natural person" @@ -3648,7 +3648,7 @@ msgstr "自然人的居住国" #: Model/Attribute.php:310 msgid "A Special Service Request is a function to an airline to provide a particular facility for A Passenger or passengers. " -msgstr "特别服务申请书是航空公司为旅客或乘客提供特定设施的职能。 " +msgstr "特别服务申请书是航空公司为旅客或乘客提供特定设施的职能. " #: Model/Attribute.php:311 msgid "The frequent flyer number of a passenger" @@ -3676,7 +3676,7 @@ msgstr "乘客将被送达口" #: Model/Attribute.php:319 msgid "The Passenger Name Record Locator is a key under which the reservation for a trip is stored in the system. The PNR contains, among other data, the name, flight segments and address of the passenger. It is defined by a combination of five or six letters and numbers." -msgstr "旅客姓名记录定位器是一个将旅行预订存储在系统中的密钥。 除其他数据外,PNR还包括旅客的姓名、飞行线段和地址。 它由5或6个字母和数字组成。" +msgstr "旅客姓名记录定位器是一个将旅行预订存储在系统中的密钥. 除其他数据外, PNR还包括旅客的姓名、飞行线段和地址. 它由5或6个字母和数字组成." #: Model/Attribute.php:320 msgid "The application id of a mobile application" @@ -3684,7 +3684,7 @@ msgstr "移动应用程序的id" #: Model/Attribute.php:321 msgid "Chrome extension id" -msgstr "" +msgstr "Chrome扩展程序id" #: Model/Attribute.php:322 msgid "Cortex analysis result" @@ -3704,222 +3704,222 @@ msgstr "匿名值 - 通过与匿名对象的关系来描述." #: Model/Attribute.php:644 msgid "Composite type, but value not explodable" -msgstr "复合型,但其值无法注解" +msgstr "复合型, 但其值无法注解" #: Model/Attribute.php:791 msgid "Delete of file attachment failed. Please report to administrator." -msgstr "删除文件附件失败。请向管理员报告。" +msgstr "删除文件附件失败, 请向管理员报告." #: Model/Attribute.php:935 msgid "The entered string is too long and would get truncated. Please consider adding the data as an attachment instead" -msgstr "输入的字符串过长将会被截断。请考虑以附件形式添加数据" +msgstr "输入的字符串过长将会被截断, 请考虑以附件形式添加数据" #: Model/Attribute.php:1074 msgid "Checksum has an invalid length or format (expected: %s hexadecimal characters). Please double check the value or select type \"other\"." -msgstr "校验和长度或格式无效(应为: %s 十六进制字符)。请重新检查值或选择类型“其他”。" +msgstr "校验和长度或格式无效(应为: %s 十六进制字符), 请重新检查值或选择类型“其他”." #: Model/Attribute.php:1081 msgid "Checksum has an invalid length or format (expected: at least 35 hexadecimal characters). Please double check the value or select type \"other\"." -msgstr "校验和长度或格式无效(应为:至少35个十六进制字符)。请重新检查值或选择类型“其他”。" +msgstr "校验和长度或格式无效(应为:至少35个十六进制字符), 请重新检查值或选择类型“其他”." #: Model/Attribute.php:1088 msgid "The input doesn't match the expected sha1 format (expected: 40 hexadecimal characters). Keep in mind that MISP currently only supports SHA1 for PEhashes, if you would like to get the support extended to other hash types, make sure to create a github ticket about it at https://github.com/MISP/MISP!" -msgstr "输入不匹配预期的 sha1 格式 (应为:40 十六进制字符)。 注意,MISP 目前只支持 SHA1 的 Pehashes,如果您想要获得扩展到其他散列类型的支持, 请务必在https://github.com/MISP/MISP创建一个!" +msgstr "输入不匹配预期的 sha1 格式 (应为:40 十六进制字符)., 注意, MISP 目前只支持 SHA1 的 Pehashes, 如果您想要获得扩展到其他散列类型的支持, 请务必在https://github.com/MISP/MISP创建一个!" #: Model/Attribute.php:1099 msgid "Invalid SSDeep hash. The format has to be blocksize:hash:hash" -msgstr "" +msgstr "无效SSDeep hash, 格式必须为 blocksize:hash:hash" #: Model/Attribute.php:1110 msgid "Invalid impfuzzy format. The format has to be imports:hash:hash" -msgstr "" +msgstr "无效impfuzzy格式, 格式必须为 imports:hash:hash" #: Model/Attribute.php:1117 msgid "The input doesn't match the expected format (expected: 40 or more hexadecimal characters)" -msgstr "" +msgstr "输入格式不正确(应如:40个或更多十六进制字符)" #: Model/Attribute.php:1132 msgid "The input doesn't match the expected filename|sha1 format (expected: filename|40 hexadecimal characters). Keep in mind that MISP currently only supports SHA1 for PEhashes, if you would like to get the support extended to other hash types, make sure to create a github ticket about it at https://github.com/MISP/MISP!" -msgstr "" +msgstr "输入不符合预期的filename|sha1格式(应如:40个或更多十六进制字符), 请记住, MISP目前只支持SHA1的PEhashes, 如果您想把支持扩展到其他的散列类型, 请务必在github上创建一个github ticket, 地址是:https://github.com/MISP/MISP" #: Model/Attribute.php:1150 msgid "Checksum has an invalid length or format (expected: filename|%s hexadecimal characters). Please double check the value or select type \"other\"." -msgstr "" +msgstr "校验和有一个无效的长度或格式(应如:文件名|%s 十六进制字符), 请仔细检查该值或选择\"other\"类型." #: Model/Attribute.php:1155 msgid "Invalid composite type. The format has to be %s." -msgstr "无效的复合类型。格式必须是 %s。" +msgstr "无效的复合类型, 格式必须是 %s." #: Model/Attribute.php:1166 msgid "Invalid SSDeep hash (expected: blocksize:hash:hash)." -msgstr "无效的SSDeep hash(应如:blocksize:hash:hash)。" +msgstr "无效的SSDeep hash(应如:blocksize:hash:hash)." #: Model/Attribute.php:1174 msgid "Checksum has an invalid length or format (expected: filename|at least 35 hexadecimal characters). Please double check the value or select type \"other\"." -msgstr "校验和的长度或格式无效(预期为:文件名|至少35个十六进制字符)。请重新检查值或选择类型“其他”。" +msgstr "校验和的长度或格式无效(应如:文件名|至少35个十六进制字符), 请重新检查值或选择类型“其他”." #: Model/Attribute.php:1185 msgid "Invalid CIDR notation value found." -msgstr "发现无效的 CIDR 注解值。" +msgstr "发现无效的 CIDR 注解值." #: Model/Attribute.php:1192;1243 msgid "IP address has an invalid format." -msgstr "IP地址格式无效。" +msgstr "IP地址格式无效." #: Model/Attribute.php:1197 msgid "Port numbers have to be positive integers between 1 and 65535." -msgstr "端口号必须是 1 到 65535 之间的正整数。" +msgstr "端口号必须是 1 到 65535 之间的正整数." #: Model/Attribute.php:1226 msgid " name has an invalid format. Please double check the value or select type \"other\"." -msgstr " 名称格式无效。请重新检查值或选择类型“其他”。" +msgstr " 名称格式无效, 请重新检查值或选择类型“其他”." #: Model/Attribute.php:1246 msgid "Domain name has an invalid format." -msgstr "域名格式无效。" +msgstr "域名格式无效." #: Model/Attribute.php:1260 msgid "Email address has an invalid format. Please double check the value or select type \"other\"." -msgstr "电子邮件地址格式无效。请重新检查值或选择类型“其他”。" +msgstr "电子邮件地址格式无效, 请重新检查值或选择类型“其他”." #: Model/Attribute.php:1268 msgid "Invalid format. Expected: CVE-xxxx-xxxx..." -msgstr "无效的格式。应如:CVE-xxxx-xxxx..." +msgstr "无效的格式, 应如: CVE-xxxx-xxxx..." #: Model/Attribute.php:1276 msgid "Invalid format. Expected: CWE-x..." -msgstr "" +msgstr "无效的格式, 应如: CWE-x..." #: Model/Attribute.php:1287 msgid "Invalid format. Only values shorter than 256 characters that don't include any forward or backward slashes are allowed." -msgstr "无效的格式。只允许值小于256个字符并且不包含任何正反斜线号。" +msgstr "无效的格式, 只允许值小于256个字符并且不包含任何正反斜线号." #: Model/Attribute.php:1405 msgid "Datetime has to be in the ISO 8601 format." -msgstr "日期时间必须是ISO 8601格式。" +msgstr "日期时间必须是ISO 8601格式." #: Model/Attribute.php:1411 msgid "The value has to be a number greater or equal 0." -msgstr "值必须大于或等于 0。" +msgstr "值必须大于或等于 0." #: Model/Attribute.php:1418 msgid "The value has to be a number between 0 and 10." -msgstr "值必须是 0 到 10 之间的数字。" +msgstr "值必须是 0 到 10 之间的数字." #: Model/Attribute.php:2278;2346 msgid "Could not read user." -msgstr "无法读取用户。" +msgstr "无法读取用户." #: Model/Attribute.php:2282 msgid "Invalid hash type." -msgstr "无效hash类型。" +msgstr "无效hash类型." #: Model/Attribute.php:2973 msgid "This field is mandatory." -msgstr "此字段为必填字段。" +msgstr "此字段为必填字段." #: Model/Attribute.php:3540 msgid "Something went wrong. Received a non-numeric event ID while trying to create a zip archive of an uploaded malware sample." -msgstr "" +msgstr "出了点问题, 在试图创建一个上载恶意软件样本的压缩存档时, 收到了一个非数字事件ID" #: Model/Community.php:26;67 msgid "Default community list not found." -msgstr "" +msgstr "默认社区列表未找到" #: Model/Community.php:30;71 msgid "Default community list empty." -msgstr "" +msgstr "默认社区列表为空" #: Model/Community.php:35;76 msgid "Default community list not in the expected format." -msgstr "" +msgstr "默认社区列表不符合预期格式" #: Model/Community.php:93 msgid "Community not found." -msgstr "" +msgstr "社区未找到" #: Model/DecayingModel.php:162 msgid "Models could not be loaded or default decaying models folder is empty" -msgstr "" +msgstr "无法加载模型, 或默认衰减模型文件夹为空" #: Model/DecayingModel.php:351 msgid "No tags nor predicates with `numerical_value`" -msgstr "" +msgstr "没有带`numerical_value`的标签或谓语" #: Model/DecayingModel.php:358 msgid "No predicate" -msgstr "" +msgstr "没有谓语" #: Model/DecayingModel.php:437 msgid "The class for `%s` was not found or not loaded correctly" -msgstr "" +msgstr "`%s`的类没有找到或没有正确加载" #: Model/Event.php:390 msgid "Click this to download all events and attributes that you have access to in MISP JSON format." -msgstr "单击此处下载您可以访问的 MISP JSON 格式的所有事件和属性。" +msgstr "点击此处下载您可以访问的 MISP JSON 格式的所有事件和属性." #: Model/Event.php:398 msgid "Click this to download all events and attributes that you have access to in MISP XML format." -msgstr "单击此处下载您可以访问的 MISP XML 格式的所有事件和属性。" +msgstr "点击此处下载您可以访问的 MISP XML 格式的所有事件和属性." #: Model/Event.php:406 #: View/Events/export_alternate.ctp:19 msgid "Click this to download all attributes that are indicators and that you have access to (except file attachments) in CSV format." -msgstr "单击此处下载作为指示项的所有属性,并且您可以访问CSV格式的所有属性(除文件附件外)。" +msgstr "点击此处下载作为指示项的所有属性, 并且您可以访问CSV格式的所有属性(除文件附件外)." #: Model/Event.php:414 #: View/Events/export_alternate.ctp:26 msgid "Click this to download all attributes that you have access to (except file attachments) in CSV format." -msgstr "单击此处下载您可以访问的 CSV 格式的所有属性(除文件附件外)。" +msgstr "点击此处下载您可以访问的 CSV 格式的所有属性(除文件附件外)." #: Model/Event.php:422 msgid "Click this to download all network related attributes that you have access to under the Suricata rule format. Only published events and attributes marked as IDS Signature are exported. Administration is able to maintain a whitelist containing host, domain name and IP numbers to exclude from the NIDS export." -msgstr "单击此处下载您可以在 Suricata 规则格式下访问的所有网络相关属性。 只导出标记为 IDS 签名的已发布事件和属性。 管理员能够保留一个包含主机、 域名和 IP 编号的白名单,从NIDS 导出中排除。" +msgstr "点击此处可下载您在 Suricata 规则格式下访问的所有网络相关属性, 只导出标记为 IDS 签名的已发布事件和属性, 管理员能够保留一个包含主机、域名和 IP 编号的白名单, 以便从NIDS导出中排除." #: Model/Event.php:430 msgid "Click this to download all network related attributes that you have access to under the Snort rule format. Only published events and attributes marked as IDS Signature are exported. Administration is able to maintain a whitelist containing host, domain name and IP numbers to exclude from the NIDS export." -msgstr "" +msgstr "点击此处可下载您在 Snort 规则格式下访问的所有网络相关属性, 只导出标记为 IDS 签名的已发布事件和属性, 管理员能够保留一个包含主机、域名和 IP 编号的白名单, 以便从NIDS导出中排除." #: Model/Event.php:438 msgid "Click this to download all network related attributes that you have access to under the Bro rule format. Only published events and attributes marked as IDS Signature are exported. Administration is able to maintain a whitelist containing host, domain name and IP numbers to exclude from the NIDS export." -msgstr "" +msgstr "点击此处可下载您在 Bro 规则格式下访问的所有网络相关属性, 只导出标记为 IDS 签名的已发布事件和属性, 管理员能够保留一个包含主机、域名和 IP 编号的白名单, 以便从NIDS导出中排除." #: Model/Event.php:446 msgid "Click this to download an a STIX document containing the STIX version of all events and attributes that you have access to." -msgstr "" +msgstr "点击此处可下载一个STIX文档, 其中包含您可以访问的所有事件和属性的STIX版本" #: Model/Event.php:454 msgid "Click this to download an a STIX2 document containing the STIX2 version of all events and attributes that you have access to." -msgstr "" +msgstr "点击此处可下载一个STIX2文档, 其中包含您可以访问的所有事件和属性的STIX2版本" #: Model/Event.php:462 #: View/Events/export_alternate.ctp:56 msgid "Click this to download an RPZ Zone file generated from all ip-src/ip-dst, hostname, domain attributes. This can be useful for DNS level firewalling. Only published events and attributes marked as IDS Signature are exported." -msgstr "" +msgstr "点击此处可下载一个由所有的ip-src/ip-dst、主机名、域名属性生成的RPZ Zone文件, 这对于DNS级别的防火墙很有用, 只有已发布的事件和标记为IDS签名的属性才会被导出。" #: Model/Event.php:470 msgid "Click on one of the buttons below to download all the attributes with the matching type. This list can be used to feed forensic software when searching for susipicious files. Only published events and attributes marked as IDS Signature are exported." -msgstr "" +msgstr "点击下面的按钮, 下载所有匹配类型的属性, 该列表可用于在搜索可疑文件时为订阅源取证软件提供信息, 只有已发布的事件和标记为IDS签名的属性才会被导出." #: Model/Event.php:478 msgid "Click this to download Yara rules generated from all relevant attributes." -msgstr "" +msgstr "点击此处可下载由所有相关属性生成的Yara规则" #: Model/Event.php:486 msgid "Click this to download Yara rules generated from all relevant attributes. Rules are returned in a JSON format with information about origin (generated or parsed) and validity." -msgstr "" +msgstr "点击此处可下载由所有相关属性生成的Yara规则, 规则将以JSON格式返回, 并包含有关来源(生成或解析)和有效性的信息" #: Model/Event.php:5722 msgid "Issues while loading the stix file. " -msgstr "加载stix文件时出现问题。 " +msgstr "加载stix文件时出现问题. " #: Model/Event.php:5724 msgid "Issues with the maec library. " -msgstr "Maec库存在问题。 " +msgstr "Maec库存在问题. " #: Model/Event.php:5726 msgid "Issues executing the ingestion script or invalid input. " -msgstr "存在执行摄取脚本或输入无效的问题。 " +msgstr "存在执行提取脚本或输入无效的问题. " #: Model/Event.php:5729 msgid "Please ask your administrator to " @@ -3931,7 +3931,7 @@ msgstr "请 " #: Model/Event.php:5733 msgid "check whether the dependencies for STIX are met via the diagnostic tool." -msgstr "检查是否通过诊断工具满足了STIX的依赖性。" +msgstr "检查是否通过诊断工具满足了STIX的依赖性." #: Model/Event.php:5765 msgid "#" @@ -3943,7 +3943,7 @@ msgstr "%s 未设置" #: Model/Event.php:6023 msgid "Could not add tags." -msgstr "无法添加标签。" +msgstr "无法添加标签." #: Model/Event.php:6505 msgid "process_" @@ -3959,19 +3959,19 @@ msgstr "订阅源 %s" #: Model/Feed.php:1635 msgid "Invalid feed id." -msgstr "" +msgstr "无效订阅源ID" #: Model/Feed.php:1638 msgid "Feed has to be either a CSV or a freetext feed for the purging to work." -msgstr "" +msgstr "订阅源必须是CSV或者是Freetxt的订阅源, 这样才会有效果." #: Model/Feed.php:1643 msgid "Invalid user id." -msgstr "" +msgstr "无效用户ID" #: Model/Feed.php:1663 msgid "Events related to feed %s purged." -msgstr "" +msgstr "订阅源 %s 的相关事件被清除" #: Model/Galaxy.php:421 msgid "Galaxy cannot be represented as a matrix" @@ -3979,11 +3979,11 @@ msgstr "Galaxy无法以矩阵显示" #: Model/MispObject.php:1057 msgid "Selected Attributes do not exist." -msgstr "所选属性不存在。" +msgstr "所选属性不存在." #: Model/Server.php:140 msgid "Certain administrative tasks are exposed to the API, these help with maintaining and configuring MISP in an automated way / via external tools." -msgstr "某些管理任务会暴露给API,这些帮助通过外部工具自动维护和配置MISP。" +msgstr "某些管理任务被暴露在API中, 这些任务有助于以自动化的方式维护和配置MISP, 通过外部工具来实现" #: Model/Server.php:141 msgid "Administering MISP via the CLI" @@ -3991,7 +3991,7 @@ msgstr "通过 CLI 管理MISP" #: Model/Server.php:153 msgid "If you would like to automate tasks such as caching feeds or pulling from server instances, you can do it using the following command line tools. Simply execute the given commands via the command line / create cron jobs easily out of them." -msgstr "如果您想要自动化任务,例如缓存订阅源或从服务器实例中拉取, 您可以使用以下命令行工具来执行它。 简单地通过命令行执行给定的命令/轻松地从他们中创建cron任务。" +msgstr "如果您想要自动化任务, 例如缓存订阅源或从服务器实例中拉取, 您可以使用以下命令行工具来执行它, 简单地通过命令行执行给定的命令或者轻松地从他们中创建cron任务." #: Model/Server.php:154 #: View/Tasks/index.ctp:6 @@ -4000,7 +4000,7 @@ msgstr "自动化某些控制台任务" #: Model/Server.php:163 msgid "The background workers can be managed via the CLI in addition to the UI / API management tools" -msgstr "除了界面/API管理工具外,后台worker可以通过 CLI 进行管理" +msgstr "除了界面/API管理工具外, 后台worker可以通过 CLI 进行管理" #: Model/Server.php:164 msgid "Managing the background workers" @@ -4008,31 +4008,31 @@ msgstr "管理后台workers" #: Model/Server.php:173 msgid "The base url of the application (in the format https://www.mymispinstance.com). Several features depend on this setting being correctly set to function." -msgstr "应用程序的基本URL(格式为https://www.mymispinstance.com)。 有几个功能取决于此设置是被正确设置为功能。" +msgstr "应用程序的基本URL(格式为https://www.mymispinstance.com), 有几个功能取决于此设置是被正确设置为功能." #: Model/Server.php:175 msgid "The currenty set baseurl does not match the URL through which you have accessed the page. Disregard this if you are accessing the page via an alternate URL (for example via IP address)." -msgstr "当前设置的 baseurl 与您访问此页面的URL不匹配。 如果您正在通过一个备用URL访问此页面 (例如通过 IP 地址)则忽略此提示。" +msgstr "当前设置的 baseurl 与您访问此页面的URL不匹配, 如果您正在通过一个备用URL访问此页面 (例如通过 IP 地址)则忽略此提示." #: Model/Server.php:181 msgid "The base url of the application (in the format https://www.mymispinstance.com) as visible externally/by other MISPs. MISP will encode this URL in sharing groups when including itself. If this value is not set, the baseurl is used as a fallback." -msgstr "应用程序的基础url (格式为 https://www.mymispinstance.com) 为外部可见于其他的MISPs。 MISP 将在包含自身时在共享组中编码此URL。如果没有设置此项值,Baseurl 将被用于后退。" +msgstr "应用程序的基础url (格式为 https://www.mymispinstance.com) 为外部可见于其他的MISPs, MISP 将在包含自身时在共享组中编码此URL, 如果没有设置此项值, Baseurl 将被用于后退." #: Model/Server.php:189 msgid "Unless set to true, the instance will only be accessible by site admins." -msgstr "除非设置为 true,否则实例将只能由站点管理员访问。" +msgstr "除非设置为 true, 否则实例将只能由站点管理员访问." #: Model/Server.php:197 msgid "Select the language MISP should use. The default is english." -msgstr "选择MISP的语言。默认是英文。" +msgstr "选择MISP的语言.默认是英文." #: Model/Server.php:207 msgid "This values controls the internal fetcher's memory envelope when it comes to attributes. The number provided is the amount of attributes that can be loaded for each MB of PHP memory available in one shot. Consider lowering this number if your instance has a lot of attribute tags / attribute galaxies attached." -msgstr "" +msgstr "当涉及属性时, 此值控制internal fetcher's memory envelope, 提供的数量是一次可以为每个MB的PHP内存加载的属性数量, 如果您的实例附加了很多属性标签/属性星系, 请考虑降低此数字." #: Model/Server.php:216 msgid "This value controls the divisor for attribute weighting when it comes to loading full events. Meaning that it will load coefficient / divisor number of attributes per MB of memory available. Consider raising this number if you have a lot of correlations or highly contextualised events (large number of event level galaxies/tags)." -msgstr "" +msgstr "当加载完整事件时, 此值控制属性权重因子, 这意味着它将加载每MB可用内存的属性的系数或因子, 如果您有很多相关性或高度相关的事件(大量事件级别星系/标记), 请考虑提高此数字" #: Model/Server.php:225 msgid "Enable some performance heavy correlations (currently CIDR correlation)" @@ -4040,19 +4040,19 @@ msgstr "启用某些性能紧密关联(当前的 CIDR 关联)" #: Model/Server.php:234 msgid "Enable this setting to directly save the config.php file without first creating a temporary file and moving it to avoid concurency issues. Generally not recommended, but useful when for example other tools modify/maintain the config.php file." -msgstr "启用此设置以直接保存 config.php 文件,而不需要先创建一个临时文件并移动它以避免冲突。 通常不推荐,但在其他工具修改或维护config.php 文件时是有用的。" +msgstr "启用此设置以直接保存 config.php 文件, 而不需要先创建一个临时文件并移动它以避免冲突. 通常不推荐, 但在其他工具修改或维护config.php 文件时是有用的." #: Model/Server.php:243 msgid "It is highly recommended to install all the python dependencies in a virtualenv. The recommended location is: %s/venv" -msgstr "强烈建议在 virtualenv 中安装所有python依赖项。推荐位置是 %s/venv" +msgstr "强烈建议在 virtualenv 中安装所有python依赖项, 推荐位置是 %s/venv" #: Model/Server.php:254 msgid "MISP will default to the bundled mozilla certificate bundle shipped with the framework, which is rather stale. If you wish to use an alternate bundle, just set this setting using the path to the bundle to use. This setting can only be modified via the CLI." -msgstr "" +msgstr "MISP将默认使用框架附带的捆绑的mozilla证书捆绑包, 这个捆绑包相当陈旧, 如果您想使用其他的证书包, 只需使用要使用的证书包的路径来设置这个设置, 这个设置只能通过CLI进行修改。" #: Model/Server.php:264 msgid "In some cases, a heavily used MISP instance can generate unwanted blackhole errors due to a high number of requests hitting the server. Disable the auto logout functionality to ease the burden on the system." -msgstr "在某些情况下,频繁使用的 MISP 实例可能会因大量请求击中服务器而产生意外的blackhole错误。 禁用自动注销功能以减轻系统的负担。" +msgstr "在某些情况下, 频繁使用的 MISP 实例可能会因大量请求击中服务器而产生意外的blackhole错误. 禁用自动注销功能以减轻系统的负担." #: Model/Server.php:273 msgid "Set the ssdeep score at which to consider two ssdeep hashes as correlating [1-100]" @@ -4060,59 +4060,59 @@ msgstr "设置 ssdeep 分数来考虑两个ssdeehash作为相关的 [1-100]" #: Model/Server.php:281 msgid "Sets the maximum number of correlations that can be fetched with a single event. For extreme edge cases this can prevent memory issues. The default value is 5k." -msgstr "设置可以通过单个事件获取的最大关联数量。 对于极端情况,这可以防止内存出现问题,默认值为5k。" +msgstr "设置可以通过单个事件获取的最大关联数量, 对于极端情况, 这可以防止内存出现问题, 默认值为5k." #: Model/Server.php:290 msgid "The message that users will see if the instance is not live." -msgstr "用户将看到的实例是否在线的消息。" +msgstr "用户将看到的实例是否在线的消息." #: Model/Server.php:292 msgid "If this is not set the default value will be used." -msgstr "如果未设置则将使用默认值。" +msgstr "如果未设置则将使用默认值." #: Model/Server.php:298;306;333;357;365;373;381;438;486;494;561 msgid "This setting is deprecated and can be safely removed." -msgstr "此设置已废弃并可以安全移除。" +msgstr "此设置已废弃并可以安全移除." #: Model/Server.php:314 msgid "Cached exports can take up a considerable amount of space and can be disabled instance wide using this setting. Disabling the cached exports is not recommended as it's a valuable feature, however, if your server is having free space issues it might make sense to take this step." -msgstr "缓存导出可以占用相当多的空间,并且可以使用此设置来禁用实例。 不建议禁用缓存导出,因为它是一个宝贵的功能。 如果您的服务器有空闲空间的问题,采取这个步骤可能会有意义。" +msgstr "缓存导出可以占用相当多的空间, 并且可以使用此设置来禁用实例, 不建议禁用缓存导出, 因为它是一个宝贵的功能, 如果您的服务器有空闲空间的问题, 采取这个步骤可能会有意义." #: Model/Server.php:324 msgid "Disable displaying / modifications to the threat level altogether on the instance (deprecated field)." -msgstr "在实例中完全禁用显示/修改威胁级别 (已废弃的字段)。" +msgstr "在实例中完全禁用显示/修改威胁级别 (已废弃的字段)." #: Model/Server.php:341 msgid "Footer text prepending the \"Powered by MISP\" text." -msgstr "正在预设“由MIS驱动”文本的页脚文本。" +msgstr "正在预设“由MIS驱动”文本的页脚文本." #: Model/Server.php:349 msgid "Footer text following the \"Powered by MISP\" text." -msgstr "遵循“由MIS驱动”文本的页脚文本。" +msgstr "遵循“由MIS驱动”文本的页脚文本." #: Model/Server.php:389 msgid "If set, this setting allows you to display a logo on the right side of the footer. Upload it as a custom image in the file management tool." -msgstr "如果采用此设置,则允许您在页脚右侧显示一个徽标。 在文件管理工具中上传它作为自定义图像。" +msgstr "如果采用此设置, 则允许您在页脚右侧显示一个徽标, 在文件管理工具中上传它作为自定义图像." #: Model/Server.php:397 msgid "If set, this setting allows you to display a logo as the home icon. Upload it as a custom image in the file management tool." -msgstr "如果采用此设置,则允许您将徽标显示为主图标。在文件管理工具中将它作为自定义图片上传。" +msgstr "如果采用此设置, 则允许您将徽标显示为主图标, 在文件管理工具中将它作为自定义图片上传." #: Model/Server.php:405 msgid "If set, the image specified here will replace the main MISP logo on the login screen. Upload it as a custom image in the file management tool." -msgstr "如果采用此设置,则此处指定的图像将替换登录屏幕上的MISP 主标识。 在文件管理工具中上传自定义图像。" +msgstr "如果采用此设置, 则此处指定的图像将替换登录屏幕上的MISP 主标识, 在文件管理工具中上传自定义图像." #: Model/Server.php:413 msgid "The organisation tag of the hosting organisation. This is used in the e-mail subjects." -msgstr "主机所属组织的组织标签。用于电子邮件主题。" +msgstr "主机所属组织的组织标签, 用于电子邮件主题." #: Model/Server.php:421 msgid "The hosting organisation of this instance. If this is not selected then replication instances cannot be added." -msgstr "此实例的主机所属组织。如果未选中此项,则无法添加复制实例。" +msgstr "此实例的主机所属组织.如果未选中此项, 则无法添加复制实例." #: Model/Server.php:430 msgid "The MISP instance UUID. This UUID is used to identify this instance." -msgstr "MISP 实例 UUID。此UUID 用于识别此实例。" +msgstr "MISP 实例 UUID, 此UUID 用于识别此实例." #: Model/Server.php:432 msgid "No valid UUID set" @@ -4120,35 +4120,35 @@ msgstr "未设置有效的 UUID" #: Model/Server.php:446 msgid "Setting this setting to 'false' will hide all organisation names / logos." -msgstr "将此项设置为“false”将隐藏所有组织名称/徽标。" +msgstr "将此项设置为“false”将隐藏所有组织名称/徽标." #: Model/Server.php:454 msgid "Put the event threat level in the notification E-mail subject." -msgstr "将事件威胁级别加入通知邮件主题中。" +msgstr "将事件威胁级别加入通知邮件主题中." #: Model/Server.php:462 msgid "This is the TLP string for e-mails when email_subject_tag is not found." -msgstr "无法找到 email_subject_tag时,这是电子邮件的TLP字符串。" +msgstr "无法找到 email_subject_tag时, 这是电子邮件的TLP字符串." #: Model/Server.php:470 msgid "If this tag is set on an event it's value will be sent in the E-mail subject. If the tag is not set the email_subject_TLP_string will be used." -msgstr "如果这个标签设置在一个事件上,它的值将会被发送到邮件主题中。 如果标签未设置email_subject_TLP_string,则将使用该字符串。" +msgstr "如果这个标签设置在一个事件上, 它的值将会被发送到邮件主题中. 如果标签未设置email_subject_TLP_string, 则将使用该字符串." #: Model/Server.php:478 msgid "Include in name of the email_subject_tag in the subject. When false only the tag value is used." -msgstr "在主题中包含email_subject_tag的名称。标注false时只使用标签值。" +msgstr "在主题中包含email_subject_tag的名称, 标注false时只使用标签值." #: Model/Server.php:502 msgid "Enables the use of MISP's background processing." -msgstr "启用 MISP 的背景处理。" +msgstr "启用 MISP 的背景处理." #: Model/Server.php:510 msgid "Directory where attachments are stored. MISP will NOT migrate the existing data if you change this setting. The only safe way to change this setting is in config.php, when MISP is not running, and after having moved/copied the existing data to the new location. This directory must already exist and be writable and readable by the MISP application." -msgstr "保存附件的目录。如果您更改此设置,MISP 将不会迁移现有数据。 更改此设置的唯一安全方式是通过设置config.php文件, 仅当MISP停止运行并且已移动或复制已经将存在的数据移动到新的位置。 此目录必须已经存在,并且MISP程序拥有其读写权限。" +msgstr "保存附件的目录.如果您更改此设置, MISP 将不会迁移现有数据, 更改此设置的唯一安全方式是通过设置config.php文件, 仅当MISP停止运行并且已移动或复制已经将存在的数据移动到新的位置. 此目录必须已经存在, 并且MISP程序拥有其读写权限." #: Model/Server.php:520 msgid "Allow the XML caches to include the encoded attachments." -msgstr "允许 XML 缓存包含编码附件。" +msgstr "允许 XML 缓存包含编码附件." #: Model/Server.php:528 msgid "Always download attachments when loaded by a user in a browser" @@ -4160,11 +4160,11 @@ msgstr "MISP 应对所有通知使用的电子邮件地址" #: Model/Server.php:544 msgid "You can disable all e-mailing using this setting. When enabled, no outgoing e-mails will be sent by MISP." -msgstr "您可以禁用使用此设置的所有电子邮件。启用后,MISP将不会发送出的电子邮件。" +msgstr "您可以禁用使用此设置的所有电子邮件, 启用后, MISP将不会发送出的电子邮件." #: Model/Server.php:553 msgid "The e-mail address that MISP should include as a contact address for the instance's support team." -msgstr "MIS应将电子邮件地址作为该实例支持小组的联系地址。" +msgstr "MISP应将电子邮件地址作为该实例支持小组的联系地址." #: Model/Server.php:569 msgid "Turn Vulnerability type attributes into links linking to the provided CVE lookup" @@ -4172,39 +4172,39 @@ msgstr "将Vulnerability类型属性转换为链接到提供CVE 查找的链接" #: Model/Server.php:577 msgid "Turn Weakness type attributes into links linking to the provided CWE lookup" -msgstr "" +msgstr "将弱点类型属性转化为所提供的CWE查询的链接" #: Model/Server.php:585 msgid "This setting controls whether notification e-mails will be sent when an event is created via the REST interface. It might be a good idea to disable this setting when first setting up a link to another instance to avoid spamming your users during the initial pull. Quick recap: True = Emails are NOT sent, False = Emails are sent on events published via sync / REST." -msgstr "" +msgstr "这个设置控制了通过REST接口创建事件时是否会发送通知邮件, 在首次设置链接到另一个实例时, 最好禁用此设置, 以避免在初始拉动期间向用户发送垃圾邮件. 快速回顾一下, True = 不发送电子邮件, False = 通过同步/REST发布的事件会发送电子邮件." #: Model/Server.php:593 msgid "enabling this flag will allow the event description to be transmitted in the alert e-mail's subject. Be aware that this is not encrypted by GnuPG, so only enable it if you accept that part of the event description will be sent out in clear-text." -msgstr "" +msgstr "启用此标志将允许在警报邮件的主题中传输事件描述, 请注意, GnuPG并不加密, 所以只有在您接受事件描述的一部分将以清晰文本形式发送的情况下, 才会启用此标志." #: Model/Server.php:601 msgid "The default distribution setting for events (0-3)." -msgstr "默认的事件分布设置 (0-3)。" +msgstr "默认的事件分布设置 (0-3)." #: Model/Server.php:610 msgid "The default distribution setting for attributes, set it to 'event' if you would like the attributes to default to the event distribution level. (0-3 or \"event\")" -msgstr "默认的属性分布设置,将其设置为“事件”,如果您想要将属性设置为默认的事件分布级别。 (0-3或\"事件\")" +msgstr "默认的属性分布设置, 将其设置为“事件”, 如果您想要将属性设置为默认的事件分布级别. (0-3或\"事件\")" #: Model/Server.php:619 msgid "The default threat level setting when creating events." -msgstr "创建事件时的默认威胁级别设置。" +msgstr "创建事件时的默认威胁级别设置." #: Model/Server.php:628 msgid "The tag collection to be applied to all events created manually." -msgstr "" +msgstr "标记集合将应用于手动创建的所有事件" #: Model/Server.php:637 msgid "Enable the tagging feature of MISP. This is highly recommended." -msgstr "" +msgstr "启用MISP的标签功能, 强烈建议这样做." #: Model/Server.php:645 msgid "Show the full tag names on the event index." -msgstr "在事件索引中显示完整的标签名称。" +msgstr "在事件索引中显示完整的标签名称." #: Model/Server.php:654 msgid "Used on the login page, before the MISP logo" @@ -4216,11 +4216,11 @@ msgstr "在 MISP 标志之后的登录页面使用" #: Model/Server.php:670 msgid "Used on the login page, to the left of the MISP logo, upload it as a custom image in the file management tool." -msgstr "" +msgstr "在登录页面的MISP标志左侧上使用, 将其作为自定义图像上传到文件管理工具中" #: Model/Server.php:678 msgid "Used on the login page, to the right of the MISP logo, upload it as a custom image in the file management tool." -msgstr "" +msgstr "在登录页面的MISP标志右侧上使用, 将其作为自定义图像上传到文件管理工具中" #: Model/Server.php:686 msgid "Used in the page title, after the name of the page" @@ -4228,371 +4228,371 @@ msgstr "在页面名称后使用在页面标题" #: Model/Server.php:694 msgid "Allows users to take ownership of an event uploaded via the \"Add MISP XML\" button. This allows spoofing the creator of a manually imported event, also breaking possibly breaking the original intended releasability. Synchronising with an instance that has a different creator for the same event can lead to unwanted consequences." -msgstr "" +msgstr "允许用户通过 \"添加MISP XML\"按钮来获取事件的所有权, 这允许欺骗手动导入的事件的创建者, 也可能破坏了原来的可发布性, 与同一个事件的创建者不同的实例同步可能会导致不良后果." #: Model/Server.php:702 msgid "Choose whether the terms and conditions should be displayed inline (false) or offered as a download (true)" -msgstr "" +msgstr "选择条款和条件是内嵌显示(false)还是以下载形式提供(true)" #: Model/Server.php:710 msgid "The filename of the terms and conditions file. Make sure that the file is located in your MISP/app/files/terms directory" -msgstr "" +msgstr "条款和条件文件的文件名, 确保该文件位于MISP/app/files/terms目录下" #: Model/Server.php:718 msgid "True enables the alternate org fields for the event index (source org and member org) instead of the traditional way of showing only an org field. This allows users to see if an event was uploaded by a member organisation on their MISP instance, or if it originated on an interconnected instance." -msgstr "" +msgstr "设置为True可以为事件索引启用备用的 org 字段(源 org 和成员 org, 而不是传统的只显示 org 字段的方式, 这允许用户查看一个事件是否是由成员组织在其MISP实例中上传的, 或者是在互连的实例中上传的" #: Model/Server.php:726 msgid "True will deny access to unpublished events to users outside the organization of the submitter except site admins." -msgstr "" +msgstr "设置为True将拒绝提交者组织之外的用户(网站管理员除外)对未发布事件的访问." #: Model/Server.php:735 msgid "The message sent to the user after account creation (has to be sent manually from the administration interface). Use \\n for line-breaks. The following variables will be automatically replaced in the text: $password = a new temporary password that MISP generates, $username = the user's e-mail address, $misp = the url of this instance, $org = the organisation that the instance belongs to, as set in MISP.org, $contact = the e-mail address used to contact the support team, as set in MISP.contact. For example, \"the password for $username is $password\" would appear to a user with the e-mail address user@misp.org as \"the password for user@misp.org is hNamJae81\"." -msgstr "" +msgstr "帐户创建后发送给用户的消息(必须从管理界面手动发送), 使用 \\n 用于分隔行, 以下变量将在文本中被自动替换: $password = MISP生成的新的临时密码, $username = 用户的电子邮件地址, $misp = 这个实例的网址, $org = 该实例所属的组织, 如MISP.org中的设置, $contact = 用于联系支持团队的电子邮件地址, 如MISP.contact中的设置, 例如, \"$username的密码是$password\", 对于电子邮件地址为user@misp.org的用户来说, \"user@misp.org的密码是hNamJae81\"." #: Model/Server.php:744 msgid "The message sent to the users when a password reset is triggered. Use \\n for line-breaks. The following variables will be automatically replaced in the text: $password = a new temporary password that MISP generates, $username = the user's e-mail address, $misp = the url of this instance, $contact = the e-mail address used to contact the support team, as set in MISP.contact. For example, \"the password for $username is $password\" would appear to a user with the e-mail address user@misp.org as \"the password for user@misp.org is hNamJae81\"." -msgstr "" +msgstr "触发密码重置时发送给用户的信息, 使用 \\n 用于分隔行, 以下变量将在文本中被自动替换: $password = MISP生成的新的临时密码, $username = 用户的电子邮件地址, $misp = 这个实例的网址, $org = 该实例所属的组织, 如MISP.org中的设置, $contact = 用于联系支持团队的电子邮件地址, 如MISP.contact中的设置, 例如, \"$username的密码是$password\", 对于电子邮件地址为user@misp.org的用户来说, \"user@misp.org的密码是hNamJae81\"." #: Model/Server.php:752 msgid "Since version 2.3.107 you can start blacklisting event UUIDs to prevent them from being pushed to your instance. This functionality will also happen silently whenever an event is deleted, preventing a deleted event from being pushed back from another instance." -msgstr "" +msgstr "从2.3.107版本开始, 您可以开始将事件UUID列入黑名单, 防止它们被推送到您的实例中, 这个功能也会在事件被删除时悄悄发生, 防止被删除的事件从另一个实例推送回来." #: Model/Server.php:759 msgid "Blacklisting organisation UUIDs to prevent the creation of any event created by the blacklisted organisation." -msgstr "" +msgstr "黑名单组织UUID, 阻止黑名单组织创建任何事件" #: Model/Server.php:766 msgid "If enabled, all log entries will include the IP address of the user." -msgstr "如果启用,所有日志条目都将包含用户的 IP 地址。" +msgstr "如果启用, 所有日志条目都将包含用户的 IP 地址." #: Model/Server.php:775 msgid "If enabled, MISP will log all successful authentications using API keys. The requested URLs are also logged." -msgstr "如果启用,MISP 将使用 API 密钥记录所有成功的认证。请求的URL也会被记录。" +msgstr "如果启用, MISP 将使用 API 密钥记录所有成功的认证, 请求的URL也会被记录." #: Model/Server.php:783 msgid "This functionality allows you to completely disable any logs from being saved in your SQL backend. This is HIGHLY advised against, you lose all the functionalities provided by the audit log subsystem along with the event history (as these are built based on the logs on the fly). Only enable this if you understand and accept the associated risks." -msgstr "" +msgstr "此功能使您可以完全禁止将任何日志保存在SQL后端中. 这是极不建议使用的, 因为您会失去审计日志子系统提供的所有功能和事件历史记录(因为这些都是基于日志建立的), 只有在您了解并接受相关风险的情况下, 才可以启用此功能." #: Model/Server.php:785 msgid "Logging has now been disabled - your audit logs will not capture failed authentication attempts, your event history logs are not being populated and no system maintenance messages are being logged." -msgstr "" +msgstr "现在已经禁用了日志记录 - 您的审计日志将不会捕获失败的验证尝试, 您的事件历史记录不会被填充, 也不会记录任何系统维护消息" #: Model/Server.php:792 msgid "If this functionality is enabled all page requests will be logged. Keep in mind this is extremely verbose and will become a burden to your database." -msgstr "" +msgstr "如果启用了这个功能, 所有的页面请求都会被记录下来, 请记住, 这将会对您的数据库造成很大的负担" #: Model/Server.php:801 msgid "You can decide to skip the logging of the paranoid logs to the database." -msgstr "" +msgstr "您可以决定跳过Paranoid日志到数据库的记录" #: Model/Server.php:810 msgid "If paranoid logging is enabled, include the POST body in the entries." -msgstr "" +msgstr "如果启用了Paranoid日志记录, 则在条目中包含POST正文" #: Model/Server.php:819 msgid "Log user IPs on each request. 30 day retention for lookups by IP to get the last authenticated user ID for the given IP, whilst on the reverse, indefinitely stores all associated IPs for a user ID." -msgstr "" +msgstr "在每次请求中记录用户的IP. 30天的保留期, 通过IP查询, 可以获得给定IP的最后一个认证用户ID, 而反之, 则可以无限期地存储所有相关的IP" #: Model/Server.php:828 msgid "This feature allows users to create org only events and ask another organisation to take ownership of the event. This allows organisations to remain anonymous by asking a partner to publish an event for them." -msgstr "" +msgstr "该功能允许用户创建只属于组织的活动, 并要求另一个组织拥有该活动的所有权. 这允许组织通过要求合作伙伴为其发布事件, 保持匿名" #: Model/Server.php:837 msgid "When enabled, the number of correlations visible to the currently logged in user will be visible on the event index UI. This comes at a performance cost but can be very useful to see correlating events at a glance." -msgstr "如果启用,则使当前登录用户可见的关联数量将在事件索引界面上可见。 这是以性能为代价的,但可以非常有效地看到事件的相关性。" +msgstr "启用后, 则使当前登录用户可见的关联数量将在事件索引界面上可见. 这是以性能为代价的, 但可以非常有效地看到事件的相关性." #: Model/Server.php:846 msgid "When enabled, the number of proposals for the events are shown on the index." -msgstr "如果启用,将在索引中显示事件的建议数量。" +msgstr "启用后, 将在索引中显示事件的建议数量." #: Model/Server.php:855 msgid "When enabled, the aggregate number of attribute sightings within the event becomes visible to the currently logged in user on the event index UI." -msgstr "如果启用,事件内属性视图的总值将会对当前登录在事件索引界面上的用户可见." +msgstr "启用后, 事件内属性视图的总值将会对当前登录在事件索引界面上的用户可见." #: Model/Server.php:864 msgid "When enabled, the aggregate number of discussion posts for the event becomes visible to the currently logged in user on the event index UI." -msgstr "" +msgstr "启用后, 该事件的讨论帖子总数将在事件索引界面上对当前登录的用户可见" #: Model/Server.php:873 msgid "When enabled only Org and Site admins can edit a user's profile." -msgstr "启用时,只有组织和网站管理员可以编辑用户的配置文件。" +msgstr "启用时, 只有组织和网站管理员可以编辑用户的资料." #: Model/Server.php:883 msgid "Enable this setting to start blocking alert e-mails for events with a certain tag. Define the tag in MISP.block_event_alert_tag." -msgstr "启用此设置以开始屏蔽某个标签事件的提醒电子邮件。在 MISP.block_event_alert_tag中定义标签。" +msgstr "启用此设置以开始屏蔽某个标签事件的电子邮件提醒, 在 MISP.block_event_alert_tag中定义标签." #: Model/Server.php:892 msgid "If the MISP.block_event_alert setting is set, alert e-mails for events tagged with the tag defined by this setting will be blocked." -msgstr "" +msgstr "如果设置了MISP.block_event_alert设置, 则用此设置定义的标记的事件的警报邮件将被阻止" #: Model/Server.php:901 msgid "Set a value to limit the number of email alerts that events can generate per creator organisation (for example, if an organisation pushes out 2000 events in one shot, only alert on the first 20)." -msgstr "" +msgstr "设置一个值来限制每个创建者组织的事件可以产生的电子邮件警报的数量(例如, 如果一个组织一次性推送2000个事件, 只对前20个事件发出警报)" #: Model/Server.php:910 msgid "Enable this setting to start blocking alert e-mails for old events. The exact timing of what constitutes an old event is defined by MISP.block_old_event_alert_age." -msgstr "" +msgstr "启用此设置可以开始阻止旧事件的警报邮件, 构成旧事件的确切时间由MISP.block_old_event_alert_age定义" #: Model/Server.php:919 msgid "If the MISP.block_old_event_alert setting is set, this setting will control how old an event can be for it to be alerted on. The \"timestamp\" field of the event is used. Expected format: integer, in days" -msgstr "" +msgstr "如果设置了MISP.block_old_event_alert设置, 则此设置将控制事件的发生时间, 以便对其进行告警, 使用事件的\"timestamp\"字段. 预期格式: 整数, 以天为单位" #: Model/Server.php:928 msgid "If the MISP.block_old_event_alert setting is set, this setting will control the threshold for the event.date field, indicating how old an event can be for it to be alerted on. The \"date\" field of the event is used. Expected format: integer, in days" -msgstr "" +msgstr "如果设置了MISP.block_old_event_alert设置, 则此设置将控制event.date字段的阈值, 指示事件可以持续多久才能发出警报, 使用事件的\"date\"字段. 预期格式: 整数, 以天为单位" #: Model/Server.php:937 msgid "Please indicate the temp directory you wish to use for certain functionalities in MISP. By default this is set to /tmp and will be used among others to store certain temporary files extracted from imports during the import process." -msgstr "" +msgstr "请指明您希望在MISP中的某些功能使用的临时目录, 默认情况下, 这个目录被设置为/tmp, 在导入过程中, 它将被用来存储某些从导入过程中提取的临时文件." #: Model/Server.php:947 msgid "If you would like to customise the css, simply drop a css file in the /var/www/MISP/app/webroot/css directory and enter the name here." -msgstr "" +msgstr "如果您想自定义css, 只需在/var/www/MISP/app/webroot/css目录下放入一个css文件, 然后在这里输入名称" #: Model/Server.php:956 msgid "Enable this setting to allow blocking attributes from to_ids sensitive exports if a proposal has been made to it to remove the IDS flag or to remove the attribute altogether. This is a powerful tool to deal with false-positives efficiently." -msgstr "" +msgstr "启用此设置, 如果有人提案移除IDS标志或完全移除属性, 则允许从to_ids敏感的导出中阻止属性, 这是一个有效处理误报的强大工具" #: Model/Server.php:965 msgid "Enable this settings if new tags synced / added via incoming events from any source should not be selectable by users by default." -msgstr "" +msgstr "如果默认情况下, 用户不能选择从任何来源通过传入事件同步/添加新标签, 请启用此设置" #: Model/Server.php:974 msgid "*WARNING* This setting will completely disable the correlation on this instance and remove any existing saved correlations. Enabling this will trigger a full recorrelation of all data which is an extremely long and costly procedure. Only enable this if you know what you're doing." -msgstr "" +msgstr "*警告* 此设置将完全禁用此实例上的关联性, 并删除任何已保存的关联性. 启用此设置将触发所有数据的重新关联, 这是一个非常漫长且昂贵的过程, 只有在您知道自己在做什么的情况下才会启用此功能" #: Model/Server.php:984 msgid "*WARNING* This setting will give event creators the possibility to disable the correlation of individual events / attributes that they have created." -msgstr "" +msgstr "*警告* 此设置将使事件创建者可以禁用他们所创建的单个事件/属性的相关性" #: Model/Server.php:993 msgid "The host running the redis server to be used for generic MISP tasks such as caching. This is not to be confused by the redis server used by the background processing." -msgstr "" +msgstr "用于运行一般的MISP任务(如缓存)的Redis服务器的主机, 这与后台处理所使用的redis服务器不能混淆" #: Model/Server.php:1001 msgid "The port used by the redis server to be used for generic MISP tasks such as caching. This is not to be confused by the redis server used by the background processing." -msgstr "" +msgstr "用于处理一般的MISP任务(如缓存)的Redis服务器的端口, 这与后台处理所使用的redis服务器不能混淆" #: Model/Server.php:1009 msgid "The database on the redis server to be used for generic MISP tasks. If you run more than one MISP instance, please make sure to use a different database on each instance." -msgstr "" +msgstr "Redis服务器上的数据库将被用于通用的 MISP 任务, 如果您运行多个MISP实例, 请确保在每个实例上使用不同的数据库" #: Model/Server.php:1017 msgid "The password on the redis server (if any) to be used for generic MISP tasks." -msgstr "" +msgstr "Redis服务器上的密码(如果有的话), 用于通用MISP任务" #: Model/Server.php:1026 msgid "Specify which fields to filter on when you search on the event view. Default values are : \"id, uuid, value, comment, type, category, Tag.name\"" -msgstr "" +msgstr "指定在事件视图中搜索时要过滤哪些字段, 默认值为: \"id, uuid, value, comment, type, category, Tag.name\"" #: Model/Server.php:1034 msgid "Set this to false if you would like to disable MISP managing its own worker processes (for example, if you are managing the workers with a systemd unit)." -msgstr "" +msgstr "如果您想禁用MISP管理自己的worker进程(例如, 如果您想通过systemd unit管理worker), 请将此设置为false" #: Model/Server.php:1042 msgid "Only enable this if you have some tools using MISP with extreme high concurency. General performance will be lower as normal as certain transactional queries are avoided in favour of shorter table locks." -msgstr "只有当您拥有一些使用 MISP 具有极高兼容性的工具时才启用此功能。 为了避免某些交易查询而使表锁更短,普遍性能将会降低。" +msgstr "只有当您拥有一些使用 MISP 具有极高兼容性的工具时才启用此功能. 为了避免某些交易查询而使表锁更短, 普遍性能将会降低." #: Model/Server.php:1051 msgid "Sets the minimum time before being able to re-trigger an update if the previous one failed. (safe guard to avoid starting the same update multiple time)" -msgstr "如果上一次失败,在重新触发更新之前设置其最短时间。 (安全防卫以避免多次开始相同的更新)" +msgstr "如果上一次失败, 在重新触发更新之前设置其最短时间. (安全防卫以避免多次开始相同的更新)" #: Model/Server.php:1062 msgid "The location of the GnuPG executable. If you would like to use a different GnuPG executable than /usr/bin/gpg, you can set it here. If the default is fine, just keep the setting suggested by MISP." -msgstr "GnuPG 可执行文件的位置。如果你想要使用不同于/usr/bin/gpg的GnuPG的可执行文件,你可以在此设定它。 如果默认设置合适,请保留MISP建议的设置。" +msgstr "GnuPG 可执行文件的位置.如果您想要使用不同于/usr/bin/gpg的GnuPG的可执行文件, 您可以在此设定它. 如果默认设置合适, 请保留MISP建议的设置." #: Model/Server.php:1071 msgid "Allow (false) unencrypted e-mails to be sent to users that don't have a GnuPG key." -msgstr "允许 (false) 未加密的电子邮件发送给没有GnuPG 密钥的用户。" +msgstr "允许 (false) 未加密的电子邮件发送给没有GnuPG 密钥的用户." #: Model/Server.php:1079 msgid "Allow (false) the body of unencrypted e-mails to contain details about the event." -msgstr "允许 (false) 一个未加密的电子邮件主体包含有关事件的详细信息。" +msgstr "允许 (false) 一个未加密的电子邮件主体包含有关事件的详细信息." #: Model/Server.php:1087 msgid "Enable the signing of GnuPG emails. By default, GnuPG emails are signed" -msgstr "启用 GnuPG 电子邮件签名。默认情况下,GnuPG 电子邮件将被签名" +msgstr "启用 GnuPG 电子邮件签名.默认情况下, GnuPG 电子邮件将被签名" #: Model/Server.php:1095 msgid "The e-mail address that the instance's GnuPG key is tied to." -msgstr "此实例GnuPG密钥绑定的电子邮件地址。" +msgstr "此实例GnuPG密钥绑定的电子邮件地址." #: Model/Server.php:1103 msgid "The password (if it is set) of the GnuPG key of the instance." -msgstr "实例的 GnuPG 密钥的密码 (如果已被设置)。" +msgstr "实例的 GnuPG 密钥的密码 (如果已被设置)." #: Model/Server.php:1112 msgid "The location of the GnuPG homedir." -msgstr "GnuPG homedir的位置。" +msgstr "GnuPG homedir的位置." #: Model/Server.php:1123 msgid "Enable SMIME encryption. The encryption posture of the GnuPG.onlyencrypted and GnuPG.bodyonlyencrypted settings are inherited if SMIME is enabled." -msgstr "启用 SMIME 加密。如果启用SMIME ,则只能使用 GnuPG.加密和 GnuPG.bodyonly 加密设置的加密态势将被继承。" +msgstr "启用 SMIME 加密.如果启用SMIME , 则只能使用 GnuPG.加密和 GnuPG.bodyonly 加密设置的加密态势将被继承." #: Model/Server.php:1131 msgid "The e-mail address that the instance's SMIME key is tied to." -msgstr "此实例的 SMIME 密钥绑定到的电子邮件地址。" +msgstr "此实例的 SMIME 密钥绑定到的电子邮件地址." #: Model/Server.php:1139 msgid "The location of the public half of the signing certificate." -msgstr "签署证书公共部分的位置。" +msgstr "签署证书公共部分的位置." #: Model/Server.php:1147 msgid "The location of the private half of the signing certificate." -msgstr "签字证书私有部分的位置。" +msgstr "签字证书私有部分的位置." #: Model/Server.php:1155 msgid "The password (if it is set) of the SMIME key of the instance." -msgstr "此实例的 SMIME 密钥的密码(如果已被设置)。" +msgstr "此实例的 SMIME 密钥的密码(如果已被设置)." #: Model/Server.php:1167 msgid "The hostname of an HTTP proxy for outgoing sync requests. Leave empty to not use a proxy." -msgstr "传出同步请求的 HTTP 代理主机名。如未使用代理身份验证则不填。" +msgstr "传出同步请求的 HTTP 代理主机名.如未使用代理身份验证则不填." #: Model/Server.php:1175 msgid "The TCP port for the HTTP proxy." -msgstr "HTTP 代理的 TCP 端口。" +msgstr "HTTP 代理的 TCP 端口." #: Model/Server.php:1183 msgid "The authentication method for the HTTP proxy. Currently supported are Basic or Digest. Leave empty for no proxy authentication." -msgstr "HTTP 代理的身份验证方法。目前支持的是Basic或Digest。如未使用代理身份验证则不填。" +msgstr "HTTP 代理的身份验证方法.目前支持的是Basic或Digest.如未使用代理身份验证则不填." #: Model/Server.php:1191 msgid "The authentication username for the HTTP proxy." -msgstr "HTTP 代理的身份验证的用户名。" +msgstr "HTTP 代理的身份验证的用户名." #: Model/Server.php:1199 msgid "The authentication password for the HTTP proxy." -msgstr "HTTP 代理的身份验证的密码。" +msgstr "HTTP 代理的身份验证的密码." #: Model/Server.php:1210 msgid "Disabling this setting will remove all form tampering protection. Do not set this setting pretty much ever. You were warned." -msgstr "" +msgstr "禁用此设置将移除所有形式篡改保护, 请不要设置此设置, 我已警告过您" #: Model/Server.php:1219 msgid "The salt used for the hashed passwords. You cannot reset this from the GUI, only manually from the settings.php file. Keep in mind, this will invalidate all passwords in the database." -msgstr "用于被hash后密码的加盐。您不能从图形界面将其重置,只能从setting.php文件手动设置。注意,这将使数据库中的所有密码无效。" +msgstr "用于被hash后密码的加盐.您不能从图形界面将其重置, 只能从setting.php文件手动设置.注意, 这将使数据库中的所有密码无效." #: Model/Server.php:1229 msgid "Enable this setting to pass all audit log entries directly to syslog. Keep in mind, this is verbose and will include user, organisation, event data." -msgstr "启用此设置以直接将所有审计日志记录传递到系统日志。注意,这很冗长且包括用户、组织和事件数据。" +msgstr "启用此设置以直接将所有审计日志记录传递到系统日志.注意, 这很冗长且包括用户、组织和事件数据." #: Model/Server.php:1238 msgid "Password length requirement. If it is not set or it is set to 0, then the default value is assumed (12)." -msgstr "密码长度要求。如果没有设置或设置为 0,则设为默认值(12)。" +msgstr "密码长度要求.如果没有设置或设置为 0, 则设为默认值(12)." #: Model/Server.php:1246 msgid "Password complexity requirement. Leave it empty for the default setting (3 out of 4, with either a digit or a special char) or enter your own regex. Keep in mind that the length is checked in another key. Default (simple 3 out of 4 or minimum 16 characters): /^((?=.*\\d)|(?=.*\\W+))(?![\\n])(?=.*[A-Z])(?=.*[a-z]).*$|.{16,}/" -msgstr "" +msgstr "密码复杂度要求, 将其保留为默认设置为空(4位中的3位, 带有数字或特殊字符)或输入您自己的正则表达式. 请记住, 长度是在另一个键中检查的. 默认值(4个字符中的3个或最少16个字符): /^((?=.*\\d)|(?=.*\\W+))(?![\\n])(?=.*[A-Z])(?=.*[a-z]).*$|.{16,}/" #: Model/Server.php:1254 msgid "Enabling this setting will require users to submit their current password on any edits to their profile (including a triggered password change). For administrators, the confirmation will be required when changing the profile of any user. Could potentially mitigate an attacker trying to change a compromised user's password in order to establish persistance, however, enabling this feature will be highly annoying to users." -msgstr "" +msgstr "启用此设置将要求用户在对其个人资料的任何编辑(包括触发的密码更改)时提交当前密码. 对于管理员来说, 在更改任何用户的个人资料时都需要确认, 有可能减轻攻击者试图更改被攻击者的密码时带来的风险, 以建立持久性. 然而, 启用此功能将使用户非常恼火" #: Model/Server.php:1263 msgid "Enabling this setting will sanitise the contents of an attribute on a soft delete" -msgstr "" +msgstr "启用此设置将清除软删除中属性的内容" #: Model/Server.php:1272 msgid "Enabling this setting will block the organisation index from being visible to anyone besides site administrators on the current instance. Keep in mind that users can still see organisations that produce data via events, proposals, event history log entries, etc." -msgstr "" +msgstr "启用此设置后, 除了当前实例上的站点管理员外, 任何人都无法看到组织索引. 请记住, 用户仍然可以看到通过事件、建议、事件历史记录条目等产生数据的组织" #: Model/Server.php:1281 msgid "Allows passing the API key via the named url parameter \"apikey\" - highly recommended not to enable this, but if you have some dodgy legacy tools that cannot pass the authorization header it can work as a workaround. Again, only use this as a last resort." -msgstr "" +msgstr "允许通过url参数\"apikey\"传递API密钥 - 强烈建议不要启用这个功能, 但如果您有一些过时的工具无法传递authorization header, 它可以作为一种变通方法. 还是那句话, 只有在万不得已的情况下才使用这个功能" #: Model/Server.php:1283 msgid "You have enabled the passing of API keys via URL parameters. This is highly recommended against, do you really want to reveal APIkeys in your logs?..." -msgstr "" +msgstr "您已经启用了通过URL参数传递API密钥. 这个是强烈建议反对的, 您真的想在您的日志中显示APIkeys吗?" #: Model/Server.php:1290 msgid "Allow cross-origin requests to this instance, matching origins given in Security.cors_origins. Set to false to totally disable" -msgstr "允许在此实例中的跨源请求匹配在 Security.cors_origins。设置为 false 以完全禁用" +msgstr "允许在此实例中的跨源请求匹配在 Security.cors_origins.设置为 false 以完全禁用" #: Model/Server.php:1299 msgid "Set the origins from which MISP will allow cross-origin requests. Useful for external integration. Comma seperate if you need more than one." -msgstr "设置MISP 允许交叉来源请求的源。对于外部集成有效。如果需要设置多个时用逗号隔开。" +msgstr "设置MISP 允许交叉来源请求的源.对于外部集成有效.如果需要设置多个时用逗号隔开." #: Model/Server.php:1308 msgid "Enable this setting to create verbose logs of synced event data for debugging reasons. Logs are saved in your MISP directory's app/files/scripts/tmp/ directory." -msgstr "" +msgstr "启用此设置可以创建同步事件数据的详细日志用于调试, 日志会保存在MISP目录下的app/files/scripts/tmp/目录下" #: Model/Server.php:1320 msgid "The number of tries a user can try to login and fail before the bruteforce protection kicks in." -msgstr "" +msgstr "用户在bruteforce保护生效之前可以尝试登录的次数" #: Model/Server.php:1328 msgid "The duration (in seconds) of how long the user will be locked out when the allowed number of login attempts are exhausted." -msgstr "当允许尝试登录的次数耗尽时,用户将被锁定多长时间(秒)。" +msgstr "当允许尝试登录的次数耗尽时, 用户将被锁定多长时间(秒)." #: Model/Server.php:1339 msgid "Set to true to automatically regenerate sessions after x number of requests. This might lead to the user getting de-authenticated and is frustrating in general, so only enable it if you really need to regenerate sessions. (Not recommended)" -msgstr "设置为 true 以在请求数量后自动重新生成会话。 通常这可能会导致用户被取消身份验证,因此只有当您真的需要重新生成会话时再启用它。 (不推荐)" +msgstr "设置为 true 以在请求数量后自动重新生成会话. 通常这可能会导致用户被取消身份验证, 因此只有当您真的需要重新生成会话时再启用它. (不推荐)" #: Model/Server.php:1347 msgid "Set to true to check for the user agent string in each request. This can lead to occasional logouts (not recommended)." -msgstr "设置为 true 以检查每个请求中的用户代理字符串。这可能导致偶尔的注销(不推荐)。" +msgstr "设置为 true 以检查每个请求中的用户代理字符串.这可能导致偶尔的注销(不推荐)." #: Model/Server.php:1355 msgid "The session type used by MISP. The default setting is php, which will use the session settings configured in php.ini for the session data (supported options: php, database). The recommended option is php and setting your PHP up to use redis sessions via your php.ini. Just add 'session.save_handler = redis' and \"session.save_path = 'tcp://localhost:6379'\" (replace the latter with your redis connection) to " -msgstr "MISP 使用的会话类型。默认设置为php,它将使用在php中配置的会话设置。 会话数据的ni (支持选项:php,数据库)。 推荐的选项是php并通过您的php.ini设置您的PHP以使用redis会话。只需添加 'session.save_handler = redis' 和 \"session.save_path = 'tcp://localhost:6379'\" (用你的redis connect取代后者) 到 " +msgstr "MISP 使用的会话类型.默认设置为php, 它将使用在php中配置的会话设置. 会话数据的ni (支持选项:php, 数据库). 推荐的选项是php并通过您的php.ini设置您的PHP以使用redis会话.只需添加 'session.save_handler = redis' 和 \"session.save_path = 'tcp://localhost:6379'\" (用您的redis connect取代后者) 到 " #: Model/Server.php:1364 msgid "The timeout duration of sessions (in MINUTES). 0 does not mean infinite for the PHP session handler, instead sessions will invalidate immediately." -msgstr "会话超时时间(以分钟记)。 0 并不意味着PHP 会话处理器的无限时间,而是会话将立即失效。" +msgstr "会话超时时间(单位: 分钟). 0 并不意味着PHP 会话处理器的无限时间, 而是会话将立即失效." #: Model/Server.php:1372 msgid "The expiration of the cookie (in MINUTES). The session timeout gets refreshed frequently, however the cookies do not. Generally it is recommended to have a much higher cookie_timeout than timeout." -msgstr "" +msgstr "cookie的过期时间(单位: 分钟), 会话超时会经常被刷新, 但是cookie不会. 一般情况下, 建议使用比timeout更高的cookie_timeout" #: Model/Server.php:1383 msgid "The default policy action for the values added to the RPZ." -msgstr "添加到 RPZ 值的默认策略行动。" +msgstr "添加到 RPZ 值的默认策略行动." #: Model/Server.php:1392 msgid "The default walled garden used by the RPZ export if the Local-Data policy setting is picked for the export." -msgstr "如果为导出选择本地数据政策设置,RPZ导出时使用的默认围墙花园。" +msgstr "如果为导出选择本地数据政策设置, RPZ导出时使用默认的walled garden." #: Model/Server.php:1400 msgid "The serial in the SOA portion of the zone file. (numeric, best practice is yyyymmddrr where rr is the two digit sub-revision of the file. $date will automatically get converted to the current yyyymmdd, so $date00 is a valid setting). Setting it to $time will give you an unixtime-based serial (good then you need more than 99 revisions per day)." -msgstr "区档的SOA部分中的序列号(数字,最佳做法是yyymmddrr,rr是档案的两位数字次修订版。 $date 将自动转换为当前yyymmdd,所以 $date00 是一个有效的设置)。 设置为 $time 将会给您一个基于 unixtime 的序列(您每天需要超过99 个修订本)。" +msgstr "区档的SOA部分中的序列号(数字, 最佳做法是yyymmddrr, rr是档案的两位数字次修订版. $date 将自动转换为当前yyymmdd, 所以 $date00 是一个有效的设置). 设置为 $time 将会给您一个基于 unixtime 的序列(您每天需要超过99 个修订本)." #: Model/Server.php:1408 msgid "The refresh specified in the SOA portion of the zone file. (in seconds, or shorthand duration such as 15m)" -msgstr "区域文件的SOA部分中指定的刷新时间(以秒为单位或缩短持续时间,例如15m)" +msgstr "区域文件的SOA部分中指定的刷新时间(以秒为单位或缩短持续时间, 例如15m)" #: Model/Server.php:1416 msgid "The retry specified in the SOA portion of the zone file. (in seconds, or shorthand duration such as 15m)" -msgstr "区域文件的SOA部分中指定的重新尝试(以秒为单位或短片持续时间,例如15m)" +msgstr "区域文件的SOA部分中指定的重新尝试(以秒为单位或短片持续时间, 例如15m)" #: Model/Server.php:1424 msgid "The expiry specified in the SOA portion of the zone file. (in seconds, or shorthand duration such as 15m)" -msgstr "区域文件SOA部分中指定的过期时间(以秒为单位或短片持续时间,例如15m)" +msgstr "区域文件SOA部分中指定的过期时间(以秒为单位或短片持续时间, 例如15m)" #: Model/Server.php:1432 msgid "The minimum TTL specified in the SOA portion of the zone file. (in seconds, or shorthand duration such as 15m)" -msgstr "区域文件SOA部分中指定的最小TTL(以秒为单位或缩短持续时间,例如15m)" +msgstr "区域文件SOA部分中指定的最小TTL(以秒为单位或缩短持续时间, 例如15m)" #: Model/Server.php:1440 msgid "The TTL of the zone file. (in seconds, or shorthand duration such as 15m)" -msgstr "区域文件的TTL(以秒计,或短片持续时间,例如15m)" +msgstr "区域文件的TTL(以秒计, 或短片持续时间, 例如15m)" #: Model/Server.php:1448 msgid "Nameserver" -msgstr "域名服务器" +msgstr "名称服务器" #: Model/Server.php:1456 msgid "Alternate nameserver" -msgstr "备用命名服务器" +msgstr "备用名称服务器" #: Model/Server.php:1464 msgid "The e-mail address specified in the SOA portion of the zone file." -msgstr "区域文件SOA部分中指定的电子邮件地址。" +msgstr "区域文件SOA部分中指定的电子邮件地址." #: Model/Server.php:1472 msgid "Enables or disables the Kafka pub feature of MISP. Make sure that you install the requirements for the plugin to work. Refer to the installation instructions for more information." -msgstr "启用或禁用 MISP 的 Kafka pub功能。请确保您安装插件工作的要求。 更多信息请参阅安装说明。" +msgstr "启用或禁用 MISP 的 Kafka pub功能. 请确保您安装插件工作的要求. 更多信息请参阅安装说明." #: Model/Server.php:1480 msgid "A comma separated list of Kafka bootstrap brokers" @@ -4600,231 +4600,231 @@ msgstr "Kafka bootstrap broker的逗号分隔列表" #: Model/Server.php:1488 msgid "A path to an ini file with configuration options to be passed to rdkafka. Section headers in the ini file will be ignored." -msgstr "" +msgstr "传给rdkafka的ini文件的路径, 其中包含要传递给rdkafka的配置选项. ini文件中的章节标题将被忽略" #: Model/Server.php:1496;1743 msgid "Enable this setting to include the base64 encoded payloads of malware-samples/attachments in the output." -msgstr "" +msgstr "启用此设置可将恶意软件样本/附件的base64编码有效载荷包含在输出中" #: Model/Server.php:1504;1751 msgid "Enables or disables the publishing of any event creations/edits/deletions." -msgstr "" +msgstr "启用或禁用任何事件创建/编辑/删除的发布" #: Model/Server.php:1512 msgid "Topic for publishing event creations/edits/deletions." -msgstr "" +msgstr "用于发布事件创建/编辑/删除的主题" #: Model/Server.php:1520 msgid "If enabled it will publish to Kafka the event at the time that the event gets published in MISP. Event actions (creation or edit) will not be published to Kafka." -msgstr "" +msgstr "如果启用, 在MISP中发布事件会将事件发布到Kafka, 事件操作(创建或编辑)不会发布到Kafka" #: Model/Server.php:1528 msgid "Topic for publishing event information on publish." -msgstr "发布事件信息的主题。" +msgstr "发布事件信息的主题." #: Model/Server.php:1536;1759 msgid "Enables or disables the publishing of any object creations/edits/deletions." -msgstr "" +msgstr "启用或禁用任何对象创建/编辑/删除的发布" #: Model/Server.php:1544 msgid "Topic for publishing object creations/edits/deletions." -msgstr "发布对象创建/编辑/删除的主题。" +msgstr "发布对象创建/编辑/删除的主题." #: Model/Server.php:1552;1767 msgid "Enables or disables the publishing of any object reference creations/deletions." -msgstr "" +msgstr "启用或禁用任何对象引用的创建/删除的发布" #: Model/Server.php:1560 msgid "Topic for publishing object reference creations/deletions." -msgstr "" +msgstr "用于发布对象引用的创建/删除的主题" #: Model/Server.php:1568;1775 msgid "Enables or disables the publishing of any attribute creations/edits/soft deletions." -msgstr "" +msgstr "启用或禁用任何属性创建/编辑/软删除的发布" #: Model/Server.php:1576 msgid "Topic for publishing attribute creations/edits/soft deletions." -msgstr "" +msgstr "用于发布属性创建/编辑/软删除的主题" #: Model/Server.php:1584 msgid "Enables or disables the publishing of any proposal creations/edits/deletions." -msgstr "" +msgstr "启用或禁用任何创建/编辑/删除的提案的发布" #: Model/Server.php:1592 msgid "Topic for publishing proposal creations/edits/deletions." -msgstr "" +msgstr "用于发布提案创作/编辑/删除的主题" #: Model/Server.php:1600;1783 msgid "Enables or disables the publishing of any tag creations/edits/deletions as well as tags being attached to / detached from various MISP elements." -msgstr "" +msgstr "启用或禁用任何标记的创建/编辑/删除以及以及将标签附加到各种MISP元素/从各种MISP元素中分离的发布" #: Model/Server.php:1608 msgid "Topic for publishing tag creations/edits/deletions as well as tags being attached to / detached from various MISP elements." -msgstr "" +msgstr "用于发布标签创建/编辑/删除以及将标签附加到各种MISP元素/从各种MISP元素中分离的主题" #: Model/Server.php:1616 msgid "Enables or disables the publishing of new sightings." -msgstr "启用或禁用发布新视图。" +msgstr "启用或禁用发布新视图." #: Model/Server.php:1624 msgid "Topic for publishing sightings." -msgstr "发表视图的主题。" +msgstr "发表视图的主题." #: Model/Server.php:1632 msgid "Enables or disables the publishing of new/modified users." -msgstr "启用或禁用新/修改用户的发布。" +msgstr "启用或禁用新/修改用户的发布." #: Model/Server.php:1640 msgid "Topic for publishing new/modified users." -msgstr "发布新用户/修改用户的主题。" +msgstr "用于发布新用户/修改过的用户的主题." #: Model/Server.php:1648 msgid "Enables or disables the publishing of new/modified organisations." -msgstr "" +msgstr "启用或禁用新的/修改过的组织的发布" #: Model/Server.php:1656 msgid "Topic for publishing new/modified organisations." -msgstr "发布的新的/修改过的组织的主题。" +msgstr "用于发布的新的/修改过的组织的主题." #: Model/Server.php:1664 msgid "Enables or disables the publishing of log entries. Keep in mind, this can get pretty verbose depending on your logging settings." -msgstr "" +msgstr "启用或禁用日志条目的发布. 请记住, 这可能会非常冗长, 具体取决于您的日志记录设置" #: Model/Server.php:1672 msgid "Topic for publishing log entries." -msgstr "发布日志条目的主题。" +msgstr "发布日志条目的主题." #: Model/Server.php:1680 msgid "Enables or disables the pub/sub feature of MISP. Make sure that you install the requirements for the plugin to work. Refer to the installation instructions for more information." -msgstr "" +msgstr "启用或禁用MISP的发布/订阅功能, 确保您已安装了要求的插件, 有关更多信息, 请参考安装说明" #: Model/Server.php:1689 msgid "The port that the pub/sub feature will use." -msgstr "pub/sub将使用的端口。" +msgstr "pub/sub将使用的端口." #: Model/Server.php:1698 msgid "Location of the Redis db used by MISP and the Python PUB script to queue data to be published." -msgstr "" +msgstr "MISP和Python PUB脚本使用的Redis db的位置, 用于排队发布数据" #: Model/Server.php:1707 msgid "The port that Redis is listening on." -msgstr "Redis正在监听端口。" +msgstr "Redis正在监听端口." #: Model/Server.php:1716 msgid "The password, if set for Redis." -msgstr "密码,如果被设置未Redis。" +msgstr "密码, 如果设置为Redis的话." #: Model/Server.php:1725 msgid "The database to be used for queuing messages for the pub/sub functionality." -msgstr "" +msgstr "用于pub/sub功能的消息队列的数据库" #: Model/Server.php:1734 msgid "The namespace to be used for queuing messages for the pub/sub functionality." -msgstr "" +msgstr "用于pub/sub功能的消息队列的命名空间" #: Model/Server.php:1791 msgid "Enables or disables the publishing of new sightings to the ZMQ pubsub feed." -msgstr "" +msgstr "启用或禁用向ZMQ pubsub feed发布新的观察事件" #: Model/Server.php:1799 msgid "Enables or disables the publishing of new/modified users to the ZMQ pubsub feed." -msgstr "" +msgstr "启用或禁用向ZMQ pubsub feed发布新的/修改过的用户" #: Model/Server.php:1807 msgid "Enables or disables the publishing of new/modified organisations to the ZMQ pubsub feed." -msgstr "" +msgstr "启用或禁用向ZMQ pubsub feed发布新的/修改过的组织" #: Model/Server.php:1815 msgid "Enables or disables the publishing of log entries to the ZMQ pubsub feed. Keep in mind, this can get pretty verbose depending on your logging settings." -msgstr "" +msgstr "启用或禁用向ZMQ pubsub feed日志条目, 请记住, 这可能会根据您的日志设置而变得非常繁琐. " #: Model/Server.php:1823 msgid "Enabled logging to an ElasticSearch instance" -msgstr "" +msgstr "启用向ElasticSearch实例的日志记录功能" #: Model/Server.php:1831 msgid "The URL(s) at which to access ElasticSearch - comma separate if you want to have more than one." -msgstr "" +msgstr "访问ElasticSearch的URL - 如果您希望有多个URL, 请用逗号隔开" #: Model/Server.php:1839 msgid "The index in which to place logs" -msgstr "放置日志的索引" +msgstr "用于放置日志的索引" #: Model/Server.php:1847 msgid "Enables or disables uploading of malware samples to S3 rather than to disk (WARNING: Get permission from amazon first!)" -msgstr "" +msgstr "启用或禁用将恶意软件样本上传到S3, 而不是上传到磁盘(警告:先获得amazon的许可!)" #: Model/Server.php:1855 msgid "Bucket name to upload to" -msgstr "" +msgstr "要上传到的Bucket名称" #: Model/Server.php:1863 msgid "Region in which your S3 bucket resides" -msgstr "" +msgstr "您的S3 bucket所处的区域" #: Model/Server.php:1871 msgid "AWS key to use when uploading samples (WARNING: It' highly recommended that you use EC2 IAM roles if at all possible)" -msgstr "上传样品时使用的 AWS 密钥(警告:强烈建议你尽可能使用 EC2 IAM roles)" +msgstr "上传样本时使用的 AWS 密钥(警告:强烈建议您尽可能使用 EC2 IAM roles)" #: Model/Server.php:1879 msgid "AWS secret key to use when uploading samples" -msgstr "上传样品时使用的 AWS 密钥" +msgstr "上传样本时使用的 AWS 密钥" #: Model/Server.php:1887 msgid "This setting defines who will have access to seeing the reported sightings. The default setting is the event owner alone (in addition to everyone seeing their own contribution) with the other options being Sighting reporters (meaning the event owner and anyone that provided sighting data about the event) and Everyone (meaning anyone that has access to seeing the event / attribute)." -msgstr "" +msgstr "此设置定义了谁可以查看报告的观察事件. 默认的设置是事件的拥有者(除了每个人都能看到自己的贡献之外), 其他选项是Sighting reporters(指事件的拥有者和任何提供该事件的观察数据的人)和每个人(指任何能看到事件/属性的人)" #: Model/Server.php:1896 msgid "Enabling the anonymisation of sightings will simply aggregate all sightings instead of showing the organisations that have reported a sighting. Users will be able to tell the number of sightings their organisation has submitted and the number of sightings for other organisations" -msgstr "" +msgstr "启用观察事件的匿名化功能将简单地汇总所有观察事件, 而不是显示已报告观察事件的组织, 用户将能够知道他们的组织提交的观察事件数量和其他组织的观察事件数量" #: Model/Server.php:1904 msgid "Set the range in which sightings will be taken into account when generating graphs. For example a sighting with a sighted_date of 7 years ago might not be relevant anymore. Setting given in number of days, default is 365 days" -msgstr "" +msgstr "设置在生成图表时将考虑到的观察事件的范围. 例如, 7年前的观察事件可能已经不重要了, 设置以天数为单位, 默认为365天." #: Model/Server.php:1912 msgid "Enable SightingDB integration." -msgstr "" +msgstr "启用SightingDB集成" #: Model/Server.php:1920 msgid "Enable this functionality if you would like to handle the authentication via an external tool and authenticate with MISP using a custom header." -msgstr "" +msgstr "如果您想通过外部工具处理身份验证, 并使用自定义的头显进行MISP认证, 请启用此功能" #: Model/Server.php:1930 msgid "Set the header that MISP should look for here. If left empty it will default to the Authorization header." -msgstr "设定MISP应在此处寻找的标头。如果留空,则默认设置为Authorization标头。" +msgstr "设置MISP应该在此处查找的标头, 如果保留为空, 则默认为Authorization标头." #: Model/Server.php:1939 msgid "Use a header namespace for the auth header - default setting is enabled" -msgstr "" +msgstr "使用header namespace作为auth header - 默认设置为启用" #: Model/Server.php:1948 msgid "The default header namespace for the auth header - default setting is HTTP_" -msgstr "" +msgstr "auth header的默认header namespace - 默认设置为HTTP_" #: Model/Server.php:1957 msgid "If this setting is enabled then the only way to authenticate will be using the custom header. Altnertatively you can run in mixed mode that will log users in via the header if found, otherwise users will be redirected to the normal login page." -msgstr "" +msgstr "如果启用此设置, 则唯一的身份验证方法将是使用自定义标头. 另外, 您可以在混合模式下运行, 如果发现该用户, 则将通过标头登录用户, 否则用户将被重定向到正常的登录页面" #: Model/Server.php:1966 msgid "If you are using an external tool to authenticate with MISP and would like to only allow the tool's url as a valid point of entry then set this field. " -msgstr "" +msgstr "如果您使用的是一个外部工具来验证MISP, 并只希望将该工具的URL作为有效的输入点, 那么请设置此字段" #: Model/Server.php:1975 msgid "The name of the authentication method, this is cosmetic only and will be shown on the user creation page and logs." -msgstr "" +msgstr "身份验证方法的名称, 这只是表面上的, 会在用户创建页面和日志中显示。" #: Model/Server.php:1984 msgid "Disable the logout button for users authenticate with the external auth mechanism." -msgstr "对于使用外部认证机制的用户禁用注销按钮。" +msgstr "禁用外部认证机制的用户注销按钮" #: Model/Server.php:1992 msgid "Enable/disable the enrichment services" -msgstr "启用/禁用浓缩服务" +msgstr "启用/禁用丰富化服务" #: Model/Server.php:2000 msgid "Set a timeout for the enrichment services" -msgstr "设置浓缩服务超时" +msgstr "设置丰富化服务超时" #: Model/Server.php:2008 msgid "Enable/disable the import services" @@ -4836,19 +4836,19 @@ msgstr "设置导入服务超时" #: Model/Server.php:2024 msgid "The url used to access the import services. By default, it is accessible at http://127.0.0.1:6666" -msgstr "访问导入服务所使用的URL。默认情况下可通过http://127.0.1:6666访问" +msgstr "访问导入服务所使用的URL, 默认情况下可通过http://127.0.1:6666访问" #: Model/Server.php:2032 msgid "The port used to access the import services. By default, it is accessible at 127.0.0.1:6666" -msgstr "用于访问导入服务的端口。默认情况下可通过 127.0.0.1:6666访问" +msgstr "用于访问导入服务的端口, 默认情况下可通过 127.0.0.1:6666 访问" #: Model/Server.php:2040 msgid "The url used to access the export services. By default, it is accessible at http://127.0.0.1:6666" -msgstr "访问导出服务所使用的URL。默认情况下可通过http://127.0.1:6666访问" +msgstr "访问导出服务所使用的URL, 默认情况下可通过http://127.0.1:6666访问" #: Model/Server.php:2048 msgid "The port used to access the export services. By default, it is accessible at 127.0.0.1:6666" -msgstr "用于访问导出服务的端口。默认情况下可通过127.0.0.1:6666访问" +msgstr "用于访问导出服务的端口, 默认情况下可通过 127.0.0.1:6666 访问" #: Model/Server.php:2056 msgid "Enable/disable the export services" @@ -4860,7 +4860,7 @@ msgstr "设置导出服务超时" #: Model/Server.php:2072 msgid "Enable/disable the hover over information retrieved from the enrichment modules" -msgstr "启用/禁用悬停从浓缩模块检索到的信息" +msgstr "启用/禁用悬停从丰富化模块检索到的信息" #: Model/Server.php:2080 msgid "Set a timeout for the hover services" @@ -4868,19 +4868,19 @@ msgstr "设置悬停服务超时" #: Model/Server.php:2088 msgid "The url used to access the enrichment services. By default, it is accessible at http://127.0.0.1:6666" -msgstr "访问浓缩服务使用的URL。默认情况下可通过http://127.0.0.1:6666访问" +msgstr "访问丰富化服务使用的URL, 默认情况下可通过http://127.0.0.1:6666访问" #: Model/Server.php:2096 msgid "The port used to access the enrichment services. By default, it is accessible at 127.0.0.1:6666" -msgstr "用于访问浓缩服务的端口。默认情况下可通过127.0.0.1:6666访问" +msgstr "用于访问丰富化服务的端口, 默认情况下可通过 127.0.0.1:6666 访问" #: Model/Server.php:2104 msgid "The url used to access Cortex. By default, it is accessible at http://cortex-url" -msgstr "访问Cortex的URL。默认情况下可通过http://cortex-url访问" +msgstr "访问Cortex的URL, 默认情况下可通过http://cortex-url访问" #: Model/Server.php:2112 msgid "The port used to access Cortex. By default, this is port 9000" -msgstr "访问Cortex的端口。默认情况下是9000端口" +msgstr "访问Cortex的端口, 默认情况下是9000端口" #: Model/Server.php:2120 msgid "Enable/disable the Cortex services" @@ -4896,47 +4896,47 @@ msgstr "设置Cortex服务超时" #: Model/Server.php:2145 msgid "Set to false to disable SSL verification. This is not recommended." -msgstr "" +msgstr "设置为false以禁用SSL验证, 不建议这样做" #: Model/Server.php:2154 msgid "Set to false if you wish to ignore hostname match errors when validating certificates." -msgstr "" +msgstr "如果您希望在验证证书时忽略主机名匹配错误, 请设置为false" #: Model/Server.php:2163 msgid "Set to true to enable self-signed certificates to be accepted. This requires Cortex_ssl_verify_peer to be enabled." -msgstr "" +msgstr "设置为true可以接受自签名证书, 这要求启用Cortex_ssl_verify_peer" #: Model/Server.php:2172 msgid "Set to the absolute path of the Certificate Authority file that you wish to use for verifying SSL certificates." -msgstr "" +msgstr "设置为您希望用于验证SSL证书的证书机构文件的绝对路径" #: Model/Server.php:2181 msgid "Provide your custom authentication users with an external URL to the authentication system to reset their passwords." -msgstr "" +msgstr "为您的自定义身份验证用户提供一个外部URL到身份验证系统, 以重置他们的密码" #: Model/Server.php:2190 msgid "Provide a custom logout URL for your users that will log them out using the authentication system you use." -msgstr "" +msgstr "为您的用户提供一个自定义的注销URL, 它将使用您使用的验证系统将用户注销" #: Model/Server.php:2200 msgid "The debug level of the instance, always use 0 for production instances." -msgstr "" +msgstr "实例的调试级别, 对于生产实例总是使用0" #: Model/Server.php:2209 msgid "The debug level of the instance for site admins. This feature allows site admins to run debug mode on a live instance without exposing it to other users. The most verbose option of debug and site_admin_debug is used for site admins." -msgstr "" +msgstr "为网站管理员提供的实例的调试级别, 这个功能允许站点管理员在不暴露给其他用户的情况下, 在实时实例上运行调试模式, debug和site_admin_debug中最详细的选项是为网站管理员使用的" #: Model/Server.php:2376 msgid "Failed (partially?) because of validation errors: " -msgstr "失败(部分?) 因为验证错误: " +msgstr "失败(部分?) 因为验证错误: " #: Model/Server.php:2380 msgid "Blocked an edit to an event that was created locally. This can happen if a synchronised event that was created on this instance was modified by an administrator on the remote side." -msgstr "" +msgstr "阻止对本地创建的事件进行编辑, 如果在此实例上创建的同步事件被远程管理员修改, 就会发生这种情况" #: Model/Server.php:2407 msgid "Empty event detected." -msgstr "检测到空事件。" +msgstr "检测到空事件." #: Model/Server.php:2413 msgid "failed downloading the event" @@ -4944,71 +4944,71 @@ msgstr "下载事件失败" #: Model/Server.php:2492 msgid "Not authorised. This is either due to an invalid auth key, or due to the sync user not having authentication permissions enabled on the remote server. Another reason could be an incorrect sync server setting." -msgstr "未授权。 这亦或是由于无效的认证密钥,亦或是因为同步用户没有在远程服务器上启用认证权限。 另一个原因可能是同步服务器设置不正确。" +msgstr "未授权. 这亦或是由于无效的认证密钥, 亦或是因为同步用户没有在远程服务器上启用认证权限. 另一个原因可能是同步服务器设置不正确." #: Model/Server.php:2494 msgid "Sorry, this is not yet implemented" -msgstr "抱歉,此操作尚未实现" +msgstr "抱歉, 此操作尚未实现" #: Model/Server.php:2495 msgid "Something went wrong while trying to pull" -msgstr "尝试下载时出了错。" +msgstr "尝试下载时出了错." #: Model/Server.php:2507;2509 msgid "Unknown issue." -msgstr "未知问题。" +msgstr "未知问题." #: Model/Server.php:3049 msgid "Enable or disable the %s module." -msgstr "启用或禁用 %s 模块。" +msgstr "启用或禁用 %s 模块." #: Model/Server.php:3052 msgid "Restrict the %s module to the given organisation." -msgstr "将 %s 模块限制在给定的组织。" +msgstr "将 %s 模块限制在给定的组织." #: Model/Server.php:3060 msgid "Set this required module specific setting." -msgstr "设置此模块的特定设置。" +msgstr "设置此模块的特定设置." #: Model/Server.php:3175 msgid "Value not set." -msgstr "值未设置。" +msgstr "值未设置." #: Model/Server.php:3196 msgid "Invalid language." -msgstr "" +msgstr "无效语言" #: Model/Server.php:3217 msgid "Invalid tag_collection." -msgstr "" +msgstr "无效tag_collection" #: Model/Server.php:3225 msgid "This setting has to be a number." -msgstr "" +msgstr "这个设置必须是一个数字" #: Model/Server.php:3237 msgid "The cookie timeout is currently lower than the session timeout. This will invalidate the cookie before the session expires." -msgstr "" +msgstr "目前, cookie的超时值低于会话超时值, 这将使cookie在会话过期前失效" #: Model/Server.php:3519 msgid "Invalid file path or file not accessible." -msgstr "" +msgstr "文件路径无效或文件无法访问" #: Model/Server.php:3522 msgid "File has to be in .pem format." -msgstr "" +msgstr "文件必须是.pem格式" #: Model/Server.php:3888 msgid "Something went wrong. MISP tried to save a malformed config file. Setting change reverted." -msgstr "出错了。MISP 试图保存一个格式错误的配置文件。设置已恢复。" +msgstr "出了点问题, MISP尝试保存格式错误的配置文件, 设置更改已还原" #: Model/Server.php:4020 msgid "Organisation logos" -msgstr "组织的标志" +msgstr "组织徽标" #: Model/Server.php:4021 msgid "The logo used by an organisation on the event index, event view, discussions, proposals, etc. Make sure that the filename is in the org.png format, where org is the case-sensitive organisation name." -msgstr "" +msgstr "组织在事件索引, 事件视图, 讨论, 提案等上使用的徽标. 请确保文件名采用org.png格式, 其中org是区分大小写的组织名称。" #: Model/Server.php:4023 msgid "48x48 pixel .png files" @@ -5024,79 +5024,79 @@ msgstr "附加图像文件" #: Model/Server.php:4031 msgid "Image files uploaded into this directory can be used for various purposes, such as for the login page logos" -msgstr "" +msgstr "上传到这个目录中的图片文件可以用于各种用途, 如登录页面的logo" #: Model/Server.php:4038 msgid "text/html if served inline, anything that conveys the terms of use if served as download" -msgstr "" +msgstr "如果是内嵌式的, 则为text/html, 如果是下载式的, 则为传达使用条款的内容" #: Model/Server.php:4128 msgid "Invalid server." -msgstr "" +msgstr "无效服务" #: Model/Server.php:4159 msgid "Response was empty." -msgstr "" +msgstr "响应为空" #: Model/Server.php:4235 msgid "Error: Server didn't send the expected response. This may be because the remote server version is outdated." -msgstr "错误:服务器没有发送预期的响应。这可能是因为远程服务器版本过旧。" +msgstr "错误: 服务器没有发送预期的响应, 这可能是因为远程服务器版本过旧." #: Model/Server.php:4501 msgid "% The command below is a suggestion and might be incorrect. Please ask if you are not sure what you are doing." -msgstr "" +msgstr "% 下面的命令是一个建议, 可能不正确. 如果您不确定您在做什么, 请询问" #: Model/Server.php:4571 msgid "Can't check database schema for Postgres database type" -msgstr "" +msgstr "无法检查Postgres数据库类型的数据库模式" #: Model/Server.php:4588 msgid "Table `%s` does not exist" -msgstr "" +msgstr "表 `%s` 不存在" #: Model/Server.php:4615 msgid "Column `%s` exists but should not" -msgstr "" +msgstr "列 `%s` 存在, 但不应该存在" #: Model/Server.php:4648 msgid "Column `%s` is different" -msgstr "" +msgstr "列 `%s` 是不同的" #: Model/Server.php:4658 msgid "Column `%s` does not exist but should" -msgstr "" +msgstr "列 `%s` 不存在, 但应该存在" #: Model/Server.php:4671 msgid "Table `%s` is an additional table" -msgstr "" +msgstr "表`%s`是一个附加表" #: Model/Server.php:4695 msgid "Column `%s` should be indexed" -msgstr "" +msgstr "列 `%s` 应该被索引" #: Model/Server.php:4718 msgid "Column `%s` is indexed but should not" -msgstr "" +msgstr "列 `%s` 是索引, 但不应该是" #: Model/Server.php:5141 msgid "Removing a dead worker." -msgstr "" +msgstr "移除已经死掉的worker" #: Model/Server.php:5142 msgid "Removing dead worker data. Worker was of type %s with pid %s" -msgstr "" +msgstr "移除已经死掉的worker, worker的类型为%s pid为 %s" #: Model/Server.php:5146 msgid "Stopping a worker." -msgstr "" +msgstr "停止运行worker" #: Model/Server.php:5147 msgid "Stopping a worker. Worker was of type %s with pid %s" -msgstr "" +msgstr "停止运行worker, worker的类型为%s pid为 %s" #: Model/Server.php:5449 msgid "Invalid submodule." -msgstr "无效的子模块。" +msgstr "无效的子模块." #: Model/Server.php:5449;5478 msgid "unknown" @@ -5108,79 +5108,79 @@ msgstr "update_after_pull" #: Model/Server.php:5462 msgid "Updating: " -msgstr "正在更新: " +msgstr "正在更新: " #: Model/Server.php:5593 msgid "Invalid worker." -msgstr "" +msgstr "无效worker" #: Model/Server.php:5600 msgid "Background workers not enabled." -msgstr "" +msgstr "后台worker没有启用" #: Model/Server.php:5607 msgid "Invalid worker type." -msgstr "" +msgstr "无效worker类型" #: Model/Server.php:5787 msgid "Could not reset the remote authentication key." -msgstr "" +msgstr "无法重置远程认证密钥" #: Model/Server.php:5864 msgid "Could not parse JSON: " -msgstr "" +msgstr "无法解析JSON: " #: Model/Server.php:5884 msgid "Could not reset fetch remote user account." -msgstr "" +msgstr "无法重置获取远程用户账户" #: Model/Server.php:5906 msgid "No user object received in response." -msgstr "" +msgstr "没有收到响应的用户对象" #: Model/Sightingdb.php:346 msgid "Could not resolve Sightingdb address." -msgstr "" +msgstr "无法解析Sightingdb地址" #: Model/Sightingdb.php:348 msgid "Something went wrong. Could not contact the SightingDB server." -msgstr "" +msgstr "出了点问题, 无法连接SightingDB服务器" #: Model/Sightingdb.php:363 msgid "The SightingDB returned an invalid response." -msgstr "" +msgstr "SightingDB返回无效响应" #: Model/Sightingdb.php:366 msgid "No response from the SightingDB server." -msgstr "" +msgstr "SightingDB服务器没有响应" #: Model/Taxonomy.php:619 msgid "Taxonomy `%s` is an exclusive Taxonomy" -msgstr "" +msgstr "分类法 `%s` 是一个专属的分类法" #: Model/Taxonomy.php:626 msgid "Predicate `%s` is exclusive" -msgstr "" +msgstr "谓语`%s`是专属的" #: Model/User.php:1254 msgid "reset_all_sync_api_keys" -msgstr "" +msgstr "reset_all_sync_api_keys" #: Model/User.php:1255 msgid "Reseting all API keys" -msgstr "" +msgstr "重置所有API keys" #: Model/User.php:1317 msgid "Reset in progress - %s/%s." -msgstr "" +msgstr "重置中 - %s/%s" #: Model/User.php:1322 msgid "%s authkeys reset, %s could not be reset" -msgstr "" +msgstr "%s authkeys重置, %s authkeys不能被重置" #: Model/User.php:1347 msgid "Authentication key for user %s (%s) updated." -msgstr "" +msgstr "用户%s (%s) 的认证密钥已更新" #: Model/User.php:1359 msgid "Dear user,\n\n" @@ -5188,7 +5188,11 @@ msgid "Dear user,\n\n" "Your new API key is: %s\n\n" "Please update your server's sync setup to reflect this change.\n\n" "We apologise for the inconvenience." -msgstr "" +msgstr "亲爱的用户,\n\n" +"您的用户账户的管理员已经触发了一个API密钥重置.\n\n" +"您的新API密钥是: %s\n\n" +"请更新您的服务器的同步设置以反映这一变化.\n\n" +"我们为给您带来的不便表示歉意." #: Model/User.php:1364 msgid "Dear user,\n\n" @@ -5196,23 +5200,27 @@ msgid "Dear user,\n\n" "Your new API key can be retrieved by logging in using this sync user's account.\n\n" "Please update your server's sync setup to reflect this change.\n\n" "We apologise for the inconvenience." -msgstr "" +msgstr "亲爱的用户,\n\n" +"您的用户账户的管理员已经触发了一个API密钥重置.\n\n" +"您的新API密钥可以通过登录这个同步用户的账户来获取.\n\n" +"请更新您的服务器的同步设置以反映这一变化.\n\n" +"我们为给您带来的不便表示歉意." #: Model/User.php:1373 msgid "API key reset by administrator" -msgstr "" +msgstr "管理员重置API key" #: Model/DecayingModelsFormulas/Polynomial.php:7 msgid "The implementation of the decaying formula from the paper `An indicator scoring method for MISP platforms`." -msgstr "" +msgstr "论文`An indicator scoring method for MISP platforms`中衰减公式的实现" #: Model/DecayingModelsFormulas/PolynomialExtended.php:7 msgid "The implementation of the decaying formula from the paper `An indicator scoring method for MISP platforms` with support of the `Retention` taxonomy which overrides the final score." -msgstr "" +msgstr "论文`An indicator scoring method for MISP platforms`中衰减公式的实现, 并支持`Retention`分类法, 该分类法覆盖了最终分数" #: Model/DecayingModelsFormulas/PolynomialExtended.php:17 msgid "`Retention` taxonomy not available" -msgstr "" +msgstr "`Retention`分类法不可用" #: Plugin/Assets/models/behaviors/LogableBehavior.php:361 msgid "deleted" @@ -5278,26 +5286,26 @@ msgstr "共享组" #: View/ShadowAttributes/add_attachment.ctp:13 #: View/ShadowAttributes/edit.ctp:32 msgid "Contextual Comment" -msgstr "上下文评论" +msgstr "背景注释" #: View/Attributes/add.ctp:57 #: View/Attributes/edit.ctp:55 #: View/Elements/eventattributecreation.ctp:53 #: View/ShadowAttributes/add.ctp:38 msgid "for Intrusion Detection System" -msgstr "" +msgstr "入侵检测系统" #: View/Attributes/add.ctp:154 msgid "Timezone missing, auto-detected as: " -msgstr "" +msgstr "时区丢失, 自动检测为: " #: View/Attributes/add.ctp:155 msgid "The following value will be submited instead: " -msgstr "" +msgstr "下面的值将被替换为: " #: View/Attributes/add.ctp:163 msgid "Value is not a valid datetime. Excpected format YYYY-MM-DDTHH:mm:ssZ" -msgstr "" +msgstr "值不是一个有效的日期时间, 应如: YYY-MMY-MM-DDTHH:mm:ssZ" #: View/Attributes/add_attachment.ctp:4 msgid "Add Attachment(s)" @@ -5344,7 +5352,7 @@ msgstr "替代搜索结果" #: View/Attributes/alternate_search_result.ctp:3 msgid "This is a list of events that match the given search criteria sorted according to the percentage of matched attributes that are marked as IDS signatures (blue = IDS matches, red = non IDS matches)." -msgstr "" +msgstr "这是一个符合给定搜索条件的事件列表, 根据被标记为 IDS 标志的匹配属性的百分比排序(蓝色 = IDS 匹配, 红色 = 非 IDS 匹配)" #: View/Attributes/alternate_search_result.ctp:6 #: View/EventDelegations/index.ctp:70 @@ -5398,7 +5406,7 @@ msgstr "属性替换工具" #: View/Attributes/attribute_replace.ctp:8 msgid "Choose a category and a type, then paste a list of IOCs that match the selection into the field below. This will delete all of the attributes not found in the new inserted list, whilst creating the attributes that are in the new list but don't exist as attributes. Found matches will be left untouched." -msgstr "" +msgstr "选择一个类别和类型, 然后在下面的字段中粘贴一个与选择相匹配的IOC列表, 这将删除所有在新插入的列表中没有找到的属性, 同时创建新列表中的属性, 但不作为属性存在. 已找到的匹配项将被保留下来." #: View/Attributes/attribute_replace.ctp:15 #: View/Attributes/edit.ctp:12 @@ -5429,7 +5437,7 @@ msgstr "值" #: View/TemplateElements/ajax/template_element_edit_file.ctp:70 #: View/TemplateElements/ajax/template_element_edit_text.ctp:32 msgid "Warning: You are about to share data that is of a classified nature (Attribution / targeting data). Make sure that you are authorised to share this." -msgstr "警告:您将要共享分类数据(属性/目标数据)。 请确保您已被授权分享这个信息。" +msgstr "警告:您将要共享分类数据(属性/目标数据). 请确保您已被授权分享这个信息." #: View/Attributes/attribute_replace.ctp:38 msgid "Replace attributes" @@ -5437,7 +5445,7 @@ msgstr "替换属性" #: View/Attributes/attribute_replace.ctp:38 msgid "Replaceattributes" -msgstr "" +msgstr "Replaceattributes" #: View/Attributes/attribute_replace.ctp:38 #: View/Attributes/ajax/attributeEditMassForm.ctp:80 @@ -5570,7 +5578,7 @@ msgstr "已禁用" #: View/ShadowAttributes/add.ctp:66 #: View/ShadowAttributes/edit.ctp:56;65 msgid "Warning: You are about to share data that is of a sensitive nature (Attribution / targeting data). Make sure that you are authorised to share this." -msgstr "警告:您将要分享敏感的数据(属性/目标数据)。 请确保您已被授权分享这个信息。" +msgstr "警告:您将要分享敏感的数据(属性/目标数据). 请确保您已被授权分享这个信息." #: View/Attributes/index.ctp:2 #: View/Elements/histogram.ctp:4 @@ -5601,11 +5609,11 @@ msgstr " 带有标签 " #: View/Attributes/index.ctp:12 msgid " of type " -msgstr "" +msgstr "类型" #: View/Attributes/index.ctp:13 msgid " of category " -msgstr "" +msgstr "分类" #: View/Attributes/index.ctp:14 msgid " created by organisation " @@ -5741,12 +5749,12 @@ msgstr "日期" #: View/Galaxies/index.ctp:2 #: View/TagCollections/index.ctp:11 msgid "Galaxies" -msgstr "Galaxies" +msgstr "星系" #: View/Attributes/index.ctp:56 #: View/Elements/eventattribute.ctp:160 msgid "Correlate" -msgstr "" +msgstr "关联性" #: View/Attributes/index.ctp:57 #: View/Elements/eventattribute.ctp:161 @@ -5764,14 +5772,14 @@ msgstr "相关事件" #: View/Elements/Feeds/eventattribute.ctp:49 #: View/Elements/Servers/eventattribute.ctp:49 msgid "Feed hits" -msgstr "" +msgstr "订阅源命中" #: View/Attributes/index.ctp:61 #: View/DecayingModel/decaying_tool_rest_search.ctp:33 #: View/Elements/eventattribute.ctp:165 #: View/Events/view.ctp:252 msgid "Sightings" -msgstr "" +msgstr "Sightings" #: View/Attributes/index.ctp:62 #: View/Elements/eventattribute.ctp:166 @@ -5872,15 +5880,15 @@ msgstr "" #: View/Attributes/report_validation_issues_attributes.ctp:2 msgid "Listing invalid attribute validations" -msgstr "" +msgstr "列出无效的属性验证" #: View/Attributes/report_validation_issues_attributes.ctp:6 msgid "Validation errors for attribute: " -msgstr "属性验证错误: " +msgstr "属性验证错误: " #: View/Attributes/report_validation_issues_attributes.ctp:10 msgid "Value found: " -msgstr "找到的值: " +msgstr "找到的值: " #: View/Attributes/report_validation_issues_attributes.ctp:10 #: View/Elements/templateElements/populateTemplateFile.ctp:21 @@ -5898,11 +5906,11 @@ msgstr "搜索属性" #: View/Attributes/search.ctp:5 msgid "You can search for attributes based on contained expression within the value, event ID, submitting organisation, category and type.
For the value, event ID and organisation, you can enter several search terms by entering each term as a new line. To exclude things from a result, use the NOT operator (!) in front of the term." -msgstr "" +msgstr "您可以根据值、事件ID、提交机构、类别和类型中的表达式来搜索属性.
对于值、事件ID和组织, 您可以通过将每个词作为一个新的行来输入多个搜索词, 要从结果中排除掉一些东西, 请在术语前面使用NOT操作符(!)" #: View/Attributes/search.ctp:7 msgid "For string searches (such as searching for an expression, tags, etc) - lookups are simple string matches. If you want a substring match encapsulate the lookup string between \"%\" characters." -msgstr "" +msgstr "对于字符串搜索(如搜索表达式、标签等) - 查找是简单的字符串匹配. 如果您想要一个子串匹配, 那么就把查找字符串封装在\"%\"字符之间" #: View/Attributes/search.ctp:10 msgid "Containing the following expressions" @@ -5930,23 +5938,23 @@ msgstr "备用搜索结果 (Evens)" #: View/Attributes/search.ctp:47 msgid "First seen and Last seen." -msgstr "" +msgstr "首次出现和最后一次出现" #: View/Attributes/search.ctp:48 msgid "Attributes not having first seen or last seen set might not appear in the search" -msgstr "" +msgstr "没有首次出现或最后一次出现的属性可能不会出现在搜索中" #: View/Attributes/ajax/attributeConfirmationForm.ctp:6 msgid "Attribute Deletion" -msgstr "" +msgstr "属性删除" #: View/Attributes/ajax/attributeConfirmationForm.ctp:9 msgid "Are you sure you want to hard-delete Attribute #%s? The Attribute will be permanently deleted and unrecoverable. Also, this will prevent the deletion to be propagated to other instances." -msgstr "" +msgstr "您确定要硬删除属性#%s吗? 该属性将被永久删除, 无法恢复. 同时, 这将防止删除的属性被传播到其他实例中" #: View/Attributes/ajax/attributeConfirmationForm.ctp:10 msgid "Are you sure you want to soft-delete Attribute #%s? The Attribute will only be soft deleted, meaning that it is not completely purged. Click on Include deleted attributes and delete the soft deleted attribute if you want to permanently remove it." -msgstr "" +msgstr "您确定要软删除属性#%s吗? 该属性只会被软删除, 这意味着该属性不会被完全清除. 如果您想永久删除该属性, 请点击包含已删除的属性, 并删除软删除的属性." #: View/Attributes/ajax/attributeConfirmationForm.ctp:16 #: View/Elements/eventdiscussion.ctp:90;98 @@ -6102,7 +6110,7 @@ msgstr "批量编辑属性" #: View/Attributes/ajax/attributeEditMassForm.ctp:12;31 msgid "Do not alter current settings" -msgstr "" +msgstr "请勿更改当前设置" #: View/Attributes/ajax/attributeEditMassForm.ctp:15 #: View/Elements/eventattributecreation.ctp:30 @@ -6129,23 +6137,23 @@ msgstr "用于入侵检测系统" #: View/Attributes/ajax/attributeEditMassForm.ctp:43 msgid "Leave this field empty to leave the comment field of the selected attributes unaltered." -msgstr "" +msgstr "将此字段留空, 以保持所选属性的注释字段不被更改" #: View/Attributes/ajax/attributeEditMassForm.ctp:53 msgid "Tags to remove" -msgstr "" +msgstr "删除标签" #: View/Attributes/ajax/attributeEditMassForm.ctp:58 msgid "Tags to add" -msgstr "" +msgstr "添加标签" #: View/Attributes/ajax/attributeEditMassForm.ctp:64 msgid "Clusters to remove" -msgstr "" +msgstr "删除星团" #: View/Attributes/ajax/attributeEditMassForm.ctp:69 msgid "Clusters to add" -msgstr "" +msgstr "添加星团" #: View/Attributes/ajax/attributeEditTo_idsForm.ctp:13 msgid "Toggle IDS flag %s " @@ -6165,11 +6173,11 @@ msgstr "关闭" #: View/Attributes/ajax/attributeEditTo_idsForm.ctp:18 msgid "Set the IDS flag for this attribute." -msgstr "设置此属性的 IDS 标记。" +msgstr "设置此属性的 IDS 标记." #: View/Attributes/ajax/attributeEditTo_idsForm.ctp:20 msgid "Unset the IDS flag for this attribute." -msgstr "取消此属性的 IDS 标记。" +msgstr "取消此属性的 IDS 标记." #: View/Attributes/ajax/attributeEditTo_idsForm.ctp:28 msgid "Toggle IDS flag for attribute" @@ -6214,11 +6222,11 @@ msgstr "切换%s 的关联性" #: View/Attributes/ajax/toggle_correlation.ctp:11 msgid "Re-enable the correlation for this attribute." -msgstr "" +msgstr "重新启用该属性的相关性" #: View/Attributes/ajax/toggle_correlation.ctp:13 msgid "This will remove all correlations that already exist for this attribute and prevents any attributes to be related as long as this setting is disabled. Make sure you understand the downsides of disabling correlations." -msgstr "" +msgstr "这将删除该属性已经存在的所有关联性, 只要禁用此设置, 就会阻止任何属性之间的关联, 确保您了解禁用关联的坏处" #: View/Attributes/ajax/toggle_correlation.ctp:20 msgid "Toggle correlation for attribute" @@ -6226,11 +6234,11 @@ msgstr "切换属性的关联性" #: View/Communities/index.ctp:14 msgid "Vetted by the MISP-project team" -msgstr "" +msgstr "由MISP项目小组审查" #: View/Communities/index.ctp:19 msgid "Unvetted" -msgstr "" +msgstr "未经审查" #: View/Communities/index.ctp:25 #: View/EventBlacklists/index.ctp:35 @@ -6287,15 +6295,15 @@ msgstr "Id" #: View/Communities/index.ctp:40 msgid "Vetted" -msgstr "" +msgstr "经过审查" #: View/Communities/index.ctp:46 msgid "Host org" -msgstr "" +msgstr "主办机构" #: View/Communities/index.ctp:53 msgid "Community name" -msgstr "" +msgstr "社区名称" #: View/Communities/index.ctp:59 #: View/DecayingModel/index.ctp:89 @@ -6335,19 +6343,19 @@ msgstr "描述" #: View/Communities/index.ctp:63 msgid "Communities index" -msgstr "" +msgstr "社区索引" #: View/Communities/index.ctp:64 msgid "You can find a list of communities below that chose to advertise their existence to the general MISP user-base. Requesting access to any of those communities is of course no guarantee of being permitted access, it is only meant to simplify the means of finding the various communities that one may be eligible for. Get in touch with the MISP project maintainers if you would like your community to be included in the list." -msgstr "" +msgstr "您可以在下面找到一个社区列表, 这些社区选择向普通MISP用户群宣传它们的存在. 请求访问那些社区中的任何一个不能保证被允许访问, 这仅是为了简化寻找可能符合条件的各个社区的方法. 如果您希望将社区包括在列表中, 请与MISP项目维护者联系." #: View/Communities/request_access.ctp:7 msgid "Describe both yourself and your organisation as best as you can - keep in mind this information is to be used by the hosts of the community you are requesting access to in order to determine whether you're a good fit for their community. The sending server's basic metadata is included by default, you can opt out using the \"anonymise\" checkbox (server url, uuid, version are shared otherwise - though this can be a useful step in establishing trust.)." -msgstr "" +msgstr "尽可能地描述您自己和您的组织 - 请记住, 您要求访问的社区的主办单位将使用此信息, 以确定您是否适合他们的社区. 发送服务器的基本元数据是默认包含的, 您可以使用\"anonymise\"复选框选择退出(否则将共享服务器的网址, uuid, 版本 - 尽管这可能是建立信任的一个有用的步骤)." #: View/Communities/request_access.ctp:10 msgid "Requestor E-mail address" -msgstr "" +msgstr "请求者的电子邮件地址" #: View/Communities/request_access.ctp:15 #: View/Jobs/index.ctp:104 @@ -6359,51 +6367,51 @@ msgstr "组织名称" #: View/Communities/request_access.ctp:20 msgid "Organisation uuid" -msgstr "" +msgstr "组织uuid" #: View/Communities/request_access.ctp:25 msgid "Description of the requestor organisation" -msgstr "" +msgstr "请求者组织的描述" #: View/Communities/request_access.ctp:31 msgid "Message to the community host organisation" -msgstr "" +msgstr "给社区主办单位的信息" #: View/Communities/request_access.ctp:37 msgid "PGP public key" -msgstr "" +msgstr "PGP public key" #: View/Communities/request_access.ctp:44 msgid "Request sync access" -msgstr "" +msgstr "请求同步访问" #: View/Communities/request_access.ctp:49 msgid "Anonymise information on the server used to issue the request" -msgstr "" +msgstr "用于发出请求的服务器上的匿名信息" #: View/Communities/request_access.ctp:54 msgid "Generate e-mail for later use, but do not send it" -msgstr "" +msgstr "生成电子邮件以供以后使用, 但不发送" #: View/Communities/request_access_email.ctp:5 msgid "Email to send in order to request access" -msgstr "" +msgstr "发送电子邮件以请求访问权限" #: View/Communities/request_access_email.ctp:6 msgid "Emailing is currently disabled on the instance, but we have generated the e-mail that would normally be sent out below." -msgstr "" +msgstr "目前实例上的邮件发送是禁用的, 但我们已经生成了通常会在下面发送的邮件" #: View/Communities/request_access_email.ctp:7 msgid "Please find a generated e-mail below that you can use to contact the community in question" -msgstr "" +msgstr "请在下面找到一个生成的电子邮件, 您可以用它来联系有关社区" #: View/Communities/request_access_email.ctp:8 msgid "Headers:" -msgstr "" +msgstr "头部: " #: View/Communities/request_access_email.ctp:10 msgid "Message:" -msgstr "" +msgstr "信息: " #: View/Communities/view.ctp:5 #: View/Elements/Events/View/row_object.ctp:72 @@ -6458,11 +6466,11 @@ msgstr "URL" #: View/Communities/view.ctp:8 msgid "Host organisation" -msgstr "" +msgstr "主办机构" #: View/Communities/view.ctp:10 msgid "Vetted by MISP-project" -msgstr "" +msgstr "经过MISP-project审查" #: View/Communities/view.ctp:27 #: View/Elements/footer.ctp:15 @@ -6476,68 +6484,68 @@ msgstr "GnuPG 密钥" #: View/Communities/view.ctp:42 msgid "Community " -msgstr "" +msgstr "社区" #: View/Communities/view.ctp:51 #: View/Elements/genericElements/SideMenu/side_menu.ctp:617 msgid "Request Access" -msgstr "" +msgstr "请求访问" #: View/DecayingModel/add.ctp:4 msgid " Decaying Model" -msgstr "" +msgstr "衰减模型" #: View/DecayingModel/add.ctp:7 msgid "You are editing a Default Model, only restricted edition is allowed." -msgstr "" +msgstr "您正在编辑默认模型, 仅允许使用受限版本" #: View/DecayingModel/add.ctp:9;28 msgid "Can other organization use this model" -msgstr "" +msgstr "其他组织能否使用这种模型" #: View/DecayingModel/add.ctp:37 msgid "days" -msgstr "" +msgstr "天" #: View/DecayingModel/add.ctp:46;56;65 msgid "float" -msgstr "" +msgstr "float" #: View/DecayingModel/add.ctp:65 msgid "Default base_score" -msgstr "" +msgstr "默认base_score" #: View/DecayingModel/add.ctp:65 msgid "Default base_score value if no tags are attached to the indicator" -msgstr "" +msgstr "如果指标上没有附加标签, 则默认的base_score值" #: View/DecayingModel/add.ctp:75 msgid "Base Score configuration" -msgstr "" +msgstr "基本分值配置" #: View/DecayingModel/add.ctp:84 msgid "Model Settings" -msgstr "" +msgstr "模型设置" #: View/DecayingModel/decaying_tool.ctp:9 msgid "Show All Types" -msgstr "" +msgstr "显示所有类型" #: View/DecayingModel/decaying_tool.ctp:13 msgid "Show MISP Objects" -msgstr "" +msgstr "显示MISP对象" #: View/DecayingModel/decaying_tool.ctp:15 msgid "Search Attribute Type" -msgstr "" +msgstr "搜索属性类型" #: View/DecayingModel/decaying_tool.ctp:22 msgid "Check all" -msgstr "" +msgstr "选择所有" #: View/DecayingModel/decaying_tool.ctp:23 msgid "Attribute Type" -msgstr "" +msgstr "属性类型" #: View/DecayingModel/decaying_tool.ctp:24 #: View/DecayingModel/decaying_tool_rest_search.ctp:25 @@ -6571,23 +6579,23 @@ msgstr "模型 ID" #: View/DecayingModel/decaying_tool.ctp:47 msgid "Belong to a MISP Object" -msgstr "" +msgstr "属于MISP对象" #: View/DecayingModel/decaying_tool.ctp:51 msgid "To IDS flag set" -msgstr "" +msgstr "IDS 标志设置" #: View/DecayingModel/decaying_tool.ctp:100 msgid "Adjust base score" -msgstr "" +msgstr "调整基本分数" #: View/DecayingModel/decaying_tool.ctp:108 msgid "Simulate this model" -msgstr "" +msgstr "模拟此模型" #: View/DecayingModel/decaying_tool.ctp:129 msgid "Model's Settings" -msgstr "" +msgstr "模型设置" #: View/DecayingModel/decaying_tool.ctp:137 #: View/Elements/eventdiscussion.ctp:89;97 @@ -6623,31 +6631,31 @@ msgstr "创建" #: View/DecayingModel/decaying_tool.ctp:146 msgid "All available models" -msgstr "" +msgstr "所有可用模型" #: View/DecayingModel/decaying_tool.ctp:149 msgid "My models" -msgstr "" +msgstr "我的模型" #: View/DecayingModel/decaying_tool.ctp:152 msgid "Default models" -msgstr "" +msgstr "默认模型" #: View/DecayingModel/decaying_tool_basescore.ctp:3 msgid "Search Taxonomy" -msgstr "" +msgstr "搜索分类法" #: View/DecayingModel/decaying_tool_basescore.ctp:4 msgid "Clear search field" -msgstr "" +msgstr "清理查询字段" #: View/DecayingModel/decaying_tool_basescore.ctp:5 msgid " not having numerical value" -msgstr "" +msgstr "没有数值" #: View/DecayingModel/decaying_tool_basescore.ctp:7 msgid "Default basescore" -msgstr "" +msgstr "默认basescore" #: View/DecayingModel/decaying_tool_basescore.ctp:13 #: View/Taxonomies/index.ctp:2 @@ -6656,31 +6664,31 @@ msgstr "分类" #: View/DecayingModel/decaying_tool_basescore.ctp:14 msgid "Weight" -msgstr "" +msgstr "权重" #: View/DecayingModel/decaying_tool_basescore.ctp:91 msgid "Excluded" -msgstr "" +msgstr "不包括" #: View/DecayingModel/decaying_tool_basescore.ctp:112 msgid "Placeholder for `Organisation source confidence`" -msgstr "" +msgstr "`组织来源信任度`的占位符" #: View/DecayingModel/decaying_tool_basescore.ctp:115 msgid "Example" -msgstr "" +msgstr "示例" #: View/DecayingModel/decaying_tool_basescore.ctp:141;146;151 msgid "Pick a Taxonomy" -msgstr "" +msgstr "挑选一个分类法" #: View/DecayingModel/decaying_tool_basescore.ctp:157 msgid "Computation steps" -msgstr "" +msgstr "计算步骤" #: View/DecayingModel/decaying_tool_basescore.ctp:160 msgid "Apply base score" -msgstr "" +msgstr "应用基础分数" #: View/DecayingModel/decaying_tool_rest_search.ctp:26 #: View/Elements/templateElements/populateTemplateAttribute.ctp:13 @@ -6730,7 +6738,7 @@ msgstr "值" #: View/DecayingModel/decaying_tool_rest_search.ctp:29 msgid "Event Tags" -msgstr "" +msgstr "时间标签" #: View/DecayingModel/decaying_tool_rest_search.ctp:31 #: View/Events/resolved_attributes.ctp:52 @@ -6747,16 +6755,16 @@ msgstr "评论" #: View/DecayingModel/decaying_tool_rest_search.ctp:35 #: View/Elements/eventattribute.ctp:179 msgid "Score" -msgstr "" +msgstr "分数" #: View/DecayingModel/decaying_tool_rest_search.ctp:84 #: View/DecayingModel/decaying_tool_simulation.ctp:184 msgid "Failed to perform RestSearch" -msgstr "" +msgstr "未能执行RestSearch" #: View/DecayingModel/decaying_tool_rest_search_form.ctp:3 msgid "Decaying Model RestSearch" -msgstr "" +msgstr "衰减模型RestSearch" #: View/DecayingModel/decaying_tool_simulation.ctp:45 #: View/Events/automation.ctp:14 @@ -6767,51 +6775,51 @@ msgstr "搜索" #: View/DecayingModel/decaying_tool_simulation.ctp:49 msgid "Specific Attribute" -msgstr "" +msgstr "特定属性" #: View/DecayingModel/decaying_tool_simulation.ctp:53 msgid "Attribute ID or UUID" -msgstr "" +msgstr "属性ID或UUID" #: View/DecayingModel/decaying_tool_simulation.ctp:55 msgid "Simulate" -msgstr "" +msgstr "模拟" #: View/DecayingModel/decaying_tool_simulation.ctp:66 msgid "Base score" -msgstr "" +msgstr "基础分数" #: View/DecayingModel/decaying_tool_simulation.ctp:68;71 msgid "Base score configuration" -msgstr "" +msgstr "基础分数配置" #: View/DecayingModel/decaying_tool_simulation.ctp:68 msgid "not set. But default value sets." -msgstr "" +msgstr "不设置, 但默认值设置." #: View/DecayingModel/decaying_tool_simulation.ctp:71 msgid "not set" -msgstr "" +msgstr "不设置" #: View/DecayingModel/decaying_tool_simulation.ctp:79 msgid "Sighting" -msgstr "" +msgstr "观察" #: View/DecayingModel/decaying_tool_simulation.ctp:83 msgid "Current score" -msgstr "" +msgstr "当前分数" #: View/DecayingModel/decaying_tool_simulation.ctp:132 msgid "Basescore computation steps" -msgstr "" +msgstr "基础分数计算步骤" #: View/DecayingModel/decaying_tool_simulation.ctp:266 msgid "Failed to perform the simulation" -msgstr "" +msgstr "模拟失败" #: View/DecayingModel/import.ctp:4 msgid "Import model data" -msgstr "" +msgstr "导入模型数据" #: View/DecayingModel/import.ctp:5 msgid "Paste a MISP model JSON or provide a JSON file below to add models." @@ -6826,11 +6834,11 @@ msgstr "JSON" #: View/DecayingModel/import.ctp:11 msgid "Model JSON" -msgstr "" +msgstr "模型JSON" #: View/DecayingModel/import.ctp:18 msgid "JSON file" -msgstr "" +msgstr "JSON文件" #: View/DecayingModel/import.ctp:25 #: View/DecayingModelMapping/link_attribute_type_to_model.ctp:15 @@ -6855,35 +6863,35 @@ msgstr "添加" #: View/DecayingModel/index.ctp:2 msgid "Decaying Models" -msgstr "" +msgstr "衰减模型" #: View/DecayingModel/index.ctp:30;31 msgid "All Models" -msgstr "" +msgstr "所有模型" #: View/DecayingModel/index.ctp:41 msgid "My models only" -msgstr "" +msgstr "仅我的模型" #: View/DecayingModel/index.ctp:42 msgid "My Models" -msgstr "" +msgstr "我的模型" #: View/DecayingModel/index.ctp:53 msgid "Models available to everyone" -msgstr "" +msgstr "每个人都可以使用的模型" #: View/DecayingModel/index.ctp:54 msgid "Shared Models" -msgstr "" +msgstr "共享模型" #: View/DecayingModel/index.ctp:65 msgid "Default models only" -msgstr "" +msgstr "仅默认模型" #: View/DecayingModel/index.ctp:66 msgid "Default Models" -msgstr "" +msgstr "默认模型" #: View/DecayingModel/index.ctp:86 #: View/Pages/doc/using_the_system.ctp:398 @@ -6892,25 +6900,25 @@ msgstr "组织" #: View/DecayingModel/index.ctp:87 msgid "Usable to everyone" -msgstr "" +msgstr "每个人都可以使用" #: View/DecayingModel/index.ctp:91 #: View/DecayingModel/view.ctp:40 msgid "Parameters" -msgstr "" +msgstr "参数" #: View/DecayingModel/index.ctp:92 msgid "Pretty print" -msgstr "" +msgstr "漂亮的输出" #: View/DecayingModel/index.ctp:95 #: View/DecayingModel/view.ctp:35 msgid "Formula" -msgstr "" +msgstr "公式" #: View/DecayingModel/index.ctp:96 msgid "# Assigned Types" -msgstr "" +msgstr "# 分配的类型" #: View/DecayingModel/index.ctp:97 #: View/DecayingModel/view.ctp:25 @@ -6936,23 +6944,23 @@ msgstr "已启用" #: View/DecayingModel/index.ctp:114 #: View/DecayingModel/view.ctp:18 msgid "Default Model from MISP Project" -msgstr "" +msgstr "来自MISP项目的默认模型" #: View/DecayingModel/index.ctp:137 msgid "Download model" -msgstr "" +msgstr "下载模型" #: View/DecayingModel/index.ctp:142 msgid "Are you sure you want to delete DecayingModel #" -msgstr "" +msgstr "您确定要删除衰减模型吗 #" #: View/DecayingModel/index.ctp:148 msgid "Are you sure you want to disable DecayingModel #" -msgstr "" +msgstr "您确定要禁用衰减模型吗 #" #: View/DecayingModel/index.ctp:150 msgid "Are you sure you want to enable DecayingModel #" -msgstr "" +msgstr "您确定要启用衰减模型吗 #" #: View/DecayingModel/view.ctp:5 #: View/Events/view.ctp:86 @@ -6969,23 +6977,23 @@ msgstr "所有组织" #: View/DecayingModel/view.ctp:41 msgid "Reference(s)" -msgstr "" +msgstr "参考" #: View/DecayingModel/view.ctp:42 msgid "Associated types" -msgstr "" +msgstr "相关类型" #: View/DecayingModel/ajax/disable_form.ctp:3 msgid "Disable model" -msgstr "" +msgstr "禁用模型" #: View/DecayingModel/ajax/enable_form.ctp:3 msgid "Enable model" -msgstr "" +msgstr "启用模型" #: View/DecayingModelMapping/link_attribute_type_to_model.ctp:4 msgid "Add DecayingModelMapping" -msgstr "" +msgstr "添加DecayingModelMapping" #: View/Elements/ajaxAttributeTags.ctp:29 #: View/Elements/ajaxTagCollectionTags.ctp:16 @@ -7004,11 +7012,11 @@ msgstr "添加标签" #: View/Elements/ajaxTags.ctp:73;74 msgid "Local tag" -msgstr "" +msgstr "本地标签" #: View/Elements/ajaxTags.ctp:73;74 msgid "Global tag" -msgstr "" +msgstr "全局标签" #: View/Elements/ajaxTags.ctp:107 msgid "Remove tag %s" @@ -7026,7 +7034,7 @@ msgstr "添加标签" #: View/Elements/galaxyQuickView.ctp:135 #: View/Elements/galaxyQuickViewMini.ctp:128 msgid "Add a local tag" -msgstr "" +msgstr "添加一个本地标签" #: View/Elements/eventattribute.ctp:67;69;254;256 #: View/Elements/Feeds/eventattribute.ctp:28;31;95;98 @@ -7050,14 +7058,14 @@ msgstr "选择当前页面上的所有属性/建议" #: View/Elements/Servers/eventattribute.ctp:42 #: View/Objects/revise_object.ctp:52 msgid "First seen" -msgstr "" +msgstr "首次出现" #: View/Elements/eventattribute.ctp:138 #: View/Elements/Feeds/eventattribute.ctp:42 #: View/Elements/Servers/eventattribute.ctp:42 #: View/Objects/revise_object.ctp:56 msgid "Last seen" -msgstr "" +msgstr "最后一次出现" #: View/Elements/eventattribute.ctp:143 #: View/Elements/eventdiscussion.ctp:143 @@ -7078,21 +7086,23 @@ msgstr "相关标签" #: View/Elements/eventattribute.ctp:171 #: View/Elements/eventattributetoolbar.ctp:185 msgid "SightingDB" -msgstr "" +msgstr "SightingDB" #: View/Elements/eventattribute.ctp:178 msgid "Decaying Score" -msgstr "" +msgstr "衰减分数" #: View/Elements/eventattribute.ctp:227 msgid "Attribute warning: This event doesn't have any attributes visible to you. Either the owner of the event decided to have\n" "a specific distribution scheme per attribute and wanted to still distribute the event alone either for notification or potential contribution with attributes without such restriction. Or the owner forgot to add the\n" "attributes or the appropriate distribution level. If you think there is a mistake or you can contribute attributes based on the event meta-information, feel free to make a proposal" -msgstr "" +msgstr "属性警告: 这个事件没有任何属性对您来说是可见的. 要么是事件的所有者决定将该事件\n" +"的每个属性都有一个特定的分发方案, 并且希望仍然单独分发事件的通知或潜在贡献的属性不受此限制. 或者所有者忘记了添加属性或适当的分配级别." +"如果您认为有误, 或者您可以根据事件元信息贡献属性, 请随时提出建议." #: View/Elements/eventattribute.ctp:231 msgid "Attribute warning: This event doesn't contain any attribute. It's strongly advised to populate the event with attributes (indicators, observables or information) to provide a meaningful event" -msgstr "" +msgstr "属性警告: 此事件不包含任何属性, 强烈建议在事件中填充属性(指标、观察变量或信息), 以提供一个有意义的事件" #: View/Elements/eventattributecreation.ctp:57 msgid "Create multiple attributes one per line" @@ -7119,12 +7129,12 @@ msgstr "仅显示 %s 相关属性" #: View/Elements/eventattributetoolbar.ctp:24 msgid "Only show proposals" -msgstr "仅显示提议" +msgstr "仅显示提案" #: View/Elements/eventattributetoolbar.ctp:25 #: View/Logs/event_index.ctp:44 msgid "Proposal" -msgstr "提议" +msgstr "提案" #: View/Elements/eventattributetoolbar.ctp:32 msgid "Only show correlating attributes" @@ -7137,7 +7147,7 @@ msgstr "关联性" #: View/Elements/eventattributetoolbar.ctp:40 msgid "Only show potentially false positive attributes" -msgstr "" +msgstr "只显示潜在的误报属性" #: View/Elements/eventattributetoolbar.ctp:41 #: View/Elements/healthElements/db_indexes_diagnostic.ctp:72 @@ -7153,7 +7163,7 @@ msgstr "添加属性" #: View/Elements/eventattributetoolbar.ctp:52 msgid "Add proposal" -msgstr "" +msgstr "添加提案" #: View/Elements/eventattributetoolbar.ctp:60 msgid "Edit selected Attributes" @@ -7165,7 +7175,7 @@ msgstr "标记选中的属性" #: View/Elements/eventattributetoolbar.ctp:76 msgid "Add new cluster to selected Attributes" -msgstr "将新集群添加到所选属性" +msgstr "将新星团添加到所选属性" #: View/Elements/eventattributetoolbar.ctp:85 msgid "Group selected Attributes into an Object" @@ -7177,11 +7187,11 @@ msgstr "删除选中的属性" #: View/Elements/eventattributetoolbar.ctp:102 msgid "Accept selected Proposals" -msgstr "接受选定的提议" +msgstr "接受选定的提案" #: View/Elements/eventattributetoolbar.ctp:110 msgid "Discard selected Proposals" -msgstr "放弃选定的提议" +msgstr "放弃选定的提案" #: View/Elements/eventattributetoolbar.ctp:118 msgid "Sightings display for selected attributes" @@ -7197,7 +7207,7 @@ msgstr "使用 freetext 导入工具" #: View/Elements/eventattributetoolbar.ctp:144 msgid "Replace all attributes of a category/type combination within the event" -msgstr "" +msgstr "替换事件中的类别/类型组合的所有属性" #: View/Elements/eventattributetoolbar.ctp:158 msgid "Use a list of simple scopes to filter the data" @@ -7217,27 +7227,27 @@ msgstr "已删除" #: View/Elements/eventattributetoolbar.ctp:174 msgid "Show attribute decaying score" -msgstr "" +msgstr "显示属性衰减分数" #: View/Elements/eventattributetoolbar.ctp:176 msgid "Decay score" -msgstr "" +msgstr "衰减分数" #: View/Elements/eventattributetoolbar.ctp:183 msgid "Show SightingDB lookup results" -msgstr "" +msgstr "显示SightingDB查询结果" #: View/Elements/eventattributetoolbar.ctp:192 msgid "Show attribute context fields" -msgstr "显示属性环境字段" +msgstr "显示属性上下文字段" #: View/Elements/eventattributetoolbar.ctp:194 msgid "Context" -msgstr "环境" +msgstr "上下文" #: View/Elements/eventattributetoolbar.ctp:199 msgid "Show related tags" -msgstr "" +msgstr "显示相关标签" #: View/Elements/eventattributetoolbar.ctp:208 msgid "Advanced filtering tool" @@ -7249,7 +7259,7 @@ msgstr "筛选工具" #: View/Elements/eventattributetoolbar.ctp:216 msgid "%s active rule(s)" -msgstr "" +msgstr "%s 有效规则" #: View/Elements/eventattributetoolbar.ctp:235 #: View/Events/index.ctp:65 @@ -7288,7 +7298,7 @@ msgstr "答复" #: View/Elements/eventdiscussion.ctp:142 #: View/Posts/add.ctp:32 msgid "Insert a quote - just paste your quote between the [quote][/quote] tags." -msgstr "" +msgstr "插入一个引用--只需在[quote][/quote]标签之间粘贴您的引用" #: View/Elements/eventdiscussion.ctp:142 #: View/Posts/add.ctp:32 @@ -7297,22 +7307,22 @@ msgstr "引用" #: View/Elements/eventdiscussion.ctp:143 msgid "Insert a link to an event - just enter the event ID between the [event][/event] tags." -msgstr "" +msgstr "插入一个事件的链接 - 在[event][/event]标签之间输入事件ID即可" #: View/Elements/eventdiscussion.ctp:144 #: View/Posts/add.ctp:34 msgid "Insert a link to a discussion thread - enter the thread's ID between the [thread][/thread] tags." -msgstr "" +msgstr "插入一个讨论话题的链接 - 在[thread][/thread]标签之间输入话题的ID" #: View/Elements/eventdiscussion.ctp:144 #: View/Posts/add.ctp:34 msgid "Thread" -msgstr "线程" +msgstr "话题" #: View/Elements/eventdiscussion.ctp:145 #: View/Posts/add.ctp:35 msgid "Insert a link [link][/link] tags." -msgstr "加入链接 [link][/link] 的标签." +msgstr "插入链接 [link][/link] 的标签." #: View/Elements/eventdiscussion.ctp:145 #: View/Posts/add.ctp:35 @@ -7322,7 +7332,7 @@ msgstr "链接" #: View/Elements/eventdiscussion.ctp:146 #: View/Posts/add.ctp:36 msgid "Insert a code [code][/code] tags." -msgstr "加入代码[code][/code] 的标签." +msgstr "插入代码[code][/code] 的标签." #: View/Elements/eventdiscussion.ctp:146 #: View/Posts/add.ctp:36 @@ -7353,84 +7363,84 @@ msgstr "无" #: View/Elements/footer.ctp:17 msgid "Could not locate the GnuPG public key." -msgstr "无法找到 GnuPG 公钥。" +msgstr "无法找到 GnuPG 公钥." #: View/Elements/footer.ctp:24 msgid "Could not locate SMIME certificate." -msgstr "无法找到 SMIME 证书。" +msgstr "无法找到 SMIME 证书." #: View/Elements/form_seen_input.ctp:53 msgid "First seen date" -msgstr "" +msgstr "首次出现日期" #: View/Elements/form_seen_input.ctp:57 msgid "Last seen date" -msgstr "" +msgstr "最后出现日期" #: View/Elements/form_seen_input.ctp:63 msgid "First seen time" -msgstr "" +msgstr "首次出现时间" #: View/Elements/form_seen_input.ctp:64;69 msgid "Expected format: HH:MM:SS.ssssss+TT:TT" -msgstr "" +msgstr "预期格式: HH:MM:SS.ssssss+TT:TT" #: View/Elements/form_seen_input.ctp:68 msgid "Last seen time" -msgstr "" +msgstr "最后出现时间" #: View/Elements/galaxyQuickView.ctp:76 #: View/Elements/galaxyQuickViewMini.ctp:79 msgid "View details about this cluster" -msgstr "" +msgstr "查看有关此星团的详细信息" #: View/Elements/galaxyQuickView.ctp:77 #: View/Elements/galaxyQuickViewMini.ctp:80 msgid "View cluster" -msgstr "" +msgstr "查看星团" #: View/Elements/galaxyQuickView.ctp:83;84 #: View/Elements/galaxyQuickViewMini.ctp:86;87 msgid "View all events containing this cluster." -msgstr "" +msgstr "查看包含该星团的所有事件" #: View/Elements/galaxyQuickView.ctp:97 msgid "detach" -msgstr "" +msgstr "分离" #: View/Elements/galaxyQuickView.ctp:98 msgid "Are you sure you want to detach %s from this event?" -msgstr "" +msgstr "您确定要把 %s 从这个事件中分离出来吗" #: View/Elements/galaxyQuickView.ctp:114 msgid "View details about this galaxy" -msgstr "查看此galaxy的详细信息" +msgstr "查看此星系的详细信息" #: View/Elements/galaxyQuickView.ctp:115 msgid "View galaxy" -msgstr "查看galaxy" +msgstr "查看星系" #: View/Elements/galaxyQuickView.ctp:122 #: View/Elements/galaxyQuickViewMini.ctp:115 msgid "Add new cluster" -msgstr "" +msgstr "添加新的星团" #: View/Elements/galaxyQuickView.ctp:135 #: View/Elements/galaxyQuickViewMini.ctp:128 msgid "Add new local cluster" -msgstr "" +msgstr "添加新的本地星团" #: View/Elements/galaxyQuickViewMini.ctp:100 msgid "Are you sure you want to detach %s from this %s?" -msgstr "" +msgstr "您确定要把 %s 从 %s 中分离出来吗" #: View/Elements/generic_picker.ctp:187 msgid "No item picked" -msgstr "" +msgstr "没有选中的项目" #: View/Elements/generic_picker.ctp:209 msgid "Due to the large number of options, no contextual information is provided." -msgstr "由于备选方案数量庞大,无法提供相关信息。" +msgstr "由于备选方案数量庞大, 无法提供相关信息." #: View/Elements/generic_picker.ctp:277 msgid "Nothing to pick" @@ -7478,24 +7488,24 @@ msgstr "搜索属性" #: View/Elements/genericElements/SideMenu/side_menu.ctp:282 #: View/Servers/rest.ctp:17 msgid "REST client" -msgstr "" +msgstr "REST客户端" #: View/Elements/global_menu.ctp:38 #: View/Elements/genericElements/SideMenu/side_menu.ctp:310 #: View/Pages/doc/general.ctp:38 msgid "View Proposals" -msgstr "查看提议" +msgstr "查看提案" #: View/Elements/global_menu.ctp:42 #: View/Elements/genericElements/SideMenu/side_menu.ctp:315 #: View/Pages/doc/general.ctp:39 msgid "Events with proposals" -msgstr "" +msgstr "有提案的事件" #: View/Elements/global_menu.ctp:47 #: View/Elements/genericElements/SideMenu/side_menu.ctp:320 msgid "View delegation requests" -msgstr "" +msgstr "查看授权请求" #: View/Elements/global_menu.ctp:53 #: View/Elements/genericElements/SideMenu/side_menu.ctp:861 @@ -7554,7 +7564,7 @@ msgstr "自动化" #: View/Elements/global_menu.ctp:98 #: View/Elements/genericElements/SideMenu/side_menu.ctp:1086 msgid "List Galaxies" -msgstr "列出Galaxy" +msgstr "列出星系" #: View/Elements/global_menu.ctp:105 #: View/Pages/doc/general.ctp:21 @@ -7591,7 +7601,7 @@ msgstr "显示通知列表" #: View/Elements/global_menu.ctp:139 #: View/Pages/doc/general.ctp:22;54 msgid "Global Actions" -msgstr "" +msgstr "全局行动" #: View/Elements/global_menu.ctp:143 #: View/News/index.ctp:2 @@ -7609,18 +7619,18 @@ msgstr "我的个人资料" #: View/Elements/global_menu.ctp:151 #: View/Elements/genericElements/SideMenu/side_menu.ctp:462 msgid "My Settings" -msgstr "" +msgstr "我的设置" #: View/Elements/global_menu.ctp:155 #: View/Elements/genericElements/SideMenu/side_menu.ctp:467;699 msgid "Set Setting" -msgstr "" +msgstr "设定设置" #: View/Elements/global_menu.ctp:159 #: View/Elements/genericElements/SideMenu/side_menu.ctp:471 #: View/Users/dashboard.ctp:2 msgid "Dashboard" -msgstr "监控面板" +msgstr "仪表板" #: View/Elements/global_menu.ctp:168 #: View/Elements/genericElements/SideMenu/side_menu.ctp:490 @@ -7645,12 +7655,12 @@ msgstr "添加共享组" #: View/Elements/global_menu.ctp:194 msgid "Decaying Models Tool" -msgstr "" +msgstr "衰减模型工具" #: View/Elements/global_menu.ctp:199 #: View/Elements/genericElements/SideMenu/side_menu.ctp:977 msgid "List Decaying Models" -msgstr "" +msgstr "列出衰减模型" #: View/Elements/global_menu.ctp:206 #: View/Elements/genericElements/SideMenu/side_menu.ctp:520 @@ -7727,16 +7737,16 @@ msgstr "搜索订阅源缓存" #: View/Elements/global_menu.ctp:265 msgid "List SightingDB Connections" -msgstr "" +msgstr "列出SightingDB连接" #: View/Elements/global_menu.ctp:270 msgid "Add SightingDB Connection" -msgstr "" +msgstr "添加SightingDB连接" #: View/Elements/global_menu.ctp:275 #: View/Elements/genericElements/SideMenu/side_menu.ctp:612 msgid "List Communities" -msgstr "" +msgstr "社区列表" #: View/Elements/global_menu.ctp:283 #: View/Pages/doc/administration.ctp:8 @@ -7756,12 +7766,12 @@ msgstr "列出用户" #: View/Elements/global_menu.ctp:292 msgid "List User Settings" -msgstr "" +msgstr "列出用户设置" #: View/Elements/global_menu.ctp:296 #: View/UserSettings/set_setting.ctp:5 msgid "Set User Setting" -msgstr "" +msgstr "设定用户设置" #: View/Elements/global_menu.ctp:300 #: View/Elements/genericElements/SideMenu/side_menu.ctp:682 @@ -7804,7 +7814,7 @@ msgstr "服务器设置和维护" #: View/Jobs/index.ctp:2 #: View/Pages/doc/general.ctp:80 msgid "Jobs" -msgstr "" +msgstr "作业" #: View/Elements/global_menu.ctp:352 #: View/Elements/genericElements/SideMenu/side_menu.ctp:774 @@ -7812,7 +7822,7 @@ msgstr "" #: View/Pages/doc/general.ctp:81 #: View/Tasks/index.ctp:3 msgid "Scheduled Tasks" -msgstr "已计划的任务" +msgstr "计划任务" #: View/Elements/global_menu.ctp:361 msgid "Blacklist Event" @@ -7861,15 +7871,15 @@ msgstr "属性类型直方图" #: View/Elements/histogram.ctp:4 msgid "you can also choose specific histogram items by clicking on attributes below" -msgstr "" +msgstr "您也可以通过点击下面的属性来选择特定的直方图项目" #: View/Elements/histogram.ctp:16 msgid "Toggle histogram" -msgstr "" +msgstr "切换直方图" #: View/Elements/histogram.ctp:33 msgid "Attributes per organization" -msgstr "" +msgstr "每个组织的属性" #: View/Elements/view_event_distribution_graph.ctp:9 #: View/Elements/view_timeline.ctp:23 @@ -7880,15 +7890,15 @@ msgstr "载入中" #: View/Elements/view_event_distribution_graph.ctp:18 msgid "Elements having lower distribution level than the event" -msgstr "" +msgstr "元素的分布级别低于事件" #: View/Elements/view_event_distribution_graph.ctp:19 msgid "Distribution of the event" -msgstr "" +msgstr "事件分配" #: View/Elements/view_event_distribution_graph.ctp:20 msgid "Inconsistent distribution level, fallback on the event distribution" -msgstr "" +msgstr "分布级别不一致, 事件分布回退" #: View/Elements/view_event_graph.ctp:9 #: View/Noticelists/view.ctp:40 @@ -7897,7 +7907,7 @@ msgstr "范围" #: View/Elements/view_event_graph.ctp:12 msgid "Physics" -msgstr "" +msgstr "物理" #: View/Elements/view_event_graph.ctp:13 #: View/Elements/view_timeline.ctp:12 @@ -7920,7 +7930,7 @@ msgstr "历史记录" #: View/Elements/view_timeline.ctp:26 #: View/Events/view_graph.ctp:17 msgid "Toggle fullscreen" -msgstr "" +msgstr "切换全屏" #: View/Elements/view_galaxy_matrix.ctp:91 msgid "Show all" @@ -7932,7 +7942,7 @@ msgstr "(%s 个项目)" #: View/Elements/view_timeline.ctp:9 msgid "Time scope" -msgstr "" +msgstr "时间范围" #: View/Elements/DecayingModels/View/basescore_computation_steps.ctp:5 #: View/Taxonomies/view.ctp:83 @@ -7941,7 +7951,7 @@ msgstr "标签" #: View/Elements/DecayingModels/View/basescore_computation_steps.ctp:6 msgid "Computation" -msgstr "" +msgstr "计算方法" #: View/Elements/DecayingModels/View/basescore_computation_steps.ctp:7 #: View/Events/add_misp_export_result.ctp:6 @@ -7950,71 +7960,71 @@ msgstr "结果" #: View/Elements/DecayingModels/View/basescore_computation_steps.ctp:10 msgid "Taxonomy effective ratio" -msgstr "" +msgstr "分类法的有效比例" #: View/Elements/DecayingModels/View/basescore_computation_steps.ctp:10 msgid "Eff. Ratio" -msgstr "" +msgstr "Eff. 比例" #: View/Elements/DecayingModels/View/basescore_computation_steps.ctp:12 msgid "Tag numerical value" -msgstr "" +msgstr "标签数值" #: View/Elements/DecayingModels/View/basescore_computation_steps.ctp:19 msgid "Pick an Attribute" -msgstr "" +msgstr "选择属性" #: View/Elements/Events/eventIndexTable.ctp:5 #: View/EventBlacklists/index.ctp:47 #: View/Feeds/index.ctp:90 msgid "Select all events on current page" -msgstr "" +msgstr "选择当前页面上的所有事件" #: View/Elements/Events/eventIndexTable.ctp:27 #: View/Events/view.ctp:96 msgid "Owner org" -msgstr "" +msgstr "所有者组织" #: View/Elements/Events/eventIndexTable.ctp:35 msgid "Clusters" -msgstr "" +msgstr "星团" #: View/Elements/Events/eventIndexTable.ctp:39 #: View/Pages/doc/using_the_system.ctp:165 msgid "#Attr." -msgstr "" +msgstr "#Attr." #: View/Elements/Events/eventIndexTable.ctp:41 msgid "Correlation Count" -msgstr "" +msgstr "关联数量" #: View/Elements/Events/eventIndexTable.ctp:41 msgid "#Corr." -msgstr "" +msgstr "#Corr." #: View/Elements/Events/eventIndexTable.ctp:44 msgid "Sigthing Count" -msgstr "" +msgstr "观察数量" #: View/Elements/Events/eventIndexTable.ctp:44 msgid "#Sightings" -msgstr "" +msgstr "#Sightings" #: View/Elements/Events/eventIndexTable.ctp:47 msgid "Proposal Count" -msgstr "" +msgstr "提案数量" #: View/Elements/Events/eventIndexTable.ctp:47 msgid "#Prop" -msgstr "" +msgstr "#Prop" #: View/Elements/Events/eventIndexTable.ctp:50 msgid "Post Count" -msgstr "" +msgstr "帖子数量" #: View/Elements/Events/eventIndexTable.ctp:50 msgid "#Posts" -msgstr "" +msgstr "#Posts" #: View/Elements/Events/eventIndexTable.ctp:53 #: View/Events/proposal_event_index.ctp:27 @@ -8050,11 +8060,11 @@ msgstr "查看" #: View/Elements/Events/eventIndexTable.ctp:157 msgid " correlation(s). Show filtered event with correlation only." -msgstr "" +msgstr "相关性, 仅显示具有相关性的过滤事件" #: View/Elements/Events/eventIndexTable.ctp:175;180 msgid " proposal(s)" -msgstr " 提议" +msgstr " 提案" #: View/Elements/Events/eventIndexTable.ctp:185 msgid "NEW" @@ -8068,7 +8078,7 @@ msgstr "发布事件" #: View/Elements/Events/eventIndexTable.ctp:226 #: View/Events/ajax/eventPublishConfirmationForm.ctp:16 msgid "Are you sure this event is complete and everyone should be informed?" -msgstr "" +msgstr "您确定此事件已完成并通知所有人嘛" #: View/Elements/Events/eventIndexTable.ctp:227 msgid "Not published" @@ -8093,19 +8103,19 @@ msgstr " 更多…" #: View/Feeds/preview_event.ctp:88 #: View/Servers/preview_event.ctp:116 msgid "Collapse…" -msgstr "" +msgstr "崩溃…" #: View/Elements/Events/View/eventSightingValue.ctp:14 msgid "- restricted to own organisation only." -msgstr "" +msgstr "- 仅限于自己的组织" #: View/Elements/Events/View/eventSightingValue.ctp:17;18 msgid "Advanced Sightings" -msgstr "" +msgstr "高级观察" #: View/Elements/Events/View/related_event.ctp:26 msgid "This related event contains %s unique correlation(s)" -msgstr "" +msgstr "此相关事件包含 %s 个唯一相关" #: View/Elements/Events/View/row_attribute.ctp:43 msgid "Select attribute" @@ -8121,7 +8131,7 @@ msgstr "警告" #: View/Elements/Events/View/row_attribute.ctp:199;200 #: View/Events/ajax/toggle_correlation.ctp:20 msgid "Toggle correlation" -msgstr "" +msgstr "切换关联性" #: View/Elements/Events/View/row_attribute.ctp:326 msgid "Toggle IDS flag" @@ -8137,11 +8147,11 @@ msgstr "永久删除属性" #: View/Elements/Events/View/row_attribute.ctp:384 msgid "Query enrichment" -msgstr "" +msgstr "查询丰富化" #: View/Elements/Events/View/row_attribute.ctp:384 msgid "Propose enrichment" -msgstr "" +msgstr "提案丰富化" #: View/Elements/Events/View/row_attribute.ctp:389 msgid "Query Cortex" @@ -8149,19 +8159,19 @@ msgstr "查询 Cortex" #: View/Elements/Events/View/row_attribute.ctp:389 msgid "Propose enrichment through Cortex" -msgstr "" +msgstr "提案通过Cortex来充实自己" #: View/Elements/Events/View/row_attribute.ctp:393 msgid "Propose Edit" -msgstr "" +msgstr "提案编辑" #: View/Elements/Events/View/row_attribute.ctp:394 msgid "Propose Deletion" -msgstr "建议的删除" +msgstr "提案删除" #: View/Elements/Events/View/row_attribute.ctp:404;409 msgid "Add enrichment" -msgstr "添加丰富度" +msgstr "添加丰富化" #: View/Elements/Events/View/row_attribute.ctp:409 msgid "Add enrichment via Cortex" @@ -8175,7 +8185,7 @@ msgstr "软删除属性" #: View/Elements/Feeds/View/row_object.ctp:19 #: View/Events/resolved_misp_format.ctp:113 msgid "Name: " -msgstr "姓名: " +msgstr "姓名: " #: View/Elements/Events/View/row_object.ctp:69 #: View/Elements/Events/View/row_object_reference.ctp:21 @@ -8192,21 +8202,21 @@ msgstr "展开或收起" #: View/Elements/Events/View/row_object.ctp:73 msgid "Meta-category: " -msgstr "元类别: " +msgstr "元类别: " #: View/Elements/Events/View/row_object.ctp:74 #: View/Elements/Feeds/View/row_object.ctp:24 msgid "Description: " -msgstr "描述: " +msgstr "描述: " #: View/Elements/Events/View/row_object.ctp:75 #: View/Elements/Feeds/View/row_object.ctp:25 msgid "Template: " -msgstr "模板: " +msgstr "模板: " #: View/Elements/Events/View/row_object.ctp:139 msgid "Permanently delete object" -msgstr "" +msgstr "永久删除对象" #: View/Elements/Events/View/row_object.ctp:139 msgid "Soft delete object" @@ -8214,7 +8224,7 @@ msgstr "软删除对象" #: View/Elements/Events/View/row_object.ctp:164 msgid "Add an Object Attribute" -msgstr "" +msgstr "添加对象属性" #: View/Elements/Events/View/row_object_reference.ctp:1 #: View/Elements/Feeds/View/row_object_reference.ctp:1 @@ -8229,12 +8239,12 @@ msgstr "添加引用" #: View/Elements/Events/View/row_object_reference.ctp:51 msgid "Delete object reference" -msgstr "" +msgstr "删除对象引用" #: View/Elements/Events/View/row_object_referenced_by.ctp:1 #: View/Elements/Feeds/View/row_object_referenced_by.ctp:1 msgid "Referenced by: " -msgstr "" +msgstr "引用于: " #: View/Elements/Events/View/row_proposal.ctp:41 msgid "Select proposal" @@ -8243,7 +8253,7 @@ msgstr "选择提案" #: View/Elements/Events/View/row_proposal.ctp:194 #: View/Elements/Events/View/row_proposal_delete.ctp:80 msgid "Accept Proposal" -msgstr "接受提议" +msgstr "接受提案" #: View/Elements/Events/View/row_proposal.ctp:194 #: View/Elements/Events/View/row_proposal_delete.ctp:80 @@ -8260,7 +8270,7 @@ msgstr "放弃提案" #: View/Sightings/ajax/advanced.ctp:10 #: View/Sightings/ajax/quickAddConfirmationForm.ctp:14 msgid "Add sighting" -msgstr "" +msgstr "添加观察" #: View/Elements/Events/View/sighting_field.ctp:13 msgid "Mark as false-positive" @@ -8268,7 +8278,7 @@ msgstr "" #: View/Elements/Events/View/sighting_field.ctp:14 msgid "Advanced sightings" -msgstr "" +msgstr "标记为误报" #: View/Elements/Events/View/value_field.ctp:52 msgid "Cortex object" @@ -8276,15 +8286,15 @@ msgstr "Cortex 对象" #: View/Elements/Events/View/value_field.ctp:68 msgid "Hexadecimal representation" -msgstr "" +msgstr "十六进制表示法" #: View/Elements/Events/View/value_field.ctp:69 msgid "Switch to binary representation" -msgstr "" +msgstr "转换为二进制表示法" #: View/Elements/Events/View/value_field.ctp:87 msgid "Warning, this doesn't seem to be a legitimate " -msgstr "" +msgstr "警告, 这似乎不是一个合法的方法" #: View/Elements/Events/View/value_field.ctp:87 msgid " value" @@ -8292,11 +8302,11 @@ msgstr " 值" #: View/Elements/Feeds/View/feed_overlap_tool.ctp:9 msgid "Feed coverage tool" -msgstr "" +msgstr "订阅源覆盖率工具" #: View/Elements/Feeds/View/feed_overlap_tool.ctp:10 msgid "Coverage by currently selected sources: " -msgstr "" +msgstr "当前选定来源的覆盖率" #: View/Elements/Feeds/View/feed_overlap_tool.ctp:58 msgid "Include" @@ -8336,27 +8346,27 @@ msgstr "相似度" #: View/Elements/Objects/object_similarities.ctp:125 msgid "The template version used by this object." -msgstr "" +msgstr "此对象使用的模板版本" #: View/Elements/Objects/object_similarities.ctp:159 msgid "This attribute is also contained in the revised object. However, as multiple instantiations are allowed by the template, both attributes will be kept." -msgstr "" +msgstr "这个属性也包含在修改后的对象中. 但是, 由于模板允许多个实例化, 所以这两个属性都会被保留" #: View/Elements/Objects/object_similarities.ctp:166 msgid "This attribute is conflicting with the one in the revised object. Manual merge will be required." -msgstr "" +msgstr "这个属性与修改后的对象中的属性有冲突, 将需要手动合并" #: View/Elements/Objects/object_similarities.ctp:172 msgid "This attribute is only contained in this matching object. It will remain untouched." -msgstr "" +msgstr "此属性仅包含在此匹配对象中, 它将保持不变" #: View/Elements/Objects/object_similarities.ctp:175 msgid "This attribute has the same value as the one in the revised object." -msgstr "" +msgstr "该属性与修改后的对象中的值相同" #: View/Elements/Objects/object_similarities.ctp:203 msgid "This attribute will be added to this similar object during the merge." -msgstr "" +msgstr "这个属性将在合并过程中被添加到这个类似的对象中" #: View/Elements/Objects/object_value_field.ctp:61 msgid "-- Select an option --" @@ -8452,7 +8462,7 @@ msgstr "创建新凭据并通知用户" #: View/Elements/Users/userIndexTable.ctp:91 #: View/Elements/genericElements/SideMenu/side_menu.ctp:660 msgid "Are you sure you want to delete # %s? It is highly recommended to never delete users but to disable them instead." -msgstr "您确定要删除 # %s吗?强烈建议禁用用户而非删除用户。" +msgstr "您确定要删除 # %s吗?强烈建议禁用用户而非删除用户." #: View/Elements/dashboard/dashboard_events.ctp:2 msgid "Changes since last visit" @@ -8460,11 +8470,11 @@ msgstr "自上次访问以来的更改" #: View/Elements/dashboard/dashboard_events.ctp:4 msgid "Events updated: " -msgstr "事件更新: " +msgstr "事件更新: " #: View/Elements/dashboard/dashboard_events.ctp:5 msgid "Events published: " -msgstr "已发布的事件: " +msgstr "已发布的事件: " #: View/Elements/dashboard/dashboard_events.ctp:7 #: View/Servers/index.ctp:107 @@ -8477,27 +8487,27 @@ msgstr "通知" #: View/Elements/dashboard/dashboard_notifications.ctp:4 msgid "Proposals: " -msgstr "建议: " +msgstr "建议: " #: View/Elements/dashboard/dashboard_notifications.ctp:5 msgid "Events with proposals: " -msgstr "带有建议的活动: " +msgstr "带有建议的活动: " #: View/Elements/dashboard/dashboard_notifications.ctp:9 msgid "Delegation requests: " -msgstr "" +msgstr "授权请求: " #: View/Elements/genericElements/SideMenu/side_menu.ctp:17;91 msgid "Populate From Template" -msgstr "" +msgstr "从模板中填充" #: View/Elements/genericElements/SideMenu/side_menu.ctp:24 msgid "Enrichment Module Result" -msgstr "" +msgstr "丰富模块结果" #: View/Elements/genericElements/SideMenu/side_menu.ctp:32 msgid "Freetext Import Result" -msgstr "" +msgstr "Freetext导入结果" #: View/Elements/genericElements/SideMenu/side_menu.ctp:39 msgid "View Event" @@ -8505,7 +8515,7 @@ msgstr "查看事件" #: View/Elements/genericElements/SideMenu/side_menu.ctp:44;887;1116 msgid "View Correlation Graph" -msgstr "" +msgstr "查看关联图" #: View/Elements/genericElements/SideMenu/side_menu.ctp:49 msgid "View Event History" @@ -8530,7 +8540,7 @@ msgstr "添加附件" #: View/Elements/genericElements/SideMenu/side_menu.ctp:86 msgid "Populate from..." -msgstr "" +msgstr "从...填充" #: View/Elements/genericElements/SideMenu/side_menu.ctp:99 #: View/Events/ajax/enrich_event.ctp:2 @@ -8543,12 +8553,12 @@ msgstr "从...合并属性" #: View/Elements/genericElements/SideMenu/side_menu.ctp:111 msgid "Propose Attribute" -msgstr "提议属性" +msgstr "提案属性" #: View/Elements/genericElements/SideMenu/side_menu.ctp:116 #: View/ShadowAttributes/add_attachment.ctp:4 msgid "Propose Attachment" -msgstr "提议附件" +msgstr "提案附件" #: View/Elements/genericElements/SideMenu/side_menu.ctp:136 msgid "Publish (no email)" @@ -8560,16 +8570,16 @@ msgstr "取消发布" #: View/Elements/genericElements/SideMenu/side_menu.ctp:153 msgid "Publish Sightings" -msgstr "" +msgstr "发布观察" #: View/Elements/genericElements/SideMenu/side_menu.ctp:163 msgid "Delegate Publishing" -msgstr "" +msgstr "授权观察" #: View/Elements/genericElements/SideMenu/side_menu.ctp:174 #: View/EventDelegations/ajax/accept_delegation.ctp:2 msgid "Accept Delegation Request" -msgstr "" +msgstr "接受授权请求" #: View/Elements/genericElements/SideMenu/side_menu.ctp:182 msgid "Discard Delegation Request" @@ -8593,7 +8603,7 @@ msgstr "您确定要重新发布当前事件到 Kafka 主题吗?" #: View/Elements/genericElements/SideMenu/side_menu.ctp:208 msgid "Contact Reporter" -msgstr "" +msgstr "联系报告者" #: View/Elements/genericElements/SideMenu/side_menu.ctp:216;303 msgid "Download as..." @@ -8626,11 +8636,11 @@ msgstr "新建Regexp" #: View/Elements/genericElements/SideMenu/side_menu.ctp:351 msgid "Perform on existing" -msgstr "" +msgstr "在现有的基础上进行" #: View/Elements/genericElements/SideMenu/side_menu.ctp:352 msgid "Are you sure you want to rerun all of the regex rules on every attribute in the database? This task will take a long while and will modify data indiscriminately based on the rules configured." -msgstr "" +msgstr "您确定要对数据库中的每个属性重新运行所有正则表达式规则吗? 此任务将花费很长时间, 并且将根据配置的规则随意修改数据" #: View/Elements/genericElements/SideMenu/side_menu.ctp:359 msgid "Edit Regexp" @@ -8729,7 +8739,7 @@ msgstr "获取此事件" #: View/Feeds/preview_index.ctp:72 #: View/Servers/preview_index.ctp:173 msgid "Are you sure you want to fetch and save this event on your instance?" -msgstr "" +msgstr "您确定要在您的实例中获取并保存这个事件吗" #: View/Elements/genericElements/SideMenu/side_menu.ctp:589 #: View/Servers/edit.ctp:5 @@ -8742,11 +8752,11 @@ msgstr "新建服务器" #: View/Elements/genericElements/SideMenu/side_menu.ctp:622 msgid "View community" -msgstr "" +msgstr "查看社区" #: View/Elements/genericElements/SideMenu/side_menu.ctp:630 msgid "Request E-mail" -msgstr "" +msgstr "请求电子邮件" #: View/Elements/genericElements/SideMenu/side_menu.ctp:642 msgid "View User" @@ -8771,7 +8781,7 @@ msgstr "删除角色" #: View/Elements/genericElements/SideMenu/side_menu.ctp:694 msgid "User settings" -msgstr "" +msgstr "用户设置" #: View/Elements/genericElements/SideMenu/side_menu.ctp:712 msgid "Add Organisation" @@ -8802,25 +8812,25 @@ msgstr "黑名单上的组织" #: View/Elements/genericElements/SideMenu/side_menu.ctp:820;834 msgid "View Thread" -msgstr "查看线程" +msgstr "查看话题" #: View/Elements/genericElements/SideMenu/side_menu.ctp:825 #: View/Posts/add.ctp:4 msgid "Add Post" -msgstr "" +msgstr "添加帖子" #: View/Elements/genericElements/SideMenu/side_menu.ctp:839 #: View/Posts/edit.ctp:4 msgid "Edit Post" -msgstr "" +msgstr "编辑帖子" #: View/Elements/genericElements/SideMenu/side_menu.ctp:845 msgid "List Threads" -msgstr "列出线程" +msgstr "列出话题" #: View/Elements/genericElements/SideMenu/side_menu.ctp:849 msgid "New Thread" -msgstr "新线程" +msgstr "新话题" #: View/Elements/genericElements/SideMenu/side_menu.ctp:857 msgid "List Favourite Tags" @@ -8854,31 +8864,31 @@ msgstr "编辑模板" #: View/Elements/genericElements/SideMenu/side_menu.ctp:952 msgid "Update Default Models" -msgstr "" +msgstr "更新默认模型" #: View/Elements/genericElements/SideMenu/side_menu.ctp:957 msgid "Force Update Default Models" -msgstr "" +msgstr "强制更新默认模型" #: View/Elements/genericElements/SideMenu/side_menu.ctp:962 msgid "Import Decaying Model" -msgstr "" +msgstr "导入衰减模型" #: View/Elements/genericElements/SideMenu/side_menu.ctp:967 msgid "Add Decaying Model" -msgstr "" +msgstr "添加衰减模型" #: View/Elements/genericElements/SideMenu/side_menu.ctp:971 msgid "Decaying Tool" -msgstr "" +msgstr "衰减工具" #: View/Elements/genericElements/SideMenu/side_menu.ctp:983 msgid "View Decaying Model" -msgstr "" +msgstr "查看衰减模型" #: View/Elements/genericElements/SideMenu/side_menu.ctp:989 msgid "Edit Decaying Model" -msgstr "" +msgstr "编辑衰减模型" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1007 msgid "Add Feed" @@ -8891,7 +8901,7 @@ msgstr "从 JSON 导入订阅源" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1018 #: View/Feeds/compare_feeds.ctp:8 msgid "Feed overlap analysis matrix" -msgstr "" +msgstr "订阅源重叠分析矩阵" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1023 msgid "Export Feed settings" @@ -8907,7 +8917,7 @@ msgstr "查看订阅源" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1042 msgid "PreviewIndex" -msgstr "" +msgstr "预览索引" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1048 msgid "PreviewEvent" @@ -8929,27 +8939,27 @@ msgstr "编辑新建项" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1092 msgid "Update Galaxies" -msgstr "更新Galaxy" +msgstr "更新星系" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1093 msgid "Are you sure you want to reimport all galaxies from the submodule?" -msgstr "" +msgstr "您确定您要从子模块中重新导入所有星系吗?" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1098 msgid "Force Update Galaxies" -msgstr "强制更新Galaxy" +msgstr "强制更新星系" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1099 msgid "Are you sure you want to drop and reimport all galaxies from the submodule?" -msgstr "" +msgstr "您确定要把所有星系从子模块中删除并重新导入吗?" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1106;1122 msgid "View Galaxy" -msgstr "查看Galaxy" +msgstr "查看星系" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1111 msgid "View Cluster" -msgstr "" +msgstr "查看星团" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1135 msgid "Update Objects" @@ -8962,15 +8972,15 @@ msgstr "查看对象模板" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1149 #: View/Sightingdb/add.ctp:6 msgid "Add SightingDB connection" -msgstr "" +msgstr "添加SightingDB连接" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1157 msgid "Edit SightingDB connection" -msgstr "" +msgstr "编辑SightingDB连接" #: View/Elements/genericElements/SideMenu/side_menu.ctp:1162 msgid "List SightingDB connections" -msgstr "" +msgstr "列出SightingDB连接" #: View/Elements/genericElements/SideMenu/side_menu_post_link.ctp:26 #: View/Errors/error403.ctp:4 @@ -8979,113 +8989,113 @@ msgstr "%s" #: View/Elements/healthElements/db_indexes_diagnostic.ctp:4 msgid "Show database indexes" -msgstr "" +msgstr "显示数据库索引" #: View/Elements/healthElements/db_indexes_diagnostic.ctp:9 msgid "Index diagnostic:" -msgstr "" +msgstr "索引诊断" #: View/Elements/healthElements/db_indexes_diagnostic.ctp:12 msgid "Notice" -msgstr "" +msgstr "注意" #: View/Elements/healthElements/db_indexes_diagnostic.ctp:13 msgid "The highlighted issues may be benign. if you are unsure, please open an issue and ask for clarification." -msgstr "" +msgstr "突出显示的问题可能是良性的, 如果不确定, 请打开一个问题并求证" #: View/Elements/healthElements/db_indexes_diagnostic.ctp:47 msgid "Fix Database Index Schema" -msgstr "" +msgstr "修复数据库索引模式" #: View/Elements/healthElements/db_indexes_diagnostic.ctp:72 #: View/Elements/healthElements/db_schema_diagnostic.ctp:234 msgid "Executing this query might take some time and may harm your database. Please review the query below or backup your database in case of doubt." -msgstr "" +msgstr "执行此查询可能需要一些时间, 并且可能会损害数据库. 请查看以下查询, 或在有疑问时备份数据库。" #: View/Elements/healthElements/db_schema_diagnostic.ctp:62 msgid "The current database schema does not match the expected format." -msgstr "" +msgstr "当前的数据库模式不符合预期的格式" #: View/Elements/healthElements/db_schema_diagnostic.ctp:63;131 msgid "Database schema diagnostic: " -msgstr "" +msgstr "数据库模式诊断" #: View/Elements/healthElements/db_schema_diagnostic.ctp:68;74 msgid "The MISP database state does not match the expected schema. Resolving these issues is recommended." -msgstr "" +msgstr "MISP数据库状态与预期的模式不匹配, 建议解决这些问题" #: View/Elements/healthElements/db_schema_diagnostic.ctp:69;75 msgid "⚠ This diagnostic tool is in experimental state - the highlighted issues may be benign. If you are unsure, please open an issue on with the issues identified over at https://github.com/MISP/MISP for clarification." -msgstr "" +msgstr "⚠ 本诊断工具处于实验状态 - 突出的问题可能是良性的. 如果您不确定, 请在https://github.com/MISP/MISP, 对所发现的问题进行说明" #: View/Elements/healthElements/db_schema_diagnostic.ctp:79 msgid "Reveal benign deltas" -msgstr "" +msgstr "揭示良性情况" #: View/Elements/healthElements/db_schema_diagnostic.ctp:83 msgid "Table name" -msgstr "" +msgstr "表名" #: View/Elements/healthElements/db_schema_diagnostic.ctp:83 msgid "Expected schema" -msgstr "" +msgstr "预期模式" #: View/Elements/healthElements/db_schema_diagnostic.ctp:83 msgid "Actual schema" -msgstr "" +msgstr "实际模型" #: View/Elements/healthElements/db_schema_diagnostic.ctp:118 msgid "Fix Database schema" -msgstr "" +msgstr "修复数据库模式" #: View/Elements/healthElements/db_schema_diagnostic.ctp:130 msgid "The current database is correct" -msgstr "" +msgstr "目前的数据库是正确的" #: View/Elements/healthElements/db_schema_diagnostic.ctp:141 msgid "Expected DB_version: " -msgstr "" +msgstr "预期DB_version:" #: View/Elements/healthElements/db_schema_diagnostic.ctp:145 msgid "The current database version matches the expected one" -msgstr "" +msgstr "当前的数据库版本与预期的版本一致" #: View/Elements/healthElements/db_schema_diagnostic.ctp:146;151 msgid "Actual DB_version: " -msgstr "" +msgstr "实际DB_version:" #: View/Elements/healthElements/db_schema_diagnostic.ctp:150 msgid "The current database version does not match the expected one" -msgstr "" +msgstr "当前的数据库版本与预期的版本不一致" #: View/Elements/healthElements/db_schema_diagnostic.ctp:158 msgid "Updates are locked" -msgstr "" +msgstr "更新被锁定" #: View/Elements/healthElements/db_schema_diagnostic.ctp:158;162 msgid "Updates are not locked" -msgstr "" +msgstr "更新未被锁定" #: View/Elements/healthElements/db_schema_diagnostic.ctp:161 #: View/Servers/update_progress.ctp:32 msgid "Updates are locked due to to many update fails" -msgstr "" +msgstr "由于多次更新失败, 更新被锁定" #: View/Elements/healthElements/db_schema_diagnostic.ctp:161 msgid "Updates unlocked in %s" -msgstr "" +msgstr "更新解锁 %s" #: View/Elements/healthElements/db_schema_diagnostic.ctp:167;168 msgid "DataSource: " -msgstr "" +msgstr "数据源: " #: View/Elements/healthElements/db_schema_diagnostic.ctp:203 msgid "Column diagnostic" -msgstr "" +msgstr "列诊断" #: View/Elements/healthElements/diagnostics.ctp:5 msgid "Incorrect database encoding setting: Your database connection is currently NOT set to UTF-8. Please make sure to uncomment the 'encoding' => 'utf8' line in " -msgstr "" +msgstr "错误的数据库编码设置: 您的数据库连接当前未设置为UTF-8, 确保取消注释中的'encoding'=>'utf8'行" #: View/Elements/healthElements/diagnostics.ctp:9 msgid "MISP version" @@ -9093,7 +9103,7 @@ msgstr "MISP 版本" #: View/Elements/healthElements/diagnostics.ctp:10 msgid "Every version of MISP includes a json file with the current version. This is checked against the latest tag on github, if there is a version mismatch the tool will warn you about it. Make sure that you update MISP regularly." -msgstr "" +msgstr "MISP的每个版本都包含一个带有当前版本的json文件, 这是根据github上的最新标签检查的, 如果版本不匹配, 该工具将警告您, 确保定期更新MISP" #: View/Elements/healthElements/diagnostics.ctp:12 msgid "Currently installed version…" @@ -9114,7 +9124,7 @@ msgstr "无法从 github 检索版本" #: View/Elements/healthElements/diagnostics.ctp:40 msgid "Unable to fetch current commit id, check apache user read privilege." -msgstr "" +msgstr "无法获取当前提交ID, 请检查apache用户的读取权限" #: View/Elements/healthElements/diagnostics.ctp:45 msgid "Latest available version…" @@ -9126,11 +9136,11 @@ msgstr "状态…" #: View/Elements/healthElements/diagnostics.ctp:59 msgid "Current branch…" -msgstr "" +msgstr "当前分支…" #: View/Elements/healthElements/diagnostics.ctp:64 msgid "You are not on a branch, Update MISP will fail" -msgstr "" +msgstr "您不在分支, 更新MISP将失败" #: View/Elements/healthElements/diagnostics.ctp:68 msgid "Pull the latest MISP version from github" @@ -9142,11 +9152,11 @@ msgstr "更新MISP" #: View/Elements/healthElements/diagnostics.ctp:69 msgid "Click the following button to go to the update progress page. This page lists all updates that are currently queued and executed." -msgstr "" +msgstr "单击以下按钮转到更新进度页面, 此页面列出了当前排队和执行的所有更新" #: View/Elements/healthElements/diagnostics.ctp:69 msgid "View Update Progress" -msgstr "" +msgstr "查看更新进度" #: View/Elements/healthElements/diagnostics.ctp:71 msgid "Submodules version" @@ -9154,11 +9164,11 @@ msgstr "子模块版本" #: View/Elements/healthElements/diagnostics.ctp:72 msgid "Refresh submodules version." -msgstr "刷新子模块版本。" +msgstr "刷新子模块版本." #: View/Elements/healthElements/diagnostics.ctp:75 msgid "Load all JSON into the database." -msgstr "加载所有 JSON 到数据库。" +msgstr "加载所有 JSON 到数据库." #: View/Elements/healthElements/diagnostics.ctp:76 msgid "Load JSON into database" @@ -9170,7 +9180,7 @@ msgstr "可写的目录和文件" #: View/Elements/healthElements/diagnostics.ctp:80 msgid "The following directories and files have to be writeable for MISP to function properly. Make sure that the apache user has write privileges for the directories below." -msgstr "以下的目录和文件必须是可写的,MISP才能正常运行。 请确认 apache 用户具有以下目录的写权限。" +msgstr "以下的目录和文件必须是可写的, MISP才能正常运行. 请确认 apache 用户具有以下目录的写权限." #: View/Elements/healthElements/diagnostics.ctp:81 msgid "Directories" @@ -9208,7 +9218,7 @@ msgstr "未知的" #: View/Elements/healthElements/diagnostics.ctp:136 msgid "Issues determining version" -msgstr "" +msgstr "确定版本的问题" #: View/Elements/healthElements/diagnostics.ctp:143;152 msgid "Update highly recommended" @@ -9216,7 +9226,7 @@ msgstr "强烈推荐更新" #: View/Elements/healthElements/diagnostics.ctp:146;155 msgid "Version unsupported, update ASAP" -msgstr "版本已不受支持,请尽快更新" +msgstr "版本已不受支持, 请尽快更新" #: View/Elements/healthElements/diagnostics.ctp:159 msgid "PHP ini path" @@ -9236,11 +9246,11 @@ msgstr "PHP CLI 版本" #: View/Elements/healthElements/diagnostics.ctp:162 msgid "Please note that the support for Python versions below 3.6 and below PHP 7.2 has been dropped as of 2020-01-01 and are henceforth considered unsupported. More info: " -msgstr "" +msgstr "请注意, 从2020-01-01-01起, Python 3.6以下和PHP 7.2以下版本的支持已被取消, 从此以后被视为不支持. 更多信息:" #: View/Elements/healthElements/diagnostics.ctp:163 msgid "The following settings might have a negative impact on certain functionalities of MISP with their current and recommended minimum settings. You can adjust these in your php.ini. Keep in mind that the recommendations are not requirements, just recommendations. Depending on usage you might want to go beyond the recommended values." -msgstr "" +msgstr "以下的设置可能会对MISP的某些功能产生负面影响, 在当前和建议的最低设置中. 您可以在您的 php.ini 中调整这些设置. 请记住, 这些建议不是要求, 只是建议. 根据不同的使用情况, 您可能会希望超出推荐值." #: View/Elements/healthElements/diagnostics.ctp:170 #: View/Events/filter_event_index.ctp:32;190 @@ -9258,63 +9268,63 @@ msgstr "未加载" #: View/Elements/healthElements/diagnostics.ctp:189 msgid "Issues reading PHP settings. This could be due to the test script not being readable." -msgstr "" +msgstr "读取PHP设置的问题, 这可能是由于测试脚本不可读" #: View/Elements/healthElements/diagnostics.ctp:206 msgid "Table" -msgstr "" +msgstr "表" #: View/Elements/healthElements/diagnostics.ctp:211 msgid "Used" -msgstr "" +msgstr "使用" #: View/Elements/healthElements/diagnostics.ctp:217 msgid "Reclaimable" -msgstr "" +msgstr "可回收" #: View/Elements/healthElements/diagnostics.ctp:223 msgid "SQL database status" -msgstr "" +msgstr "SQL 数据库状态" #: View/Elements/healthElements/diagnostics.ctp:224 msgid "Size of each individual table on disk, along with the size that can be freed via SQL optimize. Make sure that you always have at least 3x the size of the largest table in free space in order for the update scripts to work as expected." -msgstr "" +msgstr "磁盘上每个单独表的大小, 以及通过SQL优化可以释放的大小, 确保您总是有至少3倍于最大表的空闲空间, 以便更新脚本能够正常工作" #: View/Elements/healthElements/diagnostics.ctp:229 msgid "Schema status" -msgstr "" +msgstr "模式状态" #: View/Elements/healthElements/diagnostics.ctp:246 msgid "Redis info" -msgstr "" +msgstr "Redis信息" #: View/Elements/healthElements/diagnostics.ctp:248 msgid "PHP extension version" -msgstr "" +msgstr "PHP扩展版本" #: View/Elements/healthElements/diagnostics.ctp:248 msgid "Not installed." -msgstr "" +msgstr "未安装" #: View/Elements/healthElements/diagnostics.ctp:250 msgid "Redis version" -msgstr "" +msgstr "Redis版本" #: View/Elements/healthElements/diagnostics.ctp:251 msgid "Memory allocator" -msgstr "" +msgstr "内存分配器" #: View/Elements/healthElements/diagnostics.ctp:252 msgid "Memory usage" -msgstr "" +msgstr "内存使用" #: View/Elements/healthElements/diagnostics.ctp:253 msgid "Peak memory usage" -msgstr "" +msgstr "内存使用量峰值" #: View/Elements/healthElements/diagnostics.ctp:254 msgid "Total system memory" -msgstr "" +msgstr "系统内存总量" #: View/Elements/healthElements/diagnostics.ctp:259 msgid "Advanced attachment handler" @@ -9322,7 +9332,7 @@ msgstr "高级附件处理程序" #: View/Elements/healthElements/diagnostics.ctp:260 msgid "The advanced attachment tools are used by the add attachment functionality to extract additional data about the uploaded sample." -msgstr "" +msgstr "高级附件处理程序是通过添加附件功能来提取上传样本的附加数据" #: View/Elements/healthElements/diagnostics.ctp:265 msgid "PyMISP" @@ -9330,7 +9340,7 @@ msgstr "PyMISP" #: View/Elements/healthElements/diagnostics.ctp:265 msgid "Not installed or version outdated." -msgstr "未安装或版本已过期。" +msgstr "未安装或版本已过期." #: View/Elements/healthElements/diagnostics.ctp:277 msgid "STIX and Cybox libraries" @@ -9338,15 +9348,15 @@ msgstr "STIX和Cybox库" #: View/Elements/healthElements/diagnostics.ctp:278 msgid "Mitre's STIX and Cybox python libraries have to be installed in order for MISP's STIX export to work. Make sure that you install them (as described in the MISP installation instructions) if you receive an error below." -msgstr "" +msgstr "Mitre的STIX和Cybox python库必须安装好, 才能使MISP的STIX导出工作, 如果您收到下面的错误, 请确保您安装了它们(按照MISP安装说明中的描述)" #: View/Elements/healthElements/diagnostics.ctp:279 msgid "If you run into any issues here, make sure that both STIX and CyBox are installed as described in the INSTALL.txt file. The required versions are" -msgstr "" +msgstr "如果您在这里遇到任何问题, 请确保STIX和CyBox都已经安装好了, 如install.txt文件中所述, 所需的版本是" #: View/Elements/healthElements/diagnostics.ctp:286 msgid "Other versions might work but are not tested / recommended." -msgstr "其他版本可能正常工作,但没有经过测试或不被推荐。" +msgstr "其他版本可能正常工作, 但没有经过测试或不被推荐." #: View/Elements/healthElements/diagnostics.ctp:295 msgid "STIX and CyBox" @@ -9354,7 +9364,7 @@ msgstr "STIX和CyBox" #: View/Elements/healthElements/diagnostics.ctp:295 msgid "Could not read test script (stixtest.py)." -msgstr "无法读取测试脚本(stixtest.py)。" +msgstr "无法读取测试脚本(stixtest.py)." #: View/Elements/healthElements/diagnostics.ctp:309 msgid " library version" @@ -9366,11 +9376,11 @@ msgstr "Yara" #: View/Elements/healthElements/diagnostics.ctp:327 msgid "This tool tests whether plyara, the library used by the yara export tool is installed or not." -msgstr "这个工具测试了 yara 导出工具所使用的库 plyara 是否已安装。" +msgstr "这个工具测试了 yara 导出工具所使用的库 plyara 是否已安装." #: View/Elements/healthElements/diagnostics.ctp:334 msgid "Invalid plyara version / plyara not installed. Please run pip3 install plyara" -msgstr "" +msgstr "无效plyara版本/plyaya未安装, 请运行pip3 install plyara" #: View/Elements/healthElements/diagnostics.ctp:336 msgid "plyara library installed" @@ -9382,7 +9392,7 @@ msgstr "GnuPG" #: View/Elements/healthElements/diagnostics.ctp:341 msgid "This tool tests whether your GnuPG is set up correctly or not." -msgstr "此工具测试您的 GnuPG 是否设置正确。" +msgstr "此工具测试您的 GnuPG 是否设置正确." #: View/Elements/healthElements/diagnostics.ctp:349 msgid "GnuPG installation and settings" @@ -9394,7 +9404,7 @@ msgstr "ZeroMQ" #: View/Elements/healthElements/diagnostics.ctp:353 msgid "This tool tests whether the ZeroMQ extension is installed and functional." -msgstr "这个工具测试了ZeroMQ扩展是否已被安装和运行。" +msgstr "这个工具测试了ZeroMQ扩展是否已被安装和运行." #: View/Elements/healthElements/diagnostics.ctp:361 msgid "ZeroMQ settings" @@ -9430,7 +9440,7 @@ msgstr "代理" #: View/Elements/healthElements/diagnostics.ctp:370 msgid "This tool tests whether your HTTP proxy settings are correct." -msgstr "" +msgstr "这个工具可以测试您的HTTP代理设置是否正确" #: View/Elements/healthElements/diagnostics.ctp:378 #: View/Pages/doc/administration.ctp:35 @@ -9443,7 +9453,7 @@ msgstr "模块系统" #: View/Elements/healthElements/diagnostics.ctp:382 msgid "This tool tests the various module systems and whether they are reachable based on the module settings." -msgstr "这个工具测试各种模块系统以及它们是否可以根据模块的设置进行访问。" +msgstr "这个工具测试各种模块系统以及它们是否可以根据模块的设置进行访问." #: View/Elements/healthElements/diagnostics.ctp:397 msgid " module system" @@ -9455,7 +9465,7 @@ msgstr "会话表" #: View/Elements/healthElements/diagnostics.ctp:404 msgid "This tool checks how large your database's session table is.
Sessions in CakePHP rely on PHP's garbage collection for clean-up and in certain distributions this can be disabled by default resulting in an ever growing cake session table.
If you are affected by this, just click the clean session table button below." -msgstr "" +msgstr "这个工具可以检查您的数据库的会话表有多大.
CakePHP中的会话依赖PHP的垃圾收集来进行清理, 在某些发行版中, 默认情况下可以禁用这个功能, 从而导致CakePHP的会话表不断增加.
如果您受此影响, 请点击下面的清理会话表按钮" #: View/Elements/healthElements/diagnostics.ctp:411 msgid "Expired sessions" @@ -9471,7 +9481,7 @@ msgstr "清除模型缓存" #: View/Elements/healthElements/diagnostics.ctp:422 msgid "If you ever run into issues with missing database fields / tables, please run the following script to clean the model cache." -msgstr "" +msgstr "如果您曾经遇到数据库字段/表丢失的问题, 请运行以下脚本来清理模型缓存" #: View/Elements/healthElements/diagnostics.ctp:423 msgid "Clean cache" @@ -9479,15 +9489,15 @@ msgstr "清理缓存" #: View/Elements/healthElements/diagnostics.ctp:427 msgid "Check for deprecated function usage" -msgstr "" +msgstr "检查是否有被废弃的功能使用" #: View/Elements/healthElements/diagnostics.ctp:428 msgid "In an effort to identify the usage of deprecated functionalities, MISP has started aggregating the count of access requests to these endpoints. Check the frequency of their use below along with the users to potentially warn about better ways of achieving their goals." -msgstr "" +msgstr "为了确定被废弃功能的使用情况, MISP已经开始汇总这些端点的访问请求数量. 在下面的用户一起检查它们的使用频率, 以潜在警告更好的方法来实现他们的目标" #: View/Elements/healthElements/diagnostics.ctp:431;432;434 msgid "View deprecated endpoint usage" -msgstr "" +msgstr "查看已废弃的端点使用情况" #: View/Elements/healthElements/diagnostics.ctp:438;441 msgid "Orphaned attributes" @@ -9495,7 +9505,7 @@ msgstr "无主属性" #: View/Elements/healthElements/diagnostics.ctp:439 msgid "In some rare cases attributes can remain in the database after an event is deleted becoming orphaned attributes. This means that they do not belong to any event, which can cause issues with the correlation engine (known cases include event deletion directly in the database without cleaning up the attributes and situations involving a race condition with an event deletion happening before all attributes are synchronised over)." -msgstr "" +msgstr "在一些罕见的情况下, 在事件被删除后属性可能会留在数据库中, 成为孤儿属性. 这意味着它们不属于任何事件, 这可能会导致关联引擎出现问题(已知的情况包括在数据库中直接删除事件而不清理属性, 以及在所有属性同步过来之前发生事件删除的竞争条件)" #: View/Elements/healthElements/diagnostics.ctp:441;455 msgid "Run the test below" @@ -9520,19 +9530,19 @@ msgstr "删除已发布的空事件" #: View/Elements/healthElements/diagnostics.ctp:446;448 #: View/Servers/ondemand_action.ctp:7 msgid "Administrator On-demand Action" -msgstr "" +msgstr "管理员按需操作" #: View/Elements/healthElements/diagnostics.ctp:447 msgid "Click the following button to go to the Administrator On-demand Action page." -msgstr "" +msgstr "单击以下按钮转到管理员按需操作页面" #: View/Elements/healthElements/diagnostics.ctp:449;451 msgid "Legacy Administrative Tools" -msgstr "" +msgstr "旧版管理工具" #: View/Elements/healthElements/diagnostics.ctp:450 msgid "Click the following button to go to the legacy administrative tools page. There should in general be no need to do this unless you are upgrading a very old MISP instance (<2.4), all updates are done automatically with more current versions." -msgstr "" +msgstr "单击以下按钮转到旧版管理工具页面. 通常, 除非您要升级非常旧的MISP实例(<2.4), 否则通常不需要这样做, 所有更新都是使用最新版本自动完成的" #: View/Elements/healthElements/diagnostics.ctp:452 msgid "Verify bad link on attachments" @@ -9540,19 +9550,19 @@ msgstr "验证附件上的错误链接" #: View/Elements/healthElements/diagnostics.ctp:453 msgid "Verify each attachment referenced in database is accessible on filesystem." -msgstr "" +msgstr "验证数据库中引用的每个附件在文件系统中是否可以访问" #: View/Elements/healthElements/diagnostics.ctp:455 msgid "Non existing attachments referenced in Database" -msgstr "" +msgstr "数据库中引用不存在的附件" #: View/Elements/healthElements/diagnostics.ctp:457 msgid "Check bad link on attachments" -msgstr "" +msgstr "检查附件上的错误链接" #: View/Elements/healthElements/files.ctp:2 msgid "Below you will find a list of the uploaded files based on type." -msgstr "" +msgstr "下面是根据类型列出的上传文件列表" #: View/Elements/healthElements/files.ctp:9 msgid "Expected Format" @@ -9592,15 +9602,15 @@ msgstr "您确定要删除 %s 吗?" #: View/Elements/healthElements/overview.ctp:3 msgid "Critical, your MISP instance requires immediate attention." -msgstr "严重,您的MISP实例需要立即注意。" +msgstr "严重, 您的MISP实例需要立即注意." #: View/Elements/healthElements/overview.ctp:4 msgid "Issues found, it is recommended that you resolve them." -msgstr "找到问题,建议您解决这些问题。" +msgstr "找到问题, 建议您解决这些问题." #: View/Elements/healthElements/overview.ctp:5 msgid "Good, but there are some optional settings that are incorrect / not set." -msgstr "" +msgstr "很好, 但有一些可选的设置不正确/没有设置" #: View/Elements/healthElements/overview.ctp:6 msgid "In perfect health." @@ -9613,11 +9623,11 @@ msgstr "测试" #: View/Elements/healthElements/overview.ctp:22 msgid "Overall health" -msgstr "全局状态" +msgstr "总体健康情况" #: View/Elements/healthElements/overview.ctp:24 msgid "The overall health of your instance depends on the most severe unresolved issues." -msgstr "" +msgstr "您的体例的整体健康状况取决于最严重的未解决的问题" #: View/Elements/healthElements/overview.ctp:31 msgid " settings incorrectly or not set" @@ -9625,19 +9635,19 @@ msgstr " 设置不正确或未设置" #: View/Elements/healthElements/overview.ctp:32 msgid "%s incorrect settings." -msgstr "%s 项设置不正确。" +msgstr "%s 项设置不正确." #: View/Elements/healthElements/overview.ctp:39 msgid "Critical issues revealed by the diagnostics" -msgstr "" +msgstr "诊断发现的关键问题" #: View/Elements/healthElements/overview.ctp:40 msgid "%s issues detected." -msgstr "检测到 %s 个问题。" +msgstr "检测到 %s 个问题." #: View/Elements/healthElements/overview.ctp:41 msgid "Issues revealed here can be due to incorrect directory permissions or not correctly installed dependencies." -msgstr "" +msgstr "这里暴露出的问题可能是由于目录权限不正确或没有正确安装依赖关系造成的" #: View/Elements/healthElements/settings_row.ctp:65 msgid "CLI only" @@ -9670,7 +9680,7 @@ msgstr "%s 设置%s" #: View/Elements/healthElements/tabs.ctp:23 msgid "This tab reports some potential critical misconfigurations." -msgstr "" +msgstr "这个选项卡报告了一些潜在的关键错误配置" #: View/Elements/healthElements/tabs.ctp:34 #: View/Pages/doc/administration.ctp:38 @@ -9684,7 +9694,7 @@ msgstr "管理文件" #: View/Elements/healthElements/tabs.ctp:50;55 #: View/Pages/doc/administration.ctp:39 msgid "Workers" -msgstr "" +msgstr "Workers" #: View/Elements/healthElements/tabs.ctp:65 #: View/Pages/doc/administration.ctp:40 @@ -9693,11 +9703,11 @@ msgstr "下载报告" #: View/Elements/healthElements/tabs.ctp:71 msgid "Filter the table(s) below" -msgstr "" +msgstr "筛选下面的表格" #: View/Elements/healthElements/workers.ctp:5 msgid "MISP cannot access your /proc directory to check the status of the worker processes, which means that dead workers will not be detected by the diagnostic tool. If you would like to regain this functionality, make sure that the open_basedir directive is not set, or that /proc is included in it." -msgstr "" +msgstr "MISP无法访问/proc目录来检查worker进程的状态, 这意味着诊断工具不会检测到死的worker. 如果您想恢复这个功能, 请确保open_basedir指令没有被设置, 或者/proc包含在其中" #: View/Elements/healthElements/workers.ctp:10 msgid "Note:" @@ -9705,35 +9715,35 @@ msgstr "注:" #: View/Elements/healthElements/workers.ctp:10 msgid "You have set the \"manage_workers\" variable to \"false\", therefore worker controls have been disabled." -msgstr "" +msgstr "您已将\"manage_workers\"变量设置为\"false\", 因此worker控制已被禁用" #: View/Elements/healthElements/workers.ctp:15 msgid "Issues prevent jobs from being processed. Please resolve them below." -msgstr "" +msgstr "问题导致无法处理作业, 请在下面解决它们" #: View/Elements/healthElements/workers.ctp:20 msgid "Worker started with the correct user, but the current status is unknown." -msgstr "" +msgstr "Worker以正确的用户身份启动, 但当前状态未知" #: View/Elements/healthElements/workers.ctp:29 msgid "There are issues with the worker(s), but at least one healthy worker is monitoring the queue." -msgstr "" +msgstr "worker(s)有问题, 但至少有一位健康的worker正在监视队列" #: View/Elements/healthElements/workers.ctp:35 msgid "Worker type: " -msgstr "" +msgstr "Worker类型" #: View/Elements/healthElements/workers.ctp:37 msgid "Jobs in the queue: " -msgstr "" +msgstr "队列中的任务" #: View/Elements/healthElements/workers.ctp:45 msgid "Queue status: " -msgstr "队列状态: " +msgstr "队列状态: " #: View/Elements/healthElements/workers.ctp:56 msgid "Worker PID" -msgstr "" +msgstr "Worker PID" #: View/Elements/healthElements/workers.ctp:57 #: View/Pages/doc/administration.ctp:166 @@ -9747,7 +9757,7 @@ msgstr "用户" #: View/Elements/healthElements/workers.ctp:58 msgid "Worker process" -msgstr "" +msgstr "Worker进程" #: View/Elements/healthElements/workers.ctp:59 msgid "Information" @@ -9755,83 +9765,83 @@ msgstr "信息" #: View/Elements/healthElements/workers.ctp:69 msgid "Worker not running!" -msgstr "" +msgstr "Worker未在运行中!" #: View/Elements/healthElements/workers.ctp:77 msgid "The worker appears to be healthy." -msgstr "" +msgstr "worker看起来很健康" #: View/Elements/healthElements/workers.ctp:80 msgid "The worker was started with a user other than the apache user. MISP cannot check whether the worker is alive or not." -msgstr "" +msgstr "该worker是用apache用户以外的用户启动的, MISP无法检查该worker是否还活着" #: View/Elements/healthElements/workers.ctp:86 msgid "Cannot check whether the worker is alive or dead." -msgstr "" +msgstr "无法检查worker是生是死" #: View/Elements/healthElements/workers.ctp:90 msgid "Dead" -msgstr "" +msgstr "死亡" #: View/Elements/healthElements/workers.ctp:91 msgid "The Worker appears to be dead." -msgstr "" +msgstr "worker看起来已经死掉" #: View/Elements/healthElements/workers.ctp:106 msgid "Stop (if still running) and remove this worker. This will immediately terminate any jobs that are being executed by it." -msgstr "" +msgstr "停止(如果仍在运行)并删除此worker, 这将立即终止由它执行的任何作业" #: View/Elements/healthElements/workers.ctp:119 msgid "Start a worker" -msgstr "" +msgstr "启动一个worker" #: View/Elements/healthElements/workers.ctp:130 msgid "Restart all workers" -msgstr "" +msgstr "重启所有workers" #: View/Elements/serverRuleElements/pull.ctp:3 msgid "Set pull rules" -msgstr "" +msgstr "设置拉取规则" #: View/Elements/serverRuleElements/pull.ctp:9 #: View/Elements/serverRuleElements/push.ctp:9 msgid "Allowed Tags (OR)" -msgstr "" +msgstr "被允许的标签(OR)" #: View/Elements/serverRuleElements/pull.ctp:14 #: View/Elements/serverRuleElements/push.ctp:14 msgid "Move tag to the list of tags to allow" -msgstr "" +msgstr "将标签移动到允许的标签列表" #: View/Elements/serverRuleElements/pull.ctp:15 #: View/Elements/serverRuleElements/push.ctp:15 msgid "Remove tag from the list of tags to allow" -msgstr "" +msgstr "从允许的标签列表中移除标签" #: View/Elements/serverRuleElements/pull.ctp:21 #: View/Elements/serverRuleElements/push.ctp:23 msgid "Remove tag from the list of tags to block" -msgstr "" +msgstr "从屏蔽的标签列表中移除标签" #: View/Elements/serverRuleElements/pull.ctp:22 #: View/Elements/serverRuleElements/push.ctp:24 msgid "Move tag to the list of tags to block" -msgstr "" +msgstr "将标签移动到屏蔽的标签列表" #: View/Elements/serverRuleElements/pull.ctp:25 #: View/Elements/serverRuleElements/push.ctp:27 msgid "Blocked Tags (AND NOT)" -msgstr "" +msgstr "被屏蔽的标签(AND NOT)" #: View/Elements/serverRuleElements/pull.ctp:30 #: View/Elements/serverRuleElements/push.ctp:32 msgid "AND" -msgstr "" +msgstr "与" #: View/Elements/serverRuleElements/pull.ctp:34 #: View/Elements/serverRuleElements/push.ctp:36 msgid "AND NOT" -msgstr "" +msgstr "而不是" #: View/Elements/serverRuleElements/pull.ctp:38 #: View/Elements/serverRuleElements/push.ctp:40 @@ -9840,47 +9850,47 @@ msgstr "允许的 Orgs (OR)" #: View/Elements/serverRuleElements/pull.ctp:43 msgid "Move organisation to the list of tags to allow" -msgstr "" +msgstr "将组织移动到允许的标签列表" #: View/Elements/serverRuleElements/pull.ctp:43 #: View/Elements/serverRuleElements/push.ctp:45 msgid "Move organisation to the list of organisations to allow" -msgstr "" +msgstr "将组织移动到允许的组织列表" #: View/Elements/serverRuleElements/pull.ctp:44 msgid "Remove organisation to the list of tags to allow" -msgstr "" +msgstr "从允许的把标签列表中移除组织" #: View/Elements/serverRuleElements/pull.ctp:44 msgid "Remove organisation form the list of organisations to allow" -msgstr "" +msgstr "从允许的组织列表中删除组织" #: View/Elements/serverRuleElements/pull.ctp:50 msgid "Remove organisation from the list of tags to allow" -msgstr "" +msgstr "从允许的组织列表中移除组织" #: View/Elements/serverRuleElements/pull.ctp:50 #: View/Elements/serverRuleElements/push.ctp:54 msgid "Remove organisation from the list of organisations to block" -msgstr "" +msgstr "从屏蔽的组织列表中移除组织" #: View/Elements/serverRuleElements/pull.ctp:51 msgid "Move organisation to the list of tags to block" -msgstr "" +msgstr "将组织移动到屏蔽的标签列表" #: View/Elements/serverRuleElements/pull.ctp:51 #: View/Elements/serverRuleElements/push.ctp:55 msgid "Move organisation to the list of organisations to block" -msgstr "" +msgstr "将组织移动到屏蔽的组织列表" #: View/Elements/serverRuleElements/pull.ctp:54 #: View/Elements/serverRuleElements/push.ctp:58 msgid "Blocked Orgs (AND NOT)" -msgstr "" +msgstr "屏蔽的组织(AND NOT)" #: View/Elements/serverRuleElements/pull.ctp:60 msgid "Additional sync parameters (based on the event index filters)" -msgstr "" +msgstr "附加的同步参数(基于事件索引过滤器)" #: View/Elements/serverRuleElements/pull.ctp:68 msgid "Accept changes" @@ -9911,27 +9921,27 @@ msgstr "可用的组织" #: View/Noticelists/view.ctp:41 #: View/Pages/doc/using_the_system.ctp:107 msgid "Field" -msgstr "" +msgstr "字段" #: View/Elements/templateElements/populateTemplateAttribute.ctp:38 msgid "Describe the %s using one or several (separated by a line-break) of the following types: %s" -msgstr "" +msgstr "用下列类型中的一个或几个(用分界线隔开)来描述: %s" #: View/Elements/templateElements/populateTemplateAttribute.ctp:40 msgid "Describe the %s using one or several %s\\s (separated by a line-break) " -msgstr "" +msgstr "用一个或几个 %s\\s 来描述 %s (用分界线隔开)" #: View/Elements/templateElements/populateTemplateAttribute.ctp:52 msgid "Describe the %s using one of the following types: %s" -msgstr "" +msgstr "用下列类型中的一种描述%s: %s" #: View/Elements/templateElements/populateTemplateAttribute.ctp:54 msgid "Describe the %s using a %s" -msgstr "" +msgstr "用 %s 描述 %s" #: View/Elements/templateElements/populateTemplateAttribute.ctp:68 msgid "Error: %s" -msgstr "" +msgstr "错误: %s" #: View/Elements/templateElements/populateTemplateDescription.ctp:3 #: View/Templates/add.ctp:37 @@ -9965,7 +9975,7 @@ msgstr "文件" #: View/Elements/templateElements/populateTemplateFile.ctp:13 msgid "s" -msgstr "" +msgstr "s" #: View/Elements/templateElements/templateRowAttribute.ctp:4 #: View/ObjectReferences/ajax/add.ctp:86 @@ -9989,7 +9999,7 @@ msgstr "强制项" #: View/Elements/templateElements/templateRowAttribute.ctp:70 #: View/Elements/templateElements/templateRowFile.ctp:60 msgid "Batch" -msgstr "" +msgstr "批量" #: View/Elements/templateElements/templateRowAttribute.ctp:101 #: View/Elements/templateElements/templateRowFile.ctp:78 @@ -10030,16 +10040,16 @@ msgstr "CSRF 错误" #: View/Errors/error400.ctp:36 msgid "This happens usually when you try to resubmit the same form with invalidated CSRF tokens or you had a form open too long and the CSRF tokens simply expired. Just go back to the previous page and refresh the form (by reloading the same url) so that the tokens get refreshed." -msgstr "" +msgstr "这种情况通常发生在您尝试用已失效的CSRF令牌重新提交相同的表单时, 或者您的表单打开时间过长, CSRF令牌过期. 只要回到上一个页面, 然后刷新表单(通过重新加载相同的URL), 令牌就会被刷新" #: View/Errors/error400.ctp:39 msgid "Alternatively, click here to continue to the start page." -msgstr "" +msgstr "或者, 点击here继续到开始页面" #: View/Errors/missing_connection.ctp:1 #: View/Errors/missing_datasource_config.ctp:1 msgid "Missing Database Connection" -msgstr "" +msgstr "丢失数据库连接" #: View/Errors/pdo_error.ctp:1 msgid "PDO error" @@ -10047,11 +10057,11 @@ msgstr "PDO 错误" #: View/EventBlacklists/add.ctp:4 msgid "Add Event Blacklist Entries" -msgstr "" +msgstr "添加事件黑名单条目" #: View/EventBlacklists/add.ctp:5 msgid "Simply paste a list of all the event UUIDs that you wish to block from being entered." -msgstr "" +msgstr "只需粘贴一个您想阻止输入的所有事件UUID的列表" #: View/EventBlacklists/add.ctp:9 #: View/EventBlacklists/edit.ctp:9 @@ -10067,26 +10077,26 @@ msgstr "输入单个 UUID 或一个 UUID 列表" #: View/EventBlacklists/add.ctp:18 msgid "(Optional) The organisation that the event is associated with" -msgstr "" +msgstr "(可选) 与事件相关的组织" #: View/EventBlacklists/add.ctp:25 msgid "(Optional) the event info of the event that you would like to block. It's best to leave this empty if you are adding a list of UUIDs." -msgstr "" +msgstr "(可选) 您想阻止的事件的事件信息, 如果您要添加一个UUUIDs列表, 最好把这个留空" #: View/EventBlacklists/add.ctp:31 #: View/OrgBlacklists/add.ctp:24 msgid "(Optional) Any comments you would like to add regarding this (or these) entries." -msgstr "" +msgstr "(可选) 您对这个(或这些)条目有什么意见要补充" #: View/EventBlacklists/edit.ctp:4 #: View/OrgBlacklists/edit.ctp:4 msgid "Edit Event Blacklist Entries" -msgstr "" +msgstr "编辑事件黑名单条目" #: View/EventBlacklists/edit.ctp:5 #: View/OrgBlacklists/edit.ctp:5 msgid "List of all the event UUIDs that you wish to block from being entered." -msgstr "" +msgstr "您希望阻止输入的所有事件 UUIDs 的列表" #: View/EventBlacklists/edit.ctp:18 #: View/OrgBlacklists/edit.ctp:18 @@ -10104,7 +10114,7 @@ msgstr "事件 UUID" #: View/EventBlacklists/index.ctp:70 msgid "Are you sure you want to delete the blacklist entry for the event UUID %s?" -msgstr "" +msgstr "您确定要删除事件UUID %s 的黑名单条目吗?" #: View/EventBlacklists/mass_delete.ctp:10 msgid "Delete blacklisted events" @@ -10112,19 +10122,19 @@ msgstr "删除黑名单事件" #: View/EventBlacklists/mass_delete.ctp:12 msgid "Are you sure you want to delete from the blacklist the selected events?" -msgstr "" +msgstr "您确定要从黑名单中删除所选事件吗?" #: View/EventDelegations/index.ctp:30 msgid "Pending" -msgstr "" +msgstr "待定" #: View/EventDelegations/index.ctp:35 msgid "Issued" -msgstr "" +msgstr "发出" #: View/EventDelegations/index.ctp:56 msgid "Requester" -msgstr "" +msgstr "请求者" #: View/EventDelegations/index.ctp:63 #: View/Pages/doc/administration.ctp:134 @@ -10142,7 +10152,7 @@ msgstr "消息" #: View/EventDelegations/index.ctp:86 msgid "Delegation index" -msgstr "" +msgstr "授权索引" #: View/EventDelegations/index.ctp:87 #: View/Posts/add.ctp:33 @@ -10152,15 +10162,15 @@ msgstr "" #: View/EventDelegations/ajax/accept_delegation.ctp:4 msgid "Are you sure you would like to accept the request by %s to take ownership of Event #%s" -msgstr "" +msgstr "您确定要接受 %s 的请求以获取事件 #%s 的所有权吗?" #: View/EventDelegations/ajax/delegate_event.ctp:2 msgid "Delegate the publishing of the Event to another organisation" -msgstr "" +msgstr "将事件的发布授权给另一个组织" #: View/EventDelegations/ajax/delegate_event.ctp:3 msgid "Warning: You are about to request another organisation to take ownership of this event." -msgstr "" +msgstr "警告: 您将要求另一个组织拥有此事件的所有权" #: View/EventDelegations/ajax/delegate_event.ctp:8 msgid "Target Organisation" @@ -10180,19 +10190,19 @@ msgstr "期望的共享组" #: View/EventDelegations/ajax/delegate_event.ctp:33 msgid "Message to the recipient organisation" -msgstr "" +msgstr "给收件人组织的消息" #: View/EventDelegations/ajax/delete_delegation.ctp:2 msgid "Delete Delegation Request" -msgstr "" +msgstr "删除授权请求" #: View/EventDelegations/ajax/delete_delegation.ctp:4 msgid "Are you sure you would like to discard the request by %s to take ownership of Event #%s" -msgstr "" +msgstr "您确定要 %s 放弃该请求以获取事件 #%s 的所有权吗?" #: View/EventDelegations/ajax/view.ctp:2 msgid "Event Delegation" -msgstr "" +msgstr "事件授权" #: View/EventDelegations/ajax/view.ctp:5 msgid "your organisation" @@ -10204,7 +10214,7 @@ msgstr "您的组织" #: View/EventDelegations/ajax/view.ctp:9 msgid "Request details
%s is requesting %s to take over this event." -msgstr "" +msgstr "请求详细信息
%s正在请求%s 事件" #: View/EventDelegations/ajax/view.ctp:12 msgid "The desired distribution level is" @@ -10212,7 +10222,7 @@ msgstr "所需的分配级别是" #: View/EventDelegations/ajax/view.ctp:14 msgid "The desired sharing group to distribute the event to is" -msgstr "" +msgstr "所需的共享组是" #: View/EventDelegations/ajax/view.ctp:18 msgid "Message from requester" @@ -10261,7 +10271,7 @@ msgstr "事件图形删除" #: View/EventGraph/ajax/eventGraph_delete_form.ctp:8 msgid "Are you sure you want to delete eventGraph #%s? The eventGraph will be permanently deleted and unrecoverable." -msgstr "您确定要删除事件图#%s吗?事件图将被永久删除且无法恢复。" +msgstr "您确定要删除事件图#%s吗?事件图将被永久删除且无法恢复." #: View/Events/add.ctp:39 #: View/Events/view.ctp:148 @@ -10282,11 +10292,11 @@ msgstr "事件的简单描述或跟踪信息" #: View/Events/add.ctp:57 msgid "Event UUID or ID. Leave blank if not applicable." -msgstr "事件 UUID 或 ID。如果不适用则留空。" +msgstr "事件 UUID 或 ID.如果不适用则留空." #: View/Events/add.ctp:58 msgid "Extends Event" -msgstr "" +msgstr "扩展事件" #: View/Events/add_i_o_c.ctp:4 msgid "Import OpenIOC" @@ -10302,16 +10312,16 @@ msgstr "MISP XML 或 JSON 文件" #: View/Events/add_misp_export.ctp:16 msgid "Take ownership of the event" -msgstr "" +msgstr "掌握事件的所有权" #: View/Events/add_misp_export.ctp:17 msgid "Warning: This will change the creator organisation of the event, tampering with the event's ownership and releasability and can lead to unexpected behaviour when synchronising the event with instances that have another creator for the same event.)" -msgstr "" +msgstr "警告: 这将改变事件的创建者组织, 篡改事件的所有权和可释放性, 并且当事件与同一事件有另一个创建者的实例同步时, 可能会导致意外的行为" #: View/Events/add_misp_export.ctp:22 #: View/Events/upload_stix.ctp:17 msgid "Publish imported events" -msgstr "" +msgstr "发布导入的事件" #: View/Events/add_misp_export_result.ctp:2 msgid "Add From MISP Export Result" @@ -10328,11 +10338,11 @@ msgstr "失败" #: View/Events/add_misp_export_result.ctp:24 msgid "Event created." -msgstr "事件已被创建。" +msgstr "事件已创建." #: View/Events/add_misp_export_result.ctp:26 msgid "Event with this UUID already exists." -msgstr "此 UUID 的事件已存在。" +msgstr "此 UUID 的事件已存在." #: View/Events/add_misp_export_result.ctp:38 #: View/Servers/preview_index.ctp:112 @@ -10342,25 +10352,27 @@ msgstr "事件 " #: View/Events/automation.ctp:3 msgid "Automation functionality is designed to automatically feed other tools and systems with the data in your MISP repository.\n" " To to make this functionality available for automated tools an authentication key is used." -msgstr "" +msgstr "自动化功能的设计是为了自动向其他工具和系统提供MISP仓库中的数据.\n" +" 为了使自动化工具能够使用这一功能, 需要使用认证密钥." #: View/Events/automation.ctp:5 msgid "You can use the REST client to test your API queries against your MISP and export the resulting tuned queries as curl or python scripts." -msgstr "" +msgstr "您可以使用REST client来测试您的API查询与MISP的关系, 并将结果导出为curl或python脚本." #: View/Events/automation.ctp:6 msgid "Make sure you keep your API key secret as it gives access to the all of the data that you normally have access to in MISP." -msgstr "" +msgstr "确保您对您的API密钥保密, 因为它能让您访问MISP中的所有数据" #: View/Events/automation.ctp:7 msgid "To view the old MISP automation page, click here." -msgstr "" +msgstr "要查看旧的MISP自动化页面, 请点击click here." #: View/Events/automation.ctp:9 #: View/Events/legacy_automation.ctp:7 msgid "Your current key is: %s.\n" " You can %s this key." -msgstr "" +msgstr "您当前的key: %s.\n" +"您可以 %s 这个key." #: View/Events/automation.ctp:10 #: View/Events/legacy_automation.ctp:8 @@ -10372,165 +10384,166 @@ msgstr "重置" #: View/Events/automation.ctp:16 #: View/Events/legacy_automation.ctp:264 msgid "It is possible to search the database for attributes based on a list of criteria." -msgstr "" +msgstr "可以根据标准列表搜索数据库中的属性" #: View/Events/automation.ctp:17 #: View/Events/legacy_automation.ctp:265 msgid "To return an event or a list of events in a desired format, use the following syntax" -msgstr "" +msgstr "要以所需的格式返回一个事件或一个事件列表, 请使用以下语法" #: View/Events/automation.ctp:18 msgid "Whilst a list of parameters is provided below, it isn't necessarily exhaustive, specific export formats could have additional parameters." -msgstr "" +msgstr "尽管下面提供了参数列表, 但不一定详尽, 特定的导出格式可以包含其他参数." #: View/Events/automation.ctp:21 msgid "Set the return format of the search (Currently supported: json, xml, openioc, suricata, snort - more formats are being moved to restSearch with the goal being that all searches happen through this API). Can be passed as the first parameter after restSearch or via the JSON payload." -msgstr "" +msgstr "设置搜索的返回格式(目前支持: json、xml、openioc、suricata、snort - 更多的格式正在被转移到restSearch中, 目标是让所有的搜索都通过这个API进行), 可以作为 restSearch 之后的第一个参数或通过 JSON 有效载荷传递" #: View/Events/automation.ctp:22 msgid "Limit the number of results returned, depending on the scope (for example 10 attributes or 10 full events)." -msgstr "" +msgstr "根据范围限制返回的结果数(例如10个属性或10个完整事件)." #: View/Events/automation.ctp:23 msgid "If a limit is set, sets the page to be returned. page 3, limit 100 will return records 201->300)." -msgstr "" +msgstr "如果设置了限制, 则设置要返回的页面, 在第3页上, 限制100将返回记录201-> 300)." #: View/Events/automation.ctp:24 #: View/Events/legacy_automation.ctp:268;297 msgid "Search for the given value in the attributes' value field." -msgstr "" +msgstr "在属性值字段中搜索给定值" #: View/Events/automation.ctp:25 #: View/Events/legacy_automation.ctp:62;199;269;298 msgid "The attribute type, any valid MISP attribute type is accepted." -msgstr "" +msgstr "属性类型, 接受任何有效的MISP属性类型" #: View/Events/automation.ctp:26 #: View/Events/legacy_automation.ctp:61;270;299 msgid "The attribute category, any valid MISP attribute category is accepted." -msgstr "" +msgstr "属性类别, 任何有效的MISP属性类别都可以接受" #: View/Events/automation.ctp:27 #: View/Events/legacy_automation.ctp:271;300 msgid "Search by the creator organisation by supplying the organisation identifier." -msgstr "" +msgstr "通过提供组织标识符来搜索创建者组织" #: View/Events/automation.ctp:28 #: View/Events/legacy_automation.ctp:200 msgid "To include a tag in the results just write its names into this parameter. To exclude a tag prepend it with a '!'." -msgstr "" +msgstr "要在结果中包含一个标签, 只需在这个参数中写上它的名字, 如果要排除一个标签, 可以用'!'." + #: View/Events/automation.ctp:29 #: View/Events/legacy_automation.ctp:278 msgid "Enabling this (by passing \"1\" as the argument) will make the search ignore all of the other arguments, except for the auth key and value. MISP will return an xml / json (depending on the header sent) of all events that have a sub-string match on value in the event info, event orgc, or any of the attribute value1 / value2 fields, or in the attribute comment." -msgstr "" +msgstr "启用这个功能(通过传递\"1\"作为参数)会使搜索忽略所有其他参数, 除了Auth key和value之外. MISP将返回一个xml/json(取决于发送的头), 所有在事件信息, 事件orgc, 或任何一个属性value1/value2字段, 或属性注释中的value1/value2字段中的子字符串匹配的事件." #: View/Events/automation.ctp:30;150 #: View/Events/legacy_automation.ctp:37;64;91;117;140;203;254;279 msgid "Events with the date set to a date after the one specified in the from field (format: 2015-02-15). This filter will use the date of the event." -msgstr "" +msgstr "将日期设置为from字段中指定的日期之后的事件(格式:2015-02-15), 此过滤器将使用事件的日期." #: View/Events/automation.ctp:31;151 #: View/Events/legacy_automation.ctp:38;65;92;118;141;204;255;280 msgid "Events with the date set to a date before the one specified in the to field (format: 2015-02-15). This filter will use the date of the event." -msgstr "" +msgstr "将日期设置为to字段中指定的日期之前的事件(格式:2015-02-15), 此过滤器将使用事件的日期." #: View/Events/automation.ctp:32 #: View/Events/legacy_automation.ctp:282;307 msgid "The events that should be included / excluded from the search" -msgstr "" +msgstr "搜索时应包含/排除的事件" #: View/Events/automation.ctp:33 #: View/Events/legacy_automation.ctp:283;308 msgid "If set, encodes the attachments / zipped malware samples as base64 in the data field within each attribute" -msgstr "" +msgstr "如果设置, 则在每个属性内的数据字段中将附件/压缩的恶意软件样本编码为base64" #: View/Events/automation.ctp:34 #: View/Events/legacy_automation.ctp:284 msgid "Only the metadata (event, tags, relations) is returned, attributes and proposals are omitted." -msgstr "" +msgstr "只返回元数据(事件、标签、关系), 属性和建议被省略" #: View/Events/automation.ctp:35 #: View/Events/legacy_automation.ctp:285;309 msgid "Restrict the results by uuid." -msgstr "根据 uuid 限制结果。" +msgstr "根据 uuid 限制结果." #: View/Events/automation.ctp:36 msgid "Restrict the results by the timestamp of the last publishing of the event. The input can be a timetamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example [\"14d\", \"7d\"])." -msgstr "" +msgstr "根据事件最后一次发布的时间戳来限制结果, 输入的时间戳可以是一个时间戳或一个简短的时间描述(例如7d或24h), 您也可以传递一个带有两个值的列表来设置时间范围(例如 [\"14d\", \"7d\"])." #: View/Events/automation.ctp:37 msgid "(Deprecated synonym for publish_timestamp) Restrict the results by the timestamp of the last publishing of the event. The input can be a timetamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example [\"14d\", \"7d\"])." -msgstr "" +msgstr "(publish_timestamp的同义词) 通过事件最后一次发布的时间戳来限制结果, 输入可以是一个时间戳或一个简短的时间描述(例如7d或24h), 您也可以传递一个带有两个值的列表来设置时间范围(例如 [\"14d\", \"7d\"])." #: View/Events/automation.ctp:38 msgid "Restrict the results by the timestamp (last edit). Any event with a timestamp newer than the given timestamp will be returned. In case you are dealing with /attributes as scope, the attribute's timestamp will be used for the lookup. The input can be a timetamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example [\"14d\", \"7d\"])." -msgstr "" +msgstr "根据时间戳(最后一次编辑)来限制结果, 任何时间戳比给定时间戳更早的事件都将被返回. 如果您将/attributes作为范围, 那么属性的时间戳将被用于查找. 输入的时间戳可以是一个时间戳, 也可以是一个简短的时间描述(例如7d或24h), 您也可以传递一个带有两个值的列表来设置时间范围(例如 [\"14d\", \"7d\"])." #: View/Events/automation.ctp:39 #: View/Events/legacy_automation.ctp:288;311 msgid "Set whether published or unpublished events should be returned. Do not set the parameter if you want both." -msgstr "" +msgstr "设置应该返回已发布的事件还是未发布的事件。如果您希望两者都要, 请不要设置该参数" #: View/Events/automation.ctp:40 #: View/Events/legacy_automation.ctp:289;313 msgid "Remove any attributes from the result that would cause a hit on a warninglist entry." -msgstr "" +msgstr "从结果中删除可能导致警告列表条目命中的所有属性." #: View/Events/automation.ctp:41 #: View/Events/legacy_automation.ctp:314 msgid "By default (0) all attributes are returned that match the other filter parameters, irregardless of their to_ids setting. To restrict the returned data set to to_ids only attributes set this parameter to 1. You can only use the special \"exclude\" setting to only return attributes that have the to_ids flag disabled." -msgstr "" +msgstr "默认情况下(0), 返回所有与其他过滤器参数匹配的属性, 而不管其to_ids设置如何. 要将返回的数据集限制为仅to_ids属性, 请将此参数设置为1, 您只能使用特殊的\"exclude\"设置仅返回禁用了to_ids标志的属性." #: View/Events/automation.ctp:42 #: View/Events/legacy_automation.ctp:315 msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only." -msgstr "" +msgstr "如果这个参数被设置为1, 它将返回软删除的属性和活动属性. 如果使用\"only\"作为参数, 则返回的数据集将只限于软删除的数据." #: View/Events/automation.ctp:43 #: View/Events/legacy_automation.ctp:316 msgid "Instead of just including the event ID, also include the event UUID in each of the attributes." -msgstr "" +msgstr "在每个属性中还包括事件UUID, 而不只是包括事件ID." #: View/Events/automation.ctp:44 msgid "Only return attributes from events that have received a modification after the given timestamp. The input can be a timetamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example [\"14d\", \"7d\"])." -msgstr "" +msgstr "只返回在给定时间戳之后收到修改的事件的属性, 输入可以是一个时间戳或一个简短的时间描述(例如7d或24h), 您也可以传递一个带有两个值的列表来设置时间范围(例如 [\"14d\", \"7d\"])." #: View/Events/automation.ctp:45 msgid "If this flag is set, sharing group objects will not be included, instead only the sharing group ID is set." -msgstr "" +msgstr "如果设置了这个标志, 共享组对象将不被包含, 而只设置共享组ID." #: View/Events/automation.ctp:46 msgid "Filter on the event's info field." -msgstr "" +msgstr "过滤事件的信息字段." #: View/Events/automation.ctp:47 msgid "Search for a full or a substring (delimited by % for substrings) in the event info, event tags, attribute tags, attribute values or attribute comment fields." -msgstr "" +msgstr "在事件信息、事件标记、属性标记、属性值或属性注释字段中搜索一个完整的或子字符串(子字符串用%分隔)." #: View/Events/automation.ctp:48 msgid "Select the ATT&CK matrix like galaxy to use when using returnFormat = attack. Defaults to the Mitre ATT&CK library via mitre-attack-pattern." -msgstr "" +msgstr "当使用returnFormat = attack时, 选择像星系一样的ATT&CK矩阵, 通过mitri-attack-pattern默认为Mitre ATT&CK库." #: View/Events/automation.ctp:61 msgid "To export all attributes of types ip-src and ip-dst that have a TLP marking and are not marked TLP:red, use the syntax below. String searches are by default exact lookups, but you can use mysql style \"%\" wildcards to do substring searches." -msgstr "" +msgstr "要导出具有TLP标记但未标记为TLP:red的ip-src和ip-dst类型的所有属性, 请使用以下语法. 默认情况下, 字符串搜索是精确查找, 但是您可以使用mysql样式\"%\"通配符进行子字符串搜索." #: View/Events/automation.ctp:78 msgid "CSV specific parameters for the restSearch APIs" -msgstr "" +msgstr "restSearch APIs的CSV特定参数" #: View/Events/automation.ctp:80 msgid "CSV only, select the fields that you wish to include in the CSV export. By setting event level fields additionally, includeContext is not required to get event metadata." -msgstr "" +msgstr "仅限CSV, 选择您希望在CSV导出中包含的字段. 通过额外设置事件级字段, 不需要 includeContext 来获取事件元数据." #: View/Events/automation.ctp:81 msgid "CSV only, add additional event level data to the export. The additional fields can be added via requested_attributes too with more granularity." -msgstr "" +msgstr "仅CSV, 在导出中添加额外的事件级别数据, 也可以通过 request_attributes 更加详细地添加其他字段" #: View/Events/automation.ctp:82 msgid "The CSV created when this setting is set to true will not contain the header row." -msgstr "" +msgstr "当此设置为 true 时, 创建的CSV将不包含标题行." #: View/Events/automation.ctp:85 msgid "URL parameters" @@ -10538,70 +10551,70 @@ msgstr "URL 参数" #: View/Events/automation.ctp:88 msgid "It is also possible to pass all of the above parameters via URL parameters, however this is HIGHLY discouraged. If you however have no other options, simply pass the parameters in the following fashion:" -msgstr "" +msgstr "也可以通过URL参数传递上述所有参数, 但是不建议这样做, 但如果没有其他选择, 只需按以下方式传递参数:" #: View/Events/automation.ctp:90 msgid "As you can see above, \"||\" can be used to add more values to a \"list\" and all parameters are passed as key:value components to the URL. Keep in mind, certain special characters in URLs can cause issues, your searches may end up being leaked to logs in transit and there are length limitations to take into account. Use this as a last resort." -msgstr "" +msgstr "如上图所示, \"||\"可以用来添加更多的值到 \"list\" 中, 所有的参数都会作为key:value组成部分传递给URL. 请记住, URL中的某些特殊字符可能会引起问题, 您的搜索可能会在传输过程中被泄露到日志中, 并且要考虑长度限制. 请将此作为最后的手段来使用." #: View/Events/automation.ctp:93 msgid "RPZ specific parameters for the restSearch APIs" -msgstr "" +msgstr "restSearch APIs的RPZ特定参数" #: View/Events/automation.ctp:94 #: View/Events/legacy_automation.ctp:164 msgid ">You can export RPZ zone files for DNS level firewalling by using the RPZ export functionality of MISP. The file generated will include all of the IDS flagged domain, hostname and IP-src/IP-dst attribute values that you have access to." -msgstr "" +msgstr ">您可以通过使用MISP的RPZ导出功能导出DNS级防火墙的RPZ zone文件, 生成的文件将包括您可以访问的所有 IDS 标记的域、主机名和 IP-src/IP-dst 属性值." #: View/Events/automation.ctp:97 #: View/Events/legacy_automation.ctp:176 msgid "MISP will inject header values into the zone file as well as define the action taken for each of the values that can all be overriden. By default these values are either the default values shipped with the application, or ones that are overriden by your site administrator. The values are as follows" -msgstr "" +msgstr "MISP将标头值注入到zone文件中, 并定义每个值的操作, 这些值都可以被覆盖. 默认情况下, 这些值要么是应用程序附带的默认值, 要么是站点管理员覆盖的值. 这些值如下" #: View/Events/automation.ctp:101 #: View/Events/legacy_automation.ctp:180 msgid "To override the above values, either use the url parameters as described below" -msgstr "" +msgstr "要覆盖上述值, 请按照以下说明使用url参数" #: View/Events/automation.ctp:103 #: View/Events/legacy_automation.ctp:182 msgid "or POST an XML or JSON object with the above listed options" -msgstr "" +msgstr "或使用上面列出的选项发送XML或JSON对象" #: View/Events/automation.ctp:107 #: View/Events/legacy_automation.ctp:211 msgid "Bro IDS export" -msgstr "" +msgstr "Bro IDS导出" #: View/Events/automation.ctp:108 #: View/Events/legacy_automation.ctp:212 msgid "An export of all attributes of a specific bro type to a formatted plain text file. By default only published and IDS flagged attributes are exported." -msgstr "" +msgstr "将特定Bro类型的所有属性导出到格式化的纯文本文件, 默认情况下, 仅导出已发布和IDS标记的属性." #: View/Events/automation.ctp:109 #: View/Events/legacy_automation.ctp:213 msgid "You can configure your tools to automatically download a file one of the Bro types." -msgstr "" +msgstr "您可以配置工具以自动下载Bro类型之一的文件" #: View/Events/automation.ctp:115 #: View/Events/legacy_automation.ctp:219 msgid "To restrict the results by tags, use the usual syntax. Please be aware the colons (:) cannot be used in the tag search. Use semicolons instead (the search will automatically search for colons instead). To get ip values from events tagged tag1 but not tag2 use" -msgstr "" +msgstr "要按标签限制搜索结果, 请使用通常的语法. 请注意, 在标签搜索中不能使用冒号(:), 请使用分号来代替(搜索会自动搜索冒号), 要从标签1而不是标签2的事件中获取IP值, 请使用" #: View/Events/automation.ctp:118 #: View/Events/legacy_automation.ctp:222 msgid "It is possible to restrict the bro exports on based on a set of filters. POST a JSON object or an XML at the Bro API to filter the results." -msgstr "" +msgstr "可以根据一组过滤器来限制 bro 的导出, 在Bro API中发送一个JSON对象或XML来过滤结果" #: View/Events/automation.ctp:136 #: View/Events/legacy_automation.ctp:240 msgid "Alternatively, it is also possible to pass the filters via the parameters in the URL, though it is highly advised to use POST requests with JSON objects instead. The format is as described below" -msgstr "" +msgstr "另外, 也可以通过URL中的参数来传递过滤器, 不过建议对JSON对象使用POST请求, 格式如下图所示" #: View/Events/automation.ctp:138 #: View/Events/legacy_automation.ctp:242 msgid "The Bro type, any valid Bro type is accepted. The mapping between Bro and MISP types is as follows" -msgstr "" +msgstr "Bro类型, 可接受任何有效的Bro类型, Bro和MISP类型之间的映射如下" #: View/Events/automation.ctp:145 #: View/Events/legacy_automation.ctp:249;301 @@ -10613,42 +10626,42 @@ msgstr "" #: View/Events/automation.ctp:148 #: View/Events/legacy_automation.ctp:252 msgid "Restrict the results to the given event IDs." -msgstr "" +msgstr "将结果限制在指定的事件ID中" #: View/Events/automation.ctp:149 #: View/Events/legacy_automation.ctp:253 msgid "Allow attributes to be exported that are not marked as \"to_ids\"." -msgstr "" +msgstr "允许导出没有标记为\"to_ids\"的属性" #: View/Events/automation.ctp:152 #: View/Events/legacy_automation.ctp:39;119;142;205;256;281;306 msgid "Events published within the last x amount of time, where x can be defined in days, hours, minutes (for example 5d or 12h or 30m). This filter will use the published timestamp of the event." -msgstr "" +msgstr "在最近的x个时间段内发布的事件, 其中x可以以天, 小时, 分钟来定义(例如5d或12h或30m), 该过滤器将使用事件的已发布时间戳." #: View/Events/automation.ctp:153 #: View/Events/legacy_automation.ctp:95;120;174;206;257 msgid "All attributes that have a hit on a warninglist will be excluded." -msgstr "" +msgstr "所有在警告列表上有命中的属性都将被排除." #: View/Events/automation.ctp:155 #: View/Events/legacy_automation.ctp:41;70;97;122;259;290 msgid "The keywords false or null should be used for optional empty parameters in the URL." -msgstr "" +msgstr "对于URL中的可选空参数, 应使用关键字false或null." #: View/Events/automation.ctp:156 #: View/Events/legacy_automation.ctp:260 msgid "For example, to retrieve all attributes for event #5, including non IDS marked attributes too, use the following line" -msgstr "" +msgstr "例如, 要检索事件#5的所有属性, 包括非IDS标记的属性, 请使用以下一行" #: View/Events/automation.ctp:159 #: View/Events/legacy_automation.ctp:329 msgid "Export attributes of event with specified type as XML" -msgstr "" +msgstr "将指定类型的事件属性导出为XML" #: View/Events/automation.ctp:160 #: View/Events/legacy_automation.ctp:330 msgid "If you want to export all attributes of a pre-defined type that belong to an event, use the following syntax" -msgstr "" +msgstr "如果您想要导出属于事件的所有预定义类型的属性, 请使用以下语法" #: View/Events/automation.ctp:162 #: View/Events/legacy_automation.ctp:332 @@ -10660,132 +10673,132 @@ msgstr "" #: View/Events/automation.ctp:167 #: View/Events/legacy_automation.ctp:337 msgid "Download attachment or malware sample" -msgstr "" +msgstr "下载附件或恶意软件样本" #: View/Events/automation.ctp:168 #: View/Events/legacy_automation.ctp:338 msgid "If you know the attribute ID of a malware-sample or an attachment, you can download it with the following syntax" -msgstr "" +msgstr "如果您知道一个恶意软件样本或附件的属性ID, 您可以用以下语法下载它" #: View/Events/automation.ctp:170 #: View/Events/legacy_automation.ctp:340 msgid "Download malware sample by hash" -msgstr "通过 hash下载恶意软件示例" +msgstr "通过hash下载恶意软件样本" #: View/Events/automation.ctp:171 #: View/Events/legacy_automation.ctp:341 msgid "You can also download samples by knowing its MD5 hash. Simply pass the hash along as a JSON/XML object or in the URL (with the URL having overruling the passed objects) to receive a JSON/XML object back with the zipped sample base64 encoded along with some contextual information." -msgstr "" +msgstr "您也可以通过了解其MD5哈希值下载样本, 只需将哈希作为一个JSON/XML对象或在URL中(URL有覆盖所传递的对象)传递, 就可以收到一个JSON/XML对象, 并带有压缩后的样本base64编码的JSON/XML对象与一些上下文信息." #: View/Events/automation.ctp:172 #: View/Events/legacy_automation.ctp:342 msgid "You can also use this API to get all samples from events that contain the passed hash. For this functionality, just pass the \"allSamples\" flag along. Note that if you are getting all samples from matching events, you can use all supported hash types (%s) for the lookup.

" -msgstr "" +msgstr "您也可以使用这个API来获取包含传递的哈希的事件中的所有样本, 对于这个功能, 只需传递\"allSamples\"标志即可. 注意, 如果您要从匹配的事件中获取所有样本, 您可以使用所有支持的哈希类型(%s)进行查找." #: View/Events/automation.ctp:173 #: View/Events/legacy_automation.ctp:343 msgid "You can also get all the samples from an event with a given event ID, by passing along the eventID parameter. Make sure that either an event ID or a hash is passed along, otherwise an error message will be returned. Also, if no hash is set, the allSamples flag will get set automatically." -msgstr "" +msgstr "您也可以通过传递eventID参数来获取一个事件的所有样本, 确保传递的是事件ID或哈希参数, 否则会返回错误消息. 另外, 如果没有设置哈希, allSamples标志将被自动设置." #: View/Events/automation.ctp:175 #: View/Events/legacy_automation.ctp:345 msgid "POST message payload (XML)" -msgstr "POST 消息有效载荷(XML)" +msgstr "POST消息有效载荷(XML)" #: View/Events/automation.ctp:179 #: View/Events/legacy_automation.ctp:294;320;349 msgid "POST message payload (json)" -msgstr "" +msgstr "POST消息有效载荷(json)" #: View/Events/automation.ctp:183 #: View/Events/legacy_automation.ctp:353 msgid "A quick description of all the parameters in the passed object" -msgstr "" +msgstr "对传递对象中所有参数的简要描述" #: View/Events/automation.ctp:184 #: View/Events/legacy_automation.ctp:354 msgid "A hash in MD5 format. If allSamples is set, this can be any one of the following: %s" -msgstr "" +msgstr "MD5格式的哈希值, 如果设置了allSamples, 则可以是以下任何一个: %s" #: View/Events/automation.ctp:185 #: View/Events/legacy_automation.ctp:355 msgid "If set, it will return all samples from events that have a match for the hash provided above." -msgstr "" +msgstr "如果设置, 它将返回所有与上面提供的哈希匹配的事件中的样本." #: View/Events/automation.ctp:186 #: View/Events/legacy_automation.ctp:356 msgid "If set, it will only fetch data from the given event ID." -msgstr "" +msgstr "如果设置, 它将仅从给定的事件ID中获取数据." #: View/Events/automation.ctp:187 #: View/Events/legacy_automation.ctp:357 msgid "Upload malware samples using the \"Upload Sample\" API" -msgstr "" +msgstr "使用 \"Upload Sample\" API上传恶意软件样本" #: View/Events/automation.ctp:189 #: View/Events/legacy_automation.ctp:359 msgid "This API will allow you to populate an event that you have modify rights to with malware samples (and all related hashes). Alternatively, if you do not supply an event ID, it will create a new event for you." -msgstr "" +msgstr "这个API将允许您用恶意软件样本(和所有相关的哈希值)填充一个您有修改权限的事件. 另外, 如果您不提供事件ID, 它将为您创建一个新的事件." #: View/Events/automation.ctp:190 #: View/Events/legacy_automation.ctp:360 msgid "The files have to be base64 encoded and POSTed as explained below. All samples will be zipped and password protected (with the password being \"infected\"). The hashes of the original file will be captured as additional attributes." -msgstr "" +msgstr "这些文件必须经过base64编码, 并按以下说明上传. 所有的样本都将被压缩, 并受到密码保护(密码为\"infected\"). 原始文件的哈希值将作为附加属性被捕获." #: View/Events/automation.ctp:191 #: View/Events/legacy_automation.ctp:361 msgid "The event ID is optional. MISP will accept either a JSON or an XML object posted to the above URL." -msgstr "" +msgstr "事件ID是可选的, MISP将接受一个JSON或XML对象发送到上述URL." #: View/Events/automation.ctp:192 #: View/Events/legacy_automation.ctp:362 msgid "The general structure of the expected objects is as follows" -msgstr "" +msgstr "预期对象的一般结构如下" #: View/Events/automation.ctp:201 #: View/Events/legacy_automation.ctp:371 msgid "The following optional parameters are expected" -msgstr "" +msgstr "以下是预期的可选参数" #: View/Events/automation.ctp:202 #: View/Events/legacy_automation.ctp:372 msgid "The Event's ID is optional. It can be either supplied via the URL or the POSTed object, but the URL has priority if both are provided. Not supplying an event ID will cause MISP to create a single new event for all of the POSTed malware samples. You can define the default settings for the event, otherwise a set of default settings will be used." -msgstr "" +msgstr "事件的ID是可选的, 它可以通过URL或POSTed对象提供, 但如果两者都提供了, 则URL具有优先权. 不提供事件ID将导致MISP为所有POSTed恶意软件样本创建一个新事件. 您可以定义事件的默认设置, 否则将使用一组默认设置." #: View/Events/automation.ctp:203 #: View/Events/legacy_automation.ctp:373 msgid "The distribution setting used for the attributes and for the newly created event, if relevant. [0-3]" -msgstr "" +msgstr "用于属性和新创建的事的分布设置, 如果相关的话. [0-3]" #: View/Events/automation.ctp:204 #: View/Events/legacy_automation.ctp:374 msgid "You can flag all attributes created during the transaction to be marked as \"to_ids\" or not." -msgstr "" +msgstr "您可以标记在事务期间创建的所有属性, 以将其标记为\"to_ids\"或不标记为\"to_ids\"." #: View/Events/automation.ctp:205 #: View/Events/legacy_automation.ctp:375 msgid "The category that will be assigned to the uploaded samples. Valid options are: Payload delivery, Artefacts dropped, Payload Installation, External Analysis." -msgstr "" +msgstr "将被分配给上传样本的类别, 有效选项有: 有效载荷传递、Artefacts dropped、有效载荷安装、外部分析." #: View/Events/automation.ctp:206 #: View/Events/legacy_automation.ctp:376 msgid "Used to populate the event info field if no event ID supplied. Alternatively, if not set, MISP will simply generate a message showing that it's a malware sample collection generated on the given day." -msgstr "" +msgstr "如果未提供事件ID, 则用于填充事件信息字段。或者, 如果未设置, 则MISP将仅生成一条消息, 表明它是在给定的一天生成的恶意软件样本集合." #: View/Events/automation.ctp:207 #: View/Events/legacy_automation.ctp:377 msgid "The analysis level of the newly created event, if applicable. [0-2]" -msgstr "" +msgstr "新创建的事件的分析级别, 如果适用的话. [0-2]" #: View/Events/automation.ctp:208 #: View/Events/legacy_automation.ctp:378 msgid "The threat level ID of the newly created event, if applicable. [0-3]" -msgstr "" +msgstr "新创建事件的威胁级别ID, 如果适用的话. [0-3]" #: View/Events/automation.ctp:209 #: View/Events/legacy_automation.ctp:379 msgid "This will populate the comment field of any attribute created using this API." -msgstr "" +msgstr "这将填充使用此API创建的任何属性的注释字段." #: View/Events/automation.ctp:210 #: View/Events/legacy_automation.ctp:380 @@ -10795,27 +10808,27 @@ msgstr "从事件中添加或删除标签" #: View/Events/automation.ctp:211 #: View/Events/legacy_automation.ctp:381 msgid "You can add or remove an existing tag from an event in the following way" -msgstr "" +msgstr "您可以通过以下方式从事件中添加或删除现有的标签" #: View/Events/automation.ctp:214 #: View/Events/legacy_automation.ctp:384 msgid "Just POST a json object in the following format (to the appropriate API depending on whether you want to add or delete a tag from an event)" -msgstr "" +msgstr "只需按以下格式POST一个json对象(根据您想从一个事件中添加或删除一个标签, 发送到相应的API)" #: View/Events/automation.ctp:216 #: View/Events/legacy_automation.ctp:386 msgid "Where \"tag\" is the ID of the tag. You can also use the name of the tag the following way" -msgstr "“标签”是标签的 ID。您也可以以下方式使用标签的名称" +msgstr "\"tag\"是标签的ID, 您也可以以下方式使用标签的名称" #: View/Events/automation.ctp:218 #: View/Events/legacy_automation.ctp:388 msgid "Proposals and the API" -msgstr "建议和 API" +msgstr "提案和 API" #: View/Events/automation.ctp:219 #: View/Events/legacy_automation.ctp:389 msgid "You can interact with the proposals via the API directly since version 2.3.148" -msgstr "" +msgstr "从2.3.148版本开始, 您可以直接通过API与提案进行交互." #: View/Events/automation.ctp:223 #: View/Events/legacy_automation.ctp:393 @@ -10853,42 +10866,42 @@ msgstr "响应" #: View/Events/automation.ctp:232 #: View/Events/legacy_automation.ctp:402 msgid "View a proposal" -msgstr "查看提议" +msgstr "查看提案" #: View/Events/automation.ctp:234;254;255;261;262 #: View/Events/legacy_automation.ctp:404;424;425;431;432 msgid "ShadowAttribute object" -msgstr "阴影属性对象" +msgstr "ShadowAttribute对象" #: View/Events/automation.ctp:239 #: View/Events/legacy_automation.ctp:409 msgid "View all proposal of my org's events" -msgstr "查看我的组织活动所有提议" +msgstr "查看我的组织事件的所有提案" #: View/Events/automation.ctp:241;248 #: View/Events/legacy_automation.ctp:411;418 msgid "ShadowAttribute objects" -msgstr "阴影属性对象" +msgstr "ShadowAttribute对象" #: View/Events/automation.ctp:246 #: View/Events/legacy_automation.ctp:416 msgid "View all proposals of an event" -msgstr "查看事件的所有提议" +msgstr "查看事件的所有提案" #: View/Events/automation.ctp:253 #: View/Events/legacy_automation.ctp:423 msgid "Propose a new attribute to an event" -msgstr "对事件新建一个属性" +msgstr "对事件提出一个新的属性" #: View/Events/automation.ctp:260 #: View/Events/legacy_automation.ctp:430 msgid "Propose an edit to an attribute" -msgstr "对属性进行编辑" +msgstr "对一个属性提出编辑建议" #: View/Events/automation.ctp:267 #: View/Events/legacy_automation.ctp:437 msgid "Accept a proposal" -msgstr "接受提议" +msgstr "接受提案" #: View/Events/automation.ctp:274 #: View/Events/legacy_automation.ctp:444 @@ -10898,12 +10911,12 @@ msgstr "放弃提案" #: View/Events/automation.ctp:279 #: View/Events/legacy_automation.ctp:449 msgid "When posting a shadow attribute object, use the following formats" -msgstr "" +msgstr "发布shadow attribute对象时, 请使用以下格式" #: View/Events/automation.ctp:284 #: View/Events/legacy_automation.ctp:454 msgid "None of the above fields are mandatory, but at least one of them has to be provided." -msgstr "" +msgstr "上述领域都不是强制性的, 但至少要提供其中的一个" #: View/Events/automation.ctp:286 #: View/Events/legacy_automation.ctp:456 @@ -10913,18 +10926,19 @@ msgstr "过滤事件的元数据" #: View/Events/automation.ctp:287 #: View/Events/legacy_automation.ctp:457 msgid "As described in the REST section, it is possible to retrieve a list of events along with their metadata by sending a GET request to the /events API. However, this API in particular is a bit more versatile. You can pass search parameters along to search among the events on various fields and retrieve a list of matching events (along with their metadata). Use the following URL" -msgstr "" +msgstr "如REST部分所述, 可以通过向/events API发送GET请求来检索事件列表及其元数据. 但是, 这个API的功能更多一些, 您可以传递搜索参数来搜索不同字段上的事件, 并检索出匹配的事件列表(及其元数据). 使用下面的URL" #: View/Events/automation.ctp:291 #: View/Events/legacy_automation.ctp:461 msgid "POST a JSON object with the desired lookup fields and values to receive a JSON back.
\n" " An example for a valid lookup" -msgstr "" +msgstr "POST一个带有所需的查询字段和值的JSON对象来接收JSON回传.
\n" +" 有效查询的一个例子" #: View/Events/automation.ctp:302 #: View/Events/legacy_automation.ctp:472 msgid "The above would return any event that is published, not restricted to your organisation only that has the term \"Locky\" in its event description. You can use exclamation marks to negate a value wherever appropriate." -msgstr "" +msgstr "上面的代码将返回任何已发布的事件, 而不仅限于您的组织, 该事件的事件描述中带有\"Locky\"字样, 您可以在适当的地方使用感叹号来否定一个值." #: View/Events/automation.ctp:303 #: View/Events/legacy_automation.ctp:473 @@ -10934,62 +10948,62 @@ msgstr "有效参数列表" #: View/Events/automation.ctp:304 #: View/Events/legacy_automation.ctp:474 msgid "Filters on published or unpublished events [0,1] - negatable" -msgstr "" +msgstr "过滤已发布或未发布的事件[0,1] - 可忽略" #: View/Events/automation.ctp:305 #: View/Events/legacy_automation.ctp:475 msgid "Filters on strings found in the event info - negatable" -msgstr "" +msgstr "对事件信息中发现的字符串进行筛选 - 可忽略" #: View/Events/automation.ctp:306 #: View/Events/legacy_automation.ctp:476 msgid "Filters on attached tag names - negatable" -msgstr "" +msgstr "对附加标签名称进行筛选 - 可忽略" #: View/Events/automation.ctp:307 #: View/Events/legacy_automation.ctp:477 msgid "Filters on specific event IDs - negatable" -msgstr "" +msgstr "对特定事件ID进行筛选 - 可忽略" #: View/Events/automation.ctp:308 #: View/Events/legacy_automation.ctp:478 msgid "Filters on a given event threat level [1,2,3,4] - negatable" -msgstr "" +msgstr "对给定事件的威胁程度进行筛选[1,2,3,4] - 可忽略" #: View/Events/automation.ctp:309 #: View/Events/legacy_automation.ctp:479 msgid "Filters on the distribution level [0,1,2,3] - negatable" -msgstr "" +msgstr "对分布级别进行筛选[0,1,2,3] - 可忽略" #: View/Events/automation.ctp:310 #: View/Events/legacy_automation.ctp:480 msgid "Filters on the given analysis phase of the event [0,1,2] - negatable" -msgstr "" +msgstr "对事件的给定分析阶段[0,1,2]的筛选器 - 可忽略" #: View/Events/automation.ctp:311 #: View/Events/legacy_automation.ctp:481 msgid "Filters on a contained attribute value - negatable" -msgstr "" +msgstr "对包含的属性值进行筛选 - 可忽略" #: View/Events/automation.ctp:312 #: View/Events/legacy_automation.ctp:482 msgid "Filters on the creator organisation - negatable" -msgstr "" +msgstr "对创建者组织进行筛选 - 可忽略" #: View/Events/automation.ctp:313 #: View/Events/legacy_automation.ctp:483 msgid "Filters on the creator user's email address (admin only) - negatable" -msgstr "" +msgstr "对创建者用户邮件地址(仅管理员)进行过滤 - 可忽略" #: View/Events/automation.ctp:314 #: View/Events/legacy_automation.ctp:484 msgid "Filters on the date, anything newer than the given date in YYYY-MM-DD format is taken - non-negatable" -msgstr "" +msgstr "对日期进行筛选, 任何比给定日期更新的YYY-MM-DD格式的日期都会被提取 - 不可忽略" #: View/Events/automation.ctp:315 #: View/Events/legacy_automation.ctp:485 msgid "Filters on the date, anything older than the given date in YYYY-MM-DD format is taken - non-negatable" -msgstr "" +msgstr "对日期进行筛选, 任何比给定日期更早的YYY-MM-DD格式的日期都会被提取 - 不可忽略" #: View/Events/automation.ctp:318 msgid "Freetext Import API" @@ -10997,64 +11011,67 @@ msgstr "从 Freetext 导入 API" #: View/Events/automation.ctp:320 msgid "The freetext import tool is also exposed to the API." -msgstr "" +msgstr "freetext导入工具也暴露在API中." #: View/Events/automation.ctp:321 msgid "Simply POST the contents to be parsed and either directly create attributes out of them or simply return the parsing results." -msgstr "" +msgstr "只需POST要解析的内容, 然后直接从其中创建属性, 或者简单地返回解析结果." #: View/Events/automation.ctp:322 msgid "Use the boolean (0/1) adhere_to_warninglists and return_meta_attributes url parameters to filter out values tripping over a warninglist and to decide whether to save the attributes parsed or simply return them as meta attributes." -msgstr "" +msgstr "使用boolean (0/1) adhere_to_warninglists和return_meta_attributes的url参数来过滤掉警告列表阻止的值, 并决定是保存属性解析的属性还是简单地返回为元属性。" #: View/Events/automation.ctp:323 msgid "The contents of the POST body should be the text to be parsed." -msgstr "" +msgstr "POST正文的内容应为要解析的文本" #: View/Events/automation.ctp:333 msgid "Administering the background workers via the API." -msgstr "" +msgstr "通过API管理后台workers" #: View/Events/automation.ctp:335 msgid "You can start/stop and view the bacground workers via the API." -msgstr "" +msgstr "您可以通过API启动/停止并查看后台workers" #: View/Events/automation.ctp:336 msgid "Add worker" -msgstr "" +msgstr "添加worker" #: View/Events/automation.ctp:337 msgid "Stop worker" -msgstr "" +msgstr "停止worker" #: View/Events/automation.ctp:338 msgid "Get worker info" -msgstr "" +msgstr "获得worker信息" #: View/Events/contact.ctp:8 msgid "Contact organization reporting event " -msgstr "" +msgstr "联系组织报告事件" #: View/Events/contact.ctp:9 msgid "You are about to contact the organization that reported event %s.
\n" " Feel free to add a custom message that will be sent to the reporting organization.
\n" " Your email address and details about the event will be added automagically to the message." -msgstr "" +msgstr "您即将联系上报事件的组织 %s.
\n" +"请随意添加一个自定义信息, 并将其发送至报告组织.
\n" +"您的电子邮件地址和活动详情将被自动添加到信息中." #: View/Events/contact.ctp:21 msgid "Submit only to the person that created the event" -msgstr "" +msgstr "只提交给创建该事件的人" #: View/Events/export.ctp:3 #: View/Events/export_alternate.ctp:3 msgid "Export functionality is designed to automatically generate signatures for intrusion detection systems. To enable signature generation for a given attribute, Signature field of this attribute must be set to Yes.\n" " Note that not all attribute types are applicable for signature generation, currently we only support NIDS signature generation for IP, domains, host names, user agents etc., and hash list generation for MD5/SHA1 values of file artifacts. Support for more attribute types is planned." -msgstr "" +msgstr "导出功能旨在自动为入侵检测系统生成签名, 要为给定属性启用签名生成, 必须将此属性的Signature字段设置为Yes." +" 注意, 不是所有的属性类型都适用于签名生成, 目前我们只支持IP、域、主机名、用户代理等的NIDS签名生成, 以及文件工件的MD5/SHA1值的哈希列表生成, 计划中会支持更多的属性类型" #: View/Events/export.ctp:6 #: View/Events/export_alternate.ctp:6 msgid "Simply click on any of the following buttons to download the appropriate data." -msgstr "" +msgstr "只需点击以下任何一个按钮即可下载相应的数据" #: View/Events/export.ctp:26 #: View/Pages/doc/using_the_system.ctp:378 @@ -11078,11 +11095,11 @@ msgstr "进度" #: View/Events/export.ctp:63 msgid "Attachments are enabled on this instance" -msgstr "" +msgstr "此实例中的附件已启用" #: View/Events/export.ctp:63 msgid "Attachments are disabled on this instance" -msgstr "" +msgstr "此实例中的附件已禁用" #: View/Events/export.ctp:76 msgid "Loading…" @@ -11110,7 +11127,7 @@ msgstr "生成" #: View/Events/export.ctp:206 msgid "Warning, the background worker is not responding!" -msgstr "" +msgstr "警告, 后台worker没有响应!" #: View/Events/export.ctp:220 msgid "0 seconds ago" @@ -11122,7 +11139,7 @@ msgstr "全部下载为 XML" #: View/Events/export_alternate.ctp:12 msgid "Click this to download all events and attributes that you have access to (except file attachments) in a custom XML format." -msgstr "" +msgstr "单击此处, 可下载您可以访问的所有事件和属性(文件附件除外)的自定义XML格式." #: View/Events/export_alternate.ctp:17 msgid "Download all signatures as CSV" @@ -11162,7 +11179,7 @@ msgstr "" #: View/Events/export_alternate.ctp:54 msgid "Download RPZ Zone File" -msgstr "下载 RPZ 区域文件" +msgstr "下载 RPZ Zone文件" #: View/Events/export_alternate.ctp:61 msgid "Download all MD5 hashes" @@ -11182,7 +11199,7 @@ msgstr "" #: View/Events/export_alternate.ctp:72 msgid "Click on one of these buttons to download all the attributes with the matching type. This list can be used to feed forensic software when searching for susipicious files. Only published events and attributes marked as IDS Signature are exported." -msgstr "" +msgstr "单击这些按钮之一下载所有匹配类型的属性, 该列表可用于在搜索可疑文件时为取证软件提供信息, 只有published事件和标记为IDS Signature的属性才会被导出." #: View/Events/filter_event_index.ctp:4 #: View/Servers/filter_event_index.ctp:4 @@ -11240,7 +11257,7 @@ msgstr "未设置筛选器 - 在上面添加过滤条件" #: View/Events/filter_event_index.ctp:168 #: View/Users/admin_filter_user_index.ctp:104 msgid "Save this URL if you would like to use the same filter settings again" -msgstr "如果您想要再次使用相同的筛选器设置,请保存此 URL" +msgstr "如果您想要再次使用相同的筛选器设置, 请保存此 URL" #: View/Events/filter_event_index.ctp:170 #: View/Servers/filter_event_index.ctp:21 @@ -11259,15 +11276,15 @@ msgstr "Freetext导入工具" #: View/Events/free_text_import.ctp:8 msgid "Paste a list of IOCs into the field below for automatic detection." -msgstr "" +msgstr "将 IOCs 列表粘贴到下面的字段中, 以便自动检测." #: View/Events/get_event_info_by_id.ctp:5 msgid "No matching events found." -msgstr "未找到匹配的事件。" +msgstr "未找到匹配的事件." #: View/Events/get_event_info_by_id.ctp:6 msgid "This will still allow you to store the UUID. It will extend the assigned event as soon as it is created / becomes visible." -msgstr "" +msgstr "这仍将允许您存储UUID, 一旦创建/可见, 它将扩展已分配的事件." #: View/Events/import_module.ctp:99 msgid "Input File" @@ -11318,11 +11335,11 @@ msgstr "" #: View/Events/legacy_automation.ctp:6 msgid "Make sure you keep that key secret as it gives access to the entire database !" -msgstr "" +msgstr "确保您保护好密钥, 因为它可以访问整个数据库!" #: View/Events/legacy_automation.ctp:10 msgid "Since version 2.2 the usage of the authentication key in the URL is deprecated. Instead, pass the auth key in an Authorization header in the request. The legacy option of having the auth key in the URL is temporarily still supported but not recommended." -msgstr "" +msgstr "从2.2版本开始, URL中的验证密钥的使用已经被取消了. 取而代之, 在请求中的授权头中传递认证密钥. 暂时仍支持在URL中使用认证密钥的传统选项, 但不建议使用." #: View/Events/legacy_automation.ctp:11 msgid "Please use the use the following header" @@ -11338,31 +11355,31 @@ msgstr "导出XML" #: View/Events/legacy_automation.ctp:14 msgid "An automatic export of all events and attributes (except file attachments) is available under a custom XML format." -msgstr "" +msgstr "所有事件和属性的自动导出(文件附件除外)可在自定义的XML格式下使用." #: View/Events/legacy_automation.ctp:15;47;76 msgid "You can configure your tools to automatically download the following file" -msgstr "" +msgstr "您可以配置您的工具自动下载以下文件" #: View/Events/legacy_automation.ctp:17 msgid "If you only want to fetch a specific event append the eventid number" -msgstr "" +msgstr "如果您只想获取特定事件, 请附加事件ID号" #: View/Events/legacy_automation.ctp:19;144 msgid "You can post an XML or JSON object containing additional parameters in the following formats" -msgstr "" +msgstr "您可以发送一个XML或JSON对象, 其中包含以下格式的附加参数" #: View/Events/legacy_automation.ctp:26 msgid "The xml download also accepts two additional the following optional parameters in the URL" -msgstr "" +msgstr "xml下载的URL中还接受以下两个额外的可选参数" #: View/Events/legacy_automation.ctp:29;52;85 msgid "Restrict the download to a single event" -msgstr "" +msgstr "将下载限制在一个事件中" #: View/Events/legacy_automation.ctp:30 msgid "A boolean field that determines whether attachments should be encoded and a second parameter that controls the eligible tags." -msgstr "" +msgstr "一个布尔字段, 用于确定是否应对附件进行编码; 第二个参数用于控制符合条件的标签" #: View/Events/legacy_automation.ctp:31;54;87;112;134 msgid "To include a tag in the results just write its names into this parameter. To exclude a tag prepend it with a '!'.\n" @@ -11372,7 +11389,7 @@ msgstr "" #: View/Events/legacy_automation.ctp:43 msgid "Also check out the %s to read about the REST API." -msgstr "还需 %s 查阅关于 REST API。" +msgstr "还需 %s 查阅关于 REST API." #: View/Events/legacy_automation.ctp:45 msgid "CSV Export" @@ -11380,27 +11397,27 @@ msgstr "导出CSV" #: View/Events/legacy_automation.ctp:46 msgid "An automatic export of attributes is available as CSV. Only attributes that are flagged \"to_ids\" will get exported." -msgstr "" +msgstr "属性自动导出为CSV, 只有被标记为 \"to_ids\"的属性才会被导出." #: View/Events/legacy_automation.ctp:49 msgid "You can specify additional flags for CSV exports as follows" -msgstr "您可以指定CSV导出的附加标记如下:" +msgstr "您可以指定CSV导出的附加标记如下: " #: View/Events/legacy_automation.ctp:53 msgid "Setting this flag to true will include attributes that are not marked \"to_ids\"." -msgstr "" +msgstr "将这个标志设置为true将包括没有标记为\"to_ids\"的属性." #: View/Events/legacy_automation.ctp:58 msgid "For example, to only download a csv generated of the \"domain\" type and the \"Network activity\" category attributes all events except for the one and further restricting it to events that are tagged \"tag1\" or \"tag2\" but not \"tag3\", only allowing attributes that are IDS flagged use the following syntax" -msgstr "" +msgstr "例如, 仅下载由\"domain\"类型和\"Network activity\"类别生成的csv, 将除一个事件外的所有事件归于属性, 并将其进一步限制为标记为\"tag1\"或\"tag2\", 但不能使用\"tag3\", 仅允许使用IDS标记的属性使用以下语法." #: View/Events/legacy_automation.ctp:63 msgid "Include the event data with each attribute." -msgstr "包含每个属性的事件数据。" +msgstr "在每个属性中包含事件数据." #: View/Events/legacy_automation.ctp:66 msgid "Events published within the last x amount of time, where x can be defined in days, hours, minutes (for example 5d or 12h or 30m).This filter will use the published timestamp of the event." -msgstr "" +msgstr "在过去X时间内发布的事件, 其中X可以定义为天、小时、分钟(例如5d或12h或30m)" #: View/Events/legacy_automation.ctp:67 msgid "The CSV created when this setting is set to true will not contain the header row.\n" @@ -11409,7 +11426,7 @@ msgstr "" #: View/Events/legacy_automation.ctp:71 msgid "To export the attributes of all events that are of the type \"domain\", use the following syntax" -msgstr "" +msgstr "要导出所有事件中类型为\"domain\"的属性, 请使用以下语法" #: View/Events/legacy_automation.ctp:74 msgid "NIDS rules export" @@ -11417,39 +11434,39 @@ msgstr "NIDS 规则导出" #: View/Events/legacy_automation.ctp:75 msgid "Automatic export of all network related attributes is available under the Snort rule format. Only published events and attributes marked as IDS Signature are exported." -msgstr "" +msgstr "在Snort规则格式下, 可以自动导出所有网络相关属性。只有published事件和标记为IDS Signature的属性才会被导出." #: View/Events/legacy_automation.ctp:81 msgid "The full API syntax is as follows" -msgstr "完整的 API 语法如下。" +msgstr "完整的 API 语法如下." #: View/Events/legacy_automation.ctp:84 msgid "The export format, can be \"suricata\" or \"snort\"" -msgstr "" +msgstr "导出格式, 可以是\"suricata\"或\"snort\"" #: View/Events/legacy_automation.ctp:86 msgid "Some commented out explanation framing the data. The reason to disable this would be if you would like to concatenate a list of exports from various select events in order to avoid unnecessary duplication of the comments." -msgstr "" +msgstr "一些注释掉解释框架化的数据, 禁用的原因是, 如果您想将各种选定的事件中的导出列表串联起来, 以避免不必要的重复注释." #: View/Events/legacy_automation.ctp:93 msgid "Events published within the last x amount of time, where x can be defined in days, hours, minutes (for example 6d or 12h or 30m). This filter will use the published timestamp of the event." -msgstr "" +msgstr "在过去x时间内发布的事件, 其中x可以用天、小时、分钟来定义(例如6d或12h或30m), 这个过滤器将使用事件发布的时间戳." #: View/Events/legacy_automation.ctp:94 msgid "Restrict the export to only use the given types." -msgstr "限制导出类型为给定的类型。" +msgstr "限制导出类型为给定的类型." #: View/Events/legacy_automation.ctp:96 msgid "All tags will be included even if not exportable." -msgstr "即使不能导出,也会包含所有的标签。" +msgstr "即使无法导出, 也会包含所有的标签." #: View/Events/legacy_automation.ctp:98 msgid "An example for a suricata export for all events excluding those tagged tag1, without all of the commented information at the start of the file would look like this:" -msgstr "" +msgstr "对于所有事件的suricata导出示例(不包括标记为tag1的事件), 如果没有文件开头的所有注释信息, 那么这个例子是这样的." #: View/Events/legacy_automation.ctp:100 msgid "Administration is able to maintain a white-list containing host, domain name and IP numbers to exclude from the NIDS export." -msgstr "" +msgstr "管理员能够维护一个白名单, 其中包含主机、域名和IP号, 可从NIDS导出中排除." #: View/Events/legacy_automation.ctp:102 msgid "Hash database export" @@ -11457,15 +11474,15 @@ msgstr "导出 hash 数据库" #: View/Events/legacy_automation.ctp:103 msgid "Automatic export of MD5/SHA1 checksums contained in file-related attributes. This list can be used to feed forensic software when searching for suspicious files. Only published events and attributes marked as IDS Signature are exported." -msgstr "" +msgstr "自动导出文件相关属性中包含的MD5/SHA1校验和, 该列表可用于在搜索可疑文件时为取证软件提供信息, 只有published事件和标记为IDS Signature的属性才会被导出." #: View/Events/legacy_automation.ctp:104;188 msgid "You can configure your tools to automatically download the following files" -msgstr "" +msgstr "您可以配置您的工具自动下载以下文件" #: View/Events/legacy_automation.ctp:109 msgid "The API's full format is as follows" -msgstr "API 的完整格式如下:" +msgstr "API 的完整格式如下: " #: View/Events/legacy_automation.ctp:111 msgid "The export format, can be \"md5\" or \"sha1\"" @@ -11473,7 +11490,7 @@ msgstr "导出格式可以为 \"md5\" 或 \"sha1\"" #: View/Events/legacy_automation.ctp:123 msgid "For example, to only show sha1 values from events tagged tag1, use" -msgstr "" +msgstr "例如, 要只显示标记为tag1的事件中的sha1值, 请使用" #: View/Events/legacy_automation.ctp:126 msgid "STIX export" @@ -11481,11 +11498,11 @@ msgstr "STIX 导出" #: View/Events/legacy_automation.ctp:127 msgid "You can export MISP events in Mitre's STIX format (to read more about STIX, click here). The STIX XML export is currently very slow and can lead to timeouts with larger events or collections of events. The JSON return format does not suffer from this issue. Usage" -msgstr "" +msgstr "您可以采用Mitre的STIX格式导出MISP事件(要了解有关STIX的更多信息, 请单击here), STIX XML导出当前非常缓慢, 并且可能导致大型事件或事件集合超时, JSON返回格式不受此问题的影响. 用法" #: View/Events/legacy_automation.ctp:129 msgid "Search parameters can be passed to the function via URL parameters or by POSTing an XML or JSON object (depending on the return type). The following parameters can be passed to the STIX export tool: id, withAttachments, tags. Both id and tags can use the && (and) and ! (not) operators to build queries. Using the URL parameters, the syntax is as follows" -msgstr "" +msgstr "搜索参数可以通过URL参数或POSTing一个XML或JSON对象(取决于返回类型)传递给函数. 以下参数可以被传递给STIX导出工具: id, withAttachments, tags. Both id and tags can use the && (and) and ! (not)操作符来建立查询. 使用URL参数, 其语法如下所示" #: View/Events/legacy_automation.ctp:132;171 msgid "The event's ID" @@ -11497,11 +11514,11 @@ msgstr "在使用合适的情况下编码附件" #: View/Events/legacy_automation.ctp:151 msgid "Various ways to narrow down the search results of the STIX export" -msgstr "" +msgstr "各种方法来缩小STIX导出的搜索结果" #: View/Events/legacy_automation.ctp:152 msgid "For example, to retrieve all events tagged \"APT1\" but excluding events tagged \"OSINT\" and excluding events #51 and #62 without any attachments" -msgstr "" +msgstr "例如, 要检索所有标记为\"APT1\"的事件, 但排除标记为\"OSINT\"的事件, 并排除没有任何附件的事件#51和#62" #: View/Events/legacy_automation.ctp:154 msgid "To export the same events using a POST request use" @@ -11517,7 +11534,7 @@ msgstr "使用 stix 导出时自动假设为 XML" #: View/Events/legacy_automation.ctp:160 msgid "The same search could be accomplished using the following POSTed XML object (note that ampersands need to be escaped, or alternatively separate id and tag elements can be used)" -msgstr "" +msgstr "同样的搜索可以使用下面的POSTed XML对象来完成(注意, 需要转义括号, 或者也可以使用单独的id和tag元素来完成)" #: View/Events/legacy_automation.ctp:163 msgid "RPZ export" @@ -11525,7 +11542,7 @@ msgstr "RPZ 导出" #: View/Events/legacy_automation.ctp:165 msgid "It is possible to further restrict the exported values using the following filters" -msgstr "" +msgstr "可以使用以下过滤器进一步限制导出的值" #: View/Events/legacy_automation.ctp:167 msgid "To include a tag in the results just write its names into this parameter. To exclude a tag prepend it with a '!'.\n" @@ -11535,15 +11552,15 @@ msgstr "" #: View/Events/legacy_automation.ctp:170 msgid "Use semicolons instead (the search will automatically search for colons instead)" -msgstr "" +msgstr "用分号代替(搜索会自动搜索冒号)" #: View/Events/legacy_automation.ctp:172 msgid "Events with the date set to a date after the one specified in the from field (format: 2015-02-03)" -msgstr "" +msgstr "将日期设置为from字段中指定的日期之后的事件(格式:2015-02-03)" #: View/Events/legacy_automation.ctp:173 msgid "Events with the date set to a date before the one specified in the to field (format: 2015-02-03)" -msgstr "" +msgstr "将日期设置为to字段中指定的日期之前的事件(格式:2015-02-03)" #: View/Events/legacy_automation.ctp:186 msgid "Text export" @@ -11551,15 +11568,15 @@ msgstr "文本导出" #: View/Events/legacy_automation.ctp:187 msgid ">An export of all attributes of a specific type to a plain text file. By default only published and IDS flagged attributes are exported." -msgstr "" +msgstr ">将特定类型的所有属性导出到纯文本文件, 默认情况下, 只导出发布和IDS标记的属性." #: View/Events/legacy_automation.ctp:194 msgid "To restrict the results by tags, use the usual syntax. Please be aware the colons (:) cannot be used in the tag search. Use semicolons instead (the search will automatically search for colons instead). To get ip-src values from events tagged tag1 but not tag2 use" -msgstr "" +msgstr "要按标签限制搜索结果, 请使用通常的语法. 请注意, 在标签搜索中不能使用冒号(:), 请使用分号代替(搜索会自动搜索冒号), 要从标签1而不是标签2的事件中获取IP-src值, 请使用" #: View/Events/legacy_automation.ctp:197 msgid "As of version 2.3.38, it is possible to restrict the text exports on two additional flags. The first allows the user to restrict based on event ID, whilst the second is a boolean switch allowing non IDS flagged attributes to be exported. Additionally, choosing \"all\" in the type field will return all eligible attributes." -msgstr "" +msgstr "从2.3.38版本开始, 可以通过两个额外的标志来限制文本导出. 第一个允许用户根据事件ID进行限制, 而第二个是一个布尔开关, 允许导出非IDS标记的属性. 此外, 在类型字段中选择\"all\"将返回所有符合条件的属性." #: View/Events/legacy_automation.ctp:201 msgid "Only export the attributes of the given event ID" @@ -11567,11 +11584,11 @@ msgstr "只导出给定事件ID的属性" #: View/Events/legacy_automation.ctp:202 msgid "Include attributes that are not marked to_ids, even if they would normally be excluded. Also overrides the whitelist functionality." -msgstr "" +msgstr "包括没有被标记为to_ids的属性, 即使它们通常会被排除, 还覆盖了白名单功能." #: View/Events/legacy_automation.ctp:207 msgid "Include not published Events." -msgstr "包括未发布的事件。" +msgstr "包括未发布的事件." #: View/Events/legacy_automation.ctp:208;275 msgid "You can also chain several tag commands together with the '&&' operator. Please be aware the colons (:) cannot be used in the tag search.\n" @@ -11584,7 +11601,7 @@ msgstr "搜索 JSON/XML/OpenIOC 的结果" #: View/Events/legacy_automation.ctp:267 msgid "Set the return format of the search (Currently supported: json, xml, openioc - more formats coming soon)." -msgstr "" +msgstr "设置搜索的返回格式(目前支持:json, xml, openioc - 更多格式即将推出)" #: View/Events/legacy_automation.ctp:272 msgid "To include a tag in the results just write its names into this parameter. To exclude a tag prepend it with a '!'.\n" @@ -11593,15 +11610,15 @@ msgstr "" #: View/Events/legacy_automation.ctp:286;310 msgid "Restrict the results by the last publish timestamp (newer than)." -msgstr "" +msgstr "根据最后一次发布的时间戳来限制结果(较新的)" #: View/Events/legacy_automation.ctp:287 msgid "Restrict the results by the timestamp (last edit). Any event with a timestamp newer than the given timestamp will be returned. In case you are dealing with /attributes as scope, the attribute's timestamp will be used for the lookup." -msgstr "" +msgstr "根据时间戳(最后一次编辑)来限制结果, 任何时间戳比给定时间戳更早的事件都将被返回, 如果您是以/attributes作为范围, 那么该属性的时间戳将被用于查找" #: View/Events/legacy_automation.ctp:291 msgid "For example, to find any event with the term \"red october\" mentioned, use the following syntax (the example is shown as a POST request instead of a GET, which is highly recommended. GET requests are problematic and deprecated.)" -msgstr "例如,寻找含有“红色october”一词的任何事件。 使用下面的语法(示例显示为POST 请求,而不是推荐的 GET。GET 请求有问题且启用。)" +msgstr "例如, 寻找含有\"red october\"一词的任何事件, 使用下面的语法(示例显示为POST请求而不是GET, 这是强烈建议的, GET请求有问题且已弃用.)" #: View/Events/legacy_automation.ctp:296 msgid "To just return a list of attributes, use the following syntax" @@ -11617,15 +11634,15 @@ msgstr "事件的日期设置为指定字段之前的日期(格式:2015-02-15) #: View/Events/legacy_automation.ctp:312 msgid "Restrict the results by the timestamp (of the attribute). Any attributes with a timestamp newer than the given timestamp will be returned." -msgstr "" +msgstr "根据属性的时间戳(属性的时间戳)限制结果, 任何时间戳大于给定时间戳的属性将被返回." #: View/Events/legacy_automation.ctp:317 msgid "Only return attributes from events that have received a modification after the given timestamp." -msgstr "" +msgstr "只返回在给定时间戳之后收到修改的事件的属性" #: View/Events/legacy_automation.ctp:322 msgid "The keywords false or null should be used for optional empty parameters in the URL. Keep in mind, this is only needed if you use the deprecated URL parameters." -msgstr "" +msgstr "关键词false或null应用于URL中的可选空参数, 请记住, 只有当您使用已废弃的URL参数时才需要这样做." #: View/Events/legacy_automation.ctp:324 msgid "value, type, category and org are optional. It is possible to search for several terms in each category by joining them with the '&&' operator. It is also possible to negate a term with the '!' operator. Please be aware the colons (:) cannot be used in the tag search. Use semicolons instead (the search will automatically search for colons instead).\n" @@ -11634,15 +11651,15 @@ msgstr "" #: View/Events/legacy_automation.ctp:327 msgid "You can also use search for IP addresses using CIDR. Make sure that you use '|' (pipe) instead of '/' (slashes). Please be aware the colons (:) cannot be used in the tag search. Use semicolons instead (the search will automatically search for colons instead). See below for an example" -msgstr "" +msgstr "您也可以使用CIDR搜索IP地址, 请确保您使用'|'(管道)而不是'/'(斜线), 请注意, 在标签搜索中不能使用冒号(:), 请使用分号来代替(搜索会自动搜索冒号), 请看下面的例子" #: View/Events/merge.ctp:4 msgid "Merge events - WARNING: this feature is very outdated and should not be used anymore." -msgstr "" +msgstr "合并事件 - 警告: 此功能已经非常过时, 不应再使用." #: View/Events/merge.ctp:9 msgid "Event id to copy the attributes from" -msgstr "" +msgstr "事件ID, 用于从中复制属性" #: View/Events/merge.ctp:20 msgid "copy only IDS attributes" @@ -11655,13 +11672,13 @@ msgstr "整合" #: View/Events/proposal_event_index.ctp:2 msgid "Event with proposals" -msgstr "带有提议的事件" +msgstr "带有提案的事件" #: View/Events/proposal_event_index.ctp:24 #: View/Pages/doc/concepts.ctp:28 #: View/ShadowAttributes/index.ctp:2 msgid "Proposals" -msgstr "提议" +msgstr "提案" #: View/Events/proposal_event_index.ctp:25 #: View/Events/view.ctp:116 @@ -11675,11 +11692,11 @@ msgstr "列出无效事件的验证" #: View/Events/report_validation_issues_events.ctp:3 msgid "Events analysed: %s" -msgstr "分析的事件: %s" +msgstr "分析的事件: %s" #: View/Events/report_validation_issues_events.ctp:7 msgid "Validation errors for event: %s" -msgstr "已被验证的事件错误: %s" +msgstr "已被验证的事件错误: %s" #: View/Events/report_validation_issues_events.ctp:9 msgid "Attribute details" @@ -11687,15 +11704,15 @@ msgstr "属性详情" #: View/Events/resolved_attributes.ctp:4 msgid "Below you can see the %s that are to be created. Make sure that the categories and the types are correct, often several options will be offered based on an inconclusive automatic resolution." -msgstr "" +msgstr "下面您可以看到要创建的%, 确保类别和类型都是正确的, 经常会根据不确定的自动解析提供几个选项." #: View/Events/resolved_attributes.ctp:8 msgid "Warning: You are missing warninglist(s) that are used to recognise TLDs. Make sure your MISP has the warninglist submodule enabled and updated or else this tool might end up missing valid domains/hostnames/urls. The missing lists are: %s" -msgstr "" +msgstr "警告: 您缺少用于识别TLDs的警告列表, 请确保您的MISP已启用并更新了警告列表子模块, 否则此工具可能会丢失有效的domains/hostnames/urls, 遗漏的列表是: %s" #: View/Events/resolved_attributes.ctp:26 msgid "Proposals instead of attributes" -msgstr "" +msgstr "提案代替属性" #: View/Events/resolved_attributes.ctp:46 msgid "Similar Attributes" @@ -11717,7 +11734,7 @@ msgstr "提交 %s" #: View/Events/resolved_attributes.ctp:237 msgid "Apply changes to all applicable resolved attributes" -msgstr "" +msgstr "将更改应用于所有适用的已解析属性" #: View/Events/resolved_attributes.ctp:237;240 msgid "Change all" @@ -11744,19 +11761,19 @@ msgstr "#已解决的属性" #: View/Events/resolved_misp_format.ctp:89;284 msgid "Import" -msgstr "" +msgstr "导入" #: View/Events/resolved_misp_format.ctp:111 msgid "ID: " -msgstr "ID: " +msgstr "ID: " #: View/Events/resolved_misp_format.ctp:127 msgid "UUID: " -msgstr "UUID: " +msgstr "UUID: " #: View/Events/resolved_misp_format.ctp:128 msgid "Meta Category: " -msgstr "元类别: " +msgstr "元类别: " #: View/Events/show_i_o_c_results.ctp:2 msgid ">Results of the import" @@ -11764,7 +11781,7 @@ msgstr ">导入结果" #: View/Events/show_i_o_c_results.ctp:3 msgid "%s attributes created successfully, %s indicators could not be mapped and saved." -msgstr "" +msgstr "%s属性创建成功, %s指标无法被映射和保存" #: View/Events/show_i_o_c_results.ctp:7 msgid "Successfully added attributes" @@ -11812,7 +11829,7 @@ msgstr "%s 文件" #: View/Events/upload_stix.ctp:24 msgid "Include the original imported file as attachment" -msgstr "" +msgstr "将原始导入的文件作为附件包含在附件中" #: View/Events/view.ctp:61 msgid "Extend this event" @@ -11836,7 +11853,7 @@ msgstr "分析" #: View/Events/view.ctp:178 msgid "Toggle advanced sharing network viewer" -msgstr "" +msgstr "切换高级共享网络查看器" #: View/Events/view.ctp:184 #: View/Feeds/preview_event.ctp:42 @@ -11874,7 +11891,7 @@ msgstr "上一次更改" #: View/Events/view.ctp:208 msgid "Modification map" -msgstr "" +msgstr "修改图" #: View/Events/view.ctp:214 msgid "Extends" @@ -11890,23 +11907,23 @@ msgstr "已扩展" #: View/Events/view.ctp:240 msgid "atomic" -msgstr "" +msgstr "原子" #: View/Events/view.ctp:271 msgid "%s has requested that %s take over this event." -msgstr "%s 已请求由 %s 接管此事件。" +msgstr "%s 已请求由 %s 接管此事件." #: View/Events/view.ctp:277 msgid "%s has requested that you take over this event." -msgstr "%s 已请求由您接管此事件。" +msgstr "%s 已请求由您接管此事件." #: View/Events/view.ctp:283 msgid "You have requested that %s take over this event." -msgstr "" +msgstr "您已经请求 %s 接管此次活动" #: View/Events/view.ctp:288 msgid "Delegation request" -msgstr "" +msgstr "授权请求" #: View/Events/view.ctp:300 msgid "View request details" @@ -11933,7 +11950,7 @@ msgstr "扩展视图" #: View/Events/view.ctp:337 msgid "Warning: Taxonomy inconsistencies" -msgstr "" +msgstr "警告: 分类法不一致" #: View/Events/view.ctp:382 #: View/Feeds/preview_event.ctp:84 @@ -11947,11 +11964,11 @@ msgstr "此事件有 " #: View/Events/view.ctp:444;479 msgid "correlations with data contained within the various feeds, however, due to the large number of attributes the actual feed correlations are not shown. Click here to refresh the page with the feed data loaded." -msgstr "" +msgstr "与各种订阅源中包含的数据的相关性, 但是, 由于属性众多, 因此未显示实际的订阅源相关性。 点击here以刷新加载了订阅源数据的页面." #: View/Events/view.ctp:487 msgid "Warning: Potential false positives" -msgstr "" +msgstr "警告: 潜在的误报" #: View/Events/view.ctp:503 msgid "Toggle pivot graph" @@ -11963,11 +11980,11 @@ msgstr "" #: View/Events/view.ctp:506 msgid "Toggle galaxies" -msgstr "切换 Galaxy" +msgstr "切换星系" #: View/Events/view.ctp:506 msgid "Galaxy" -msgstr "Galaxy" +msgstr "星系" #: View/Events/view.ctp:509 msgid "Toggle Event graph" @@ -11975,11 +11992,11 @@ msgstr "切换事件图" #: View/Events/view.ctp:512 msgid "Toggle Event timeline" -msgstr "" +msgstr "切换事件时间线" #: View/Events/view.ctp:512 msgid "Event timeline" -msgstr "" +msgstr "切换时间线" #: View/Events/view.ctp:515 msgid "Toggle Correlation graph" @@ -12011,7 +12028,7 @@ msgstr "讨论" #: View/Events/view_graph.ctp:20 msgid "Hover target" -msgstr "" +msgstr "悬停目标" #: View/Events/view_graph.ctp:25 msgid "Selected" @@ -12023,11 +12040,11 @@ msgstr "扩展" #: View/Events/view_graph.ctp:33 msgid "Toggle the physics engine on/off." -msgstr "" +msgstr "切换物理引擎开/关" #: View/Events/ajax/enrich_event.ctp:4 msgid "Select the enrichments you wish to run" -msgstr "" +msgstr "选择您想运行的丰富功能" #: View/Events/ajax/enrich_event.ctp:17 msgid "Enrich" @@ -12035,7 +12052,7 @@ msgstr "丰富" #: View/Events/ajax/enrichmentChoice.ctp:7 msgid "Choose the enrichment module that you wish to use for the expansion" -msgstr "" +msgstr "选择您希望用于扩展的丰富模块" #: View/Events/ajax/enrichmentChoice.ctp:24 msgid "Enrich using the %s module" @@ -12067,11 +12084,11 @@ msgstr "您确定要取消发布该事件吗?" #: View/Events/ajax/eventPublishConfirmationForm.ctp:20 msgid "Are you sure you wish publish and synchronise all sightings attached to this event?" -msgstr "" +msgstr "您确定您希望发布和同步所有的目击事件?" #: View/Events/ajax/eventPublishConfirmationForm.ctp:22 msgid "Publish but do NOT send alert email? Only for minor changes!" -msgstr "" +msgstr "发布但不发送警报电子邮件?仅适用于微小改动!" #: View/Events/ajax/eventPublishConfirmationForm.ctp:28 #: View/Feeds/index.ctp:105 @@ -12094,15 +12111,15 @@ msgstr "导入 %s" #: View/Events/ajax/toggle_correlation.ctp:6 msgid "Toggle Correlation %s" -msgstr "" +msgstr "切换相关性 %s" #: View/Events/ajax/toggle_correlation.ctp:11 msgid "Re-enable the correlation for this event. This will automatically re-correlate all contained attributes." -msgstr "" +msgstr "重新启用此事件的相关性, 这将自动重新关联所有包含的属性." #: View/Events/ajax/toggle_correlation.ctp:13 msgid "This will remove all correlations that already exist for the event and prevent any events to be related via correlations as long as this setting is disabled. Make sure you understand the downsides of disabling correlations." -msgstr "" +msgstr "这将删除所有已经存在的事件的关联, 并防止任何事件通过相关性来进行关联, 只要禁用此设置. 确保您了解禁用关联的坏处." #: View/Feeds/add.ctp:4 msgid "Add MISP Feed" @@ -12110,7 +12127,7 @@ msgstr "添加 MISP 订阅源" #: View/Feeds/add.ctp:5 msgid "Add a new MISP feed source." -msgstr "添加一个新的 MISP 订阅源。" +msgstr "添加一个新的 MISP 订阅源." #: View/Feeds/add.ctp:8 #: View/Feeds/index.ctp:97 @@ -12121,7 +12138,7 @@ msgstr "缓存已启用" #: View/Feeds/add.ctp:12 #: View/Feeds/index.ctp:110 msgid "Lookup visible" -msgstr "" +msgstr "可视化查询" #: View/Feeds/add.ctp:15 #: View/Feeds/edit.ctp:21 @@ -12146,12 +12163,12 @@ msgstr "输入源" #: View/Feeds/add.ctp:35 #: View/Feeds/edit.ctp:66 msgid "Remove input after ingestion" -msgstr "" +msgstr "提取后删除输入" #: View/Feeds/add.ctp:44 #: View/Feeds/edit.ctp:75 msgid "URL of the feed" -msgstr "订阅源的 URL" +msgstr "订阅源的URL" #: View/Feeds/add.ctp:48 #: View/Feeds/edit.ctp:79 @@ -12161,12 +12178,12 @@ msgstr "源格式" #: View/Feeds/add.ctp:57 #: View/Feeds/edit.ctp:38 msgid "Any headers to be passed with requests (for example: Authorization)" -msgstr "" +msgstr "与请求一起传递的任意标头(例如: Authorization)" #: View/Feeds/add.ctp:61 #: View/Feeds/edit.ctp:42 msgid "Line break separated list of headers in the \"headername: value\" format" -msgstr "" +msgstr "换行符分隔的标题列表, 格式为\"headername: value\"" #: View/Feeds/add.ctp:65 #: View/Feeds/edit.ctp:46 @@ -12201,70 +12218,70 @@ msgstr "目标事件" #: View/Feeds/add.ctp:94 #: View/Feeds/edit.ctp:98 msgid "Target Event ID" -msgstr "目标事件 ID" +msgstr "目标事件ID" #: View/Feeds/add.ctp:96 #: View/Feeds/edit.ctp:100 msgid "Leave blank unless you want to reuse an existing event." -msgstr "" +msgstr "除非您想重复使用现有事件, 否则请留空." #: View/Feeds/add.ctp:104 #: View/Feeds/edit.ctp:108 msgid "Value field(s) in the CSV" -msgstr "CSV 中值的字段" +msgstr "CSV 中的值字段" #: View/Feeds/add.ctp:105 #: View/Feeds/edit.ctp:109 msgid "Select one or several fields that should be parsed by the CSV parser and converted into MISP attributes" -msgstr "" +msgstr "选择一个或多个应被CSV解析器解析并转换为MISP属性的字段." #: View/Feeds/add.ctp:107 #: View/Feeds/edit.ctp:111 msgid "2,3,4 (column position separated by commas)" -msgstr "" +msgstr "2,3,4 (列位置, 以逗号分隔)" #: View/Feeds/add.ctp:115 #: View/Feeds/edit.ctp:119 msgid "Delimiter" -msgstr "" +msgstr "分隔符" #: View/Feeds/add.ctp:116 #: View/Feeds/edit.ctp:120 msgid "Set the default CSV delimiter (default = \",\")" -msgstr "" +msgstr "设置默认CSV分隔符(default = \",\")" #: View/Feeds/add.ctp:127 #: View/Feeds/edit.ctp:130 msgid "Exclusion Regex" -msgstr "" +msgstr "排除正则表达式" #: View/Feeds/add.ctp:128 #: View/Feeds/edit.ctp:131 msgid "Add a regex pattern for detecting iocs that should be skipped (this can be useful to exclude any references to the actual report / feed for example)" -msgstr "" +msgstr "添加一个正则表达式模式以检测应跳过的IOC(例如, 这对于排除对实际报告/订阅源的任何引用很有用)" #: View/Feeds/add.ctp:130 msgid "Regex pattern, for example: \"/^https://myfeedurl/i" -msgstr "" +msgstr "正则表达式, 例如: \"/^https://myfeedurl/i" #: View/Feeds/add.ctp:138 #: View/Feeds/edit.ctp:141 msgid "Auto Publish" -msgstr "" +msgstr "自动发布" #: View/Feeds/add.ctp:139 msgid "Publish events directly after pulling the feed - if you would like to review the event before publishing uncheck this" -msgstr "" +msgstr "在拉取订阅源后直接发布事件 - 如果您想在发布前审核事件, 请取消勾选此选项" #: View/Feeds/add.ctp:148 #: View/Feeds/edit.ctp:150 msgid "Override IDS Flag" -msgstr "" +msgstr "覆盖IDS标志" #: View/Feeds/add.ctp:149 #: View/Feeds/edit.ctp:151 msgid "If checked, the IDS flags will always be set to off when pulling from this feed" -msgstr "如果选中此项,则当从此订阅源获取时,IDS 标识将总是被设置为关闭" +msgstr "如果选中此项, 则当从此订阅源获取时, IDS标志将总是被设置为关闭" #: View/Feeds/add.ctp:158 #: View/Feeds/edit.ctp:160 @@ -12275,7 +12292,7 @@ msgstr "Delta 合并" #: View/Feeds/add.ctp:159 #: View/Feeds/edit.ctp:161 msgid "Merge attributes (only add new attributes, remove revoked attributes)" -msgstr "" +msgstr "合并属性(仅添加新属性, 移除吊销的属性)" #: View/Feeds/add.ctp:187 #: View/Feeds/edit.ctp:188 @@ -12316,11 +12333,11 @@ msgstr "编辑" #: View/Feeds/compare_feeds.ctp:73 msgid "None or less than 1% of the data of %s is contained in %s (%s matching values)" -msgstr "" +msgstr "%s中没有或少于1%的数据包含在%s中(%s匹配值)" #: View/Feeds/compare_feeds.ctp:74 msgid "%s% of the data of %s is contained in %s (%s matching values)" -msgstr "" +msgstr "%s%的数据包含在%s中(%s匹配值)" #: View/Feeds/edit.ctp:4 msgid "Edit MISP Feed" @@ -12328,66 +12345,66 @@ msgstr "编辑 MISP 的订阅源" #: View/Feeds/edit.ctp:5 msgid "Edit a new MISP feed source." -msgstr "编辑新的 MISP 订阅源。" +msgstr "编辑新的 MISP 订阅源." #: View/Feeds/edit.ctp:133 msgid "Regex pattern, for example: \"/^https://myfeedurl/i\"" -msgstr "" +msgstr "正则表达式, 例如: \"/^https://myfeedurl/i" #: View/Feeds/edit.ctp:213 msgid "The base-url to the external server you want to sync with. Example: https://misppriv.circl.lu" -msgstr "" +msgstr "您要同步的外部服务器的基本URL, 例如: https://misppriv.circl.lu" #: View/Feeds/edit.ctp:214 #: View/Servers/add.ctp:146 #: View/Servers/edit.ctp:190 msgid "A name that will make it clear to your users what this instance is. For example: Organisation A's instance" -msgstr "" +msgstr "一个能让用户清楚地知道这个实例是什么的名字, 比如说: Organisation A's instance" #: View/Feeds/edit.ctp:215 #: View/Servers/add.ctp:147 #: View/Servers/edit.ctp:189 msgid "The organization having the external server you want to sync with. Example: BE" -msgstr "" +msgstr "您要同步的外部服务器的组织, 例如: BE" #: View/Feeds/edit.ctp:216 #: View/Servers/add.ctp:148 #: View/Servers/edit.ctp:191 msgid "You can find the authentication key on your profile on the external server." -msgstr "" +msgstr "您可以在外部服务器上找到您的个人资料中的认证密钥." #: View/Feeds/edit.ctp:217 #: View/Servers/add.ctp:149 #: View/Servers/edit.ctp:192 msgid "Allow the upload of events and their attributes." -msgstr "" +msgstr "允许上传事件及其属性." #: View/Feeds/edit.ctp:218 #: View/Servers/add.ctp:150 #: View/Servers/edit.ctp:193 msgid "Allow the download of events and their attributes from the server." -msgstr "" +msgstr "允许从服务器上下载事件及其属性" #: View/Feeds/edit.ctp:219 #: View/Servers/edit.ctp:194 msgid "Unpublish new event (working with Push event)." -msgstr "" +msgstr "未发布新事件(与Push事件一起工作)" #: View/Feeds/edit.ctp:220 #: View/Servers/edit.ctp:195 msgid "Publish new event without email (working with Pull event)." -msgstr "" +msgstr "发布新事件而无需电子邮件(与Pull事件一起工作)" #: View/Feeds/edit.ctp:221 #: View/Servers/edit.ctp:196 msgid "You can also upload a certificate file if the instance you are trying to connect to has its own signing authority." -msgstr "" +msgstr "如果您要连接的实例具有自己的签名权限, 则也可以上传证书文件." #: View/Feeds/edit.ctp:222 #: View/Servers/add.ctp:154 #: View/Servers/edit.ctp:198 msgid "Click this, if you would like to allow a connection despite the other instance using a self-signed certificate (not recommended)." -msgstr "" +msgstr "如果您想在其他实例使用自签名证书的情况下仍允许连接, 则单击此按钮(不建议)." #: View/Feeds/freetext_index.ctp:2 msgid "Parsed attributes from feed " @@ -12407,11 +12424,11 @@ msgstr "粘贴订阅源数据" #: View/Feeds/import_feeds.ctp:5 msgid "Paste a MISP feed metadata JSON below to add feeds." -msgstr "粘贴下面 MISP 源元数据 JSON 以添加订阅源。" +msgstr "粘贴下面 MISP 源元数据 JSON 以添加订阅源." #: View/Feeds/import_feeds.ctp:11 msgid "Feed metadata JSON" -msgstr "订阅源元数据 JSON" +msgstr "订阅源元数据JSON" #: View/Feeds/index.ctp:2 msgid "Feeds" @@ -12419,7 +12436,7 @@ msgstr "订阅源" #: View/Feeds/index.ctp:3 msgid "Generate feed lookup caches or fetch feed data (enabled feeds only)" -msgstr "" +msgstr "生成订阅源查询缓存或获取订阅源数据(仅启用了订阅源)" #: View/Feeds/index.ctp:5 msgid "Cache all feeds" @@ -12471,11 +12488,11 @@ msgstr "已启用的订阅源" #: View/Feeds/index.ctp:96 msgid "Enable pulling the feed into your MISP as events/attributes." -msgstr "" +msgstr "启用将订阅源作为事件/属性拉入MISP" #: View/Feeds/index.ctp:97 msgid "Enable caching the feed into Redis - allowing for correlations to the feed to be shown." -msgstr "" +msgstr "启用缓存到Redis中的订阅源 - 允许显示与订阅源的相关性." #: View/Feeds/index.ctp:99 msgid "Feed Format" @@ -12485,11 +12502,11 @@ msgstr "订阅源格式" #: View/Jobs/index.ctp:102 #: View/Pages/doc/administration.ctp:225 msgid "Input" -msgstr "輸入" +msgstr "输入" #: View/Feeds/index.ctp:107 msgid "Override IDS" -msgstr "" +msgstr "覆盖IDS" #: View/Feeds/index.ctp:111 msgid "Caching" @@ -12507,20 +12524,20 @@ msgstr "规则" #: View/Feeds/index.ctp:203 msgid "Error: Invalid event!" -msgstr "" +msgstr "错误: 无效事件!" #: View/Feeds/index.ctp:208 msgid "Fixed event %s" -msgstr "" +msgstr "固定事件 %s" #: View/Feeds/index.ctp:211 msgid "New fixed event" -msgstr "" +msgstr "新的固定事件" #: View/Feeds/index.ctp:263 #: View/Servers/index.ctp:141 msgid "Age: " -msgstr "年龄: " +msgstr "年龄: " #: View/Feeds/index.ctp:265 #: View/Servers/index.ctp:149 @@ -12541,32 +12558,32 @@ msgstr "获取所有事件" #: View/Feeds/index.ctp:283 msgid "Are you sure you want to permanently remove the feed (%s)?" -msgstr "" +msgstr "您确定您想要永久移除订阅源(%s)吗?" #: View/Feeds/index.ctp:285 msgid "Download feed metadata as JSON" -msgstr "" +msgstr "下载JSON格式的订阅源元数据" #: View/Feeds/preview_event.ctp:6 msgid "You are currently viewing an event from a feed (%s by %s)" -msgstr "" +msgstr "您目前正在查看一个事件, 该事件来自于一个订阅源 (%s by %s)" #: View/Feeds/preview_index.ctp:2 msgid "You are currently viewing the event index of a feed (%s by %s)." -msgstr "" +msgstr "您目前正在查看Feed的事件索引(%s by %s)." #: View/Feeds/preview_index.ctp:44 msgid "Timestamp" -msgstr "" +msgstr "时间戳" #: View/Feeds/preview_index.ctp:72 #: View/Servers/preview_index.ctp:173 msgid "Fetch the event" -msgstr "" +msgstr "获取事件" #: View/Feeds/search_caches.ctp:53 msgid "Feed URL" -msgstr "订阅源的 URL" +msgstr "订阅源的URL" #: View/Feeds/search_caches.ctp:58 msgid "Link to correlation" @@ -12574,11 +12591,11 @@ msgstr "链接到关联性" #: View/Feeds/search_caches.ctp:64 msgid "Feed Cache Search" -msgstr "" +msgstr "订阅源缓存查询" #: View/Feeds/search_caches.ctp:65 msgid "Search for values potentially contained in the cached feeds and servers." -msgstr "" +msgstr "搜索缓存的订阅源和服务器中可能包含的值" #: View/Feeds/view.ctp:7 msgid "Source format" @@ -12590,7 +12607,7 @@ msgstr "设置" #: View/Feeds/view.ctp:71 msgid "Coverage by other feeds" -msgstr "" +msgstr "其他订阅源的覆盖率" #: View/Feeds/view.ctp:80 msgid "Feed" @@ -12609,11 +12626,11 @@ msgstr "命名空间" #: View/Galaxies/index.ctp:58 msgid "Are you sure you want to delete the Galaxy (%s)?" -msgstr "您确定要删除Galaxy (%s)?" +msgstr "您确定要删除星系 (%s)?" #: View/Galaxies/view.ctp:12 msgid "Galaxy ID" -msgstr "Galaxy ID" +msgstr "星系ID" #: View/Galaxies/view.ctp:29 msgid "Kill chain order" @@ -12621,19 +12638,19 @@ msgstr "" #: View/GalaxyClusters/cluster_matrix.ctp:1 msgid "Toggle ATT&CK Matrix" -msgstr "" +msgstr "切换ATT&CK Matrix" #: View/GalaxyClusters/view.ctp:11 msgid "Cluster ID" -msgstr "簇 ID" +msgstr "星团ID" #: View/GalaxyClusters/view.ctp:15 msgid "Parent Galaxy" -msgstr "父 Galaxy" +msgstr "父星系" #: View/GalaxyClusters/view.ctp:21 msgid "Collection UUID" -msgstr "集 UUID" +msgstr "集合UUID" #: View/GalaxyClusters/view.ctp:23 #: View/Pages/doc/using_the_system.ctp:145 @@ -12652,11 +12669,11 @@ msgstr "连接器标签" #: View/GalaxyClusters/ajax/galaxy_cluster_delete_confirmation.ctp:9 msgid "Galaxy Cluster Deletion" -msgstr "Galaxy 簇删除" +msgstr "删除星系星团" #: View/GalaxyClusters/ajax/galaxy_cluster_delete_confirmation.ctp:11 msgid "Are you sure you want to delete Galaxy Cluster %s?
Associated tags will not be removed. You can reload the Galaxy Cluster at any time by force updating your galaxies." -msgstr "" +msgstr "您确定要删除星系星团%s吗?
相关的标签不会被删除, 您可以在任何时候通过强制更新您的星系, 重新加载星系星团" #: View/GalaxyClusters/ajax/index.ctp:47 msgid "Synonyms" @@ -12674,7 +12691,7 @@ msgstr "查看图" #: View/GalaxyClusters/ajax/index.ctp:82 msgid "Delete galaxy cluster" -msgstr "删除 Galaxy 簇" +msgstr "删除星系星团" #: View/GalaxyElements/ajax/index.ctp:22 msgid "Key" @@ -12682,23 +12699,23 @@ msgstr "密钥" #: View/Helper/GenericPickerHelper.php:90 msgid "Start the galaxy matrix picker" -msgstr "启动 Galaxy 矩阵选择器" +msgstr "启动星系矩阵选择器" #: View/Jobs/index.ctp:3 msgid "Purge job entries:" -msgstr "" +msgstr "清理作业:" #: View/Jobs/index.ctp:10 msgid "Are you sure you want to purge all completed job entries? Job entries are considered as log entries and have no impact on actual job execution." -msgstr "" +msgstr "您是否确定要清除所有已完成的作业条目?作业条目被视为日志条目, 对实际作业执行没有影响." #: View/Jobs/index.ctp:16 msgid "Are you sure you want to purge all job entries? Job entries are considered as log entries and have no impact on actual job execution." -msgstr "" +msgstr "您是否确定要清除所有的作业条目?作业条目被视为日志条目, 对实际作业执行没有影响." #: View/Jobs/index.ctp:50 msgid "Completed." -msgstr "已完成。" +msgstr "已完成." #: View/Jobs/index.ctp:66 msgid "Show all queues" @@ -12741,20 +12758,20 @@ msgstr "进程 ID" #: View/Jobs/index.ctp:100 #: View/Pages/doc/administration.ctp:223 msgid "Worker" -msgstr "" +msgstr "Worker" #: View/Jobs/index.ctp:101 msgid "Job type" -msgstr "" +msgstr "作业类型" #: View/Jobs/index.ctp:106 #: View/Pages/doc/administration.ctp:229 msgid "Retries" -msgstr "" +msgstr "重试" #: View/Jobs/index.ctp:118 msgid "No worker active" -msgstr "" +msgstr "没有激活的worker" #: View/Jobs/index.ctp:122 msgid "Running" @@ -12762,23 +12779,23 @@ msgstr "正在运行" #: View/Jobs/index.ctp:150 msgid "View stacktrace" -msgstr "" +msgstr "查看stacktrace" #: View/Jobs/ajax/error.ctp:2 msgid "Background Job Error Browser" -msgstr "" +msgstr "后台作业错误浏览器" #: View/Jobs/ajax/error.ctp:21 msgid "Click to show stack trace" -msgstr "" +msgstr "点击展示堆栈跟踪" #: View/Jobs/ajax/error.ctp:22 msgid "Click to hide stack trace" -msgstr "" +msgstr "点击隐藏堆栈跟踪" #: View/Jobs/ajax/error.ctp:29 msgid "No error data found. Generally job error data is purged from Redis after 24 hours, however, you can still view the errors in the log files in \"/app/tmp/logs\"." -msgstr "" +msgstr "找不到错误数据. 通常, 作业错误数据会在24小时后从Redis中清除, 但是, 您仍然可以在\"/app/tmp/logs\"的日志文件中查看错误." #: View/Logs/admin_index.ctp:2 #: View/Logs/event_index.ctp:6 @@ -12787,39 +12804,39 @@ msgstr "日志" #: View/Logs/admin_index.ctp:5 msgid "Results for all log entries" -msgstr "" +msgstr "所有日志条目的结果" #: View/Logs/admin_index.ctp:8 msgid "for user" -msgstr "" +msgstr "用户" #: View/Logs/admin_index.ctp:9 msgid "of organisation" -msgstr "" +msgstr "组织的" #: View/Logs/admin_index.ctp:10 msgid "for model" -msgstr "" +msgstr "模型" #: View/Logs/admin_index.ctp:11 msgid "for model ID" -msgstr "" +msgstr "模型ID" #: View/Logs/admin_index.ctp:12 msgid "of type" -msgstr "" +msgstr "类型" #: View/Logs/admin_index.ctp:13 msgid "with the title" -msgstr "" +msgstr "以标题" #: View/Logs/admin_index.ctp:14 msgid "including the change" -msgstr "" +msgstr "包括变化" #: View/Logs/admin_index.ctp:15 msgid "from IP" -msgstr "从 IP" +msgstr "从IP" #: View/Logs/admin_search.ctp:8 #: View/ObjectTemplates/index.ctp:67 @@ -12849,11 +12866,11 @@ msgstr "更改" #: View/Logs/test_for_stolen_attributes.ctp:2 msgid "Stolen attribute validation" -msgstr "" +msgstr "被盗属性验证" #: View/Logs/test_for_stolen_attributes.ctp:6 msgid "Nothing to see here, move along." -msgstr "没有什么可看的,请继续。" +msgstr "没有什么可看的, 请继续." #: View/Logs/test_for_stolen_attributes.ctp:9 msgid "Attribute (%s) associated to events: %s" @@ -12870,11 +12887,11 @@ msgstr "编辑新消息" #: View/News/index.ctp:24 msgid "Are you sure you want to delete news item # %s?" -msgstr "" +msgstr "您确定要删除新闻项目# %s吗?" #: View/News/index.ctp:47 msgid "There are currently no news messages." -msgstr "" +msgstr "目前还没有新闻留言" #: View/Noticelists/index.ctp:2 msgid "Noticelists" @@ -12968,7 +12985,7 @@ msgstr "您确定要硬删除对象引用 #%s吗?%s" #: View/ObjectReferences/ajax/delete.ctp:25 msgid " The Attribute will be permanently deleted and unrecoverable. Also, this will prevent the deletion to be propagated to other instances." -msgstr " 该属性将被永久删除且无法恢复。此外,这将防止此项删除被传播到其他实例。" +msgstr " 该属性将被永久删除且无法恢复.此外, 这将防止此项删除被传播到其他实例." #: View/ObjectTemplateElements/ajax/view_elements.ctp:19 msgid "Object relation" @@ -12976,7 +12993,7 @@ msgstr "对象关系" #: View/ObjectTemplateElements/ajax/view_elements.ctp:21 msgid "Multiple" -msgstr "" +msgstr "多个" #: View/ObjectTemplateElements/ajax/view_elements.ctp:22 msgid "UI-priority" @@ -13040,7 +13057,7 @@ msgstr "对象模板" #: View/Objects/add.ctp:15 msgid "Update the template of this object to the newer version: " -msgstr "更新此对象的模板到更新的版本: " +msgstr "更新此对象的模板到更新的版本: " #: View/Objects/add.ctp:17 msgid "Update template" @@ -13053,7 +13070,7 @@ msgstr "元类别" #: View/Objects/add.ctp:98 msgid "Warning, issues found with the template" -msgstr "警告,模板问题" +msgstr "警告, 模板问题" #: View/Objects/add.ctp:111 msgid "Save" @@ -13065,7 +13082,7 @@ msgstr "名称 :: 类型" #: View/Objects/add.ctp:169;180 msgid "Warning: You are about to share data that is of a classified nature. Make sure that you are authorised to share this." -msgstr "警告: 您将要共享分类性质的数据。请确保您被授权共享此信息。" +msgstr "警告: 您将要共享分类性质的数据.请确保您被授权共享此信息." #: View/Objects/add.ctp:184 msgid "Back" @@ -13093,7 +13110,7 @@ msgstr "无法自动合并" #: View/Objects/add.ctp:230;290 msgid "This attribute type is missing from the new template. It will be lost if not taken care of right now." -msgstr "此属性类型在新模板中缺失。如果现在不处理,它将会丢失。" +msgstr "此属性类型在新模板中缺失.如果现在不处理, 它将会丢失." #: View/Objects/add.ctp:252 msgid "Insert" @@ -13101,7 +13118,7 @@ msgstr "插入" #: View/Objects/add.ctp:255 msgid "No valid type. This attribute will be lost." -msgstr "无有效的类型。此属性将丢失。" +msgstr "无有效的类型.此属性将丢失." #: View/Objects/add.ctp:262 msgid "This attribute can be merged automatically. Injection in the template done." @@ -13121,11 +13138,11 @@ msgstr "用这个覆盖当前属性值" #: View/Objects/add.ctp:298 msgid "Original value: " -msgstr "原始值: " +msgstr "原始值: " #: View/Objects/add.ctp:303 msgid "Can be merged automatically. Injection done." -msgstr "可以自动合并。注入完成。" +msgstr "可以自动合并.注入完成." #: View/Objects/add.ctp:306 msgid "An instance of this attribute already exists. However, as multiple instances are allowed by this template, the two attributes will be kept." @@ -13149,23 +13166,23 @@ msgstr " 属性" #: View/Objects/group_attributes_into_object.ctp:95 msgid "Dropped Object references" -msgstr "" +msgstr "丢弃的对象引用" #: View/Objects/group_attributes_into_object.ctp:96 msgid "As these Attributes are converted into an Objects, the meaning of the Refences might change. If you whish to preserve the References, you will have to created them after the merge. Take note of them!" -msgstr "" +msgstr "当这些属性被转换为Objects后, Refences的含义可能会发生变化。如果你想保留References, 你必须在合并后创建这些References. 请记住它们!" #: View/Objects/group_attributes_into_object.ctp:97 msgid "The following References will be dropped after the merge:" -msgstr "" +msgstr "合并后, 以下参考资料将被删除:" #: View/Objects/group_attributes_into_object.ctp:126 msgid "Merge above Attributes into an Object" -msgstr "" +msgstr "将上述属性合并为一个对象" #: View/Objects/group_attributes_into_object.ctp:129 msgid "Selected Attributes will be %s deleted" -msgstr "" +msgstr "选择的属性将被删除%s" #: View/Objects/group_attributes_into_object.ctp:129 msgid "hard" @@ -13181,35 +13198,35 @@ msgstr "对象重建" #: View/Objects/orphaned_object_diagnostics.ctp:5 msgid "Due to a bug prior to version 2.4.89, a condition could cause objects to be overwritten on a pull, leading to orphaned object attributes. This script reconstructs the missing objects if any exist." -msgstr "" +msgstr "由于版本2.4.89之前的错误, 某种情况可能会导致对象在请求时被覆盖, 从而导致孤立的对象属性. 该脚本将重建丢失的对象(如果存在)" #: View/Objects/orphaned_object_diagnostics.ctp:6 msgid " Please create a backup of your mysql database before executing the script." -msgstr "" +msgstr " 在执行脚本之前, 请创建一个mysql数据库的备份." #: View/Objects/orphaned_object_diagnostics.ctp:9 msgid "No unmapped data found, everything is working as expected." -msgstr "" +msgstr "没有发现未映射的数据, 一切正常工作." #: View/Objects/orphaned_object_diagnostics.ctp:16 msgid "Unmapped Attributes" -msgstr "" +msgstr "未映射的属性" #: View/Objects/orphaned_object_diagnostics.ctp:17 msgid "Keep in mind that some of the unmapped attributes can get reconstructed on a second pass of this script." -msgstr "" +msgstr "请记住, 一些未映射的属性可以在这个脚本的第二次传递中得到重构." #: View/Objects/orphaned_object_diagnostics.ctp:30 msgid "Reconstructable objects" -msgstr "" +msgstr "可重构对象" #: View/Objects/propose_objects_from_attributes.ctp:3 msgid "Selected types: " -msgstr "选定类型: " +msgstr "选定类型: " #: View/Objects/propose_objects_from_attributes.ctp:9 msgid "No matching Object." -msgstr "没有匹配的对象。" +msgstr "没有匹配的对象." #: View/Objects/propose_objects_from_attributes.ctp:15 msgid "Object name" @@ -13217,7 +13234,7 @@ msgstr "对象名称" #: View/Objects/propose_objects_from_attributes.ctp:18 msgid "Compatiblity or Attribute type missing from the selection" -msgstr "" +msgstr "选择中缺少兼容性或属性类型" #: View/Objects/propose_objects_from_attributes.ctp:18 msgid "Compatiblity" @@ -13225,19 +13242,19 @@ msgstr "兼容性" #: View/Objects/propose_objects_from_attributes.ctp:38 msgid "This Object is compatible for the merge" -msgstr "" +msgstr "该对象兼容合并" #: View/Objects/propose_objects_from_attributes.ctp:41 msgid "This Attribute type cannot be part of this Object template. If you merge the selected Attributes into this object, all Attribute having this type will be ignored." -msgstr "" +msgstr "此属性类型不能成为此对象模板的一部分, 如果将选定的Attribute合并到此对象中, 所有具有此类型的Attribute将被忽略." #: View/Objects/propose_objects_from_attributes.ctp:48 msgid "This Attribute type is missing from the selection. Add it to the selection to be able to merge the selected Attributes into this Object." -msgstr "" +msgstr "选择中缺少此属性类型, 将其添加到选择中, 以便能够将所选属性合并到该对象中." #: View/Objects/propose_objects_from_attributes.ctp:51 msgid "This Attribute type is not allowed to be present multiple time in this Object. Consider only picking one." -msgstr "" +msgstr "这个属性类型不允许在这个对象中多次出现, 请考虑只选择一个属性类型." #: View/Objects/revise_object.ctp:2 msgid "Object pre-save review" @@ -13245,11 +13262,11 @@ msgstr "对象预保存回顾" #: View/Objects/revise_object.ctp:3 msgid "Make sure that the below Object reflects your expectation before submiting it." -msgstr "" +msgstr "在提交之前, 请确保以下对象反映了您的期望." #: View/Objects/revise_object.ctp:66 msgid "To IDS" -msgstr "到 IDS" +msgstr "到IDS" #: View/Objects/revise_object.ctp:110 msgid "Create new object" @@ -13257,55 +13274,55 @@ msgstr "创建新的对象" #: View/Objects/revise_object.ctp:111 msgid "Back to review" -msgstr "返回回顾" +msgstr "返回评论" #: View/Objects/revise_object.ctp:114 msgid "This event contains similar objects." -msgstr "此事件包含相似的对象。" +msgstr "此事件包含相似的对象." #: View/Objects/revise_object.ctp:115 msgid "Instead of creating a new object, would you like to merge your new object into one of the following?" -msgstr "" +msgstr "与其创建一个新对象, 还不如将新对象合并成下面的一个?" #: View/Objects/revise_object.ctp:132 msgid "All similar objects not displayed..." -msgstr "" +msgstr "所有未显示的相似对象..." #: View/Objects/revise_object.ctp:133 msgid "%s Similar objects found. %s not displayed" -msgstr "" +msgstr "$s 相似对象发现, %s 未显示" #: View/Objects/revise_object.ctp:170 msgid "This attribute will NOT be merged into the similar object as it is conflicting with another attribute." -msgstr "" +msgstr "这个属性不会被合并到相似对象中, 因为它与另一个属性冲突." #: View/Objects/ajax/delete.ctp:6 msgid "Object Deletion" -msgstr "" +msgstr "删除对象" #: View/Objects/ajax/delete.ctp:12 msgid "The Object will be permanently deleted and unrecoverable. Also, this will prevent the deletion to be propagated to other instances." -msgstr "" +msgstr "该对象将被永久删除且无法恢复, 同样, 这将防止删除内容传播到其他实例." #: View/Objects/ajax/delete.ctp:15 msgid "Are you sure you want to %sdelete Object #%s? %s" -msgstr "" +msgstr "您确定您想要%s删除对象 #%s? %s" #: View/Objects/ajax/quickAddAttributeForm.ctp:15 msgid "Add Object attribute" -msgstr "" +msgstr "添加对象属性" #: View/OrgBlacklists/add.ctp:4 msgid "Add Organisation Blacklist Entries" -msgstr "" +msgstr "添加组织黑名单条目" #: View/OrgBlacklists/add.ctp:5 msgid "Simply paste a list of all the organisation UUIDs that you wish to block from being entered." -msgstr "" +msgstr "只需粘贴您要阻止输入的所有组织UUIDs的列表." #: View/OrgBlacklists/add.ctp:18 msgid "(Optional) The organisation name that the organisation is associated with" -msgstr "" +msgstr "(可选)与该组织关联的组织名称" #: View/OrgBlacklists/index.ctp:2 msgid "Organisation Blacklists" @@ -13313,7 +13330,7 @@ msgstr "组织黑名单" #: View/OrgBlacklists/index.ctp:37 msgid "Are you sure you want to delete the blacklist entry for the organisation UUID %s?" -msgstr "" +msgstr "您确定要删除组织UUID %s的黑名单条目吗?" #: View/Organisations/admin_add.ctp:4 msgid "New Organisation" @@ -13322,7 +13339,7 @@ msgstr "新的组织" #: View/Organisations/admin_add.ctp:5 #: View/Organisations/admin_edit.ctp:5 msgid "If the organisation should have access to this instance, make sure that the Local organisation setting is checked.
If you would only like to add a known external organisation for inclusion in sharing groups, uncheck the Local organisation setting." -msgstr "" +msgstr "如果该组织可以访问此实例, 请确保选中本地组织设置.
如果您只想在共享组中添加一个已知的外部组织, 请取消选中本地组织设置." #: View/Organisations/admin_add.ctp:7 #: View/Organisations/admin_edit.ctp:7 @@ -13331,17 +13348,17 @@ msgstr "本地组织" #: View/Organisations/admin_add.ctp:11 msgid "Mandatory fields." -msgstr "" +msgstr "必须填写的字段." #: View/Organisations/admin_add.ctp:15 #: View/Organisations/admin_edit.ctp:14 msgid "Organisation Identifier" -msgstr "组织识别器" +msgstr "组织标识符" #: View/Organisations/admin_add.ctp:15 #: View/Organisations/admin_edit.ctp:14 msgid "Brief organisation identifier" -msgstr "" +msgstr "简短的组织标识符" #: View/Organisations/admin_add.ctp:21 #: View/Organisations/admin_edit.ctp:20 @@ -13361,27 +13378,27 @@ msgstr "为该组织生成一个新的 UUID" #: View/Organisations/admin_add.ctp:26 #: View/Organisations/admin_edit.ctp:37 msgid "A brief description of the organisation" -msgstr "" +msgstr "组织的简要描述" #: View/Organisations/admin_add.ctp:26 #: View/Organisations/admin_edit.ctp:37 msgid "A description of the organisation that is purely informational." -msgstr "" +msgstr "纯属信息性的组织描述" #: View/Organisations/admin_add.ctp:29 #: View/Organisations/admin_edit.ctp:40 msgid "Bind user accounts to domains (line separated)" -msgstr "" +msgstr "将用户帐户绑定到域(行分隔)" #: View/Organisations/admin_add.ctp:29 #: View/Organisations/admin_edit.ctp:40 msgid "Enter a (list of) domain name(s) to enforce when creating users." -msgstr "" +msgstr "在创建用户时输入要执行的(列表)域名" #: View/Organisations/admin_add.ctp:32 #: View/Organisations/admin_edit.ctp:43 msgid "The following fields are all optional." -msgstr "" +msgstr "以下字段均为可选." #: View/Organisations/admin_add.ctp:37 #: View/Organisations/admin_edit.ctp:48 @@ -13391,7 +13408,7 @@ msgstr "Logo (48x48 png)" #: View/Organisations/admin_add.ctp:43 #: View/Organisations/admin_edit.ctp:54 msgid "For example \"financial\"." -msgstr "例如“金融”。" +msgstr "例如\"financial\"." #: View/Organisations/admin_add.ctp:44 #: View/Organisations/admin_edit.ctp:55 @@ -13401,20 +13418,20 @@ msgstr "组织类型" #: View/Organisations/admin_add.ctp:44 #: View/Organisations/admin_edit.ctp:55 msgid "Freetext description of the org." -msgstr "" +msgstr "Freetext描述的org" #: View/Organisations/admin_add.ctp:45 #: View/Organisations/admin_edit.ctp:56 msgid "You can add some contact details for the organisation here, if applicable." -msgstr "" +msgstr "你可以在这里添加一些机构的联系信息, 如果适用的话." #: View/Organisations/admin_edit.ctp:11 msgid "Mandatory fields. Leave the UUID field empty if the organisation doesn't have a UUID from another instance." -msgstr "" +msgstr "必须填写的字段, 如果组织没有其他实例的UUID, 则将UUID字段留空." #: View/Organisations/admin_edit.ctp:29 msgid "An organisation with the above uuid already exists. Would you like to merge this organisation into the existing one?" -msgstr "" +msgstr "具有上述uuid的组织已存在, 您想将该组织合并到现有组织中吗?" #: View/Organisations/admin_edit.ctp:31 msgid "Click here" @@ -13422,7 +13439,7 @@ msgstr "点击这里" #: View/Organisations/admin_edit.ctp:56 msgid "Contacts" -msgstr "" +msgstr "联系" #: View/Organisations/index.ctp:5;67 #: View/Users/statistics.ctp:46 @@ -13433,7 +13450,7 @@ msgstr "所有组织" #: View/Organisations/index.ctp:6 msgid ", both local and remote" -msgstr ",本地的和远程的" +msgstr ", 本地的和远程的" #: View/Organisations/index.ctp:9;62 #: View/Users/statistics_orgs.ctp:12 @@ -13451,11 +13468,11 @@ msgstr "本地组织" #: View/Organisations/index.ctp:14 msgid " having a presence on this instance" -msgstr "" +msgstr " 在该实例上存在" #: View/Organisations/index.ctp:25 msgid "Paginate" -msgstr "" +msgstr "分页" #: View/Organisations/index.ctp:27 msgid "View all" @@ -13486,7 +13503,7 @@ msgstr "远程" #: View/Organisations/view.ctp:22 msgid "Domain restrictions" -msgstr "" +msgstr "域名限制" #: View/Organisations/view.ctp:27 msgid "Creation time" @@ -13494,12 +13511,12 @@ msgstr "创建时间" #: View/Organisations/view.ctp:28 msgid "Last modified" -msgstr "上一次修改" +msgstr "最后一次修改" #: View/Organisations/view.ctp:30 #: View/Users/statistics_orgs.ctp:37 msgid "Sector" -msgstr "区段" +msgstr "部门" #: View/Organisations/view.ctp:30 #: View/Users/statistics_orgs.ctp:35 @@ -13541,15 +13558,15 @@ msgstr "提交组织" #: View/Organisations/ajax/landingpage.ctp:2 msgid "Landing page for %s" -msgstr "" +msgstr "登陆页面为%s" #: View/Organisations/ajax/merge.ctp:3 msgid "This will remove the selected organisation and hand over all objects belonging to it to the target organisation. This process is irreversible. Are you sure you want to proceed?" -msgstr "" +msgstr "这将删除选定的组织, 并将属于该组织的所有对象移交给目标组织, 这个过程是不可逆的, 您确定要继续进行吗?" #: View/Organisations/ajax/merge.ctp:6 msgid "Warning: Merging an organisation into another will be transfer all users and data belonging to the organisation to another." -msgstr "" +msgstr "警告: 将一个组织合并为另一个组织, 将把属于该组织的所有用户和数据转移到另一个组织." #: View/Organisations/ajax/merge.ctp:33 msgid "Target Local Organisation" @@ -13569,11 +13586,11 @@ msgstr "待合并入的组织" #: View/Organisations/ajax/sg_org_row_empty.ctp:10 msgid "Mark organisation as sharing group extender" -msgstr "" +msgstr "标记组织为共享组扩展者" #: View/Pages/administration.ctp:10 msgid "Administrative actions" -msgstr "" +msgstr "行政行为" #: View/Pages/administration.ctp:14 msgid "Reset the attribute counts" @@ -13581,15 +13598,15 @@ msgstr "重置属性计数" #: View/Pages/administration.ctp:14 msgid "Events need to have no validation issues" -msgstr "" +msgstr "事件不需要验证问题" #: View/Pages/administration.ctp:15 msgid "Recorrelate attributes" -msgstr "" +msgstr "重新关联属性" #: View/Pages/administration.ctp:16 msgid "Recorrelate proposals" -msgstr "" +msgstr "重新关联提案" #: View/Pages/administration.ctp:17 msgid "Verify GnuPG keys" @@ -13597,7 +13614,7 @@ msgstr "验证 GnuPG 密钥" #: View/Pages/administration.ctp:17 msgid "Check whether every user's GnuPG key is usable" -msgstr "" +msgstr "检查每个用户的GnuPG密钥是否可用" #: View/Pages/administration.ctp:18 msgid "Verify Certificates" @@ -13605,7 +13622,7 @@ msgstr "验证证书" #: View/Pages/administration.ctp:18 msgid "Check whether every user's certificate is usable" -msgstr "" +msgstr "检查每个用户的证书是否可用" #: View/Pages/administration.ctp:19 msgid "Extend Organization length" @@ -13613,27 +13630,27 @@ msgstr "延长组织长度" #: View/Pages/administration.ctp:19 msgid "Hotfix 2.3.57: Increase the max length of the organization field when adding a new server connection." -msgstr "" +msgstr "修补程序2.3.57: 添加新服务器连接时, 增加组织字段的最大长度." #: View/Pages/administration.ctp:20 msgid "Convert log fields to text" -msgstr "" +msgstr "将日志字段转换为文本" #: View/Pages/administration.ctp:20 msgid "Hotfix 2.3.78: Some of the log fields that were varchar(255) ended up truncating the data. This function will change them to \"text\"" -msgstr "" +msgstr "修补程序2.3.78: varchar(255)的某些日志字段最终被截断了数据, 此功能会将其更改为\"text\"" #: View/Pages/administration.ctp:21 msgid "Fix duplicate UUIDs" -msgstr "" +msgstr "修复重复的UUIDs" #: View/Pages/administration.ctp:21 msgid "Hotfix 2.3.107: it was previously possible to get duplicate attribute UUIDs in the database, this script will remove all duplicates and ensure that duplicates will not be entered into the database in the future." -msgstr "" +msgstr "修补程序2.3.107: 以前可以在数据库中获取重复的属性UUID, 此脚本将删除所有重复项, 并确保以后不再将重复项输入数据库." #: View/Pages/administration.ctp:22 msgid "Remove duplicate events (with the same UUID)" -msgstr "" +msgstr "移除重复事件(具有相同UUID)" #: View/Pages/administration.ctp:22 msgid "Hotfix 2.3.115: In some rare situations it could occur that a duplicate of an event was created on an instance, with the exact same uuid. This action will remove any such duplicates and make sure that this cannot happen again." @@ -13833,11 +13850,11 @@ msgstr "GnuPG 设置" #: View/Pages/doc/administration.ctp:34 msgid "GnuPG related settings." -msgstr "GnuPG 相关设置。" +msgstr "GnuPG 相关设置." #: View/Pages/doc/administration.ctp:35 msgid "HTTP proxy related settings." -msgstr "HTTP 代理服务器相关设置。" +msgstr "HTTP 代理服务器相关设置." #: View/Pages/doc/administration.ctp:36 msgid "Security settings" @@ -13882,7 +13899,7 @@ msgstr "" #: View/Pages/doc/administration.ctp:46 msgid "The setting name." -msgstr "设置名称。" +msgstr "设置名称." #: View/Pages/doc/administration.ctp:47 msgid "The current value of the setting." @@ -13975,7 +13992,7 @@ msgstr "将地址列为白名单" #: View/Pages/doc/administration.ctp:76 msgid "While in the whitelist view, click on New Whitelist on the left to bring up the add whitelist view to add a new address." -msgstr "在白名单视图中,点击左侧的新白名单以提升添加白名单视图添加到一个新地址。" +msgstr "在白名单视图中, 点击左侧的新白名单以提升添加白名单视图添加到一个新地址." #: View/Pages/doc/administration.ctp:77 msgid "Managing the list" @@ -14003,7 +14020,7 @@ msgstr "添加一个新用户" #: View/Pages/doc/administration.ctp:84;114 msgid "To add a new user, click on the New User button in the administration menu to the left and fill out the following fields in the view that is loaded" -msgstr "添加新用户, 点击管理菜单中的新用户按钮,然后在加载的视图中填写以下字段" +msgstr "添加新用户, 点击管理菜单中的新用户按钮, 然后在加载的视图中填写以下字段" #: View/Pages/doc/administration.ctp:85 msgid "Add user" @@ -14106,19 +14123,19 @@ msgstr "列出用户" #: View/Pages/doc/administration.ctp:100 msgid "View, Edit or Delete a user using the action buttons to the right." -msgstr "使用右侧的操作按钮查看、编辑或删除用户。" +msgstr "使用右侧的操作按钮查看、编辑或删除用户." #: View/Pages/doc/administration.ctp:102 msgid "The user's automatically assigned ID number." -msgstr "用户自动分配的 ID 号码。" +msgstr "用户自动分配的 ID 号码." #: View/Pages/doc/administration.ctp:103 msgid "The organisation that the user belongs to." -msgstr "用户所属的组织。" +msgstr "用户所属的组织." #: View/Pages/doc/administration.ctp:104 msgid "The e-mail address (and login name) of the user." -msgstr "用户的电子邮件地址(和登录名)。" +msgstr "用户的电子邮件地址(和登录名)." #: View/Pages/doc/administration.ctp:105 #: View/Users/admin_view.ctp:26 @@ -14140,7 +14157,7 @@ msgstr "显示用户已否输入了 GnuP 密钥" #: View/Pages/doc/administration.ctp:108 msgid "Shows the currently assigned NIDS ID." -msgstr "显示当前分配的 NIDS 的 ID。" +msgstr "显示当前分配的 NIDS 的 ID." #: View/Pages/doc/administration.ctp:109;125 msgid "Termsaccepted" @@ -14209,7 +14226,7 @@ msgstr "" #: View/Pages/doc/administration.ctp:131 msgid "Contact your users here." -msgstr "联系您的用户。" +msgstr "联系您的用户." #: View/Pages/doc/administration.ctp:133;184;197 #: View/Pages/doc/using_the_system.ctp:269 @@ -14379,7 +14396,7 @@ msgstr "" #: View/Pages/doc/administration.ctp:164 msgid "Generally, the following actions are logged" -msgstr "一般情况下,下列操作已被记录" +msgstr "一般情况下, 下列操作已被记录" #: View/Pages/doc/administration.ctp:166 msgid "Creation, deletion, modification, Login / Logout" @@ -14399,7 +14416,7 @@ msgstr "阴影属性" #: View/Pages/doc/administration.ctp:169 msgid "Creation, deletion, Accept, Discard" -msgstr "创建,删除,接受,放弃。" +msgstr "创建, 删除, 接受, 放弃." #: View/Pages/doc/administration.ctp:172 msgid "Whitelist" @@ -14567,7 +14584,7 @@ msgstr "进程" #: View/Pages/doc/administration.ctp:222 msgid "The process's ID." -msgstr "进程 ID。" +msgstr "进程 ID." #: View/Pages/doc/administration.ctp:223 msgid "The name of the worker queue. There are 3+1 workers running if background jobs are enabled: default, cache, email, and a special Scheduler (this should never show up in the jobs table)." @@ -14615,11 +14632,11 @@ msgstr "" #: View/Pages/doc/administration.ctp:236 msgid "The ID of the task." -msgstr "任务ID。" +msgstr "任务ID." #: View/Pages/doc/administration.ctp:237 msgid "The type of the task." -msgstr "任务类型。" +msgstr "任务类型." #: View/Pages/doc/administration.ctp:238 msgid "Frequency" @@ -14631,7 +14648,7 @@ msgstr "" #: View/Pages/doc/administration.ctp:239 msgid "Scheduled Time" -msgstr "" +msgstr "计划时间" #: View/Pages/doc/administration.ctp:239 msgid "The time (in 24h format) when the task should be executed the next time it runs (and all consecutive times if a multiple of 24 is chosen for frequency)." @@ -14644,11 +14661,11 @@ msgstr "下一次运行" #: View/Pages/doc/administration.ctp:240 msgid "The date on which the task should be executed." -msgstr "执行任务的日期。" +msgstr "执行任务的日期." #: View/Pages/doc/administration.ctp:241 msgid "A brief description of the task." -msgstr "任务的简短描述。" +msgstr "任务的简短描述." #: View/Pages/doc/administration.ctp:242 msgid "This field shows when the job was queued by the scheduler for execution." @@ -14866,7 +14883,7 @@ msgstr "" #: View/Pages/doc/general.ctp:27 msgid "Proposal Notifications" -msgstr "提议通知" +msgstr "提案通知" #: View/Pages/doc/general.ctp:27 msgid "This shows how many proposals your organisation has received and across how many events they are spread out. Clicking this will take you to the list of proposals." @@ -14874,7 +14891,7 @@ msgstr "" #: View/Pages/doc/general.ctp:28 msgid "Logs you out of the system." -msgstr "登出系统。" +msgstr "登出系统." #: View/Pages/doc/general.ctp:31 msgid "A list of the contents of each of the above drop-down menus" @@ -14914,7 +14931,7 @@ msgstr "" #: View/Pages/doc/general.ctp:41 msgid "Create a new tag." -msgstr "创建新标签。" +msgstr "创建新标签." #: View/Pages/doc/general.ctp:42 msgid "List all of the templates created by users with template creation rights on this instance." @@ -14922,7 +14939,7 @@ msgstr "" #: View/Pages/doc/general.ctp:43 msgid "Create a new template." -msgstr "创建新模板。" +msgstr "创建新模板." #: View/Pages/doc/general.ctp:44 msgid "Export the data accessible to you in various formats." @@ -14946,11 +14963,11 @@ msgstr "" #: View/Pages/doc/general.ctp:56 msgid "Read about the latest news regarding the MISP system." -msgstr "阅读有关MISP系统的最新消息。" +msgstr "阅读有关MISP系统的最新消息." #: View/Pages/doc/general.ctp:57 msgid "Manage your user account." -msgstr "管理您的用户帐户。" +msgstr "管理您的用户帐户." #: View/Pages/doc/general.ctp:58 msgid "Attribute Histogram" @@ -15039,19 +15056,19 @@ msgstr "" #: View/Pages/doc/general.ctp:86 msgid "View the logs of the instance." -msgstr "查看实例的日志。" +msgstr "查看实例的日志." #: View/Pages/doc/general.ctp:87 msgid "Search the logs by various attributes." -msgstr "按不同属性搜索日志。" +msgstr "按不同属性搜索日志." #: View/Pages/doc/general.ctp:92 msgid "List all of the discussion threads." -msgstr "列出所有讨论线程。" +msgstr "列出所有讨论话题." #: View/Pages/doc/general.ctp:93 msgid "Create a new discussion thread." -msgstr "创建一个新的讨论线程。" +msgstr "创建一个新的讨论话题." #: View/Pages/doc/general.ctp:95 msgid "The left bar" @@ -15059,7 +15076,7 @@ msgstr "左侧栏" #: View/Pages/doc/general.ctp:96 msgid "This bar changes based on each page-group. The blue selection shows you what page you are on." -msgstr "此栏基于每个页面组的更改。蓝色选择向您展示当前您所在的页面。" +msgstr "此栏基于每个页面组的更改.蓝色选择向您展示当前您所在的页面." #: View/Pages/doc/quickstart.ctp:15 msgid "The Malware Information Sharing Platform (MISP) is the tool which will be used to facilitate the exchange of Indicator of Compromise (IOC) about\n" @@ -15098,7 +15115,7 @@ msgstr "" #: View/Pages/doc/user_management.ctp:22 msgid "When first logging into MISP with the username and password provided by your administrator, there are a number of things that need to be done, before you can start using the system." -msgstr "使用您的管理员提供的用户名和密码首次登录 MISP 并开始使用系统之前,需要做一些事情。" +msgstr "使用您的管理员提供的用户名和密码首次登录 MISP 并开始使用系统之前, 需要做一些事情." #: View/Pages/doc/user_management.ctp:24 msgid "Accepting the Terms of use" @@ -15471,7 +15488,7 @@ msgstr "" #: View/Pages/doc/using_the_system.ctp:97 msgid "Batch import" -msgstr "" +msgstr "批量导入" #: View/Pages/doc/using_the_system.ctp:97 msgid "If there are several attributes of the same type to enter (such as a list of IP addresses, it is possible to enter them all into the same value-field, separated by a line break between each line. This will allow the system to create separate lines for the each attribute." @@ -15607,7 +15624,7 @@ msgstr "" #: View/Pages/doc/using_the_system.ctp:136 msgid "Propose attribute" -msgstr "提议属性" +msgstr "提案属性" #: View/Pages/doc/using_the_system.ctp:136 msgid "An attribute with a proposal attached will turn blue and the proposal itself will be grey. If there is a grey proposal without a blue attribute infront of it, it means that someone has proposed a new attribute" @@ -15699,7 +15716,7 @@ msgstr "" #: View/Pages/doc/using_the_system.ctp:161 msgid "The organisation that created the event." -msgstr "创立此事件的组织。" +msgstr "创立此事件的组织." #: View/Pages/doc/using_the_system.ctp:162 msgid "Owner Org" @@ -15715,11 +15732,11 @@ msgstr "" #: View/Pages/doc/using_the_system.ctp:164 msgid "Tags that are assigned to this event." -msgstr "分配给此事件的标签。" +msgstr "分配给此事件的标签." #: View/Pages/doc/using_the_system.ctp:165 msgid "The number of attributes that the event has." -msgstr "事件的属性数量。" +msgstr "事件的属性数量." #: View/Pages/doc/using_the_system.ctp:166 msgid "The e-mail address of the event's reporter. This is not visible to regular users. Organisation administrators can see the e-mail addresses of their own organisation's users." @@ -15727,7 +15744,7 @@ msgstr "" #: View/Pages/doc/using_the_system.ctp:167 msgid "The date of the attack." -msgstr "攻击日期。" +msgstr "攻击日期." #: View/Pages/doc/using_the_system.ctp:168 msgid "The risk level of the attack, the following levels are possible" @@ -15883,7 +15900,7 @@ msgstr "" #: View/Pages/doc/using_the_system.ctp:227 msgid "Attributes and Proposals" -msgstr "属性和提议" +msgstr "属性和提案" #: View/Pages/doc/using_the_system.ctp:228 msgid "A list of all attributes and proposals attached to the event. The fields for each of them only differ in the available actions and the fact that for proposals to attributes all fields are blank that would stay unchanged if the proposal was accepted (for example, proposing a change to an attribute to turn the IDS flag on will have all fields apart from the IDS flag blank in the proposal. Here is a list of what each of the fields represents" @@ -15935,7 +15952,7 @@ msgstr "" #: View/Pages/doc/using_the_system.ctp:243 msgid "Proposals to an Event" -msgstr "对事件的提议" +msgstr "对事件的提案" #: View/Pages/doc/using_the_system.ctp:243 msgid "Each gray line at the end of the list represents a Proposal to an event. These are proposals for a new attribute, mostly unrelated to any of the currently existing attributes. If the creator of the event accepts one of these a new attribute will be created." @@ -15955,7 +15972,7 @@ msgstr "" #: View/Pages/doc/using_the_system.ctp:247 msgid "Event Discussion Thread" -msgstr "事件讨论线程" +msgstr "事件讨论话题" #: View/Pages/doc/using_the_system.ctp:248 msgid "Each event has its own assigned discussion where users (that are eligible to see the event) can participate in an open discussion. The users are anonymised in the messages, all that other users will see is their user ID number and their organisation. To post a message on the Event Discussion, either use the reply button on a previous post or use the quickresponse field at the bottom of the page.\n" @@ -16088,19 +16105,19 @@ msgstr "" #: View/Pages/doc/using_the_system.ctp:283 msgid "The actual value of the attribute, describing an aspect, defined by the category and type fields of the malware (for example 11.11.11.11)." -msgstr "" +msgstr "属性的实际值, 描述一个方面, 由恶意软件的类别和类型字段定义(例如 11.11.11.11)." #: View/Pages/doc/using_the_system.ctp:284 msgid "An optional contextual comment attached to the attribute." -msgstr "" +msgstr "附在属性上的可选上下文注释." #: View/Pages/doc/using_the_system.ctp:285 msgid "Shows whether the attribute has been flagged for NIDS signature generation or not." -msgstr "" +msgstr "显示属性是否被标记为NIDS签名生成." #: View/Pages/doc/using_the_system.ctp:286 msgid "A set of buttons that allow you to view the event that the attribute is tied to, to edit the attribute (using the same view as what is used to set up attributes, but filled out with the attribute's current data) and a delete button." -msgstr "" +msgstr "一组按钮, 可以查看属性绑定的事件, 编辑属性(使用与设置属性相同的视图, 但填写的是属性的当前数据)和删除按钮." #: View/Pages/doc/using_the_system.ctp:288 msgid "Searching for attributes" @@ -16108,7 +16125,7 @@ msgstr "搜索属性" #: View/Pages/doc/using_the_system.ctp:289 msgid "Apart from being able to list all events, it is also possible to search for data contained in the value field of an attribute, by clicking on the \"Search Attributes\" button." -msgstr "" +msgstr "除了能够列出所有的事件, 还可以通过点击\"Search Attributes\"按钮来搜索属性值字段中的数据." #: View/Pages/doc/using_the_system.ctp:290 msgid "Search attribute" @@ -16116,43 +16133,43 @@ msgstr "搜索属性" #: View/Pages/doc/using_the_system.ctp:291 msgid "This will bring up a form that lets you enter one or several search strings (separate search strings with line breaks) that will be compared to the values of all attributes, along with options to narrow down the search based on category and type. The entered search string has to be an exact match with (the sub-string of) a value. A second text field makes it possible to enter event IDs for events that should be excluded from the search (again, each line represents an event ID to be excluded). The third text field allows the user to restrict the results to attributes from certain organisations or to attributes not created by certain other organisations, using the above described syntax." -msgstr "" +msgstr "这将弹出一个表格, 让您输入一个或几个搜索字符串(带行分隔符的独立搜索字符串), 这些字符串将与所有属性的值进行比较, 并根据类别和类型缩小搜索范围。输入的搜索字符串必须与(子字符串的)值完全匹配. 第二个文本字段允许用户输入应从搜索中排除的事件ID(同样, 每一行代表一个要排除的事件ID). 第三个文本字段允许用户使用上述语法, 将结果限制在某些组织的属性或其他组织没有创建的属性上." #: View/Pages/doc/using_the_system.ctp:292 msgid "The list generated by the search will look exactly the same as listing all attributes, except that only the attributes that matched the search criteria will be listed (to find out more about the list attributes view, %s.). The search parameters will be shown above the produced list and the search terms will be highlighted." -msgstr "" +msgstr "搜索生成的列表将与列出所有属性完全相同, 只是只列出符合搜索条件的属性(要了解更多关于列表属性视图, %s.), 搜索参数将显示在生成的列表上方, 搜索条件将被高亮显示." #: View/Pages/doc/using_the_system.ctp:293 msgid "The last option is a checkbox that restricts all of the results to attributes that are marked as IDS signatures." -msgstr "" +msgstr "最后一个选项是一个复选框, 将所有的结果限制在被标记为IDS签名的属性上." #: View/Pages/doc/using_the_system.ctp:294 msgid "You can view the event that an attribute belongs to with the view button, or you can edit/delete the attribute via the buttons on the right." -msgstr "" +msgstr "您可以通过视图按钮查看属性所属的事件, 也可以通过右侧的按钮编辑/删除属性." #: View/Pages/doc/using_the_system.ctp:296 msgid "Updating and modifying events and attributes" -msgstr "" +msgstr "更新和修改事件和属性" #: View/Pages/doc/using_the_system.ctp:297 msgid "Every event and attribute can easily be edited. First of all it is important to find the event or attribute that is to be edited, using any of the methods mentioned in the section on browsing past events." -msgstr "" +msgstr "每个事件和属性都可以很容易地被编辑。首先要找到要编辑的事件或属性, 使用browsing past events一节中提到的任何一种方法, 找到要编辑的事件或属性是很重要的." #: View/Pages/doc/using_the_system.ctp:298 msgid "Once it is found, the edit button (whether it be under actions when events/attributes get listed or simply on the event view) will bring up the same screen as what is used to create the entry of the same type (for an event it would be the event screen as seen here, for an attribute the attribute screen as described here)." -msgstr "" +msgstr "找到它后, 编辑按钮(不管是在事件/属性被列出时的操作下, 还是在事件视图中)将弹出与创建相同类型的条目相同的屏幕(对于事件来说, 事件屏幕为seen here, 属性屏幕为described here)." #: View/Pages/doc/using_the_system.ctp:299 msgid "Keep in mind that editing any event (either directly or indirectly through an attribute) will unpublish it, meaning that you'll have to publish it (through the event view) again once you are done." -msgstr "" +msgstr "请记住, 编辑任何事件(直接或间接通过属性)都会取消发布, 这意味着您必须在完成后再次发布(通过事件视图)." #: View/Pages/doc/using_the_system.ctp:302 msgid "As described earlier, users with tagging rights can arbitrarily tag events using tags chosen from a pool of available options. If you have tagging privileges and would like to create a new tag, navigate to Event Actions - Add Tag. You'll be presented with the following form" -msgstr "" +msgstr "如前所述, 拥有标签权限的用户可以从可用选项库中选择标签来任意标记事件. 如果您拥有标签权限并想创建新的标签, 请导航到事件操作 - 添加标签. 您将看到以下表格" #: View/Pages/doc/using_the_system.ctp:303 msgid "Enter a name for the tag and click on the color field to be able to pick a colour for it." -msgstr "" +msgstr "为标签输入一个名称, 然后点击颜色字段, 就可以为其选择一个颜色." #: View/Pages/doc/using_the_system.ctp:304 msgid "Fill out the following fields" @@ -16160,7 +16177,7 @@ msgstr "填写以下字段" #: View/Pages/doc/using_the_system.ctp:306 msgid "Pick a name for the tag. Try to use consistent naming conventions across your instance, to avoid confusion." -msgstr "" +msgstr "为标签选择一个名称, 尽量在整个实例中使用一致的命名规范, 以避免混淆." #: View/Pages/doc/using_the_system.ctp:307 msgid "Colour" @@ -16168,19 +16185,19 @@ msgstr "颜色" #: View/Pages/doc/using_the_system.ctp:307 msgid "You can choose a colour for the tag by clicking on the colour field and using the colour picker tool. Try to avoid having duplicate or similar looking colours to help avoid confusion." -msgstr "" +msgstr "您可以通过单击颜色字段并使用颜色选择器工具来为标签选择颜色, 尽量避免颜色重复或外观相似, 以免造成混淆." #: View/Pages/doc/using_the_system.ctp:311 msgid "Newer users can easily be overwhelmed by having to manually populate events with attributes without any guidance. What sort of information should go into the event? What should be the category and type of a C2 IP? Templates allow users to use simple forms to populate events." -msgstr "" +msgstr "新手用户在没有任何指导的情况下手动填充事件的属性, 很容易让人不知所措. 事件中应该包含哪些信息? C2 IP的类别和类型应该是什么?模板允许用户使用简单的表单来填充事件." #: View/Pages/doc/using_the_system.ctp:312 msgid "Even though MISP ships with a few default templates, it is possible for users (with the appropriate templating privilege) to create new templates for their users or for all users of the instance. Let's look at how you can create a template." -msgstr "" +msgstr "尽管MISP自带一些默认模板, 但用户(拥有相应的模板权限)可以为自己的用户或实例的所有用户创建新的模板, 让我们来看一下如何创建模板." #: View/Pages/doc/using_the_system.ctp:313 msgid "First go to Event Actions - Add Template to go to the event creation view." -msgstr "" +msgstr "首先转到事件操作 - 添加模板以转到事件创建视图." #: View/Pages/doc/using_the_system.ctp:314 #: View/Templates/add.ctp:6 @@ -16189,23 +16206,23 @@ msgstr "创建模板" #: View/Pages/doc/using_the_system.ctp:314 msgid "Fill in the generic information about the template." -msgstr "" +msgstr "填写有关模板的一般信息." #: View/Pages/doc/using_the_system.ctp:315;325;338;349 msgid "The following fields have to be filled out" -msgstr "" +msgstr "必须填写以下字段" #: View/Pages/doc/using_the_system.ctp:317 msgid "The name of the template should describe what type of an event it should be used to generate attributes." -msgstr "" +msgstr "模板的名称应描述应使用哪种事件类型来生成属性." #: View/Pages/doc/using_the_system.ctp:318 msgid "You can attach tags to the template - an event populated using the template would automatically receive the tag(s). Add new tags using the + button. If you change your mind about a tag you can remove it with the cross next to the tag name." -msgstr "" +msgstr "您可以将标签附加到模板上 - 使用模板填充的事件将自动接收标签, 使用 + 按钮添加新标签. 如果您改变主意, 您可以用标签名称旁边的叉号来删除它." #: View/Pages/doc/using_the_system.ctp:319 msgid "A short description about the events that this template should be used for." -msgstr "" +msgstr "关于这个模板应该用于的事件的简短描述." #: View/Pages/doc/using_the_system.ctp:320 #: View/Templates/add.ctp:44 @@ -16215,11 +16232,11 @@ msgstr "与其他人共享此模板" #: View/Pages/doc/using_the_system.ctp:320 msgid "The template can be set to be usable by any organisation on the instance or only by the one that has created it." -msgstr "" +msgstr "可以将模板设置为可由实例上的任何组织或仅由创建模板的组织使用." #: View/Pages/doc/using_the_system.ctp:322 msgid "Once the skeleton template is created, you can start populating the template with data. There are 3 types of elements that can be used during the creation of a template: attribute, file and text elements. Text elements divide the template into sections with an information field, followed by all of the attribute/file fields until a new text field is read. Don't worry about the order of the elements during creation, they can be re-arranged using drag & drop. Let's look at the 3 element types" -msgstr "" +msgstr "创建好骨架模板后, 就可以开始用数据填充模板了. 在创建模板时, 有3种类型的元素可以使用: 属性、文件和文本元素. 文本元素用信息字段将模板划分成若干个部分, 之后是所有的属性/文件字段, 直到读取新的文本字段为止. 在创建过程中不用担心元素的顺序, 可以用拖拽&拖放的方式重新排列. 让我们来看看这3种元素类型" #: View/Pages/doc/using_the_system.ctp:323 msgid "Attribute Element" @@ -16227,56 +16244,56 @@ msgstr "属性元素" #: View/Pages/doc/using_the_system.ctp:324 msgid "Template Attribute Element" -msgstr "" +msgstr "模板属性元素" #: View/Pages/doc/using_the_system.ctp:324 msgid "This element will generate regular attributes based on user entry." -msgstr "" +msgstr "该元素将根据用户输入生成常规属性" #: View/Pages/doc/using_the_system.ctp:327;340 msgid "The field name that will be presented to the user." -msgstr "" +msgstr "将呈现给用户的字段名称" #: View/Pages/doc/using_the_system.ctp:328;341 msgid "A brief description of the element. Make sure that you provide sufficient information to the user to make it obvious what is expected." -msgstr "" +msgstr "对元素的简要描述, 确保您向用户提供足够的信息, 使其清楚地了解到所期望的内容" #: View/Pages/doc/using_the_system.ctp:329 msgid "The category used for any attributes created using this template element." -msgstr "" +msgstr "使用此模板元素创建的任何属性所使用的类别" #: View/Pages/doc/using_the_system.ctp:330 msgid "The type or complex type used for any attributes created using this template element. Complex types allow for several related types to be used on data entry. For example, a \"file\" complex type element allows for filenames and hashes." -msgstr "" +msgstr "使用此模板元素创建的任何属性所使用的类型或复杂类型, 复杂类型允许在数据输入时使用多个相关类型. 例如, 一个\"file\"复合类型元素允许使用文件名和哈希值。" #: View/Pages/doc/using_the_system.ctp:331 msgid "Use Complex types" -msgstr "" +msgstr "使用复杂类型" #: View/Pages/doc/using_the_system.ctp:331 msgid "If the category permits it, switch to a complex type using this checkbox." -msgstr "" +msgstr "如果类别允许, 使用此复选框切换到复杂类型" #: View/Pages/doc/using_the_system.ctp:332 #: View/TemplateElements/ajax/template_element_add_attribute.ctp:63 #: View/TemplateElements/ajax/template_element_edit_attribute.ctp:60 msgid "Automatically mark for IDS" -msgstr "" +msgstr "自动标记为IDS" #: View/Pages/doc/using_the_system.ctp:332 msgid "If checked, any attributes generated using this element will be marked for IDS exporting." -msgstr "" +msgstr "如果选中, 使用该元素生成的任何属性将被标记为IDS导出" #: View/Pages/doc/using_the_system.ctp:333;344 #: View/TemplateElements/ajax/template_element_add_attribute.ctp:72 #: View/TemplateElements/ajax/template_element_add_file.ctp:48 #: View/TemplateElements/ajax/template_element_edit_file.ctp:48 msgid "Mandatory element" -msgstr "" +msgstr "强制性要素" #: View/Pages/doc/using_the_system.ctp:333 msgid "If the elemnt is marked as mandatory, then the template form can only be submitted by users if this field is filled out." -msgstr "" +msgstr "如果将该元素标记为必填, 则只有填写此字段, 用户才能提交模板表单" #: View/Pages/doc/using_the_system.ctp:334;345 #: View/TemplateElements/ajax/template_element_add_attribute.ctp:81 @@ -16284,11 +16301,11 @@ msgstr "" #: View/TemplateElements/ajax/template_element_edit_attribute.ctp:76 #: View/TemplateElements/ajax/template_element_edit_file.ctp:57 msgid "Batch import element" -msgstr "" +msgstr "批量导入元素" #: View/Pages/doc/using_the_system.ctp:334 msgid "Allow for multiple values to be entered (separated by line breaks)." -msgstr "" +msgstr "允许输入多个值(以行分隔)" #: View/Pages/doc/using_the_system.ctp:336 msgid "File Element" @@ -16300,23 +16317,23 @@ msgstr "模板文件元素" #: View/Pages/doc/using_the_system.ctp:337 msgid "This element will generate attachments based on user entry." -msgstr "" +msgstr "该元素将根据用户输入的内容生成附件" #: View/Pages/doc/using_the_system.ctp:342 msgid "The category to be used by all attachments uploaded through this element." -msgstr "" +msgstr "通过该要素上传的所有附件所使用的类别" #: View/Pages/doc/using_the_system.ctp:343 msgid "If the uploaded files are malicious and should be encrypted and password protected, mark this checkbox." -msgstr "" +msgstr "如果上传的文件是恶意的, 而且应该是加密和密码保护的, 请在此复选框中标注" #: View/Pages/doc/using_the_system.ctp:344 msgid "If it should be required to upload an attachment, check this checkbox." -msgstr "" +msgstr "如果需要上传附件, 请勾选此框" #: View/Pages/doc/using_the_system.ctp:345 msgid "Ticking this checkbox allows users to upload several files using this element." -msgstr "" +msgstr "点击这个复选框, 用户可以使用这个元素上传多个文件" #: View/Pages/doc/using_the_system.ctp:347 msgid "Text Element" @@ -16328,51 +16345,51 @@ msgstr "模板文本元素" #: View/Pages/doc/using_the_system.ctp:348 msgid "This element will start a section in the template, which continues until the next text element or the end of the template." -msgstr "" +msgstr "该元素将在模板中的一个部分开始, 一直持续到下一个文本元素或模板的末尾" #: View/Pages/doc/using_the_system.ctp:351 msgid "The name of the section that will be presented to the user." -msgstr "" +msgstr "将呈现给用户的部分名称" #: View/Pages/doc/using_the_system.ctp:352 msgid "The description of the section. Explain briefly to the user what the following attribute/file elements will be dealing with. There are several ways to split a template into sections, try to have ease of use in mind while creating it." -msgstr "" +msgstr "部分的描述, 向用户简单解释一下下面要处理的属性/文件元素是什么, 有几种方法可以将模板分割成若干个部分, 在创建模板时尽量考虑到易用性" #: View/Pages/doc/using_the_system.ctp:355 msgid "Contacting the reporter" -msgstr "" +msgstr "联系报告者" #: View/Pages/doc/using_the_system.ctp:356 msgid "To get in touch with the reporter of a previously registered event, just find the event for which you would like to contact the reporter by either finding it on the list of events, by finding it through one of its attributes or by finding it through a related event." -msgstr "" +msgstr "要想与之前注册的事件的报告者取得联系, 只需在事件列表中找到您想联系的事件, 通过事件的某一个属性找到该事件, 或者通过相关的事件找到该事件, 就可以了" #: View/Pages/doc/using_the_system.ctp:357 msgid "Once the event is found and the event view opened, click the button titled \"Contact Reporter\". This will bring up a view where you can enter your message that is to be e-mailed to all members of the reporting organisation that subscribe to receiving such reports or the reporting user himself. Along with your message, the detailed information about the event in question will be included in the e-mail." -msgstr "" +msgstr "找到事件并打开事件视图后, 单击标题为\"Contact Reporter\"的按钮. 这将显示一个视图, 您可以在其中输入要通过电子邮件发送给订阅接收此类报告的组织的所有成员或报告用户本人的消息, 除您的消息外, 有关事件的详细信息将包含在电子邮件中" #: View/Pages/doc/using_the_system.ctp:358 msgid "Enter your message to the reporter and choose whether his/her entire organisation should get the message or not by ticking the check-box." -msgstr "" +msgstr "输入您的消息给报告者, 然后勾选复选框, 选择他/她的整个组织是否应该收到消息" #: View/Pages/doc/using_the_system.ctp:359 msgid "By default, the message will be sent to every member of the organisation that posted the event in the first place, but if you tick the check-box below the message field before sending the mail, only the person that reported the event will get e-mailed." -msgstr "" +msgstr "默认情况下, 该消息将发送给最初发布该事件的组织的每个成员, 但是如果在发送邮件之前选中消息字段下方的复选框, 则只有报告该事件的人员才能收到该消息" #: View/Pages/doc/using_the_system.ctp:362 msgid "It is possible to quickly and conveniently export the data contained within the system using the automation features located in the main menu on the left (available to users with authentication key access only). There are various sets of data that can be exported, by using the authentication key provided by the system (also shown on the export page). If for whatever reason you would need to invalidate your current key and get a new one instead (for example due to the old one becoming compromised) just hit the reset link next to the authentication key in the export view or in your \"my profile\" view." -msgstr "" +msgstr "使用左侧主菜单中的自动化功能可以快速方便地导出系统中包含的数据(仅适用于具有身份验证密钥访问权限的用户). 通过使用系统提供的身份验证密钥, 可以导出各种数据集(也显示在导出页面上). 如果出于某种原因您需要使当前密钥失效并获取一个新密钥(例如, 由于旧密钥被盗用), 只需在导出视图或您的\"my profile\"视图中点击身份验证密钥旁边的重置链接" #: View/Pages/doc/using_the_system.ctp:363 msgid "To find out about the various export formats and the usage within the automation functions, please read the page on automation." -msgstr "" +msgstr "要了解各种导出格式及其在自动化功能中的用法, 请阅读自动化上的页面" #: View/Pages/doc/using_the_system.ctp:366 msgid "For users that do not have authentication key access, an alternate export feature is available that relies on your interactive login to the site. To access these, just use the export menu button to the left and you'll be presented with a list of export options." -msgstr "" +msgstr "对于没有身份验证密钥访问权限的用户, 可以使用另一种导出功能, 该功能依赖于您对站点的交互式登录. 要访问这些内容, 只需使用左侧的导出菜单按钮, 您将看到一个导出选项列表" #: View/Pages/doc/using_the_system.ctp:367 msgid "Depending on your server's configuration, you will be presented with one of two possible pages, depending on whether you have background processing enabled or not. (The setting on this instance is currently set to: %s)" -msgstr "" +msgstr "根据服务器的配置, 将显示两个可能的页面之一, 具体取决于您是否启用了后台处理(此实例上的设置当前设置为:%s)" #: View/Pages/doc/using_the_system.ctp:367 msgid "On" @@ -16384,75 +16401,75 @@ msgstr "关闭" #: View/Pages/doc/using_the_system.ctp:368;371 msgid "Export page with background jobs" -msgstr "" +msgstr "导出带有后台作业的页面" #: View/Pages/doc/using_the_system.ctp:369 msgid "The page will list a set of export formats that you can immediately download as a file. Just click on the desired export format and MISP will start collecting all the data that you will receive in a file. Keep in mind that this can be a lengthy process. To avoid having to wait, consult with your instance's site administrator about enabling the background processing." -msgstr "" +msgstr "该页面将列出一组导出格式, 您可以立即下载为文件. 只需点击所需的导出格式, MISP将开始收集所有的数据, 您将收到一个文件. 请记住, 这可能是一个漫长的过程, 为了避免等待, 请咨询您所在实例的站点管理员关于启用后台处理的问题" #: View/Pages/doc/using_the_system.ctp:370;384 msgid "Use the export features here to quickly download data in various formats" -msgstr "" +msgstr "使用这里的导出功能快速下载各种格式的数据" #: View/Pages/doc/using_the_system.ctp:372 msgid "If the background jobs are enabled, you'll be redirected to a different version of the export page. Here you will see a table with all of the major export formats and the current status of the cached export files. Keep in mind that these are generated on an organisation by organisation basis, so even though others have generated newer export caches your organisation may have an outdated cache. You can simply issue a generate command (by clicking the \"Generate\" button) on the desired export type and the background workers will start fetching and assembling your cache. A progress bar will show the progress of the export process." -msgstr "" +msgstr "如果启用了后台作业, 您会被重定向到不同版本的导出页面. 在这里, 您将看到一个表格, 其中包含所有主要的导出格式和缓存导出文件的当前状态. 请记住, 这些文件是按组织的具体情况生成的, 所以即使其他人已经生成了较新的导出缓存, 您的组织也可能有一个过时的缓存. 您可以简单地在所需的导出类型上发出一个生成命令(通过点击\"Generate\"按钮), 后台工作人员就会开始获取和组装您的缓存, 一个进度条将显示导出过程的进度" #: View/Pages/doc/using_the_system.ctp:373 msgid "Once done, you can click \"Download\" to download the freshly generated cache file. If the cache is already up to date from before, then you don't have to regenerate the cache, just click on the \"download\" button." -msgstr "" +msgstr "完成后, 您可以点击\"Download\"来下载新生成的缓存文件. 如果缓存已经更新了, 那么您不需要重新生成缓存, 只需点击\"download\"按钮即可" #: View/Pages/doc/using_the_system.ctp:374 msgid "You may have noticed that the TEXT export only has a generate button - this is because TEXT exports are made up of a lot of types of exports, all of which get generated together. To download any of these files, just click on any of the attribute types at the bottom of the table." -msgstr "" +msgstr "您可能已经注意到, TEXT导出只有一个生成按钮 - 这是因为TEXT导出是由很多类型的导出文件组成的, 所有这些导出文件都会一起生成. 要下载这些文件中的任何一个, 只需点击表格底部的任何一个属性类型即可" #: View/Pages/doc/using_the_system.ctp:375 msgid "A quick description of each of the fields in the table" -msgstr "" +msgstr "表格中每个字段的简要说明" #: View/Pages/doc/using_the_system.ctp:377 msgid "The type of the export (such as XML, Suricata, MD5, etc.)." -msgstr "" +msgstr "输出的类型(如XML、Suricata、MD5等)" #: View/Pages/doc/using_the_system.ctp:378 msgid "The generation date of the current cache for the given export type." -msgstr "" +msgstr "给定导出类型的当前缓存的生成日期" #: View/Pages/doc/using_the_system.ctp:379 msgid "A description of the export format." -msgstr "" +msgstr "导出格式的说明" #: View/Pages/doc/using_the_system.ctp:380 msgid "This compares the cache generation date to the last timestamp when an event was updated and lets you know whether the cache is outdated or not." -msgstr "" +msgstr "这可以将缓存生成日期与事件更新时的最后一个时间戳进行比较, 让您知道缓存是否过期" #: View/Pages/doc/using_the_system.ctp:381 msgid "Shows the progress of the last initiated generation process." -msgstr "" +msgstr "显示上次启动时生成过程的进度" #: View/Pages/doc/using_the_system.ctp:382 msgid "Download or Generate the given cache with these buttons." -msgstr "" +msgstr "通过这些按钮下载或生成指定的缓存" #: View/Pages/doc/using_the_system.ctp:385 msgid "Exporting search results and individual events" -msgstr "" +msgstr "导出搜索结果和单个事件" #: View/Pages/doc/using_the_system.ctp:386 msgid "Apart from the options offered by the export pages, it's also possible to export all events involved in a search attribute result table, by using the \"Download results as XML\" button on the left menu bar." -msgstr "" +msgstr "除了导出页面提供的选项外, 还可以通过使用左侧菜单栏上的\"Download results as XML\"按钮来导出搜索属性结果表中涉及的所有事件" #: View/Pages/doc/using_the_system.ctp:387 msgid "Download a .xml from all the events that are shown through an attribute in the search results." -msgstr "" +msgstr "从通过搜索结果中的属性显示的所有事件中下载.xml" #: View/Pages/doc/using_the_system.ctp:388 msgid "Each event's view has its own export feature, both as an XML export and as a .ioc file. To reach these features, just navigate to an event and use the appropriate buttons on the right side." -msgstr "" +msgstr "每个事件的视图都有自己的导出功能, 既可以导出为XML, 也可以导出为.ioc文件. 要使用这些功能, 只需导航到一个事件并使用右侧的相应按钮即可" #: View/Pages/doc/using_the_system.ctp:389 msgid "Download a .xml or a .ioc of the event." -msgstr "" +msgstr "下载事件的.xml或.ioc" #: View/Pages/doc/using_the_system.ctp:391 msgid "Connecting to other instances" @@ -16460,15 +16477,15 @@ msgstr "正在连接到其他实例" #: View/Pages/doc/using_the_system.ctp:392 msgid "Apart from being a self contained repository of attacks/malware, one of the main features of MISP is its ability to connect to other instances and share (parts of) its information. The following options allow you to set up and maintain such connections." -msgstr "" +msgstr "除了作为一个自带的攻击/恶意软件的存储库外, MISP的主要特点之一是它能够连接到其他实例并共享(部分)信息, 下面的选项允许您设置和维护这种连接" #: View/Pages/doc/using_the_system.ctp:393 msgid "Setting up a connection to another server" -msgstr "" +msgstr "设置与另一台服务器的连接" #: View/Pages/doc/using_the_system.ctp:394 msgid "In order to share data with a remote server via pushes and pulls, you need to request a valid authentication key from the hosting organisation of the remote instance. When clicking on List Servers and then on New Server, a form comes up that needs to be filled out in order for your instance to connect to it. The following fields need to be filled out" -msgstr "" +msgstr "为了通过推送和拉取与远程服务器共享数据, 您需要从远程实例的托管机构申请一个有效的验证密钥. 当点击列表服务器, 然后点击新建服务器, 会弹出一个表单, 需要填写该表单才能连接到您的实例. 以下是需要填写的字段" #: View/Pages/doc/using_the_system.ctp:395 msgid "Add server" @@ -16476,7 +16493,7 @@ msgstr "添加服务器" #: View/Pages/doc/using_the_system.ctp:395 msgid "Make sure that you enter the authentication key that you have been given by the hosting organisation of the remote instance, instead of the one you have gotten from this one." -msgstr "" +msgstr "确保您输入的是远程实例的托管机构给您的认证密钥, 而不是您从这个实例中得到的密钥" #: View/Pages/doc/using_the_system.ctp:397 #: View/Servers/add.ctp:8 @@ -16486,39 +16503,39 @@ msgstr "基础 URL" #: View/Pages/doc/using_the_system.ctp:397 msgid "The URL of the remote server." -msgstr "远程服务器的 URL。" +msgstr "远程服务器的 URL." #: View/Pages/doc/using_the_system.ctp:398 msgid "The organisation that runs the remote server. It is very impoportant that this setting is filled out exactly as the organisation name set up in the bootstrap file of the remote instance." -msgstr "" +msgstr "运行远程服务器的组织名称, 这个设置必须与远程实例的bootstrap文件中设置的组织名称完全一致" #: View/Pages/doc/using_the_system.ctp:399 msgid "The authentication key that you have received from the hosting organisation of the remote instance." -msgstr "" +msgstr "您从远程实例的托管组织收到的身份验证密钥" #: View/Pages/doc/using_the_system.ctp:400 msgid "This check-box controls whether your server is allowed to push to the remote instance." -msgstr "" +msgstr "此复选框控制是否允许您的服务器推送到远程实例" #: View/Pages/doc/using_the_system.ctp:401 msgid "This check-box controls whether your server can request to pull all data from the remote instance." -msgstr "" +msgstr "该复选框控制您的服务器是否可以请求从远程实例中拉取所有数据" #: View/Pages/doc/using_the_system.ctp:402 msgid "Unpublish event (Push only)" -msgstr "" +msgstr "取消发布事件(仅限推送)" #: View/Pages/doc/using_the_system.ctp:402 msgid "This check-box controls to unpublish new event (working with Push events)." -msgstr "" +msgstr "此复选框控件用于取消发布新事件(与Push事件一起工作)" #: View/Pages/doc/using_the_system.ctp:403 msgid "Publish without email (Pull only)" -msgstr "" +msgstr "不通过电子邮件发布(仅限拉取)" #: View/Pages/doc/using_the_system.ctp:403 msgid "This check-box controls whether your server is allowed to publish event without email (working with Pull events)." -msgstr "" +msgstr "这个复选框控制您的服务器是否允许在没有电子邮件的情况下发布事件(与Pull事件一起工作)" #: View/Pages/doc/using_the_system.ctp:404 msgid "Self Signed" @@ -16526,55 +16543,55 @@ msgstr "自签名" #: View/Pages/doc/using_the_system.ctp:404 msgid "Ticking this checkbox will allow syncing with instances using self-signed certificates." -msgstr "" +msgstr "勾选此复选框将允许使用自签名证书与实例同步" #: View/Pages/doc/using_the_system.ctp:405 msgid "Certificate File" -msgstr "" +msgstr "证书文件" #: View/Pages/doc/using_the_system.ctp:405 msgid "If the instance that you want to connect to has their entire own certificate chain, you can use this to import a .pem file with it and override CakePHP's standard root CA file." -msgstr "" +msgstr "如果您想连接的实例有自己的整个证书链, 您可以用这个来导入一个.pem文件, 并覆盖CakePHP的标准根CA文件" #: View/Pages/doc/using_the_system.ctp:407 msgid "If you are an administrator, trying to allow another instance to connect to your own, it is vital that two rules are followed when setting up a synchronisation account" -msgstr "" +msgstr "如果您是管理员, 试图允许另一个实例连接到您自己的实例, 那么在设置同步账户时必须遵循以下两条规则" #: View/Pages/doc/using_the_system.ctp:409 msgid "The synchronisation user has to have the sync permission and full read/write/publish privileges turned on" -msgstr "" +msgstr "同步用户必须拥有同步权限和完整的读/写/发布权限" #: View/Pages/doc/using_the_system.ctp:410 msgid "Both the sync user and the organisation setting in your instance's Config/bootstrap.php file have to match the organisation identifier of the hosting organisation." -msgstr "" +msgstr "在您的Config/bootstrap.php文件中的同步用户和组织设置都必须与主机组织的组织标识符一致" #: View/Pages/doc/using_the_system.ctp:412 msgid "Browsing the currently set up server connections and interacting with them" -msgstr "" +msgstr "浏览当前设置的服务器连接并与之交互" #: View/Pages/doc/using_the_system.ctp:413 msgid "If you ever need to change the data about the linked servers or remove any connections, you have the following options to view and manipulate the server connections, when clicking on List Servers: (you will be able to see a list of all servers that your server connects to, including the base address, the organisation running the server the last pushed and pulled event IDs and the control buttons.)." -msgstr "" +msgstr "如果您需要更改连接的服务器数据或删除任何连接, 您有以下选项来查看和操作服务器的连接, 当点击列表服务器时: (您可以看到所有服务器连接的服务器列表, 包括基本地址, 服务器的运行机构, 最后推送和拉取的事件ID和控制按钮)" #: View/Pages/doc/using_the_system.ctp:414 msgid "Apart from editing / deleting the link to the remote server, you can issue a push all or pull all command from here." -msgstr "" +msgstr "除了编辑/删除到远程服务器的链接外, 还可以从这里发出全部推送或拉取全部命令" #: View/Pages/doc/using_the_system.ctp:416 msgid "Editing the connection to the" -msgstr "" +msgstr "编辑连接到" #: View/Pages/doc/using_the_system.ctp:416 msgid "By clicking edit a view, that is identical to the new instance view, is loaded, with all the current information of the instance pre-entered." -msgstr "" +msgstr "通过点击编辑视图, 与新的实例视图相同, 并预先输入了实例的所有当前信息" #: View/Pages/doc/using_the_system.ctp:417 msgid "Deleting the connection to the instance" -msgstr "" +msgstr "删除与实例的连接" #: View/Pages/doc/using_the_system.ctp:417 msgid "Clicking the delete button will delete the link to the instance." -msgstr "" +msgstr "点击删除按钮将删除该实例的链接" #: View/Pages/doc/using_the_system.ctp:418 #: View/Servers/index.ctp:175 @@ -16583,7 +16600,7 @@ msgstr "推送全部" #: View/Pages/doc/using_the_system.ctp:418 msgid " By clicking this button, all events that are eligible to be pushed on the instance you are on will start to be pushed to the remote instance. Events and attributes that exist on the far end will be updated." -msgstr "" +msgstr "通过单击此按钮, 所有在您所在的实例上有资格推送的事件都将开始推送到远程实例上, 远端存在的事件和属性将被更新。" #: View/Pages/doc/using_the_system.ctp:419 #: View/Servers/index.ctp:172 @@ -16592,11 +16609,11 @@ msgstr "获取所有" #: View/Pages/doc/using_the_system.ctp:419 msgid "By clicking this button, all events that are set to be pull-able or full access on the remote server will be copied to this instance. Existing events will not be updated." -msgstr "" +msgstr "通过单击此按钮, 远程服务器上所有设置为可拉式或完全访问的事件都将复制到该实例, 现有事件将不会更新" #: View/Pages/doc/using_the_system.ctp:423 msgid "The platform is also RESTfull, so this means that you can use structured format (XML or JSON) to access Events data." -msgstr "" +msgstr "该平台也是 RESTfull , 因此这意味着您可以使用结构化格式 (XML or JSON) 访问事件数据." #: View/Pages/doc/using_the_system.ctp:424 msgid "Requests" @@ -16604,23 +16621,23 @@ msgstr "请求" #: View/Pages/doc/using_the_system.ctp:425 msgid "Use any HTTP compliant library to perform requests." -msgstr "" +msgstr "使用任何符合HTTP标准的库来执行请求" #: View/Pages/doc/using_the_system.ctp:426 msgid "You can choose which format you would like to use as input/output for the REST calls by specifying the Accept and Content-Type headers." -msgstr "" +msgstr "通过指定Accept和Content-Type标头, 可以选择要用作REST调用的输入/输出的格式" #: View/Pages/doc/using_the_system.ctp:427 msgid "The following headers are required if you wish to recieve / push XML data" -msgstr "" +msgstr "如果您希望接收/推送XML数据, 则需要以下标头" #: View/Pages/doc/using_the_system.ctp:431 msgid "The following headers are required if you wish to receive / push JSON data" -msgstr "" +msgstr "如果您希望接收/推送JSON数据, 则需要以下标头" #: View/Pages/doc/using_the_system.ctp:435 msgid "The following table shows the relation of the request type and the resulting action" -msgstr "" +msgstr "下表显示了请求类型与结果操作之间的关系" #: View/Pages/doc/using_the_system.ctp:444 msgid "HTTP format" @@ -16628,35 +16645,35 @@ msgstr "HTTP 格式" #: View/Pages/doc/using_the_system.ctp:446 msgid "Controller action invoked" -msgstr "" +msgstr "调用控制器动作" #: View/Pages/doc/using_the_system.ctp:476 msgid "(1) Warning, there's a limit on the number of results when you call index." -msgstr "" +msgstr "(1) 警告, 当您调用index时, 结果数量有限制" #: View/Pages/doc/using_the_system.ctp:477 msgid "(2) Attachments are included using base64 encoding below the data tag." -msgstr "" +msgstr "(2) 在data标签下面的附件使用base64编码" #: View/Pages/doc/using_the_system.ctp:480 msgid "Example - Get single Event" -msgstr "" +msgstr "示例 - 获取单一事件" #: View/Pages/doc/using_the_system.ctp:481 msgid "In this example we fetch the details of a single Event (and thus also his Attributes)." -msgstr "" +msgstr "在这个例子中, 我们获取单个事件的细节(因此也是他的属性)" #: View/Pages/doc/using_the_system.ctp:482 msgid "The request should be" -msgstr "" +msgstr "该请求应为" #: View/Pages/doc/using_the_system.ctp:484 msgid "And with the HTTP Headers" -msgstr "" +msgstr "并带有HTTP标头" #: View/Pages/doc/using_the_system.ctp:487;548 msgid "The response you're going to get is the following data" -msgstr "" +msgstr "您将获得的响应是以下数据" #: View/Pages/doc/using_the_system.ctp:495;596 msgid "Code monkey doing code monkey stuff" @@ -16681,28 +16698,29 @@ msgstr "示例 - 添加新事件" #: View/Pages/doc/using_the_system.ctp:526 msgid "In this example we want to add a single Event.
\n" "The request should be" -msgstr "" +msgstr "在此示例中, 我们要添加一个事件.
\n" +"该请求应为" #: View/Pages/doc/using_the_system.ctp:531 msgid "And the request body" -msgstr "" +msgstr "和请求体" #: View/Pages/doc/using_the_system.ctp:535;567 msgid "Something concise" -msgstr "" +msgstr "简明扼要" #: View/Pages/doc/using_the_system.ctp:613 msgid "The response from requesting an invalid page" -msgstr "" +msgstr "请求无效页面的响应" #: View/Posts/add.ctp:10;16 #: View/Posts/edit.ctp:6 msgid "Thread Subject" -msgstr "线程主题" +msgstr "话题" #: View/Posts/add.ctp:24 msgid "In response to" -msgstr "" +msgstr "回应" #: View/Posts/edit.ctp:12 msgid "Contents" @@ -16710,16 +16728,16 @@ msgstr "内容" #: View/Regexp/admin_add.ctp:4 msgid "Add Import Regexp" -msgstr "" +msgstr "添加导入Regexp" #: View/Regexp/admin_add.ctp:10 #: View/Regexp/admin_edit.ctp:11 msgid "Types to be affected by the filter (Setting 'all' will override the other settings)" -msgstr "" +msgstr "受过滤器影响的类型(设置 'all' 将覆盖其他设置)" #: View/Regexp/admin_edit.ctp:4 msgid "Edit Import Regexp" -msgstr "" +msgstr "编辑导入Regexp" #: View/Regexp/admin_index.ctp:23 #: View/Regexp/index.ctp:23 @@ -16729,7 +16747,7 @@ msgstr "替换" #: View/Roles/admin_add.ctp:9 #: View/Roles/admin_edit.ctp:9 msgid "Restrict to site admins" -msgstr "" +msgstr "只限于网站管理员" #: View/Roles/admin_add.ctp:19 #: View/Roles/admin_edit.ctp:18 @@ -16740,12 +16758,12 @@ msgstr "内存限制" #: View/Roles/admin_add.ctp:20 #: View/Roles/admin_edit.ctp:19 msgid "Maximum execution time" -msgstr "" +msgstr "最大执行时间" #: View/Roles/admin_add.ctp:26 #: View/Roles/admin_edit.ctp:26 msgid "Enforce search rate limit" -msgstr "" +msgstr "执行搜索速率限制" #: View/Roles/admin_add.ctp:32 #: View/Roles/admin_edit.ctp:32 @@ -16754,15 +16772,15 @@ msgstr "" #: View/Roles/admin_index.ctp:24 msgid "Restricted to site admins" -msgstr "" +msgstr "只限于网站管理员" #: View/Roles/admin_index.ctp:34 msgid "Max execution time" -msgstr "" +msgstr "最长执行时间" #: View/Roles/admin_index.ctp:35 msgid "Searches / 15 mins" -msgstr "" +msgstr "搜索 / 15分钟" #: View/Roles/admin_index.ctp:41 msgid "Default role" @@ -16810,7 +16828,7 @@ msgstr "实例名称" #: View/Servers/add.ctp:17 msgid "You can set this instance up as an internal instance by checking the checkbox below. This means that any synchronisation between this instance and the remote will not be automatically degraded as it would in a normal synchronisation scenario. Please make sure that you own both instances and that you are OK with this otherwise dangerous change." -msgstr "" +msgstr "您可以通过选中下面的复选框将此实例设置为内部实例, 这意味着该实例和远程之间的任何同步都不会像正常同步情况下那样自动降级, 请确保您拥有这两个实例, 并且您可以接受这种危险的改变" #: View/Servers/add.ctp:20 #: View/Servers/edit.ctp:17 @@ -16820,16 +16838,16 @@ msgstr "内部实例" #: View/Servers/add.ctp:30 #: View/Servers/edit.ctp:25 msgid "Instance ownership and credentials" -msgstr "" +msgstr "实例所有权和凭证" #: View/Servers/add.ctp:31 #: View/Servers/edit.ctp:26 msgid "Information about the organisation that will receive the events, typically the remote instance's host organisation." -msgstr "" +msgstr "关于将接收事件的组织的信息, 通常是远程实例的主办组织" #: View/Servers/add.ctp:37 msgid "Remote Sync Organisation Type" -msgstr "" +msgstr "远程同步组织类型" #: View/Servers/add.ctp:42 #: View/Servers/edit.ctp:40 @@ -16853,7 +16871,7 @@ msgstr "远程组织的 UUID" #: View/Servers/add.ctp:76 #: View/Servers/edit.ctp:81 msgid "Ask the owner of the remote instance for a sync account on their instance, log into their MISP using the sync user's credentials and retrieve your API key by navigating to Global actions -> My profile. This key is used to authenticate with the remote instance." -msgstr "" +msgstr "向远程实例的所有者询问他们的实例上的同步账户, 使用同步用户的凭证登录到他们的MISP, 并通过导航到全局操作 -> 我的资料来获取您的API密钥, 这个密钥用于与远程实例进行身份验证." #: View/Servers/add.ctp:80 #: View/Servers/edit.ctp:85 @@ -16871,49 +16889,49 @@ msgstr "客户端证书文件" #: View/Servers/add.ctp:111 #: View/Servers/edit.ctp:150 msgid "Push rules:" -msgstr "" +msgstr "推送规则" #: View/Servers/add.ctp:112;118 #: View/Servers/edit.ctp:151;157 msgid "Events with the following tags allowed: " -msgstr "" +msgstr "与以下标签的事件被允许" #: View/Servers/add.ctp:113;119 #: View/Servers/edit.ctp:152;158 msgid "Events with the following tags blocked: " -msgstr "" +msgstr "与以下标签的事件被阻止" #: View/Servers/add.ctp:114;120 #: View/Servers/edit.ctp:153;159 msgid "Events with the following organisations allowed: " -msgstr "" +msgstr "与以下组织的事件被允许" #: View/Servers/add.ctp:115;121 #: View/Servers/edit.ctp:154;160 msgid "Events with the following organisations blocked: " -msgstr "" +msgstr "与以下组织的事件被阻止" #: View/Servers/add.ctp:117 #: View/Servers/edit.ctp:156 msgid "Pull rules:" -msgstr "" +msgstr "拉取规则:" #: View/Servers/add.ctp:145 #: View/Servers/edit.ctp:188 msgid "The base-url to the external server you want to sync with. Example: https://foo.sig.mil.be" -msgstr "" +msgstr "您要同步的外部服务器的基本URL, 例如: https://foo.sig.mil.be" #: View/Servers/add.ctp:151 msgid "Unpublish new event (working with Pull event)." -msgstr "取消发布新事件 (与Pull事件一起)。" +msgstr "取消发布新事件 (与Pull事件一起工作)." #: View/Servers/add.ctp:152 msgid "Publish new event without email (working with Push event)." -msgstr "" +msgstr "发布新事件而不发送电子邮件(与Push事件一起工作)." #: View/Servers/add.ctp:153 msgid "You can also upload a certificate file if the instance you are trying to connect to has its own signing authority. (*.pem)" -msgstr "" +msgstr "如果您要连接的实例有自己的签名权限, 您也可以上传一个证书文件 (*.pem)" #: View/Servers/create_sync.ctp:4 msgid "Server configuration" @@ -16921,7 +16939,7 @@ msgstr "服务器设置" #: View/Servers/edit.ctp:15 msgid "You can set this instance up as an internal instance by checking the checkbox below. This means that any synchronisation between this instance and the remote will not be automatically degraded as it would in a normal synchronisation scenario. Please make sure that you own both instances and that you are OK with this otherwise dangerous change. This also requires that the current instance's host organisation and the remote sync organisation are the same." -msgstr "" +msgstr "您可以通过选中下面的复选框将此实例设置为内部实例, 这意味着该实例和远程之间的任何同步都不会像正常同步情况下那样自动降级. 请确保您拥有这两个实例, 并确保您可以接受这种危险的更改, 这也要求当前实例的主机组织和远程同步组织相同" #: View/Servers/edit.ctp:31 msgid "Organisation Type" @@ -16933,11 +16951,11 @@ msgstr "本地组织" #: View/Servers/edit.ctp:82 msgid "Leave empty to use current key" -msgstr "" +msgstr "留空以使用当前key" #: View/Servers/edit.ctp:107 msgid "Server certificate file (*.pem): " -msgstr "" +msgstr "服务器证书文件 (*.pem): " #: View/Servers/edit.ctp:115;137 msgid "Add certificate file" @@ -16949,23 +16967,23 @@ msgstr "移除证书文件" #: View/Servers/edit.ctp:129 msgid "Client certificate file: " -msgstr "客户端证书文件: " +msgstr "客户端证书文件: " #: View/Servers/edit.ctp:161 msgid "Additional parameters: " -msgstr "" +msgstr "附件参数: " #: View/Servers/edit.ctp:197 msgid "You can also upload a client certificate file if the instance you are trying to connect requires this." -msgstr "如果您尝试连接的实例需要的话,您也可以上传客户端证书文件。" +msgstr "如果您尝试连接的实例需要的话, 您也可以上传客户端证书文件." #: View/Servers/edit.ctp:263;267 msgid "Not set." -msgstr "未设置。" +msgstr "未设置." #: View/Servers/filter_event_index.ctp:6 msgid "Please enter the url parameters that are to be used for the request. Valid parameters are: " -msgstr "" +msgstr "请输入请求中要使用的URL参数, 有效的参数是" #: View/Servers/filter_event_index.ctp:8 msgid "Example:" @@ -16973,7 +16991,7 @@ msgstr "示例:" #: View/Servers/filter_event_index.ctp:21 msgid "Apply filters to the remote instance's index" -msgstr "" +msgstr "应用过滤器到远程实例的索引" #: View/Servers/import.ctp:4 msgid "Paste server data" @@ -16981,11 +16999,11 @@ msgstr "粘贴服务器数据" #: View/Servers/import.ctp:5 msgid "Paste a MISP server metadata JSON below to add sync connections." -msgstr "" +msgstr "在下面粘贴一个MISP服务器元数据JSON来添加同步连接" #: View/Servers/import.ctp:11 msgid "Server metadata JSON" -msgstr "" +msgstr "服务器元数据JSON" #: View/Servers/index.ctp:2 msgid "Servers" @@ -16993,7 +17011,7 @@ msgstr "服务器" #: View/Servers/index.ctp:23 msgid "Prio" -msgstr "" +msgstr "Prio" #: View/Servers/index.ctp:24 msgid "Connection test" @@ -17001,11 +17019,11 @@ msgstr "连接测试" #: View/Servers/index.ctp:25 msgid "Sync user" -msgstr "" +msgstr "同步用户" #: View/Servers/index.ctp:26 msgid "Reset API key" -msgstr "" +msgstr "重置API key" #: View/Servers/index.ctp:35 msgid "Remote Organisation" @@ -17013,19 +17031,19 @@ msgstr "远程组织" #: View/Servers/index.ctp:70 msgid "URL params" -msgstr "" +msgstr "URL参数" #: View/Servers/index.ctp:85;86 msgid "Move server priority up" -msgstr "" +msgstr "将服务器优先级上移" #: View/Servers/index.ctp:85;86 msgid "Move server priority down" -msgstr "" +msgstr "将服务器优先级下移" #: View/Servers/index.ctp:102 msgid "Test the connection to the remote instance" -msgstr "" +msgstr "测试远程示例连接" #: View/Servers/index.ctp:102 #: View/Sightingdb/index.ctp:35 @@ -17034,135 +17052,135 @@ msgstr "运行" #: View/Servers/index.ctp:103 msgid "View the sync user of the remote instance" -msgstr "" +msgstr "查看远程实例的同步用户" #: View/Servers/index.ctp:111;112 msgid "Remotely reset API key" -msgstr "" +msgstr "远程重置API key" #: View/Servers/index.ctp:119 msgid "Internal instance that ignores distribution level degradation *WARNING: Only use this setting if you have several internal instances and the sync link is to an internal extension of the current MISP community*" -msgstr "" +msgstr "忽略分布级降级的内部实例 *警告: 只有当您有多个内部实例, 且同步链接指向当前MISP社区的内部扩展时, 才使用此设置*" #: View/Servers/index.ctp:119 msgid "Normal sync link to an external MISP instance. Distribution degradation will follow the normal rules." -msgstr "" +msgstr "与外部MISP实例的正常同步链接, 分布降级将遵循正常规则" #: View/Servers/index.ctp:169 msgid "Explore" -msgstr "" +msgstr "探索" #: View/Servers/index.ctp:171 msgid "Pull updates to events that already exist locally" -msgstr "" +msgstr "拉动更新到本地已经存在的事件" #: View/Servers/index.ctp:171 msgid "Pull updates" -msgstr "" +msgstr "拉取更新" #: View/Servers/index.ctp:178 msgid "Cache instance" -msgstr "" +msgstr "缓存实例" #: View/Servers/ondemand_action.ctp:3 msgid "An action is already in progress..." -msgstr "" +msgstr "一个操作已经在进行中....." #: View/Servers/ondemand_action.ctp:11 msgid "An action is already in progress. Starting new actions is not possible until completion of the current action process." -msgstr "" +msgstr "一个操作已经在进行中, 在完成当前操作进程之前, 不可能启动新的操作" #: View/Servers/ondemand_action.ctp:16 msgid "Show Update Progress Page" -msgstr "" +msgstr "显示更新进度页" #: View/Servers/ondemand_action.ctp:38 msgid "Running this script may take a very long time depending of the size of your database. It is adviced that you back your database up before running it." -msgstr "" +msgstr "运行这个脚本可能需要很长时间, 这取决于您的数据库的大小。建议您在运行此脚本之前, 最好先备份您的数据库" #: View/Servers/ondemand_action.ctp:44 msgid "Running this script will make this instance unusable for all users (not site-admin) during the time of upgrade." -msgstr "" +msgstr "在升级时, 运行此脚本将使所有用户(非网站管理员)无法使用此实例" #: View/Servers/ondemand_action.ctp:54 msgid "Action: " -msgstr "" +msgstr "操作: " #: View/Servers/ondemand_action.ctp:61 msgid "This action has been done and cannot be run again." -msgstr "" +msgstr "这个操作已经做了, 不能再运行了" #: View/Servers/preview_event.ctp:7 msgid "You are currently viewing an event on the remote instance %s " -msgstr "" +msgstr "您当前正在查看远程实例 %s 上的事件" #: View/Servers/preview_event.ctp:31 msgid "Filter the remote instance by tag: %s" -msgstr "" +msgstr "通过标签过滤远程实例: %s" #: View/Servers/preview_event.ctp:31 msgid "Filter the remote instance on the tag: %s" -msgstr "" +msgstr "过滤标签上的远程实例: %s" #: View/Servers/preview_index.ctp:3 msgid "You are currently viewing the event index of the remote instance %s" -msgstr "" +msgstr "您当前正在查看远程实例 %s 的事件索引" #: View/Servers/preview_index.ctp:112 msgid "not " -msgstr "" +msgstr "不" #: View/Servers/preview_index.ctp:112 msgid "published" -msgstr "" +msgstr "已发布" #: View/Servers/pull.ctp:2 msgid "Failed pulls" -msgstr "" +msgstr "拉取失败" #: View/Servers/pull.ctp:5 msgid "No failed pulls" -msgstr "" +msgstr "未拉取失败" #: View/Servers/pull.ctp:13 msgid "Succeeded pulls" -msgstr "" +msgstr "拉取成功" #: View/Servers/pull.ctp:16 msgid "No succeeded pulls" -msgstr "" +msgstr "未拉取成功" #: View/Servers/pull.ctp:24 msgid "Proposals pulled" -msgstr "" +msgstr "已拉取提案" #: View/Servers/pull.ctp:27 msgid "No proposals pulled" -msgstr "" +msgstr "未拉取提案" #: View/Servers/pull.ctp:35 msgid "Sightings pulled" -msgstr "" +msgstr "已拉取观察" #: View/Servers/pull.ctp:38 msgid "No sightings pulled" -msgstr "" +msgstr "未拉取观察" #: View/Servers/push.ctp:2 msgid "Failed pushes" -msgstr "" +msgstr "推送失败" #: View/Servers/push.ctp:5 msgid "No failed pushes" -msgstr "无失败的推送" +msgstr "未推送失败" #: View/Servers/push.ctp:13 msgid "Succeeded pushes" -msgstr "成功的推送" +msgstr "已成功推送" #: View/Servers/push.ctp:16 msgid "No succeeded pushes" -msgstr "未成功的推送" +msgstr "未推送成功" #: View/Servers/rest.ctp:51 msgid "HTTP method to use" @@ -17170,11 +17188,11 @@ msgstr "要使用的 HTTP 方法" #: View/Servers/rest.ctp:62 msgid "Relative path to query" -msgstr "" +msgstr "查询相对路径" #: View/Servers/rest.ctp:69 msgid "Use full path - disclose my apikey" -msgstr "" +msgstr "使用完整路径 - 暴露我的apikey" #: View/Servers/rest.ctp:73 msgid "Bookmark query" @@ -17206,7 +17224,7 @@ msgstr " 显示规则" #: View/Servers/rest.ctp:125 msgid "HTTP body" -msgstr "" +msgstr "HTTP正文" #: View/Servers/rest.ctp:133 msgid "Run query" @@ -17226,35 +17244,35 @@ msgstr "标头" #: View/Servers/server_settings.ctp:3 msgid "Warning: app/Config/config.php is not writeable. This means that any setting changes made here will NOT be saved." -msgstr "" +msgstr "警告: app/Config/config.php无法写入, 这意味着在这里进行的任何设置更改都不会被保存" #: View/Servers/server_settings.ctp:20 msgid "To edit a setting, simply double click it." -msgstr "" +msgstr "要编辑设置, 只需双击它" #: View/Servers/update_progress.ctp:34 msgid "Updates are locked due to an ongoing update process. Release lock only if you know what you are doing." -msgstr "" +msgstr "由于正在进行的更新过程, 更新被锁定, 仅在知道自己在做什么时才释放锁定." #: View/Servers/update_progress.ctp:35 msgid "automatically unlock in %smin %ssec" -msgstr "" +msgstr "自动解锁时间在%smin %ssec内" #: View/Servers/update_progress.ctp:40 msgid "Release update lock" -msgstr "" +msgstr "释放更新锁" #: View/Servers/update_progress.ctp:54 msgid "Complete update progression" -msgstr "" +msgstr "完成更新进度" #: View/Servers/update_progress.ctp:55 msgid "%s remaining" -msgstr "" +msgstr "剩余 %s" #: View/Servers/update_progress.ctp:62 msgid "Database Update progress for update %s" -msgstr "" +msgstr "数据库更新进度为更新 %s" #: View/Servers/update_progress.ctp:133 msgid "Update " @@ -17266,7 +17284,7 @@ msgstr "已启动 @ " #: View/Servers/update_progress.ctp:140 msgid "Elapsed Time @ " -msgstr "" +msgstr "过期时间 @ " #: View/Servers/update_progress.ctp:192 msgid "No update in progress" @@ -17274,23 +17292,23 @@ msgstr "没有正在进行的更新" #: View/Servers/update_progress.ctp:213 msgid "Follow updates" -msgstr "" +msgstr "关注更新" #: View/Servers/view_deprecated_function_use.ctp:13 msgid "Total" -msgstr "" +msgstr "总数" #: View/Servers/view_deprecated_function_use.ctp:27 msgid "View details on the usage of %s on the %s controller" -msgstr "" +msgstr "查看 %s 控制器上 %s 的详细使用方法" #: View/Servers/view_deprecated_function_use.ctp:39 msgid "View user ID " -msgstr "" +msgstr "查看用户ID" #: View/Servers/view_deprecated_function_use.ctp:40 msgid "User #%s" -msgstr "" +msgstr "用户 #%s" #: View/Servers/ajax/fetch_servers_for_sg.ctp:2 msgid "Select instances to add" @@ -17322,15 +17340,15 @@ msgstr "更新所有子模块" #: View/Servers/ajax/submoduleStatus.ctp:36 msgid "Newer version. Make sure to update MISP" -msgstr "更新的版本。请务必更新 MISP" +msgstr "更新的版本.请务必更新 MISP" #: View/Servers/ajax/submoduleStatus.ctp:41 msgid "Invalid file permission." -msgstr "无效的文件权限。" +msgstr "无效的文件权限." #: View/Servers/ajax/submoduleStatus.ctp:43 msgid "Could not retrieve version" -msgstr "" +msgstr "无法检索到版本" #: View/Servers/ajax/submoduleStatus.ctp:59 msgid "Update submodule" @@ -17338,7 +17356,7 @@ msgstr "更新子模块" #: View/Servers/ajax/update.ctp:7 msgid "Do you want to pull the latest commit from the branch? If you have made local changes to MISP the merge will fail." -msgstr "" +msgstr "您想从 分支中拉取最新的提交吗?如果您在本地对MISP做了修改, 合并将失败" #: View/Servers/ajax/zeromqstatus.ctp:2 msgid "ZeroMQ Server Status" @@ -17358,7 +17376,7 @@ msgstr "事件已处理" #: View/Servers/ajax/zeromqstatus.ctp:9 msgid "The ZeroMQ server is unreachable." -msgstr "ZeroMQ 服务器不可访问。" +msgstr "ZeroMQ 服务器不可访问." #: View/Servers/ajax/zeromqstatus.ctp:11 msgid "Cancel prompt" @@ -17367,13 +17385,13 @@ msgstr "取消提示" #: View/ShadowAttributes/add.ctp:4 #: View/ShadowAttributes/edit.ctp:4 msgid "Add Proposal" -msgstr "添加提议" +msgstr "添加提案" #: View/ShadowAttributes/add.ctp:63;76 #: View/ShadowAttributes/add_attachment.ctp:35 #: View/ShadowAttributes/edit.ctp:62 msgid "Propose" -msgstr "提议" +msgstr "提案" #: View/ShadowAttributes/edit.ctp:41 msgid "IDS Signature?" @@ -17389,7 +17407,7 @@ msgstr "所有事件" #: View/ShadowAttributes/index.ctp:50 msgid "Proposal by" -msgstr "" +msgstr "提案由" #: View/ShadowAttributes/index.ctp:56 msgid "Event creator" @@ -17417,7 +17435,7 @@ msgstr "建议删除属性" #: View/ShadowAttributes/ajax/shadowAttributeConfirmationForm.ctp:5 msgid "Proposal Deletion" -msgstr "提议删除" +msgstr "提案删除" #: View/ShadowAttributes/ajax/shadowAttributeConfirmationForm.ctp:7 msgid "Are you sure you want to delete Proposal #%s?" @@ -17454,7 +17472,7 @@ msgstr "MISP 实例" #: View/SharingGroups/add.ctp:28 #: View/SharingGroups/edit.ctp:28 msgid "MISP instances tab" -msgstr "MISP 实例选项卡" +msgstr "MISP 实例标签" #: View/SharingGroups/add.ctp:35 #: View/SharingGroups/edit.ctp:35 @@ -17469,7 +17487,7 @@ msgstr "共享组摘要" #: View/SharingGroups/add.ctp:52 #: View/SharingGroups/edit.ctp:52 msgid "Example: Multinational sharing group" -msgstr "" +msgstr "示例: 跨国共享组" #: View/SharingGroups/add.ctp:53 #: View/SharingGroups/edit.ctp:53 @@ -17480,17 +17498,17 @@ msgstr "被发布至" #: View/SharingGroups/add.ctp:54 #: View/SharingGroups/edit.ctp:54 msgid "Example: Community1, Organisation1, Organisation2" -msgstr "" +msgstr "示例: Community1, Organisation1, Organisation2" #: View/SharingGroups/add.ctp:56 #: View/SharingGroups/edit.ctp:56 msgid "A description of the sharing group." -msgstr "" +msgstr "一个共享组的描述" #: View/SharingGroups/add.ctp:58 #: View/SharingGroups/edit.ctp:58 msgid "Active sharing groups can be selected by users of the local instance when creating events. Generally, sharing groups received through synchronisation will have this disabled until manually enabled." -msgstr "" +msgstr "创建事件时, 本地实例的用户可以选择活跃共享组. 通常, 通过同步接收的共享组将被禁用, 直到手动启用" #: View/SharingGroups/add.ctp:59 #: View/SharingGroups/edit.ctp:59 @@ -17536,12 +17554,12 @@ msgstr "上一页" #: View/SharingGroups/add.ctp:82 #: View/SharingGroups/edit.ctp:90 msgid "Enable roaming mode for this sharing group. Roaming mode will allow the sharing group to be passed to any instance where the remote recipient is contained in the organisation list. It is preferred to list the recipient instances instead." -msgstr "" +msgstr "为该共享组启用漫游模式. 漫游模式将允许将共享组传递给组织列表中包含远程收件人的任何实例, 最好是列出收件人实例." #: View/SharingGroups/add.ctp:83 #: View/SharingGroups/edit.ctp:91 msgid "Enable roaming mode for this sharing group (pass the event to any connected instance where the sync connection is tied to an organisation contained in the SG organisation list)." -msgstr "" +msgstr "为该共享组启用漫游模式(将事件传递给任何连接的实例, 其中同步连接绑定到SG组织列表中的组织)" #: View/SharingGroups/add.ctp:87 #: View/SharingGroups/edit.ctp:95 @@ -17550,24 +17568,24 @@ msgstr "添加实例" #: View/SharingGroups/add.ctp:103 msgid "General: You are about to create the sharing group, which is intended to be releasable to ." -msgstr "" +msgstr "通常: 您要创建 共享组, 拟将其释放到 ." #: View/SharingGroups/add.ctp:104 msgid "Local organisations: It will be visible to , from which can extend the sharing group." -msgstr "" +msgstr "本地组织: 它还将被显示在, 其中可以扩展共享组" #: View/SharingGroups/add.ctp:105 msgid "External organisations: It will also be visible to , out of which can extend the sharing group." -msgstr "" +msgstr "外部组织: 它还将被显示在, 其中可以扩展共享组" #: View/SharingGroups/add.ctp:106 msgid "Synchronisation: Furthermore, events are automatically pushed to: " -msgstr "" +msgstr "同步: 此外, 事件会自动推送到: " #: View/SharingGroups/add.ctp:107 #: View/SharingGroups/edit.ctp:115 msgid "You can edit this information by going back to one of the previous pages, or if you agree with the above mentioned information, click Submit to create the Sharing group." -msgstr "" +msgstr "您可以通过返回到之前的某个页面编辑这些信息, 如果您同意上述信息, 也可以点击提交创建分享组" #: View/SharingGroups/add.ctp:115 #: View/SharingGroups/edit.ctp:123 @@ -17586,7 +17604,7 @@ msgstr "" #: View/SharingGroups/edit.ctp:114 msgid "Synchronisation: Furthermore, events are automatically pushed to: " -msgstr "" +msgstr "同步:此外, 事件会自动推送到: " #: View/SharingGroups/index.ctp:2 msgid "Sharing Groups" @@ -17594,15 +17612,15 @@ msgstr "共享组" #: View/SharingGroups/index.ctp:26 msgid "Active Sharing Groups" -msgstr "激活的共享组" +msgstr "活跃共享组" #: View/SharingGroups/index.ctp:31 msgid "Passive Sharing Groups" -msgstr "" +msgstr "被动共享组" #: View/SharingGroups/index.ctp:82 msgid "Distribution List" -msgstr "" +msgstr "分发清单" #: View/SharingGroups/view.ctp:12 msgid "Selectable" @@ -17610,64 +17628,64 @@ msgstr "可选的" #: View/SharingGroups/view.ctp:28 msgid "Synced by" -msgstr "" +msgstr "同步于" #: View/Sightingdb/index.ctp:41 msgid "Quick Search" -msgstr "" +msgstr "快读查询" #: View/Sightingdb/index.ctp:55 msgid "Owner" -msgstr "" +msgstr "所有者" #: View/Sightingdb/index.ctp:61 msgid "Host" -msgstr "" +msgstr "主机" #: View/Sightingdb/index.ctp:66 msgid "Port" -msgstr "" +msgstr "端口" #: View/Sightingdb/index.ctp:76 msgid "Skip Proxy" -msgstr "" +msgstr "跳过代理" #: View/Sightingdb/index.ctp:82 msgid "Skip SSL" -msgstr "" +msgstr "跳过SSL" #: View/Sightingdb/index.ctp:92 #: View/UserSettings/index.ctp:74 msgid "Restricted to" -msgstr "" +msgstr "限于" #: View/Sightingdb/index.ctp:98 msgid "SightingDB index" -msgstr "" +msgstr "SightingDB索引" #: View/Sightingdb/index.ctp:99 msgid "SightingDB is an alternate sighting database that MISP interconnects with. Configure connections to sighting databases below." -msgstr "" +msgstr "SightingDB是MISP互连的另一个观察数据库, 在下面配置与观察数据库的连接" #: View/Sightingdb/index.ctp:114 msgid "Are you sure you want to remove the connection to this SightingDB?" -msgstr "" +msgstr "您确定要删除这个SightingDB的连接吗?" #: View/Sightings/ajax/add_sighting.ctp:11 msgid "honeypot, IDS sensor id, SIEM,…" -msgstr "" +msgstr "蜜罐, IDS传感器ID, SIEM,…" #: View/Sightings/ajax/add_sighting.ctp:15 msgid "Sighting date" -msgstr "" +msgstr "观察日期" #: View/Sightings/ajax/advanced.ctp:2 msgid "Sighting details" -msgstr "" +msgstr "观察细节" #: View/Sightings/ajax/advanced.ctp:4 msgid "Graph" -msgstr "" +msgstr "图" #: View/Sightings/ajax/advanced.ctp:6 msgid "My org" @@ -17679,31 +17697,31 @@ msgstr "属性ID" #: View/Sightings/ajax/list_sightings.ctp:35 msgid "Delete sighting" -msgstr "" +msgstr "删除观察" #: View/Sightings/ajax/quickAddConfirmationForm.ctp:5 msgid "Add Sighting" -msgstr "" +msgstr "添加观察" #: View/Sightings/ajax/quickAddConfirmationForm.ctp:7 msgid "Add%s sighting (%s)?" -msgstr "" +msgstr "添加观察(%s)?" #: View/Sightings/ajax/quickAddConfirmationForm.ctp:7 msgid "false-positive" -msgstr "" +msgstr "误报" #: View/Sightings/ajax/quickDeleteConfirmationForm.ctp:5 msgid "Remove Sighting" -msgstr "" +msgstr "移除观察" #: View/Sightings/ajax/quickDeleteConfirmationForm.ctp:7 msgid "Remove sighting (%s)?" -msgstr "" +msgstr "移除观察(%s)?" #: View/Sightings/ajax/quickDeleteConfirmationForm.ctp:11 msgid "Remove sighting" -msgstr "" +msgstr "移除观察" #: View/TagCollections/add.ctp:8 msgid "Edit Tag Collection" @@ -17715,25 +17733,25 @@ msgstr "对所有组织都可见" #: View/TagCollections/import.ctp:4 msgid "Paste tag collection data" -msgstr "" +msgstr "粘贴标签集合数据" #: View/TagCollections/import.ctp:5 msgid "Paste a MISP tag collection JSON below to add tag collections." -msgstr "" +msgstr "在下面粘贴一个MISP标签集合JSON来添加标签集合" #: View/TagCollections/import.ctp:11 msgid "Tag collection JSON" -msgstr "" +msgstr "标签集合JSON" #: View/Tags/add.ctp:12 #: View/Tags/edit.ctp:12 msgid "Restrict tagging to org" -msgstr "" +msgstr "将标签限制为组织" #: View/Tags/add.ctp:17 #: View/Tags/edit.ctp:17 msgid "Restrict tagging to user" -msgstr "" +msgstr "将标签限制为用户" #: View/Tags/edit.ctp:31 msgid "Unselectable Tag" @@ -17758,11 +17776,11 @@ msgstr "已隐藏" #: View/Tags/index.ctp:66 msgid "Restricted to org" -msgstr "" +msgstr "限定组织" #: View/Tags/index.ctp:68 msgid "Restricted to user" -msgstr "" +msgstr "限定用户" #: View/Tags/index.ctp:70 msgid "Taxonomy" @@ -17782,11 +17800,11 @@ msgstr "最喜爱的" #: View/Tasks/index.ctp:4 msgid "Here you can schedule pre-defined tasks that will be executed every x hours. You can alter the date and time of the next scheduled execution and the frequency at which it will be repeated (expressed in hours). If you set the frequency to 0 then the task will not be repeated. To change and of the above mentioned settings just click on the appropriate field and hit update all when you are done editing the scheduled tasks." -msgstr "" +msgstr "在这里, 您可以预定义任务, 每隔x小时执行一次. 您可以改变下一次计划执行的日期和时间, 以及重复执行的频率(以小时为单位), 如果您将频率设置为0, 则任务不会重复执行. 要更改上述设置, 只需点击相应的字段, 并在编辑完成后点击更新所有预定任务" #: View/Tasks/index.ctp:5 msgid "Warning: Scheduled tasks come with a lot of caveats and little in regards of customisations / granularity. You can instead simply create cron jobs out of the console commands as described here: " -msgstr "" +msgstr "警告: 计划任务有很多注意事项, 而关于定制/粒度方面的注意事项很少, 您可以简单地从控制台命令中创建cron作业, 就像这里描述的那样" #: View/Tasks/index.ctp:36 msgid "Frequency (h)" @@ -17794,11 +17812,11 @@ msgstr "频率(h)" #: View/Tasks/index.ctp:55 msgid "Set frequency timer for scheduled task" -msgstr "" +msgstr "为计划任务设置频率定时器" #: View/Tasks/index.ctp:70 msgid "Set scheduled time for task" -msgstr "" +msgstr "设置任务的计划时间" #: View/Tasks/index.ctp:96 msgid "Update all" @@ -17822,17 +17840,17 @@ msgstr "启用所有标签" #: View/Taxonomies/index.ctp:38 msgid "Are you sure you want to enable every tag associated to this taxonomy?" -msgstr "" +msgstr "您确定要启用与此分类法相关的每个标签吗?" #: View/Taxonomies/index.ctp:43 #: View/Taxonomies/view.ctp:29 msgid "Are you sure you want to disable this taxonomy library?" -msgstr "" +msgstr "您确定您要禁用这个分类法库吗?" #: View/Taxonomies/index.ctp:45 #: View/Taxonomies/view.ctp:31 msgid "Are you sure you want to enable this taxonomy library?" -msgstr "" +msgstr "您确定您要启用这个分类法库吗?" #: View/Taxonomies/index.ctp:50 msgid "Delete taxonomy" @@ -17840,7 +17858,7 @@ msgstr "删除分类" #: View/Taxonomies/view.ctp:62 msgid "Create and/or update selected tags" -msgstr "" +msgstr "创建 和/或 更新选定的标签" #: View/Taxonomies/view.ctp:68;69 msgid "Hide selected tags" @@ -17856,7 +17874,7 @@ msgstr "已扩展" #: View/Taxonomies/view.ctp:85 msgid "Numerical value" -msgstr "" +msgstr "数值" #: View/Taxonomies/view.ctp:154 msgid "Refresh" @@ -17872,7 +17890,7 @@ msgstr "分类删除" #: View/Taxonomies/ajax/taxonomy_delete_confirmation.ctp:11 msgid "Are you sure you want to delete Taxonomy #?
Associated tags will not be removed. You can reload the taxonomy at any time by updating your taxonomies." -msgstr "" +msgstr "您是否确定要删除分类目录 #?
相关标签不会被删除, 您可以在任何时候通过更新您的分类法来重新加载分类法" #: View/Taxonomies/ajax/taxonomy_mass_confirmation.ctp:13 msgid "Create Tags" @@ -17884,11 +17902,11 @@ msgstr "您确定要创建/更新所有选定的标签吗?" #: View/Taxonomies/ajax/taxonomy_mass_confirmation.ctp:19 msgid "Create / update all selected taxonomy entries as tags" -msgstr "" +msgstr "创建/更新所有选定的分类法条目作为标签" #: View/Taxonomies/ajax/taxonomy_mass_confirmation.ctp:19 msgid "Create / update all taxonomy entries as tags" -msgstr "" +msgstr "创建/更新所有的分类法条目作为标签" #: View/Taxonomies/ajax/taxonomy_mass_hide.ctp:13 msgid "Hide Tags" @@ -17896,11 +17914,11 @@ msgstr "隐藏标签" #: View/Taxonomies/ajax/taxonomy_mass_hide.ctp:15 msgid "Are you sure you want to hide all selected tags?" -msgstr "" +msgstr "您确定要隐藏所有选择的标签吗?" #: View/Taxonomies/ajax/taxonomy_mass_hide.ctp:19 msgid "Hide all selected tags" -msgstr "" +msgstr "隐藏所有选择的标签" #: View/Taxonomies/ajax/taxonomy_mass_unhide.ctp:13 msgid "Unhide Tags" @@ -17908,11 +17926,11 @@ msgstr "显示标签" #: View/Taxonomies/ajax/taxonomy_mass_unhide.ctp:15 msgid "Are you sure you want to unhide all selected tags?" -msgstr "" +msgstr "您确定要取消隐藏所有选定的标签吗?" #: View/Taxonomies/ajax/taxonomy_mass_unhide.ctp:19 msgid "Unhide all selected tags" -msgstr "" +msgstr "取消隐藏所有选定的标签" #: View/TemplateElements/ajax/ajaxIndex.ctp:2 msgid "Template Elements" @@ -17924,15 +17942,15 @@ msgstr "添加一个新的模板元素" #: View/TemplateElements/ajax/templateElementConfirmationForm.ctp:5 msgid "Template Element Deletion" -msgstr "" +msgstr "模板元素删除" #: View/TemplateElements/ajax/templateElementConfirmationForm.ctp:7 msgid "Are you sure you want to delete Template Element #%s?" -msgstr "" +msgstr "您确定要删除模板元素 #%s 吗?" #: View/TemplateElements/ajax/template_element_add_attribute.ctp:5 msgid "Add Attribute Element To Template" -msgstr "" +msgstr "添加属性元素到模板中" #: View/TemplateElements/ajax/template_element_add_attribute.ctp:29 #: View/TemplateElements/ajax/template_element_add_file.ctp:29 @@ -17947,33 +17965,33 @@ msgstr "选择类型" #: View/TemplateElements/ajax/template_element_add_attribute.ctp:43 #: View/TemplateElements/ajax/template_element_edit_attribute.ctp:42 msgid "Some categories can use complex types. A complex type can define attributes that can be described by various different types, the system will parse the user's entry and determine the most suitable type for the found attributes. The list of valid types for the chosen complex type is shown below." -msgstr "" +msgstr "有些类别可以使用复杂类型, 复杂类型可以定义各种不同类型的属性, 系统会对用户的条目进行解析, 并为找到的属性确定最适合的类型. 所选的复杂类型的有效类型列表如下所示." #: View/TemplateElements/ajax/template_element_add_attribute.ctp:47 msgid "Use complex types" -msgstr "" +msgstr "使用复杂类型" #: View/TemplateElements/ajax/template_element_add_attribute.ctp:55 #: View/TemplateElements/ajax/template_element_edit_attribute.ctp:53 msgid "Types allowed based on the above setting" -msgstr "" +msgstr "根据上述设置, 允许的类型" #: View/TemplateElements/ajax/template_element_add_attribute.ctp:59 #: View/TemplateElements/ajax/template_element_edit_attribute.ctp:57 msgid "When checked, attributes created using this element will automatically be marked for IDSes." -msgstr "" +msgstr "选中后, 使用该元素创建的属性将自动标记为IDSes" #: View/TemplateElements/ajax/template_element_add_attribute.ctp:68 #: View/TemplateElements/ajax/template_element_add_file.ctp:44 #: View/TemplateElements/ajax/template_element_edit_attribute.ctp:65 #: View/TemplateElements/ajax/template_element_edit_file.ctp:44 msgid "This setting will make this element mandatory." -msgstr "" +msgstr "这个设置将使这个元素成为强制性的" #: View/TemplateElements/ajax/template_element_add_attribute.ctp:77 #: View/TemplateElements/ajax/template_element_edit_attribute.ctp:73 msgid "If this checkbox is checked, then the resulting field in the form will allow several values to be entered (separated by a linebreak)." -msgstr "" +msgstr "如果勾选了这个复选框, 那么在表格中产生的字段将允许输入多个值(用隔行符隔开)" #: View/TemplateElements/ajax/template_element_add_attribute.ctp:91 msgid "Add attribute element" @@ -17994,7 +18012,7 @@ msgstr "添加文件元素" #: View/TemplateElements/ajax/template_element_add_choices.ctp:5 msgid "Add a text description to the elements that follow" -msgstr "" +msgstr "在后面的元素中添加文字说明" #: View/TemplateElements/ajax/template_element_add_file.ctp:5 msgid "Add File Element To Template" @@ -18003,12 +18021,12 @@ msgstr "添加文件元素到模板" #: View/TemplateElements/ajax/template_element_add_file.ctp:34 #: View/TemplateElements/ajax/template_element_edit_file.ctp:34 msgid "If a file is flagged as malicious then it will automatically be encrypted." -msgstr "" +msgstr "如果一个文件被标记为恶意, 那么它将自动被加密" #: View/TemplateElements/ajax/template_element_add_file.ctp:53 #: View/TemplateElements/ajax/template_element_edit_file.ctp:53 msgid "If this checkbox is checked, then the resulting field in the form will allow several files to be uploaded." -msgstr "" +msgstr "如果勾选了这个复选框, 那么在表单中产生的字段将允许上传多个文件" #: View/TemplateElements/ajax/template_element_add_file.ctp:67 msgid "Submit the file element" @@ -18017,11 +18035,11 @@ msgstr "提交文件元素" #: View/TemplateElements/ajax/template_element_add_text.ctp:5 #: View/TemplateElements/ajax/template_element_edit_text.ctp:5 msgid "Add Text Element To Template" -msgstr "" +msgstr "添加文本元素到模板中" #: View/TemplateElements/ajax/template_element_add_text.ctp:29 msgid "Add text description element" -msgstr "" +msgstr "添加文本描述元素" #: View/TemplateElements/ajax/template_element_edit_attribute.ctp:5 msgid "Edit Attribute Element" @@ -18029,7 +18047,7 @@ msgstr "编辑属性元素" #: View/TemplateElements/ajax/template_element_edit_attribute.ctp:86 msgid "Submit attribute element changes" -msgstr "" +msgstr "提交属性元素更改" #: View/TemplateElements/ajax/template_element_edit_file.ctp:5 msgid "Edit File Element" @@ -18037,16 +18055,16 @@ msgstr "编辑文件元素" #: View/TemplateElements/ajax/template_element_edit_file.ctp:67 msgid "Submit file element changes" -msgstr "" +msgstr "提交元素更改" #: View/TemplateElements/ajax/template_element_edit_text.ctp:29 msgid "Submit description changes" -msgstr "" +msgstr "提交描述更改" #: View/Templates/add.ctp:41 #: View/Templates/edit.ctp:41 msgid "A description of the template" -msgstr "" +msgstr "模板描述" #: View/Templates/index.ctp:2 msgid "Templates" @@ -18058,15 +18076,15 @@ msgstr "您确定要删除模板 #" #: View/Templates/populate_event_from_template_attributes.ctp:2 msgid "Populate From Template Results" -msgstr "" +msgstr "从模板结果中填充" #: View/Templates/populate_event_from_template_attributes.ctp:3 msgid "Below you can see the attributes that are to be created based on the data that you have entered into the template. If you are satisfied with the result, click \"Finalise\". Otherwise, click \"Modify\"." -msgstr "" +msgstr "下面您可以看到根据您输入到模板中的数据创建的属性, 如果您对结果满意, 请点击 \"Finalise\", 否则, 点击 \"Modify\"" #: View/Templates/populate_event_from_template_attributes.ctp:37 msgid "Finalise" -msgstr "完成" +msgstr "最终确定" #: View/Templates/upload_file.ctp:3 msgid "Upload Files" @@ -18086,19 +18104,19 @@ msgstr "可共享" #: View/Threads/index.ctp:23 msgid "Last Post On" -msgstr "" +msgstr "最后一篇帖子关于" #: View/Threads/index.ctp:24 msgid "Last Post By" -msgstr "" +msgstr "最后一篇帖子由" #: View/Threads/index.ctp:25 msgid "Thread started On" -msgstr "" +msgstr "话题开始于" #: View/Threads/index.ctp:26 msgid "Posts" -msgstr "" +msgstr "帖子" #: View/Threads/index.ctp:81 msgid "View Discussion" @@ -18106,19 +18124,19 @@ msgstr "查看讨论" #: View/UserSettings/index.ctp:30 msgid "Me" -msgstr "" +msgstr "我" #: View/UserSettings/index.ctp:79 msgid "User settings management" -msgstr "" +msgstr "用户设置管理" #: View/UserSettings/index.ctp:80 msgid "Manage the individual user settings." -msgstr "" +msgstr "管理个人用户设置" #: View/UserSettings/index.ctp:97 msgid "Are you sure you wish to delete this entry?" -msgstr "" +msgstr "您确定您要删除这个条目吗?" #: View/Users/admin_add.ctp:4 msgid "Admin Add User" @@ -18154,7 +18172,7 @@ msgstr "同步用户到" #: View/Users/admin_edit.ctp:64 #: View/Users/edit.ctp:23 msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below." -msgstr "" +msgstr "将用户的GnuPG密钥粘贴到这里, 或者点击下面的 \"Fetch GnuPG key\" 从CIRCL密钥服务器上获取" #: View/Users/admin_add.ctp:72 #: View/Users/admin_edit.ctp:66 @@ -18175,7 +18193,7 @@ msgstr "SMIME 密钥" #: View/Users/admin_add.ctp:74 #: View/Users/admin_edit.ctp:68 msgid "Paste the user's SMIME public key in PEM format here." -msgstr "" +msgstr "将用户的SMIME公钥以PEM格式粘贴到这里" #: View/Users/admin_add.ctp:88 #: View/Users/admin_edit.ctp:78 @@ -18184,7 +18202,7 @@ msgstr "禁用此用户帐户" #: View/Users/admin_add.ctp:90 msgid "Send credentials automatically" -msgstr "" +msgstr "自动发送凭证" #: View/Users/admin_edit.ctp:4 msgid "Admin Edit User" @@ -18194,7 +18212,7 @@ msgstr "管理员编辑用户" #: View/Users/admin_view.ctp:69 #: View/Users/view.ctp:29 msgid "Terms accepted" -msgstr "" +msgstr "已接受条款" #: View/Users/admin_edit.ctp:74 msgid "Reset Auth Key" @@ -18208,36 +18226,37 @@ msgstr "确认您当前的密码" #: View/Users/admin_email.ctp:2 msgid "Contact User(s)" -msgstr "" +msgstr "联系用户" #: View/Users/admin_email.ctp:6 msgid "Messaging - here's a quick guide on how this feature works" -msgstr "" +msgstr "信息传递 - 以下是关于此功能工作原理的快速指南" #: View/Users/admin_email.ctp:7 msgid "You can use this view to send messages to your current or future users or send them a temporary password." -msgstr "" +msgstr "您可以使用此视图向当前或将来的用户发送消息或向他们发送一个临时密码" #: View/Users/admin_email.ctp:9 msgid "When adding a new user to the system, or when you want to manually reset the password for a user, just use the \"Send temporary password\" setting." -msgstr "" +msgstr "将新用户添加到系统时, 或者要手动重设用户密码时, 只需使用\"发送临时密码\"设置即可" #: View/Users/admin_email.ctp:10 msgid "After selecting the action, choose who the target of the e-mails should be (all users, a single user or a user not yet in the system)." -msgstr "" +msgstr "选择操作后, 选择电子邮件的目标用户(所有用户, 单个用户或系统中尚未存在的用户)" #: View/Users/admin_email.ctp:11 msgid "You can then specify (if eligible) what the e-mail address of the target is (for existing users you can choose from a dropdown menu)." -msgstr "" +msgstr "然后, 您可以指定(如果符合条件)目标的电子邮件地址(对于现有用户, 您可以从下拉菜单中选择)" #: View/Users/admin_email.ctp:12 msgid "In the case of a new user, you can specify the future user's GnuPG key, to send his/her new key in an encrypted e-mail." -msgstr "" +msgstr "对于新用户, 您可以指定未来用户的GnuPG密钥, 以通过加密的电子邮件发送其新密钥." #: View/Users/admin_email.ctp:13 msgid "The system will automatically generate a message for you, but it is also possible to write a custom message if you tick the check-box,\n" " but don't worry about assigning a temporary password manually, the system will do that for you, right after your custom message." -msgstr "" +msgstr "系统会自动为您生成一条消息, 但是如果您勾选复选框, 也可以编写自定义消息,\n" +" 但不必担心手动分配临时密码, 系统会在您的自定义消息之后立即为您执行此操作." #: View/Users/admin_email.ctp:18 msgid "Custom message" @@ -18265,15 +18284,15 @@ msgstr "同一组织的所有用户" #: View/Users/admin_email.ctp:30 msgid "Recipient Email" -msgstr "" +msgstr "收件人电子邮件" #: View/Users/admin_email.ctp:33 msgid "Recipient Organisation Name" -msgstr "" +msgstr "收件人组织名称" #: View/Users/admin_email.ctp:39 msgid "Enter a custom message" -msgstr "" +msgstr "输入自定义信息" #: View/Users/admin_email.ctp:73 msgid "New user registration" @@ -18285,7 +18304,7 @@ msgstr "密码重置" #: View/Users/admin_filter_user_index.ctp:4 msgid "Filter User Index" -msgstr "" +msgstr "筛选用户索引" #: View/Users/admin_filter_user_index.ctp:81 msgid "Remove filter" @@ -18293,7 +18312,7 @@ msgstr "删除筛选器" #: View/Users/admin_filter_user_index.ctp:106 msgid "Apply filters" -msgstr "" +msgstr "应用过滤器" #: View/Users/admin_index.ctp:2 #: View/Users/statistics.ctp:25 @@ -18305,94 +18324,94 @@ msgstr "用户" #: View/Users/admin_index.ctp:7 msgid "Click %s to reset the API keys of all sync and org admin users in one shot. This will also automatically inform them of their new API keys." -msgstr "" +msgstr "点击%s可以一次性重置所有同步和org管理员用户的API密钥, 这也会自动通知他们新的API密钥" #: View/Users/admin_index.ctp:10 msgid "here" -msgstr "" +msgstr "这里" #: View/Users/admin_index.ctp:13;14 msgid "Reset all sync user API keys" -msgstr "" +msgstr "重置所有同步用户的API密钥" #: View/Users/admin_index.ctp:17 msgid "Are you sure you wish to reset the API keys of all users with sync privileges?" -msgstr "" +msgstr "您是否确定要重置所有具有同步权限的用户的API密钥?" #: View/Users/admin_quick_email.ctp:2 msgid "Contact %s" -msgstr "" +msgstr "联系%s" #: View/Users/admin_quick_email.ctp:4 msgid "WARNING: This user does not have an encryption key set. The security posture of this instance allows for the sending of clear-text e-mails, so this is what will happen if you proceed." -msgstr "" +msgstr "警告: 此用户没有设置加密密钥, 此实例的安全状态允许发送明文电子邮件, 因此, 如果继续操作, 就会发生这种情况" #: View/Users/admin_quick_email.ctp:7 msgid "%s key found for user, the e-mail will be sent encrypted using this key." -msgstr "" +msgstr "找到用户的 %s 密钥, 将使用该密钥加密发送电子邮件" #: View/Users/admin_view.ctp:27 #: View/Users/view.ctp:8 msgid "Contactalert" -msgstr "" +msgstr "Contactalert" #: View/Users/admin_view.ctp:30 #: View/Users/view.ctp:11 msgid "Request API access" -msgstr "" +msgstr "请求API访问" #: View/Users/admin_view.ctp:47 msgid "Customauth header" -msgstr "" +msgstr "Customauth header" #: View/Users/admin_view.ctp:55 msgid "Invited By" -msgstr "" +msgstr "邀请者" #: View/Users/admin_view.ctp:67 msgid "Org_admin" -msgstr "" +msgstr "Org_admin" #: View/Users/admin_view.ctp:68 #: View/Users/view.ctp:28 msgid "NIDS Start SID" -msgstr "" +msgstr "NIDS 启动 SID" #: View/Users/admin_view.ctp:70 msgid "Password change" -msgstr "" +msgstr "修改密码" #: View/Users/admin_view.ctp:78 #: View/Users/view.ctp:37 msgid "GnuPG fingerprint" -msgstr "" +msgstr "GnuPG指纹" #: View/Users/admin_view.ctp:83 #: View/Users/view.ctp:42 msgid "GnuPG status" -msgstr "" +msgstr "GnuPG状态" #: View/Users/admin_view.ctp:90 #: View/Users/view.ctp:49 msgid "S/MIME Public certificate" -msgstr "" +msgstr "S/MIME公共证书" #: View/Users/admin_view.ctp:119 #: View/Users/view.ctp:64 msgid "Download user profile for data portability" -msgstr "" +msgstr "下载用户资料, 实现数据的可移植性" #: View/Users/check_and_correct_pgps.ctp:2 msgid "Failed GnuPGs?" -msgstr "" +msgstr "失败的GnuPGs?" #: View/Users/check_and_correct_pgps.ctp:4 msgid "No failed composites" -msgstr "" +msgstr "没有失败的复合材料" #: View/Users/edit.ctp:27 msgid "SMIME Public certificate (PEM format)" -msgstr "" +msgstr "SMIME公共证书(PEM格式)" #: View/Users/login.ctp:37;44 msgid "Login" @@ -18401,52 +18420,52 @@ msgstr "登入" #: View/Users/statistics.ctp:8 #: View/Users/statistics_data.ctp:11 msgid "Some statistics about this instance. The changes since the beginning of this month are noted in brackets wherever applicable" -msgstr "" +msgstr "关于本例的一些统计数字, 自本月初以来的变化情况在方括号内注明" #: View/Users/statistics.ctp:21 #: View/Users/statistics_data.ctp:26 msgid "Correlations found" -msgstr "" +msgstr "发现相关性" #: View/Users/statistics.ctp:23 #: View/Users/statistics_data.ctp:28 msgid "Proposals active" -msgstr "" +msgstr "活跃提案" #: View/Users/statistics.ctp:29 #: View/Users/statistics_data.ctp:40 msgid "Discussion threads" -msgstr "" +msgstr "讨论话题" #: View/Users/statistics.ctp:34 #: View/Users/statistics_data.ctp:45 msgid "Discussion posts" -msgstr "" +msgstr "讨论帖子" #: View/Users/statistics.ctp:43 #: View/Users/statistics_data.ctp:54 msgid "A heatmap showing user activity for each day during this month and the 4 months that preceded it. Use the buttons below to only show the heatmap of a specific organisation." -msgstr "" +msgstr "热图显示了这个月和之前4个月内每天的用户活动, 使用下面的按钮, 只显示特定组织的热力图" #: View/Users/statistics.ctp:60 #: View/Users/statistics_data.ctp:71 msgid "Go left" -msgstr "" +msgstr "向左" #: View/Users/statistics.ctp:66 #: View/Users/statistics_data.ctp:77 msgid "Go right" -msgstr "" +msgstr "向右" #: View/Users/statistics.ctp:113 #: View/Users/statistics_data.ctp:124 msgid "The above graph will not work correctly in Compatibility mode. Please make sure that it is disabled in your Internet Explorer settings." -msgstr "" +msgstr "在兼容性模式下, 上述图表将无法正常工作, 请确认您的Internet Explorer设置中已禁用." #: View/Users/statistics.ctp:117 #: View/Users/statistics_data.ctp:128 msgid "The above graph will not work correctly on Internet Explorer 9.0 and earlier. Please download Chrome, Firefox or upgrade to a newer version of Internet Explorer." -msgstr "" +msgstr "上图将无法在Internet Explorer 9.0及更早版本的浏览器上正常工作, 请下载Chrome、Firefox或升级到较新版本的Internet Explorer." #: View/Users/statistics_data.ctp:24 msgid "Attributes / event" @@ -18462,11 +18481,11 @@ msgstr "本地组织" #: View/Users/statistics_data.ctp:38 msgid "Average Users / Org" -msgstr "" +msgstr "平均用户/组织" #: View/Users/statistics_galaxymatrix.ctp:6 msgid "A heatmap showing the usage of %s." -msgstr "" +msgstr "显示 %s 的使用情况的热图." #: View/Users/statistics_orgs.ctp:17 msgid "Organisation list" @@ -18474,27 +18493,27 @@ msgstr "组织列表" #: View/Users/statistics_orgs.ctp:18 msgid "Quick overview over the organisations residing on or known by this instance." -msgstr "" +msgstr "简要概述此实例所驻留或已知的组织." #: View/Users/statistics_orgs.ctp:38 msgid "Activity (1 year)" -msgstr "" +msgstr "活跃(1年)" #: View/Users/statistics_sightings.ctp:6 msgid "A toplist of the top sources for the sightings of your organisation." -msgstr "" +msgstr "您的组织观察者的主要来源的顶级列表." #: View/Users/statistics_sightings.ctp:10 msgid "#Entries" -msgstr "" +msgstr "#条目" #: View/Users/statistics_sightings.ctp:11 msgid "#Sighting" -msgstr "" +msgstr "#观察" #: View/Users/statistics_sightings.ctp:12 msgid "#False-positive" -msgstr "" +msgstr "#误报" #: View/Users/statistics_sightings.ctp:13 msgid "Expiration" @@ -18502,11 +18521,11 @@ msgstr "过期时间" #: View/Users/statistics_tags.ctp:11 msgid "A treemap of the currently used event tags. Click on any of the taxonomies to hide it and click it again to show it." -msgstr "" +msgstr "当前使用的事件标签的树状图. 点击任何一个分类标签可以隐藏它, 再次点击它可以显示它" #: View/Users/statistics_users.ctp:6 msgid "User and Organisation Statistics" -msgstr "" +msgstr "用户和组织统计" #: View/Users/terms.ctp:2 msgid "MISP Terms and Conditions" @@ -18514,7 +18533,7 @@ msgstr "MISP 条款和条件" #: View/Users/terms.ctp:11 msgid "Terms and Conditions file not found." -msgstr "" +msgstr "找不到条款和条件文件" #: View/Users/terms.ctp:19 msgid "Download Terms and Conditions" @@ -18522,7 +18541,7 @@ msgstr "下载条款和条件" #: View/Users/terms.ctp:27 msgid "Accept Terms" -msgstr "" +msgstr "接受条款" #: View/Users/verify_certificate.ctp:2 msgid "Certificates validation" @@ -18546,11 +18565,11 @@ msgstr "选择您想要使用的密钥" #: View/Users/ajax/fetchpgpkey.ctp:4 msgid "Do not blindly trust fetched keys and check the fingerprint from other source." -msgstr "" +msgstr "不要盲目相信获取的密钥并检查其他来源的指纹" #: View/Users/ajax/fetchpgpkey.ctp:5 msgid "And do not check just Key ID, but whole fingerprint." -msgstr "" +msgstr "并且不要只检查密钥ID, 而是要检查整个指纹" #: View/Users/ajax/fetchpgpkey.ctp:10 msgid "Key ID" @@ -18570,7 +18589,7 @@ msgstr "选择 GnuPG 密钥" #: View/Users/ajax/passwordResetConfirmationForm.ctp:3 msgid "WARNING: This user does not have an encryption key set. The security posture of this instance allows for the sending of clear text e-mails, so this is what will happen if you proceed." -msgstr "" +msgstr "警告: 该用户没有设置加密密钥. 该实例的安全状态允许发送明文邮件, 因此, 如果您继续操作, 会出现这样的情况" #: View/Users/ajax/passwordResetConfirmationForm.ctp:8 msgid "Send welcome message to user" @@ -18582,15 +18601,15 @@ msgstr "启动用户密码重置" #: View/Users/ajax/passwordResetConfirmationForm.ctp:9 msgid "Are you sure you want to reset the password of %s and send him/her a welcome message with the credentials?" -msgstr "" +msgstr "您确定要重置 %s 的密码, 并向他/她发送欢迎信息, 并附上凭证?" #: View/Users/ajax/passwordResetConfirmationForm.ctp:9 msgid "Are you sure you want to reset the password of %s and send him/her the temporary credentials? " -msgstr "" +msgstr "您确定要重置 %s 的密码, 并将临时凭证发给他/她?" #: View/Users/ajax/passwordResetConfirmationForm.ctp:22 msgid "First time registration" -msgstr "" +msgstr "首次注册" #: View/Users/ajax/passwordResetConfirmationForm.ctp:27 msgid "Submit password reset" @@ -18606,7 +18625,7 @@ msgstr "有效属性" #: View/Warninglists/index.ctp:36 msgid "Entries" -msgstr "" +msgstr "条目" #: View/Warninglists/index.ctp:61 msgid "Delete Warninglist" @@ -18626,7 +18645,7 @@ msgstr "警告列表删除" #: View/Warninglists/ajax/delete_confirmation.ctp:11 msgid "Are you sure you want to delete Warninglist #%s
Associated tags will not be removed. You can reload the warninglist at any time by updating your warninglists." -msgstr "" +msgstr "确定要删除警告列表 #%s
关联标签不会被删除, 您可以随时通过更新警告列表来重新加载警告列表" #: View/Whitelists/admin_add.ctp:4 msgid "Add Signature Whitelist" @@ -18639,7 +18658,7 @@ msgstr "编辑签名白名单" #: View/Whitelists/admin_index.ctp:3 #: View/Whitelists/index.ctp:3 msgid "Regex entries (in the standard php regex /{regex}/{modifier} format) entered below will restrict matching attributes from being included in the IDS flag sensitive exports (such as NIDS exports)." -msgstr "" +msgstr "在下面输入的正则表达式条目(采用标准php regex /{regex}/{modifier}格式)将限制匹配属性不包含在IDS标志敏感的导出(例如NIDS导出)中" #: Model/Attribute.php:validation for field event_id #: Model/Event.php:validation for field org_id;validation for field orgc_id;validation for field user_id @@ -18647,35 +18666,35 @@ msgstr "" #: Model/ShadowAttribute.php:validation for field event_id;validation for field org_id;validation for field event_org_id #: Model/User.php:validation for field role_id;validation for field invited_by;validation for field newsread msgid "numeric" -msgstr "" +msgstr "数值" #: Model/Attribute.php:validation for field type #: Model/ShadowAttribute.php:validation for field type msgid "Options depend on the selected category." -msgstr "" +msgstr "选项取决于所选类别" #: Model/Attribute.php:validation for field category #: Model/ShadowAttribute.php:validation for field category msgid "Options : Payload delivery, Antivirus detection, Payload installation, Files dropped ..." -msgstr "" +msgstr "选项 : 有效载荷传递, 反病毒检测, 有效载荷安装, 丢失的文件 ...." #: Model/Attribute.php:validation for field value #: Model/ShadowAttribute.php:validation for field value msgid "stringNotEmpty" -msgstr "" +msgstr "stringNotEmpty" #: Model/Attribute.php:validation for field value #: Model/ShadowAttribute.php:validation for field value msgid "Value not in the right type/format. Please double check the value or select type \"other\"." -msgstr "" +msgstr "值不在正确的类型/格式中。请重复检查该值或选择\"other\"类型" #: Model/Attribute.php:validation for field value msgid "A similar attribute already exists for this event." -msgstr "" +msgstr "这个事件已经存在类似的属性" #: Model/Attribute.php:validation for field value msgid "Composite type found but the value not in the composite (value1|value2) format." -msgstr "" +msgstr "发现复合类型, 但值不在复合(value1|value2)格式中" #: Model/Attribute.php:validation for field value msgid "maxTextLength" @@ -18707,13 +18726,13 @@ msgstr "所提供的 UUID 不是唯一的" #: Model/Attribute.php:validation for field distribution msgid "Options: Your organisation only, This community only, Connected communities, All communities, Sharing group, Inherit event" -msgstr "" +msgstr "选项。仅限您的组织, 仅限本社区, 连通社区, 所有社区, 分享组, 继承自事件" #: Model/Attribute.php:validation for field first_seen;validation for field last_seen #: Model/MispObject.php:validation for field first_seen;validation for field last_seen #: Model/ShadowAttribute.php:validation for field first_seen;validation for field last_seen msgid "Invalid ISO 8601 format" -msgstr "" +msgstr "无效的 ISO 8601 格式" #: Model/AttributeTag.php:validation for field attribute_id;validation for field tag_id #: Model/DecayingModelMapping.php:validation for field attribute_type;validation for field model_id @@ -18734,35 +18753,35 @@ msgstr "" #: Model/User.php:validation for field org_id;validation for field authkey #: Model/Whitelist.php:validation for field name msgid "valueNotEmpty" -msgstr "" +msgstr "valueNotEmpty" #: Model/Event.php:validation for field date msgid "Expected date format: YYYY-MM-DD" -msgstr "" +msgstr "预期事件格式: YYYY-MM-DD" #: Model/Event.php:validation for field threat_level_id msgid "Options : 1, 2, 3, 4 (for High, Medium, Low, Undefined)" -msgstr "" +msgstr "选项: 1, 2, 3, 4(分别是高, 中, 低, 未定义)" #: Model/Event.php:validation for field distribution msgid "Options : Your organisation only, This community only, Connected communities, All communities" -msgstr "" +msgstr "选项 : 仅限您的组织, 仅限本社区, 连通社区, 所有社区, 所有社区" #: Model/Event.php:validation for field sharing_group_id msgid "If the distribution is set to \"Sharing Group\", a sharing group has to be selected." -msgstr "" +msgstr "如果分配被设置为\"Sharing Group\", 则必须选择一个共享组" #: Model/Event.php:validation for field analysis msgid "Options : 0, 1, 2 (for Initial, Ongoing, Completed)" -msgstr "" +msgstr "选项: 0, 1, 2(分别是初始化, 进行中, 已完成)" #: Model/EventBlacklist.php:validation for field event_uuid msgid "Event already blacklisted." -msgstr "" +msgstr "已被列入黑名单的事件" #: Model/EventGraph.php:validation for field network_json msgid "The provided eventGraph is not a valid json format" -msgstr "" +msgstr "提供的eventGraph不是有效的json格式" #: Model/Feed.php:validation for field url #: Model/Noticelist.php:validation for field name;validation for field version @@ -18777,85 +18796,85 @@ msgstr "" #: Model/WarninglistEntry.php:validation for field value #: Model/WarninglistType.php:validation for field type msgid "rule" -msgstr "" +msgstr "规则" #: Model/Feed.php:validation for field event_id msgid "Please enter a numeric event ID or leave this field blank." -msgstr "" +msgstr "请输入事件的数字ID, 或将此字段留空" #: Model/Log.php:validation for field action msgid "Options : ..." -msgstr "选项:..." +msgstr "选项: ..." #: Model/ObjectRelationship.php:validation for field name msgid "A relationship with this name already exists." -msgstr "同名的关系已存在。" +msgstr "同名的关系已存在." #: Model/OrgBlacklist.php:validation for field org_uuid msgid "Organisation already blacklisted." -msgstr "该组织已被列入黑名单。" +msgstr "该组织已被列入黑名单." #: Model/Organisation.php:validation for field name msgid "An organisation with this name already exists." -msgstr "同名的组织已存在。" +msgstr "同名的组织已存在." #: Model/Organisation.php:validation for field uuid msgid "An organisation with this UUID already exists." -msgstr "相同 UUID 的组织已经存在。" +msgstr "相同 UUID 的组织已经存在." #: Model/Regexp.php:validation for field regexp msgid "This is not a valid regular expression. Don't forget the delimiters!" -msgstr "这不是一个有效的正则表达式。别忘了分隔符!" +msgstr "这不是一个有效的正则表达式.别忘了分隔符!" #: Model/Role.php:validation for field name msgid "A role with this name already exists." -msgstr "同名的角色已存在。" +msgstr "同名的角色已存在." #: Model/Server.php:validation for field url msgid "Please enter a valid base-url." -msgstr "请输入一个有效的base-url。" +msgstr "请输入一个有效的base-url." #: Model/Server.php:validation for field name msgid "allowEmpty" -msgstr "" +msgstr "allowEmpty" #: Model/Server.php:validation for field name msgid "required" -msgstr "" +msgstr "必要的" #: Model/SharingGroup.php:validation for field name msgid "A sharing group with this name already exists." -msgstr "同名的共享组已存在。" +msgstr "同名的共享组已存在." #: Model/Sighting.php:validation for field type msgid "Invalid type. Valid options are: 0 (Sighting), 1 (False-positive), 2 (Expiration)." -msgstr "" +msgstr "无效类型. 有效选项是: 0(观察), 1(误报), 2(过期)." #: Model/Sightingdb.php:validation for field name msgid "Name not set." -msgstr "" +msgstr "名称未设置." #: Model/Sightingdb.php:validation for field host msgid "Host not set." -msgstr "" +msgstr "主机未设置." #: Model/Sightingdb.php:validation for field port msgid "Port needs to be numeric." -msgstr "" +msgstr "端口必须为数字." #: Model/Sightingdb.php:validation for field owner msgid "Owner not set." -msgstr "" +msgstr "所有者未设置." #: Model/Tag.php:validation for field name msgid "This field is required." -msgstr "此字段是必需的。" +msgstr "此字段是必需的." #: Model/Tag.php:validation for field name #: Model/TagCollection.php:validation for field name #: Model/Whitelist.php:validation for field name msgid "A similar name already exists." -msgstr "类似的名称已存在。" +msgstr "类似的名称已存在." #: Model/Tag.php:validation for field colour msgid "Colour has to be in the RGB format (#FFFFFF)" @@ -18864,11 +18883,11 @@ msgstr "颜色必须是 RGB 格式 (#FFFFFFFF)" #: Model/TemplateElementAttribute.php:validation for field category #: Model/TemplateElementFile.php:validation for field category msgid "Please choose a category." -msgstr "请选择一个类别。" +msgstr "请选择一个类别." #: Model/TemplateElementAttribute.php:validation for field type msgid "Please choose a type." -msgstr "请选择一个类型。" +msgstr "请选择一个类型." #: Model/TemplateElementFile.php:validation for field name #: Model/TemplateElementText.php:validation for field name @@ -18885,49 +18904,49 @@ msgstr "请填写文本字段" #: Model/User.php:validation for field password msgid "Password length requirement not met." -msgstr "未满足密码长度要求。" +msgstr "未满足密码长度要求." #: Model/User.php:validation for field password msgid "Password complexity requirement not met." -msgstr "未满足密码复杂性要求。" +msgstr "未满足密码复杂性要求." #: Model/User.php:validation for field password msgid "Please re-enter your password twice so that the values match." -msgstr "" +msgstr "请重新输入两次密码, 使其数值一致." #: Model/User.php:validation for field org_id msgid "The organisation ID has to be a numeric value." -msgstr "" +msgstr "组织ID必须是一个数值." #: Model/User.php:validation for field email msgid "Please enter a valid email address." -msgstr "" +msgstr "请输入一个有效的电子邮件地址." #: Model/User.php:validation for field email msgid "An account with this email address already exists." -msgstr "" +msgstr "已有此电子邮件地址的账户." #: Model/User.php:validation for field authkey msgid "A authkey of a minimum length of 40 is required." -msgstr "" +msgstr "需要一个至少40个长度的认证密钥." #: Model/User.php:validation for field gpgkey msgid "GnuPG key not valid, please enter a valid key." -msgstr "GnuPG 密钥无效,请输入一个有效的密钥。" +msgstr "GnuPG 密钥无效, 请输入一个有效的密钥." #: Model/User.php:validation for field certif_public msgid "Certificate not valid, please enter a valid certificate (x509)." -msgstr "证书无效,请输入有效的证书 (x509)。" +msgstr "证书无效, 请输入有效的证书 (x509)." #: Model/User.php:validation for field nids_sid msgid "A SID should be an integer." -msgstr "SID 应为整数。" +msgstr "SID 应为整数." #: Model/UserSetting.php:validation for field json msgid "isValidJson" -msgstr "" +msgstr "isValidJson" #: Model/Whitelist.php:validation for field name msgid "Name not in the right format. Whitelist entries have to be enclosed by a valid php delimiter (which can be most non-alphanumeric / non-whitespace character). Format: \"/8.8.8.8/\" Please double check the name." -msgstr "" +msgstr "名称的格式不正确. 白名单条目必须用一个有效的 php 分隔符(可以是非字母数字/非空格字符). 格式: \"/8.8.8.8/\" 请仔细核对一下名字." diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index f25cc18bd..6b847e782 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -28,7 +28,10 @@ class AppModel extends Model { public $name; - public $loadedPubSubTool = false; + /** + * @var PubSubTool + */ + private $loadedPubSubTool; public $loadedKafkaPubTool = false; @@ -78,7 +81,7 @@ class AppModel extends Model 33 => false, 34 => false, 35 => false, 36 => false, 37 => false, 38 => false, 39 => false, 40 => false, 41 => false, 42 => false, 43 => false, 44 => false, 45 => false, 46 => false, 47 => false, 48 => false, 49 => false, 50 => false, - 51 => false + 51 => false, 52 => false, 53 => false, 54 => false ); public $advanced_updates_description = array( @@ -1268,7 +1271,7 @@ class AppModel extends Model case 39: $sqlArray[] = "CREATE TABLE IF NOT EXISTS user_settings ( `id` int(11) NOT NULL AUTO_INCREMENT, - `key` varchar(100) COLLATE utf8mb4_unicode_ci NOT NULL, + `setting` varchar(255) COLLATE utf8_bin NOT NULL, `value` text, `user_id` int(11) NOT NULL, `timestamp` int(11) NOT NULL, @@ -1377,6 +1380,21 @@ class AppModel extends Model $sqlArray[] = "ALTER TABLE `feeds` ADD `orgc_id` int(11) NOT NULL DEFAULT 0"; $this->__addIndex('feeds', 'orgc_id'); break; + case 52: + if (!empty($this->query("SHOW COLUMNS FROM `admin_settings` LIKE 'key';"))) { + $sqlArray[] = "ALTER TABLE admin_settings CHANGE `key` `setting` varchar(255) COLLATE utf8_bin NOT NULL;"; + $this->__addIndex('admin_settings', 'setting'); + } + break; + case 53: + if (!empty($this->query("SHOW COLUMNS FROM `user_settings` LIKE 'key';"))) { + $sqlArray[] = "ALTER TABLE user_settings CHANGE `key` `setting` varchar(255) COLLATE utf8_bin NOT NULL;"; + $this->__addIndex('user_settings', 'setting'); + } + break; + case 54: + $sqlArray[] = "ALTER TABLE `sightingdbs` MODIFY `timestamp` int(11) NOT NULL DEFAULT 0;"; + break; case 'fixNonEmptySharingGroupID': $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; $sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; @@ -2352,20 +2370,14 @@ class AppModel extends Model public function getPubSubTool() { if (!$this->loadedPubSubTool) { - $this->loadPubSubTool(); + App::uses('PubSubTool', 'Tools'); + $pubSubTool = new PubSubTool(); + $pubSubTool->initTool(); + $this->loadedPubSubTool = $pubSubTool; } return $this->loadedPubSubTool; } - public function loadPubSubTool() - { - App::uses('PubSubTool', 'Tools'); - $pubSubTool = new PubSubTool(); - $pubSubTool->initTool(); - $this->loadedPubSubTool = $pubSubTool; - return true; - } - public function getElasticSearchTool() { if (!$this->elasticSearchClient) { @@ -2839,12 +2851,34 @@ class AppModel extends Model */ protected function logException($message, Exception $exception, $type = LOG_ERR) { - $message = sprintf("%s\n[%s] %s", - $message, - get_class($exception), - $exception->getMessage() - ); - $message .= "\nStack Trace:\n" . $exception->getTraceAsString(); + $message .= "\n"; + + do { + $message .= sprintf("[%s] %s", + get_class($exception), + $exception->getMessage() + ); + $message .= "\nStack Trace:\n" . $exception->getTraceAsString(); + $exception = $exception->getPrevious(); + } while ($exception !== null); + return $this->log($message, $type); } + + /** + * Generates random file name in tmp dir. + * @return string + */ + protected function tempFileName() + { + return $this->tempDir() . DS . $this->generateRandomFileName(); + } + + /** + * @return string + */ + protected function tempDir() + { + return Configure::read('MISP.tmpdir') ?: sys_get_temp_dir(); + } } diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php index 2c246947e..269da7c06 100644 --- a/app/Model/Attribute.php +++ b/app/Model/Attribute.php @@ -5,6 +5,7 @@ App::uses('Folder', 'Utility'); App::uses('File', 'Utility'); App::uses('FinancialTool', 'Tools'); App::uses('RandomTool', 'Tools'); +App::uses('MalwareTool', 'Tools'); class Attribute extends AppModel { @@ -400,20 +401,21 @@ class Attribute extends AppModel ); public $validFormats = array( - 'json' => array('json', 'JsonExport', 'json'), - 'openioc' => array('xml', 'OpeniocExport', 'ioc'), - 'xml' => array('xml', 'XmlExport', 'xml'), - 'suricata' => array('txt', 'NidsSuricataExport', 'rules'), - 'snort' => array('txt', 'NidsSnortExport', 'rules'), - 'text' => array('txt', 'TextExport', 'txt'), - 'hashes' => array('txt', 'HashesExport', 'txt'), - 'yara' => array('txt', 'YaraExport', 'yara'), - 'yara-json' => array('json', 'YaraExport', 'json'), - 'rpz' => array('txt', 'RPZExport', 'rpz'), - 'csv' => array('csv', 'CsvExport', 'csv'), - 'cache' => array('txt', 'CacheExport', 'cache'), 'attack-sightings' => array('json', 'AttackSightingsExport', 'json'), - 'netfilter' => array('txt', 'NetfilterExport', 'sh') + 'cache' => array('txt', 'CacheExport', 'cache'), + 'csv' => array('csv', 'CsvExport', 'csv'), + 'hashes' => array('txt', 'HashesExport', 'txt'), + 'json' => array('json', 'JsonExport', 'json'), + 'netfilter' => array('txt', 'NetfilterExport', 'sh'), + 'opendata' => array('txt', 'OpendataExport', 'txt'), + 'openioc' => array('xml', 'OpeniocExport', 'ioc'), + 'rpz' => array('txt', 'RPZExport', 'rpz'), + 'snort' => array('txt', 'NidsSnortExport', 'rules'), + 'suricata' => array('txt', 'NidsSuricataExport', 'rules'), + 'text' => array('txt', 'TextExport', 'txt'), + 'xml' => array('xml', 'XmlExport', 'xml'), + 'yara' => array('txt', 'YaraExport', 'yara'), + 'yara-json' => array('json', 'YaraExport', 'json') ); // FIXME we need a better way to list the defaultCategories knowing that new attribute types will continue to appear in the future. We should generate this dynamically or use a function using the default_category of the $typeDefinitions @@ -658,20 +660,10 @@ class Attribute extends AppModel private function __alterAttributeCount($event_id, $increment = true) { - $event = $this->Event->find('first', array( - 'recursive' => -1, - 'conditions' => array('Event.id' => $event_id) - )); - if (!empty($event)) { - if ($increment) { - $event['Event']['attribute_count'] = $event['Event']['attribute_count'] + 1; - } else { - $event['Event']['attribute_count'] = $event['Event']['attribute_count'] - 1; - } - if ($event['Event']['attribute_count'] >= 0) { - $this->Event->save($event, array('callbacks' => false)); - } - } + return $this->Event->updateAll( + array('Event.attribute_count' => $increment ? 'Event.attribute_count+1' : 'GREATEST(Event.attribute_count-1, 0)'), + array('Event.id' => $event_id) + ); } public function afterSave($created, $options = array()) @@ -691,14 +683,14 @@ class Attribute extends AppModel if (isset($this->data['Attribute']['deleted']) && $this->data['Attribute']['deleted']) { $this->__beforeSaveCorrelation($this->data['Attribute']); if (isset($this->data['Attribute']['event_id'])) { - $this->__alterAttributeCount($this->data['Attribute']['event_id'], false, $passedEvent); + $this->__alterAttributeCount($this->data['Attribute']['event_id'], false); } } else { /* * Only recorrelate if: * - We are dealing with a new attribute OR * - The existing attribute's previous state is known AND - * value, type or disable correlation have changed + * value, type, disable correlation or distribution have changed * This will avoid recorrelations when it's not really needed, such as adding a tag */ if (!$created) { @@ -706,7 +698,9 @@ class Attribute extends AppModel empty($this->old) || $this->data['Attribute']['value'] != $this->old['Attribute']['value'] || $this->data['Attribute']['disable_correlation'] != $this->old['Attribute']['disable_correlation'] || - $this->data['Attribute']['type'] != $this->old['Attribute']['type'] + $this->data['Attribute']['type'] != $this->old['Attribute']['type'] || + $this->data['Attribute']['distribution'] != $this->old['Attribute']['distribution'] || + $this->data['Attribute']['sharing_group_id'] != $this->old['Attribute']['sharing_group_id'] ) { $this->__beforeSaveCorrelation($this->data['Attribute']); $this->__afterSaveCorrelation($this->data['Attribute'], false, $passedEvent); @@ -757,7 +751,7 @@ class Attribute extends AppModel } } } - if (Configure::read('MISP.enable_advanced_correlations') && in_array($this->data['Attribute']['type'], array('ip-src', 'ip-dst', 'domain-ip')) && strpos($this->data['Attribute']['value'], '/')) { + if (Configure::read('MISP.enable_advanced_correlations') && in_array($this->data['Attribute']['type'], array('ip-src', 'ip-dst')) && strpos($this->data['Attribute']['value'], '/')) { $this->setCIDRList(); } if ($created && isset($this->data['Attribute']['event_id']) && empty($this->data['Attribute']['skip_auto_increment'])) { @@ -810,7 +804,7 @@ class Attribute extends AppModel public function afterDelete() { - if (Configure::read('MISP.enable_advanced_correlations') && in_array($this->data['Attribute']['type'], array('ip-src', 'ip-dst', 'domain-ip')) && strpos($this->data['Attribute']['value'], '/')) { + if (Configure::read('MISP.enable_advanced_correlations') && in_array($this->data['Attribute']['type'], array('ip-src', 'ip-dst')) && strpos($this->data['Attribute']['value'], '/')) { $this->setCIDRList(); } if (isset($this->data['Attribute']['event_id'])) { @@ -1497,8 +1491,8 @@ class Attribute extends AppModel if (filter_var($parts[1], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { // convert IPv6 address to compressed format $parts[1] = inet_ntop(inet_pton($value)); - $value = implode('|', $parts); } + $value = implode('|', $parts); break; case 'filename|md5': case 'filename|sha1': @@ -1932,67 +1926,46 @@ class Attribute extends AppModel return ($ip & $mask) == $subnet; } - // using Snifff's solution from http://stackoverflow.com/questions/7951061/matching-ipv6-address-to-a-cidr-subnet + // Using solution from https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpFoundation/IpUtils.php private function __ipv6InCidr($ip, $cidr) { - $ip = $this->__expandIPv6Notation($ip); - $binaryip = $this->__inet_to_bits($ip); - list($net, $maskbits) = explode('/', $cidr); - $net = $this->__expandIPv6Notation($net); - if (substr($net, -1) == ':') { - $net .= '0'; - } - $binarynet = $this->__inet_to_bits($net); - $ip_net_bits = substr($binaryip, 0, $maskbits); - $net_bits = substr($binarynet, 0, $maskbits); - return ($ip_net_bits === $net_bits); - } + list($address, $netmask) = explode('/', $cidr); - private function __expandIPv6Notation($ip) - { - if (strpos($ip, '::') !== false) { - $ip = str_replace('::', str_repeat(':0', 8 - substr_count($ip, ':')).':', $ip); - } - if (strpos($ip, ':') === 0) { - $ip = '0'.$ip; - } - return $ip; - } + $bytesAddr = unpack('n*', inet_pton($address)); + $bytesTest = unpack('n*', inet_pton($ip)); - private function __inet_to_bits($inet) - { - $unpacked = unpack('A16', $inet); - $unpacked = str_split($unpacked[1]); - $binaryip = ''; - foreach ($unpacked as $char) { - $binaryip .= str_pad(decbin(ord($char)), 8, '0', STR_PAD_LEFT); + for ($i = 1, $ceil = ceil($netmask / 16); $i <= $ceil; ++$i) { + $left = $netmask - 16 * ($i - 1); + $left = ($left <= 16) ? $left : 16; + $mask = ~(0xffff >> $left) & 0xffff; + if (($bytesAddr[$i] & $mask) != ($bytesTest[$i] & $mask)) { + return false; + } } - return $binaryip; + + return true; } private function __cidrCorrelation($a) { $ipValues = array(); - $ip = $a['type'] == 'domain-ip' ? $a['value2'] : $a['value1']; - if (strpos($ip, '/') !== false) { + $ip = $a['value1']; + if (strpos($ip, '/') !== false) { // IP is CIDR $ip_array = explode('/', $ip); $ip_version = filter_var($ip_array[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? 4 : 6; $ipList = $this->find('list', array( 'conditions' => array( - 'type' => array('ip-src', 'ip-dst', 'domain_ip'), + 'type' => array('ip-src', 'ip-dst'), + 'value1 NOT LIKE' => '%/%', // do not return CIDR, just plain IPs ), - 'fields' => array('value1', 'value2'), + 'group' => 'value1', // return just unique values + 'fields' => array('value1'), 'order' => false )); - $ipList = array_merge(array_keys($ipList), array_values($ipList)); - foreach ($ipList as $key => $value) { - if ($value == '') { - unset($ipList[$key]); - } - } foreach ($ipList as $ipToCheck) { - if (filter_var($ipToCheck, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) && $ip_version == 4) { - if ($ip_version == 4) { + $ipToCheckVersion = filter_var($ipToCheck, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? 4 : 6; + if ($ipToCheckVersion === $ip_version) { + if ($ip_version === 4) { if ($this->__ipv4InCidr($ipToCheck, $ip)) { $ipValues[] = $ipToCheck; } @@ -2004,19 +1977,18 @@ class Attribute extends AppModel } } } else { - $ip = $a['value1']; $ip_version = filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? 4 : 6; $cidrList = $this->getSetCIDRList(); foreach ($cidrList as $cidr) { $cidr_ip = explode('/', $cidr)[0]; if (filter_var($cidr_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { - if ($ip_version == 4) { + if ($ip_version === 4) { if ($this->__ipv4InCidr($ip, $cidr)) { $ipValues[] = $cidr; } } } else { - if ($ip_version == 6) { + if ($ip_version === 6) { if ($this->__ipv6InCidr($ip, $cidr)) { $ipValues[] = $cidr; } @@ -2052,7 +2024,7 @@ class Attribute extends AppModel if (!empty($event['Event']['disable_correlation']) && $event['Event']['disable_correlation']) { return true; } - if (Configure::read('MISP.enable_advanced_correlations') && in_array($a['type'], array('ip-src', 'ip-dst', 'domain-ip'))) { + if (Configure::read('MISP.enable_advanced_correlations') && in_array($a['type'], array('ip-src', 'ip-dst'))) { $extraConditions = $this->__cidrCorrelation($a); } if ($a['type'] == 'ssdeep') { @@ -3567,63 +3539,40 @@ class Attribute extends AppModel if (!is_numeric($event_id)) { throw new Exception(__('Something went wrong. Received a non-numeric event ID while trying to create a zip archive of an uploaded malware sample.')); } - $attachments_dir = Configure::read('MISP.attachments_dir'); - if (empty($attachments_dir)) { - $attachments_dir = $this->getDefaultAttachments_dir(); + + $content = base64_decode($base64); + + $malwareTool = new MalwareTool(); + $hashes = $malwareTool->computeHashes($content, $hash_types); + try { + $encrypted = $malwareTool->encrypt($original_filename, $content, $hashes['md5']); + } catch (Exception $e) { + $this->logException("Could not create encrypted malware sample.", $e); + return array('success' => false); } - // If we've set attachments to S3, we can't write there - if ($this->attachmentDirIsS3()) { - $attachments_dir = Configure::read('MISP.tmpdir'); - // Sometimes it's not set? - if (empty($attachments_dir)) { - // Get a default tmpdir - $attachments_dir = $this->getDefaultTmp_dir(); - } - } - - if ($proposal) { - $dir = new Folder($attachments_dir . DS . $event_id . DS . 'shadow', true); - } else { - $dir = new Folder($attachments_dir . DS . $event_id, true); - } - $tmpFile = new File($dir->path . DS . $this->generateRandomFileName(), true, 0600); - $tmpFile->write(base64_decode($base64)); - $hashes = array(); - foreach ($hash_types as $hash) { - $hashes[$hash] = $this->__hashRouter($hash, $tmpFile->path); - } - $contentsFile = new File($dir->path . DS . $hashes['md5']); - rename($tmpFile->path, $contentsFile->path); - $fileNameFile = new File($dir->path . DS . $hashes['md5'] . '.filename.txt'); - $fileNameFile->write($original_filename); - $fileNameFile->close(); - $zipFile = new File($dir->path . DS . $hashes['md5'] . '.zip'); - exec('zip -j -P infected ' . escapeshellarg($zipFile->path) . ' ' . escapeshellarg($contentsFile->path) . ' ' . escapeshellarg($fileNameFile->path), $execOutput, $execRetval); - if ($execRetval != 0) { - $result = array('success' => false); - } else { - $result = array_merge(array('data' => base64_encode($zipFile->read()), 'success' => true), $hashes); - } - $fileNameFile->delete(); - $zipFile->delete(); - $contentsFile->delete(); + $result = array_merge(array('data' => base64_encode($encrypted), 'success' => true), $hashes); return $result; } - private function __hashRouter($hashType, $file) + /** + * @return bool Return true if at least one advanced extraction tool is available + */ + public function isAdvancedExtractionAvailable() { - $validHashes = array('md5', 'sha1', 'sha256'); - if (!in_array($hashType, $validHashes)) { + $malwareTool = new MalwareTool(); + try { + $types = $malwareTool->checkAdvancedExtractionStatus($this->getPythonVersion()); + } catch (Exception $e) { return false; } - switch ($hashType) { - case 'md5': - case 'sha1': - case 'sha256': - return hash_file($hashType, $file); - break; + + foreach ($types as $type => $missing) { + if ($missing === false) { + return true; + } } + return false; } @@ -3865,6 +3814,7 @@ class Attribute extends AppModel 'value1 LIKE' => '%/%' ), 'fields' => array('value1'), + 'group' => 'value1', // return just unique value 'order' => false )); } @@ -3876,12 +3826,15 @@ class Attribute extends AppModel if ($redis) { $redis->del('misp:cidr_cache_list'); $cidrList = $this->__getCIDRList(); - $pipeline = $redis->multi(Redis::PIPELINE); - foreach ($cidrList as $cidr) { - $pipeline->sadd('misp:cidr_cache_list', $cidr); + if (method_exists($redis, 'saddArray')) { + $redis->sAddArray('misp:cidr_cache_list', $cidrList); + } else { + $pipeline = $redis->multi(Redis::PIPELINE); + foreach ($cidrList as $cidr) { + $pipeline->sadd('misp:cidr_cache_list', $cidr); + } + $pipeline->exec(); } - $pipeline->exec(); - $redis->smembers('misp:cidr_cache_list'); } return $cidrList; } @@ -3890,8 +3843,8 @@ class Attribute extends AppModel { $redis = $this->setupRedis(); if ($redis) { - if (!$redis->exists('misp:cidr_cache_list') || $redis->sCard('misp:cidr_cache_list') == 0) { - $cidrList = $this->setCIDRList($redis); + if ($redis->sCard('misp:cidr_cache_list') === 0) { + $cidrList = $this->setCIDRList(); } else { $cidrList = $redis->smembers('misp:cidr_cache_list'); } @@ -3931,7 +3884,7 @@ class Attribute extends AppModel 'size-in-bytes' => array('type' => 'size-in-bytes', 'category' => 'Other', 'to_ids' => 0, 'disable_correlation' => 1, 'object_relation' => 'size-in-bytes') ); $hashes = array('md5', 'sha1', 'sha256'); - $this->Object = ClassRegistry::init('Object'); + $this->Object = ClassRegistry::init('MispObject'); $this->ObjectTemplate = ClassRegistry::init('ObjectTemplate'); $current = $this->ObjectTemplate->find('first', array( 'fields' => array('MAX(version) AS version', 'uuid'), @@ -3970,7 +3923,7 @@ class Attribute extends AppModel 'event_id' => $event_id, 'comment' => !empty($attribute_settings['comment']) ? $attribute_settings['comment'] : '' ); - $result = $this->Event->Attribute->handleMaliciousBase64($event_id, $filename, base64_encode($tmpfile->read()), $hashes); + $result = $this->handleMaliciousBase64($event_id, $filename, base64_encode($tmpfile->read()), $hashes); foreach ($attributes as $k => $v) { $attribute = array( 'distribution' => 5, @@ -4001,33 +3954,34 @@ class Attribute extends AppModel public function advancedAddMalwareSample($event_id, $attribute_settings, $filename, $tmpfile) { - $execRetval = ''; - $execOutput = array(); - $result = shell_exec($this->getPythonVersion() . ' ' . APP . 'files/scripts/generate_file_objects.py -p ' . $tmpfile->path); - if (!empty($result)) { - $result = json_decode($result, true); - if (isset($result['objects'])) { - $result['Object'] = $result['objects']; - unset($result['objects']); - } - if (isset($result['references'])) { - $result['ObjectReference'] = $result['references']; - unset($result['references']); - } - foreach ($result['Object'] as $k => $object) { - $result['Object'][$k]['distribution'] = $attribute_settings['distribution']; - $result['Object'][$k]['sharing_group_id'] = isset($attribute_settings['distribution']) ? $attribute_settings['distribution'] : 0; - if (!empty($result['Object'][$k]['Attribute'])) { - foreach ($result['Object'][$k]['Attribute'] as $k2 => $attribute) { - if ($attribute['value'] == $tmpfile->name) { - $result['Object'][$k]['Attribute'][$k2]['value'] = $filename; - } + $malwareTool = new MalwareTool(); + try { + $result = $malwareTool->advancedExtraction($this->getPythonVersion(), $tmpfile->path); + } catch (Exception $e) { + $this->logException("Could not finish advanced extraction", $e); + return $this->simpleAddMalwareSample($event_id, $attribute_settings, $filename, $tmpfile); + } + + if (isset($result['objects'])) { + $result['Object'] = $result['objects']; + unset($result['objects']); + } + if (isset($result['references'])) { + $result['ObjectReference'] = $result['references']; + unset($result['references']); + } + foreach ($result['Object'] as $k => $object) { + $result['Object'][$k]['distribution'] = $attribute_settings['distribution']; + $result['Object'][$k]['sharing_group_id'] = isset($attribute_settings['distribution']) ? $attribute_settings['distribution'] : 0; + if (!empty($result['Object'][$k]['Attribute'])) { + foreach ($result['Object'][$k]['Attribute'] as $k2 => $attribute) { + if ($attribute['value'] == $tmpfile->name) { + $result['Object'][$k]['Attribute'][$k2]['value'] = $filename; } } } - } else { - $result = $this->simpleAddMalwareSample($event_id, $attribute_settings, $filename, $tmpfile); } + return $result; } @@ -4142,7 +4096,7 @@ class Attribute extends AppModel return $attribute; } - public function editAttribute($attribute, $eventId, $user, $objectId, $log = false) + public function editAttribute($attribute, $eventId, $user, $objectId, $log = false, $force = false) { $attribute['event_id'] = $eventId; $attribute['object_id'] = $objectId; @@ -4186,7 +4140,7 @@ class Attribute extends AppModel // If yes, it means that it's newer, so insert it. If no, it means that it's the same attribute or older - don't insert it, insert the old attribute. // Alternatively, we could unset this attribute from the request, but that could lead with issues if we decide that we want to start deleting attributes that don't exist in a pushed event. if (isset($attribute['timestamp'])) { - if ($attribute['timestamp'] <= $existingAttribute['Attribute']['timestamp']) { + if (!$force && $attribute['timestamp'] <= $existingAttribute['Attribute']['timestamp']) { return true; } } else { @@ -4435,7 +4389,8 @@ class Attribute extends AppModel 'event_timestamp' => array('function' => 'set_filter_timestamp', 'pop' => true), 'publish_timestamp' => array('function' => 'set_filter_timestamp'), 'org' => array('function' => 'set_filter_org'), - 'published' => array('function' => 'set_filter_published') + 'published' => array('function' => 'set_filter_published'), + 'threat_level_id' => array('function' => 'set_filter_threat_level_id') ), 'Object' => array( 'object_name' => array('function' => 'set_filter_object_name'), @@ -4466,6 +4421,9 @@ class Attribute extends AppModel } App::uses($this->validFormats[$returnFormat][1], 'Export'); $exportTool = new $this->validFormats[$returnFormat][1](); + if (!empty($exportTool->use_default_filters)) { + $exportTool->setDefaultFilters($filters); + } if (empty($exportTool->non_restrictive_export)) { if (!isset($filters['to_ids'])) { $filters['to_ids'] = 1; @@ -4576,7 +4534,9 @@ class Attribute extends AppModel $loop = true; $params['page'] = 1; } - $this->__iteratedFetch($user, $params, $loop, $tmpfile, $exportTool, $exportToolParams, $elementCounter); + if (empty($exportTool->mock_query_only)) { + $this->__iteratedFetch($user, $params, $loop, $tmpfile, $exportTool, $exportToolParams, $elementCounter); + } fwrite($tmpfile, $exportTool->footer($exportToolParams)); fseek($tmpfile, 0); if (fstat($tmpfile)['size']) { @@ -4648,4 +4608,28 @@ class Attribute extends AppModel } return $conditions; } + + /** + * @param array $attribute + */ + public function removeGalaxyClusterTags(array &$attribute) + { + $galaxyTagIds = array(); + foreach ($attribute['Galaxy'] as $galaxy) { + foreach ($galaxy['GalaxyCluster'] as $galaxyCluster) { + $galaxyTagIds[$galaxyCluster['tag_id']] = true; + } + } + + if (empty($galaxyTagIds)) { + return; + } + + foreach ($attribute['AttributeTag'] as $k => $attributeTag) { + $tagId = $attributeTag['Tag']['id']; + if (isset($galaxyTagIds[$tagId])) { + unset($attribute['AttributeTag'][$k]); + } + } + } } diff --git a/app/Model/Event.php b/app/Model/Event.php index c1cddda5a..5b45507d1 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -173,24 +173,25 @@ class Event extends AppModel ); public $validFormats = array( - 'json' => array('json', 'JsonExport', 'json'), - 'openioc' => array('xml', 'OpeniocExport', 'ioc'), - 'xml' => array('xml', 'XmlExport', 'xml'), - 'suricata' => array('txt', 'NidsSuricataExport', 'rules'), - 'snort' => array('txt', 'NidsSnortExport', 'rules'), - 'rpz' => array('txt', 'RPZExport', 'rpz'), - 'text' => array('text', 'TextExport', 'txt'), - 'hashes' => array('txt', 'HashesExport', 'txt'), + 'attack' => array('html', 'AttackExport', 'html'), + 'attack-sightings' => array('json', 'AttackSightingsExport', 'json'), + 'cache' => array('txt', 'CacheExport', 'cache'), 'csv' => array('csv', 'CsvExport', 'csv'), + 'hashes' => array('txt', 'HashesExport', 'txt'), + 'json' => array('json', 'JsonExport', 'json'), + 'netfilter' => array('txt', 'NetfilterExport', 'sh'), + 'opendata' => array('txt', 'OpendataExport', 'txt'), + 'openioc' => array('xml', 'OpeniocExport', 'ioc'), + 'rpz' => array('txt', 'RPZExport', 'rpz'), + 'snort' => array('txt', 'NidsSnortExport', 'rules'), 'stix' => array('xml', 'Stix1Export', 'xml'), 'stix-json' => array('json', 'Stix1Export', 'json'), 'stix2' => array('json', 'Stix2Export', 'json'), + 'suricata' => array('txt', 'NidsSuricataExport', 'rules'), + 'text' => array('text', 'TextExport', 'txt'), + 'xml' => array('xml', 'XmlExport', 'xml'), 'yara' => array('txt', 'YaraExport', 'yara'), - 'yara-json' => array('json', 'YaraExport', 'json'), - 'cache' => array('txt', 'CacheExport', 'cache'), - 'attack' => array('html', 'AttackExport', 'html'), - 'attack-sightings' => array('json', 'AttackSightingsExport', 'json'), - 'netfilter' => array('txt', 'NetfilterExport', 'sh') + 'yara-json' => array('json', 'YaraExport', 'json') ); public $csv_event_context_fields_to_fetch = array( @@ -641,6 +642,12 @@ class Event extends AppModel if (isset($this->data['Event']['info'])) { $this->Correlation->updateAll(array('Correlation.info' => $db->value($this->data['Event']['info'])), array('Correlation.event_id' => intval($this->data['Event']['id']))); } + if (isset($this->data['Event']['distribution'])) { + $this->Correlation->updateAll(array('Correlation.distribution' => $db->value($this->data['Event']['distribution'])), array('Correlation.event_id' => intval($this->data['Event']['id']))); + } + if (isset($this->data['Event']['sharing_group_id'])) { + $this->Correlation->updateAll(array('Correlation.sharing_group_id' => $db->value($this->data['Event']['sharing_group_id'])), array('Correlation.event_id' => intval($this->data['Event']['id']))); + } } if (empty($this->data['Event']['unpublishAction']) && empty($this->data['Event']['skip_zmq']) && Configure::read('Plugin.ZeroMQ_enable') && Configure::read('Plugin.ZeroMQ_event_notifications_enable')) { $pubSubTool = $this->getPubSubTool(); @@ -1652,7 +1659,8 @@ class Event extends AppModel 'publish_timestamp' => array('function' => 'set_filter_timestamp', 'pop' => true), 'org' => array('function' => 'set_filter_org', 'pop' => true), 'uuid' => array('function' => 'set_filter_uuid', 'pop' => true), - 'published' => array('function' => 'set_filter_published', 'pop' => true) + 'published' => array('function' => 'set_filter_published', 'pop' => true), + 'threat_level_id' => array('function' => 'set_filter_threat_level_id', 'pop' => true) ), 'Object' => array( 'object_name' => array('function' => 'set_filter_object_name'), @@ -2150,6 +2158,22 @@ class Event extends AppModel 'Object' => array('name', 'meta-category') ); foreach ($results as $eventKey => &$event) { + if ($event['Event']['distribution'] == 4 && !in_array($event['Event']['sharing_group_id'], $sgids)) { + $this->Log = ClassRegistry::init('Log'); + $this->Log->create(); + $this->Log->save(array( + 'org' => $user['Organisation']['name'], + 'model' => 'Event', + 'model_id' => $event['Event']['id'], + 'email' => $user['email'], + 'action' => 'fetchEvent', + 'user_id' => $user['id'], + 'title' => 'User was able to fetch the event but not the sharing_group it belongs to', + 'change' => '' + )); + unset($results[$eventKey]); // Current user cannot access sharing_group associated to this event + continue; + } $this->__attachReferences($user, $event, $sgids, $fields); $event = $this->Orgc->attachOrgsToEvent($event, $fieldsOrg); if (!$options['sgReferenceOnly'] && $event['Event']['sharing_group_id']) { @@ -2208,6 +2232,8 @@ class Event extends AppModel } $event = $this->__filterBlockedAttributesByTags($event, $options, $user); $event['Attribute'] = $this->__attachSharingGroups(!$options['sgReferenceOnly'], $event['Attribute'], $sharingGroupData); + + $proposalBlockAttributes = Configure::read('MISP.proposals_block_attributes'); // move all object attributes to a temporary container $tempObjectAttributeContainer = array(); foreach ($event['Attribute'] as $key => $attribute) { @@ -2262,10 +2288,7 @@ class Event extends AppModel } } } - if ( - Configure::read('MISP.proposals_block_attributes') && - !empty($options['allow_proposal_blocking']) - ) { + if ($proposalBlockAttributes && !empty($options['allow_proposal_blocking'])) { foreach ($results[$eventKey]['Attribute'][$key]['ShadowAttribute'] as $sa) { if ($sa['proposal_to_delete'] || $sa['to_ids'] == 0) { unset($results[$eventKey]['Attribute'][$key]); @@ -2299,15 +2322,15 @@ class Event extends AppModel } $event['ShadowAttribute'] = $this->Feed->attachFeedCorrelations($event['ShadowAttribute'], $user, $event['Event'], $overrideLimit); } - } - if (!empty($options['includeServerCorrelations']) && $user['org_id'] == Configure::read('MISP.host_org_id')) { - $this->Feed = ClassRegistry::init('Feed'); - if (!empty($options['overrideLimit'])) { - $overrideLimit = true; - } else { - $overrideLimit = false; + if (!empty($options['includeServerCorrelations']) && $user['org_id'] == Configure::read('MISP.host_org_id')) { + $this->Feed = ClassRegistry::init('Feed'); + if (!empty($options['overrideLimit'])) { + $overrideLimit = true; + } else { + $overrideLimit = false; + } + $event['ShadowAttribute'] = $this->Feed->attachFeedCorrelations($event['ShadowAttribute'], $user, $event['Event'], $overrideLimit, 'Server'); } - $event['ShadowAttribute'] = $this->Feed->attachFeedCorrelations($event['ShadowAttribute'], $user, $event['Event'], $overrideLimit, 'Server'); } if (empty($options['metadata'])) { $this->Sighting = ClassRegistry::init('Sighting'); @@ -2448,7 +2471,11 @@ class Event extends AppModel } foreach ($data as $k => $v) { if ($v['distribution'] == 4) { - $data[$k]['SharingGroup'] = $sharingGroupData[$v['sharing_group_id']]['SharingGroup']; + if (isset($sharingGroupData[$v['sharing_group_id']])) { + $data[$k]['SharingGroup'] = $sharingGroupData[$v['sharing_group_id']]['SharingGroup']; + } else { + unset($data[$k]); // current user could not fetch the sharing_group + } } } return $data; @@ -2689,6 +2716,14 @@ class Event extends AppModel return $conditions; } + public function set_filter_threat_level_id(&$params, $conditions, $options) + { + if (isset($params['threat_level_id'])) { + $conditions['AND']['Event.threat_level_id'] = $params['threat_level_id']; + } + return $conditions; + } + public function set_filter_tags(&$params, $conditions, $options) { if (!empty($params['tags'])) { @@ -3237,10 +3272,10 @@ class Event extends AppModel return array($bodyevent, $body); } - private function __captureSGForElement($element, $user) + private function __captureSGForElement($element, $user, $syncLocal=false) { if (isset($element['SharingGroup'])) { - $sg = $this->SharingGroup->captureSG($element['SharingGroup'], $user); + $sg = $this->SharingGroup->captureSG($element['SharingGroup'], $user, $syncLocal); unset($element['SharingGroup']); } elseif (isset($element['sharing_group_id'])) { $sg = $this->SharingGroup->checkIfAuthorised($user, $element['sharing_group_id']) ? $element['sharing_group_id'] : false; @@ -3257,17 +3292,17 @@ class Event extends AppModel // When we receive an event via REST, we might end up with organisations, sharing groups, tags that we do not know // or which we need to update. All of that is controlled in this method. - private function __captureObjects($data, $user) + private function __captureObjects($data, $user, $syncLocal=false) { // First we need to check whether the event or any attributes are tied to a sharing group and whether the user is even allowed to create the sharing group / is part of it if (isset($data['Event']['distribution']) && $data['Event']['distribution'] == 4) { - $data['Event'] = $this->__captureSGForElement($data['Event'], $user); + $data['Event'] = $this->__captureSGForElement($data['Event'], $user, $syncLocal); } if (!empty($data['Event']['Attribute'])) { foreach ($data['Event']['Attribute'] as $k => $a) { unset($data['Event']['Attribute']['id']); if (isset($a['distribution']) && $a['distribution'] == 4) { - $data['Event']['Attribute'][$k] = $this->__captureSGForElement($a, $user); + $data['Event']['Attribute'][$k] = $this->__captureSGForElement($a, $user, $syncLocal); if ($data['Event']['Attribute'][$k] === false) { unset($data['Event']['Attribute']); } @@ -3277,7 +3312,7 @@ class Event extends AppModel if (!empty($data['Event']['Object'])) { foreach ($data['Event']['Object'] as $k => $o) { if (isset($o['distribution']) && $o['distribution'] == 4) { - $data['Event']['Object'][$k] = $this->__captureSGForElement($o, $user); + $data['Event']['Object'][$k] = $this->__captureSGForElement($o, $user, $syncLocal); if ($data['Event']['Object'][$k] === false) { unset($data['Event']['Object'][$k]); continue; @@ -3285,7 +3320,7 @@ class Event extends AppModel } foreach ($o['Attribute'] as $k2 => $a) { if (isset($a['distribution']) && $a['distribution'] == 4) { - $data['Event']['Object'][$k]['Attribute'][$k2] = $this->__captureSGForElement($a, $user); + $data['Event']['Object'][$k]['Attribute'][$k2] = $this->__captureSGForElement($a, $user, $syncLocal); if ($data['Event']['Object'][$k]['Attribute'][$k2] === false) { unset($data['Event']['Object'][$k]['Attribute'][$k2]); } @@ -3453,6 +3488,24 @@ class Event extends AppModel return 'blocked'; } } + if ($passAlong) { + $this->Server = ClassRegistry::init('Server'); + $server = $this->Server->find('first', array( + 'conditions' => array( + 'Server.id' => $passAlong + ), + 'recursive' => -1, + 'fields' => array( + 'Server.name', + 'Server.id', + 'Server.unpublish_event', + 'Server.publish_without_email', + 'Server.internal' + ) + )); + } else { + $server['Server']['internal'] = false; + } if ($fromXml) { // Workaround for different structure in XML/array than what CakePHP expects $data = $this->cleanupEventArrayFromXML($data); @@ -3479,7 +3532,7 @@ class Event extends AppModel return $existingEvent['Event']['id']; } else { if ($fromXml) { - $data = $this->__captureObjects($data, $user); + $data = $this->__captureObjects($data, $user, $server['Server']['internal']); } if ($data === false) { $failedCapture = true; @@ -3487,7 +3540,7 @@ class Event extends AppModel } } else { if ($fromXml) { - $data = $this->__captureObjects($data, $user); + $data = $this->__captureObjects($data, $user, $server['Server']['internal']); } if ($data === false) { $failedCapture = true; @@ -3548,19 +3601,6 @@ class Event extends AppModel $this->Log = ClassRegistry::init('Log'); if ($saveResult) { if ($passAlong) { - $this->Server = ClassRegistry::init('Server'); - $server = $this->Server->find('first', array( - 'conditions' => array( - 'Server.id' => $passAlong - ), - 'recursive' => -1, - 'fields' => array( - 'Server.name', - 'Server.id', - 'Server.unpublish_event', - 'Server.publish_without_email' - ) - )); if ($server['Server']['publish_without_email'] == 0) { $st = "enabled"; } else { @@ -3691,7 +3731,7 @@ class Event extends AppModel } } - public function _edit(&$data, $user, $id, $jobId = null, $passAlong = null) + public function _edit(&$data, $user, $id, $jobId = null, $passAlong = null, $force = false) { $data = $this->cleanupEventArrayFromXML($data); unset($this->Attribute->validate['event_id']); @@ -3703,6 +3743,23 @@ class Event extends AppModel } else { $existingEvent = $this->findById($id); } + if ($passAlong) { + $this->Server = ClassRegistry::init('Server'); + $server = $this->Server->find('first', array( + 'conditions' => array( + 'Server.id' => $passAlong + ), + 'recursive' => -1, + 'fields' => array( + 'Server.name', + 'Server.id', + 'Server.unpublish_event', + 'Server.publish_without_email' + ) + )); + } else { + $server['Server']['internal'] = false; + } // If the event exists... $dateObj = new DateTime(); $date = $dateObj->getTimestamp(); @@ -3712,7 +3769,7 @@ class Event extends AppModel // Conditions affecting all: // user.org == event.org // edit timestamp newer than existing event timestamp - if (!isset($data['Event']['timestamp']) || $data['Event']['timestamp'] > $existingEvent['Event']['timestamp']) { + if ($force || !isset($data['Event']['timestamp']) || $data['Event']['timestamp'] > $existingEvent['Event']['timestamp']) { if (!isset($data['Event']['timestamp'])) { $data['Event']['timestamp'] = $date; } @@ -3725,7 +3782,7 @@ class Event extends AppModel return(array('error' => 'Event could not be saved: Invalid sharing group or you don\'t have access to that sharing group.')); } } else { - $data['Event']['sharing_group_id'] = $this->SharingGroup->captureSG($data['Event']['SharingGroup'], $user); + $data['Event']['sharing_group_id'] = $this->SharingGroup->captureSG($data['Event']['SharingGroup'], $user, $server['Server']['internal']); unset($data['Event']['SharingGroup']); if ($data['Event']['sharing_group_id'] === false) { return (array('error' => 'Event could not be saved: User not authorised to create the associated sharing group.')); @@ -3784,7 +3841,7 @@ class Event extends AppModel if (isset($data['Event']['Attribute'])) { $data['Event']['Attribute'] = array_values($data['Event']['Attribute']); foreach ($data['Event']['Attribute'] as $k => $attribute) { - $result = $this->Attribute->editAttribute($attribute, $this->id, $user, 0, $this->Log); + $result = $this->Attribute->editAttribute($attribute, $this->id, $user, 0, $this->Log, $force); if ($result !== true) { $validationErrors['Attribute'][] = $result; } @@ -3793,7 +3850,7 @@ class Event extends AppModel if (isset($data['Event']['Object'])) { $data['Event']['Object'] = array_values($data['Event']['Object']); foreach ($data['Event']['Object'] as $k => $object) { - $result = $this->Object->editObject($object, $this->id, $user, $this->Log); + $result = $this->Object->editObject($object, $this->id, $user, $this->Log, $force); if ($result !== true) { $validationErrors['Object'][] = $result; } @@ -3801,7 +3858,7 @@ class Event extends AppModel foreach ($data['Event']['Object'] as $object) { if (isset($object['ObjectReference'])) { foreach ($object['ObjectReference'] as $objectRef) { - $result = $this->Object->ObjectReference->captureReference($objectRef, $this->id, $user, $this->Log); + $result = $this->Object->ObjectReference->captureReference($objectRef, $this->id, $user, $this->Log, $force); } } } @@ -3846,19 +3903,6 @@ class Event extends AppModel if ((!empty($data['Event']['published']) && 1 == $data['Event']['published'])) { // The edited event is from a remote server ? if ($passAlong) { - $this->Server = ClassRegistry::init('Server'); - $server = $this->Server->find('first', array( - 'conditions' => array( - 'Server.id' => $passAlong - ), - 'recursive' => -1, - 'fields' => array( - 'Server.name', - 'Server.id', - 'Server.unpublish_event', - 'Server.publish_without_email' - ) - )); if ($server['Server']['publish_without_email'] == 0) { $st = "enabled"; } else { @@ -6636,6 +6680,10 @@ class Event extends AppModel $this->Job->id = $jobId; } + if (!empty($exportTool->use_default_filters)) { + $exportTool->setDefaultFilters($filters); + } + if (empty($exportTool->non_restrictive_export)) { if (!isset($filters['to_ids'])) { $filters['to_ids'] = 1; @@ -6675,11 +6723,15 @@ class Event extends AppModel $subqueryElements = $this->harvestSubqueryElements($filters); $filters = $this->addFiltersFromSubqueryElements($filters, $subqueryElements); - $filters['include_attribute_count'] = 1; - $eventid = $this->filterEventIds($user, $filters, $elementCounter); - $eventCount = count($eventid); - $eventids_chunked = $this->__clusterEventIds($exportTool, $eventid); - unset($eventid); + if (empty($exportTool->mock_query_only)) { + $filters['include_attribute_count'] = 1; + $eventid = $this->filterEventIds($user, $filters, $elementCounter); + $eventCount = count($eventid); + $eventids_chunked = $this->__clusterEventIds($exportTool, $eventid); + unset($eventid); + } else { + $eventids_chunked = array(); + } if (!empty($exportTool->additional_params)) { $filters = array_merge($filters, $exportTool->additional_params); } @@ -6948,4 +7000,27 @@ class Event extends AppModel } return $filters; } + + /** + * @param array $event + */ + public function removeGalaxyClusterTags(array &$event) + { + $galaxyTagIds = array(); + foreach ($event['Galaxy'] as $galaxy) { + foreach ($galaxy['GalaxyCluster'] as $galaxyCluster) { + $galaxyTagIds[$galaxyCluster['tag_id']] = true; + } + } + + if (empty($galaxyTagIds)) { + return; + } + + foreach ($event['EventTag'] as $k => $eventTag) { + if (isset($galaxyTagIds[$eventTag['tag_id']])) { + unset($event['EventTag'][$k]); + } + } + } } diff --git a/app/Model/Feed.php b/app/Model/Feed.php index ceefb22fa..7182794d9 100644 --- a/app/Model/Feed.php +++ b/app/Model/Feed.php @@ -247,10 +247,7 @@ class Feed extends AppModel $data = $this->feedGetUri($feed, $feedUrl, $HttpSocket, true); if (!$isLocal) { - $redis = $this->setupRedis(); - if ($redis === false) { - throw new Exception('Could not reach Redis.'); - } + $redis = $this->setupRedisWithException(); $redis->del('misp:feed_cache:' . $feed['Feed']['id']); file_put_contents($feedCache, $data); } @@ -331,109 +328,128 @@ class Feed extends AppModel return $data; } + /** + * Attach correlations from cached servers or feeds. + * + * @param array $objects + * @param array $user + * @param array $event + * @param bool $overrideLimit Override hardcoded limit for 10 000 attribute correlations. + * @param string $scope `Feed` or `Server` + * @return array + */ public function attachFeedCorrelations($objects, $user, &$event, $overrideLimit = false, $scope = 'Feed') { - $redis = $this->setupRedis(); - if ($redis !== false) { - $pipe = $redis->multi(Redis::PIPELINE); - $hashTable = array(); - $cachePrefix = 'misp:' . strtolower($scope) . '_cache:'; + try { + $redis = $this->setupRedisWithException(); + } catch (Exception $e) { + return $objects; + } - $this->Event = ClassRegistry::init('Event'); - $compositeTypes = $this->Event->Attribute->getCompositeTypes(); + $cachePrefix = 'misp:' . strtolower($scope) . '_cache:'; - foreach ($objects as $k => $object) { - if (in_array($object['type'], $compositeTypes)) { - $value = explode('|', $object['value']); - $hashTable[$k] = md5($value[0]); - } else { - $hashTable[$k] = md5($object['value']); - } - $redis->sismember($cachePrefix . 'combined', $hashTable[$k]); - } - $results = $pipe->exec(); - if (!$overrideLimit && count($objects) > 10000) { - foreach ($results as $k => $result) { - if ($result && empty($objects[$k]['disable_correlation'])) { - if (isset($event['FeedCount'])) { - $event['FeedCount']++; - } else { - $event['FeedCount'] = 1; - } - $objects[$k]['FeedHit'] = true; - } - } + // Redis cache for $scope is empty. + if ($redis->sCard($cachePrefix . 'combined') === 0) { + return $objects; + } + + $pipe = $redis->multi(Redis::PIPELINE); + $hashTable = array(); + + $this->Event = ClassRegistry::init('Event'); + $compositeTypes = $this->Event->Attribute->getCompositeTypes(); + + foreach ($objects as $k => $object) { + if (in_array($object['type'], $compositeTypes)) { + $value = explode('|', $object['value']); + $hashTable[$k] = md5($value[0]); } else { - if ($scope === 'Feed') { - $params = array( - 'recursive' => -1, - 'fields' => array('id', 'name', 'url', 'provider', 'source_format') - ); - if (!$user['Role']['perm_site_admin']) { - $params['conditions'] = array('Feed.lookup_visible' => 1); + $hashTable[$k] = md5($object['value']); + } + $redis->sismember($cachePrefix . 'combined', $hashTable[$k]); + } + $results = $pipe->exec(); + if (!$overrideLimit && count($objects) > 10000) { + foreach ($results as $k => $result) { + if ($result && empty($objects[$k]['disable_correlation'])) { + if (isset($event['FeedCount'])) { + $event['FeedCount']++; + } else { + $event['FeedCount'] = 1; } - $sources = $this->find('all', $params); - } else { - $params = array( - 'recursive' => -1, - 'fields' => array('id', 'name', 'url', 'caching_enabled') - ); - if (!$user['Role']['perm_site_admin']) { - $params['conditions'] = array('Server.caching_enabled' => 1); - } - $this->Server = ClassRegistry::init('Server'); - $sources = $this->Server->find('all', $params); + $objects[$k]['FeedHit'] = true; } + } + } else { + if ($scope === 'Feed') { + $params = array( + 'recursive' => -1, + 'fields' => array('id', 'name', 'url', 'provider', 'source_format') + ); + if (!$user['Role']['perm_site_admin']) { + $params['conditions'] = array('Feed.lookup_visible' => 1); + } + $sources = $this->find('all', $params); + } else { + $params = array( + 'recursive' => -1, + 'fields' => array('id', 'name', 'url', 'caching_enabled') + ); + if (!$user['Role']['perm_site_admin']) { + $params['conditions'] = array('Server.caching_enabled' => 1); + } + $this->Server = ClassRegistry::init('Server'); + $sources = $this->Server->find('all', $params); + } - $hitIds = array(); - foreach ($results as $k => $result) { - if ($result && empty($objects[$k]['disable_correlation'])) { - $hitIds[] = $k; + $hitIds = array(); + foreach ($results as $k => $result) { + if ($result && empty($objects[$k]['disable_correlation'])) { + $hitIds[] = $k; + } + } + foreach ($sources as $source) { + $sourceScopeId = $source[$scope]['id']; + + $pipe = $redis->multi(Redis::PIPELINE); + foreach ($hitIds as $k) { + $redis->sismember($cachePrefix . $sourceScopeId, $hashTable[$k]); + } + $sourceHits = $pipe->exec(); + foreach ($sourceHits as $k4 => $hit) { + if ($hit) { + if (!isset($event[$scope][$sourceScopeId]['id'])) { + if (!isset($event[$scope][$sourceScopeId])) { + $event[$scope][$sourceScopeId] = array(); + } + $event[$scope][$sourceScopeId] = array_merge($event[$scope][$sourceScopeId], $source[$scope]); + } + $objects[$hitIds[$k4]][$scope][] = $source[$scope]; } } - foreach ($sources as $source) { - $sourceScopeId = $source[$scope]['id']; - + if ($scope === 'Server' || $source[$scope]['source_format'] == 'misp') { $pipe = $redis->multi(Redis::PIPELINE); - foreach ($hitIds as $k) { - $redis->sismember($cachePrefix . $sourceScopeId, $hashTable[$k]); - } - $sourceHits = $pipe->exec(); - foreach ($sourceHits as $k4 => $hit) { - if ($hit) { - if (!isset($event[$scope][$sourceScopeId]['id'])) { - if (!isset($event[$scope][$sourceScopeId])) { - $event[$scope][$sourceScopeId] = array(); - } - $event[$scope][$sourceScopeId] = array_merge($event[$scope][$sourceScopeId], $source[$scope]); - } - $objects[$hitIds[$k4]][$scope][] = $source[$scope]; - } - } - if ($scope === 'Server' || $source[$scope]['source_format'] == 'misp') { - $pipe = $redis->multi(Redis::PIPELINE); - $eventUuidHitPosition = array(); - foreach ($objects as $k => $object) { - if (isset($object[$scope])) { - foreach ($object[$scope] as $currentFeed) { - if ($source[$scope]['id'] == $currentFeed['id']) { - $eventUuidHitPosition[] = $k; - $redis->smembers($cachePrefix . 'event_uuid_lookup:' . $hashTable[$k]); - } + $eventUuidHitPosition = array(); + foreach ($objects as $k => $object) { + if (isset($object[$scope])) { + foreach ($object[$scope] as $currentFeed) { + if ($source[$scope]['id'] == $currentFeed['id']) { + $eventUuidHitPosition[] = $k; + $redis->smembers($cachePrefix . 'event_uuid_lookup:' . $hashTable[$k]); } } } - $mispFeedHits = $pipe->exec(); - foreach ($mispFeedHits as $sourcehitPos => $f) { - foreach ($f as $url) { - list($feedId, $eventUuid) = explode('/', $url); - if (empty($event[$scope][$feedId]['event_uuids']) || !in_array($eventUuid, $event[$scope][$feedId]['event_uuids'])) { - $event[$scope][$feedId]['event_uuids'][] = $eventUuid; - } - foreach ($objects[$eventUuidHitPosition[$sourcehitPos]][$scope] as $tempKey => $tempFeed) { - if ($tempFeed['id'] == $feedId) { - $objects[$eventUuidHitPosition[$sourcehitPos]][$scope][$tempKey]['event_uuids'][] = $eventUuid; - } + } + $mispFeedHits = $pipe->exec(); + foreach ($mispFeedHits as $sourcehitPos => $f) { + foreach ($f as $url) { + list($feedId, $eventUuid) = explode('/', $url); + if (empty($event[$scope][$feedId]['event_uuids']) || !in_array($eventUuid, $event[$scope][$feedId]['event_uuids'])) { + $event[$scope][$feedId]['event_uuids'][] = $eventUuid; + } + foreach ($objects[$eventUuidHitPosition[$sourcehitPos]][$scope] as $tempKey => $tempFeed) { + if ($tempFeed['id'] == $feedId) { + $objects[$eventUuidHitPosition[$sourcehitPos]][$scope][$tempKey]['event_uuids'][] = $eventUuid; } } } @@ -441,9 +457,11 @@ class Feed extends AppModel } } } + if (!empty($event[$scope])) { $event[$scope] = array_values($event[$scope]); } + return $objects; } @@ -502,12 +520,17 @@ class Feed extends AppModel $result = array( 'header' => array( - 'Accept' => array('application/json', 'text/plain'), - 'Content-Type' => 'application/json', - 'MISP-version' => $version, - 'MISP-uuid' => Configure::read('MISP.uuid') + 'Accept' => array('application/json', 'text/plain'), + 'MISP-version' => $version, + 'MISP-uuid' => Configure::read('MISP.uuid'), ) ); + + // Enable gzipped responses if PHP has 'gzdecode' method + if (function_exists('gzdecode')) { + $result['header']['Accept-Encoding'] = 'gzip'; + } + if ($commit) { $result['header']['commit'] = $commit; } @@ -844,6 +867,10 @@ class Feed extends AppModel return false; } + if (empty($temp)) { + return true; + } + $data = array(); foreach ($temp as $value) { $data[] = array( @@ -853,14 +880,11 @@ class Feed extends AppModel 'to_ids' => $value['to_ids'] ); } - if (empty($data)) { - return true; - } $this->jobProgress($jobId, 'Saving data.', 50); try { - $result = $this->saveFreetextFeedData($this->data, $data, $user); + $result = $this->saveFreetextFeedData($this->data, $data, $user, $jobId); } catch (Exception $e) { $this->logException("Could not save freetext feed data for feed $feedId.", $e); return false; @@ -934,7 +958,7 @@ class Feed extends AppModel } } if ($feed['Feed']['fixed_event']) { - $temp = $this->Event->Attribute->find('all', array( + $existsAttributes = $this->Event->Attribute->find('all', array( 'conditions' => array( 'Attribute.deleted' => 0, 'Attribute.event_id' => $event['Event']['id'] @@ -942,28 +966,38 @@ class Feed extends AppModel 'recursive' => -1, 'fields' => array('id', 'value1', 'value2') )); - $event['Attribute'] = array(); - foreach ($temp as $t) { + $existsAttributesValueToId = array(); + foreach ($existsAttributes as $t) { if (!empty($t['Attribute']['value2'])) { $value = $t['Attribute']['value1'] . '|' . $t['Attribute']['value2']; } else { $value = $t['Attribute']['value1']; } - $event['Attribute'][$t['Attribute']['id']] = $value; + // Since event values are unique, it is OK to put value into key + $existsAttributesValueToId[$value] = $t['Attribute']['id']; } - unset($temp); + unset($existsAttributes); + + // Create event diff. After this cycle, `$data` will contains just attributes that do not exists in current + // event and in `$existsAttributesValueToId` will contains just attributes that do not exists in current feed. foreach ($data as $k => $dataPoint) { - $finder = array_search($dataPoint['value'], $event['Attribute']); - if ($finder !== false) { + if (isset($existsAttributesValueToId[$dataPoint['value']])) { unset($data[$k]); - unset($event['Attribute'][$finder]); + unset($existsAttributesValueToId[$dataPoint['value']]); + continue; + } + + // Because some types can be saved in modified version (for example, IPv6 address is convert to compressed + // format, we should also check if current event contains modified value. + $modifiedValue = $this->Event->Attribute->modifyBeforeValidation($dataPoint['type'], $dataPoint['value']); + if (isset($existsAttributesValueToId[$modifiedValue])) { + unset($data[$k]); + unset($existsAttributesValueToId[$modifiedValue]); } } - if ($feed['Feed']['delta_merge']) { - $to_delete = array_keys($event['Attribute']); - if (!empty($to_delete)) { - $this->Event->Attribute->deleteAll(array('Attribute.id' => $to_delete, 'Attribute.deleted' => 0)); - } + if ($feed['Feed']['delta_merge'] && !empty($existsAttributesValueToId)) { + $to_delete = array_values($existsAttributesValueToId); + $this->Event->Attribute->deleteAll(array('Attribute.id' => $to_delete, 'Attribute.deleted' => 0)); } } if (empty($data)) { @@ -987,8 +1021,8 @@ class Feed extends AppModel foreach ($data as $k => $chunk) { $this->Event->Attribute->create(); $this->Event->Attribute->save($chunk); - if ($k % 100 == 0) { - $this->jobProgress($jobId, null, 50 + round((50 * ((($k + 1) * 100) / count($data))))); + if ($k % 100 === 0) { + $this->jobProgress($jobId, null, 50 + round(($k + 1) / count($data) * 50)); } } if (!empty($data)) { @@ -1029,14 +1063,14 @@ class Feed extends AppModel } elseif ($scope == 'freetext' || $scope == 'csv') { $params['conditions']['source_format'] = array('csv', 'freetext'); } elseif ($scope == 'misp') { - $redis->del('misp:feed_cache:event_uuid_lookup:'); + $redis->del($redis->keys('misp:feed_cache:event_uuid_lookup:*')); $params['conditions']['source_format'] = 'misp'; } else { throw new InvalidArgumentException("Invalid value for scope, it must be integer or 'freetext', 'csv', 'misp' or 'all' string."); } } else { $redis->del('misp:feed_cache:combined'); - $redis->del('misp:feed_cache:event_uuid_lookup:'); + $redis->del($redis->keys('misp:feed_cache:event_uuid_lookup:*')); } $feeds = $this->find('all', $params); $atLeastOneSuccess = false; @@ -1590,24 +1624,51 @@ class Feed extends AppModel if ($data === false) { throw new Exception("Could not read local file '$uri'."); } + return $data; } else { throw new Exception("Local file '$uri' doesn't exists."); } + } + + $request = $this->__createFeedRequest($feed['Feed']['headers']); + + if ($followRedirect) { + $response = $this->getFollowRedirect($HttpSocket, $uri, $request); } else { - $request = $this->__createFeedRequest($feed['Feed']['headers']); + $response = $HttpSocket->get($uri, array(), $request); + } - if ($followRedirect) { - $response = $this->getFollowRedirect($HttpSocket, $uri, $request); - } else { - $response = $HttpSocket->get($uri, array(), $request); - } + if ($response === false) { + throw new Exception("Could not reach '$uri'."); + } else if ($response->code != 200) { // intentionally != + throw new Exception("Fetching the '$uri' failed with HTTP error {$response->code}: {$response->reasonPhrase}"); + } - if ($response === false) { - throw new Exception("Could not reach '$uri'."); - } else if ($response->code != 200) { // intentionally != - throw new Exception("Fetching the '$uri' failed with HTTP error {$response->code}: {$response->reasonPhrase}"); + $data = $response->body; + + $contentEncoding = $response->getHeader('Content-Encoding'); + if ($contentEncoding === 'gzip') { + $data = gzdecode($data); + if ($data === false) { + throw new Exception("Fetching the '$uri' failed, response should be gzip encoded, but gzip decoding failed."); + } + } else if ($contentEncoding) { + throw new Exception("Fetching the '$uri' failed, because remote server returns unsupported content encoding '$contentEncoding'"); + } + + $contentType = $response->getHeader('Content-Type'); + if ($contentType === 'application/zip') { + $zipFile = new File($this->tempFileName()); + $zipFile->write($data); + $zipFile->close(); + + try { + $data = $this->unzipFirstFile($zipFile); + } catch (Exception $e) { + throw new Exception("Fetching the '$uri' failed: {$e->getMessage()}"); + } finally { + $zipFile->delete(); } - $data = $response->body; } return $data; @@ -1720,4 +1781,47 @@ class Feed extends AppModel $this->save($feed); return $count; } + + /** + * @param File $zipFile + * @return string Uncompressed data + * @throws Exception + */ + private function unzipFirstFile(File $zipFile) + { + if (!class_exists('ZipArchive')) { + throw new Exception("ZIP archive decompressing is not supported."); + } + + $zip = new ZipArchive(); + $result = $zip->open($zipFile->pwd()); + if ($result !== true) { + throw new Exception("Remote server returns ZIP file, that cannot be open (error $result)"); + } + + if ($zip->numFiles !== 1) { + throw new Exception("Remote server returns ZIP file, that contains multiple files."); + } + + $filename = $zip->getNameIndex(0); + if ($filename === false) { + throw new Exception("Remote server returns ZIP file, but there is a problem with reading filename."); + } + + $zip->close(); + + $destinationFile = $this->tempFileName(); + $result = copy("zip://{$zipFile->pwd()}#$filename", $destinationFile); + if ($result === false) { + throw new Exception("Remote server returns ZIP file, that contains '$filename' file, that cannot be extracted."); + } + + $unzipped = new File($destinationFile); + $data = $unzipped->read(); + if ($data === false) { + throw new Exception("Couldn't read extracted file content."); + } + $unzipped->delete(); + return $data; + } } diff --git a/app/Model/Log.php b/app/Model/Log.php index e73b51cd5..6d519fe8f 100644 --- a/app/Model/Log.php +++ b/app/Model/Log.php @@ -37,7 +37,6 @@ class Log extends AppModel 'enable', 'error', 'export', - 'failed_registration', 'file_upload', 'galaxy', 'include_formula', @@ -52,13 +51,15 @@ class Log extends AppModel 'pull', 'purge_events', 'push', + 'registration', + 'registration_error', 'remove_dead_workers', 'request', 'request_delegation', 'reset_auth_key', + 'send_mail', 'security', 'serverSettingsEdit', - 'succeeded_registration', 'tag', 'undelete', 'update', @@ -96,18 +97,6 @@ class Log extends AppModel 'email' => array('values' => array('admin_email')) ); - public function beforeValidete() - { - parent::beforeValidate(); - if (!isset($this->data['Log']['org']) || empty($this->data['Log']['org'])) { - $this->data['Log']['org'] = 'SYSTEM'; - } - // truncate the description if it would exceed the allowed size in mysql - if (!empty($this->data['Log']['description'] && strlen($this->data['Log']['description']) > 65536)) { - $this->data['Log']['description'] = substr($this->data['Log']['description'], 0, 65535); - } - } - public function beforeSave($options = array()) { if (!empty(Configure::read('MISP.log_skip_db_logs_completely'))) { @@ -125,7 +114,7 @@ class Log extends AppModel if (!isset($this->data['Log']['created'])) { $this->data['Log']['created'] = date('Y-m-d H:i:s'); } - if (!isset($this->data['Log']['org'])) { + if (!isset($this->data['Log']['org']) || empty($this->data['Log']['org'])) { $this->data['Log']['org'] = 'SYSTEM'; } $truncate_fields = array('title', 'change', 'description'); diff --git a/app/Model/MispObject.php b/app/Model/MispObject.php index 3aec61001..d81214cae 100644 --- a/app/Model/MispObject.php +++ b/app/Model/MispObject.php @@ -506,7 +506,10 @@ class MispObject extends AppModel ) ), ); - if (empty($options['includeAllTags'])) { + if (!empty($options['metadata'])) { + unset($params['contain']['Attribute']); + } + if (empty($options['metadata']) && empty($options['includeAllTags'])) { $params['contain']['Attribute']['AttributeTag']['Tag']['conditions']['exportable'] = 1; } if (isset($options['contain'])) { @@ -514,7 +517,12 @@ class MispObject extends AppModel } else { $option['contain']['Event']['fields'] = array('id', 'info', 'org_id', 'orgc_id'); } - if (Configure::read('MISP.proposals_block_attributes') && isset($options['conditions']['AND']['Attribute.to_ids']) && $options['conditions']['AND']['Attribute.to_ids'] == 1) { + if ( + empty($options['metadata']) && + Configure::read('MISP.proposals_block_attributes') && + isset($options['conditions']['AND']['Attribute.to_ids']) && + $options['conditions']['AND']['Attribute.to_ids'] == 1 + ) { $this->Attribute->bindModel(array('hasMany' => array('ShadowAttribute' => array('foreignKey' => 'old_id')))); $proposalRestriction = array( 'ShadowAttribute' => array( @@ -544,7 +552,7 @@ class MispObject extends AppModel if (!isset($options['enforceWarninglist'])) { $options['enforceWarninglist'] = false; } - if (!$user['Role']['perm_sync'] || !isset($options['deleted']) || !$options['deleted']) { + if (empty($options['metadata']) && (!$user['Role']['perm_sync'] || !isset($options['deleted']) || !$options['deleted'])) { $params['contain']['Attribute']['conditions']['AND']['Attribute.deleted'] = 0; } if (isset($options['group'])) { @@ -566,23 +574,25 @@ class MispObject extends AppModel } $results = array_values($results); $proposals_block_attributes = Configure::read('MISP.proposals_block_attributes'); - foreach ($results as $key => $objects) { - foreach ($objects as $key2 => $attribute) { - if ($options['enforceWarninglist'] && !$this->Warninglist->filterWarninglistAttributes($warninglists, $attribute['Attribute'], $this->Warninglist)) { - unset($results[$key][$key2]); - continue; - } - if ($proposals_block_attributes) { - if (!empty($attribute['ShadowAttribute'])) { + if (empty($options['metadata'])) { + foreach ($results as $key => $objects) { + foreach ($objects as $key2 => $attribute) { + if ($options['enforceWarninglist'] && !$this->Warninglist->filterWarninglistAttributes($warninglists, $attribute['Attribute'], $this->Warninglist)) { unset($results[$key][$key2]); - } else { - unset($results[$key][$key2]['ShadowAttribute']); + continue; } - } - if ($options['withAttachments']) { - if ($this->typeIsAttachment($attribute['Attribute']['type'])) { - $encodedFile = $this->base64EncodeAttachment($attribute['Attribute']); - $results[$key][$key2]['Attribute']['data'] = $encodedFile; + if ($proposals_block_attributes) { + if (!empty($attribute['ShadowAttribute'])) { + unset($results[$key][$key2]); + } else { + unset($results[$key][$key2]['ShadowAttribute']); + } + } + if ($options['withAttachments']) { + if ($this->typeIsAttachment($attribute['Attribute']['type'])) { + $encodedFile = $this->base64EncodeAttachment($attribute['Attribute']); + $results[$key][$key2]['Attribute']['data'] = $encodedFile; + } } } } @@ -947,7 +957,7 @@ class MispObject extends AppModel return 'fail'; } - public function editObject($object, $eventId, $user, $log) + public function editObject($object, $eventId, $user, $log, $force = false) { $object['event_id'] = $eventId; if (isset($object['uuid'])) { @@ -973,7 +983,7 @@ class MispObject extends AppModel return true; } if (isset($object['timestamp'])) { - if ($existingObject['Object']['timestamp'] >= $object['timestamp']) { + if ($force || $existingObject['Object']['timestamp'] >= $object['timestamp']) { return true; } } else { @@ -1023,7 +1033,7 @@ class MispObject extends AppModel } if (!empty($object['Attribute'])) { foreach ($object['Attribute'] as $attribute) { - $result = $this->Attribute->editAttribute($attribute, $eventId, $user, $object['id'], $log); + $result = $this->Attribute->editAttribute($attribute, $eventId, $user, $object['id'], $log, $force); } } return true; @@ -1344,7 +1354,8 @@ class MispObject extends AppModel 'includeCorrelations' => !empty($filters['includeCorrelations']) ? $filters['includeCorrelations'] : 0, 'includeDecayScore' => !empty($filters['includeDecayScore']) ? $filters['includeDecayScore'] : 0, 'includeFullModel' => !empty($filters['includeFullModel']) ? $filters['includeFullModel'] : 0, - 'allow_proposal_blocking' => !empty($filters['allow_proposal_blocking']) ? $filters['allow_proposal_blocking'] : 0 + 'allow_proposal_blocking' => !empty($filters['allow_proposal_blocking']) ? $filters['allow_proposal_blocking'] : 0, + 'metadata' => !empty($filters['metadata']) ? $filters['metadata'] : 0, ); if (!empty($filters['attackGalaxy'])) { $params['attackGalaxy'] = $filters['attackGalaxy']; @@ -1377,6 +1388,9 @@ class MispObject extends AppModel if (!empty($filters['score'])) { $params['score'] = $filters['score']; } + if (!empty($filters['metadata'])) { + $params['metadata'] = $filters['metadata']; + } if ($paramsOnly) { return $params; } @@ -1423,8 +1437,16 @@ class MispObject extends AppModel { $continue = true; while ($continue) { + $temp = ''; $this->Whitelist = ClassRegistry::init('Whitelist'); $results = $this->fetchObjects($user, $params, $continue); + if (empty($results)) { + $loop = false; + return true; + } + if ($elementCounter !== 0 && !empty($results)) { + $temp .= $exportTool->separator($exportToolParams); + } if ($params['includeSightingdb']) { $this->Sightingdb = ClassRegistry::init('Sightingdb'); $results = $this->Sightingdb->attachToObjects($results, $user); @@ -1433,7 +1455,6 @@ class MispObject extends AppModel $results = $this->Whitelist->removeWhitelistedFromArray($results, true); $results = array_values($results); $i = 0; - $temp = ''; foreach ($results as $object) { $elementCounter++; $handlerResult = $exportTool->handler($object, $exportToolParams); @@ -1448,9 +1469,6 @@ class MispObject extends AppModel if (!$loop) { $continue = false; } - if ($continue) { - $temp .= $exportTool->separator($exportToolParams); - } fwrite($tmpfile, $temp); } return true; diff --git a/app/Model/Role.php b/app/Model/Role.php index 6d5e37947..dfb9232d7 100644 --- a/app/Model/Role.php +++ b/app/Model/Role.php @@ -84,7 +84,8 @@ class Role extends AppModel 'id' => 'RolePermAuth', 'text' => 'Auth key access', 'readonlyenabled' => true, - 'title' => 'Users with this permission have access to authenticating via their Auth keys, granting them access to the API.' + 'title' => 'Users with this permission have access to authenticating via their Auth keys, granting them access to the API.', + 'site_admin_optional' => true ), 'perm_regexp_access' => array( 'id' => 'RolePermRegexpAccess', diff --git a/app/Model/Server.php b/app/Model/Server.php index a0684dcd4..6a5dc0d82 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -1270,6 +1270,54 @@ class Server extends AppModel 'type' => 'boolean', 'null' => true ), + 'email_otp_enabled' => array( + 'level'=> 2, + 'description' => __('Enable two step authentication with a OTP sent by email. Requires e-mailing to be enabled. Warning: You cannot use it in combination with external authentication plugins.'), + 'value' => false, + 'errorMessage' => '', + 'test' => 'testBool', + 'beforeHook' => 'otpBeforeHook', + 'type' => 'boolean', + 'null' => true + ), + 'email_otp_length' => array ( + 'level' => 2, + 'description' => __('Define the length of the OTP code sent by email'), + 'value' => '6', + 'errorMessage' => '', + 'type' => 'numeric', + 'test' => 'testForNumeric', + 'null' => true, + ), + 'email_otp_validity' => array ( + 'level' => 2, + 'description' => __('Define the validity (in minutes) of the OTP code sent by email'), + 'value' => '5', + 'errorMessage' => '', + 'type' => 'numeric', + 'test' => 'testForNumeric', + 'null' => true, + ), + 'email_otp_text' => array( + 'level' => 2, + 'bigField' => true, + 'description' => __('The message sent to the user when a new OTP is requested. Use \\n for line-breaks. The following variables will be automatically replaced in the text: $otp = the new OTP generated by MISP, $username = the user\'s e-mail address, $org the Organisation managing the instance, $misp = the url of this instance, $contact = the e-mail address used to contact the support team (as set in MISP.contact), $ip the IP used to complete the first step of the login and $validity the validity time in minutes.'), + 'value' => 'Dear MISP user,\n\nYou have attempted to login to MISP ($misp) from $ip with username $username.\n\n Use the following OTP to log into MISP: $otp\n This code is valid for the next $validity minutes.\n\nIf you have any questions, don\'t hesitate to contact us at: $contact.\n\nBest regards,\nYour $org MISP support team', + 'errorMessage' => '', + 'test' => 'testForEmpty', + 'type' => 'string', + 'null' => true, + ), + 'email_otp_exceptions' => array( + 'level' => 2, + 'bigField' => true, + 'description' => __('A comma separated list of emails for which the OTP is disabled. Note that if you remove someone from this list, the OTP will only be asked at next login.'), + 'value' => '', + 'errorMessage' => '', + 'test' => 'testForEmpty', + 'type' => 'string', + 'null' => true, + ), 'allow_self_registration' => array( 'level' => 1, 'description' => __('Enabling this setting will allow users to have access to the pre-auth registration form. This will create an inbox entry for administrators to review.'), @@ -1767,6 +1815,24 @@ class Server extends AppModel 'type' => 'numeric', 'afterHook' => 'zmqAfterHook', ), + 'ZeroMQ_username' => array( + 'level' => 2, + 'description' => __('The username that client need to use to connect to ZeroMQ.'), + 'value' => '', + 'errorMessage' => '', + 'test' => 'testForEmpty', + 'type' => 'string', + 'afterHook' => 'zmqAfterHook', + ), + 'ZeroMQ_password' => array( + 'level' => 2, + 'description' => __('The password that client need to use to connect to ZeroMQ.'), + 'value' => '', + 'errorMessage' => '', + 'test' => 'testForEmpty', + 'type' => 'string', + 'afterHook' => 'zmqAfterHook', + ), 'ZeroMQ_redis_host' => array( 'level' => 2, 'description' => __('Location of the Redis db used by MISP and the Python PUB script to queue data to be published.'), @@ -2325,11 +2391,11 @@ class Server extends AppModel return true; } - private function __getEventIdListBasedOnPullTechnique($technique, $server) + private function __getEventIdListBasedOnPullTechnique($technique, $server, $force = false) { if ("full" === $technique) { // get a list of the event_ids on the server - $eventIds = $this->getEventIdsFromServer($server); + $eventIds = $this->getEventIdsFromServer($server, false, null, false, false, 'events', $force); if ($eventIds === 403) { return array('error' => array(1, null)); } elseif (is_string($eventIds)) { @@ -2341,7 +2407,7 @@ class Server extends AppModel $eventIds = array_reverse($eventIds); } } elseif ("update" === $technique) { - $eventIds = $this->getEventIdsFromServer($server, false, null, true, true); + $eventIds = $this->getEventIdsFromServer($server, false, null, true, true, 'events', $force); if ($eventIds === 403) { return array('error' => array(1, null)); } elseif (is_string($eventIds)) { @@ -2436,7 +2502,7 @@ class Server extends AppModel return false; } - private function __checkIfPulledEventExistsAndAddOrUpdate($event, $eventId, &$successes, &$fails, $eventModel, $server, $user, $jobId) + private function __checkIfPulledEventExistsAndAddOrUpdate($event, $eventId, &$successes, &$fails, $eventModel, $server, $user, $jobId, $force = false) { // check if the event already exist (using the uuid) $existingEvent = $eventModel->find('first', array('conditions' => array('Event.uuid' => $event['Event']['uuid']))); @@ -2453,7 +2519,7 @@ class Server extends AppModel if (!$existingEvent['Event']['locked'] && !$server['Server']['internal']) { $fails[$eventId] = __('Blocked an edit to an event that was created locally. This can happen if a synchronised event that was created on this instance was modified by an administrator on the remote side.'); } else { - $result = $eventModel->_edit($event, $user, $existingEvent['Event']['id'], $jobId, $passAlong); + $result = $eventModel->_edit($event, $user, $existingEvent['Event']['id'], $jobId, $passAlong, $force); if ($result === true) { $successes[] = $eventId; } elseif (isset($result['error'])) { @@ -2465,7 +2531,7 @@ class Server extends AppModel } } - private function __pullEvent($eventId, &$successes, &$fails, $eventModel, $server, $user, $jobId) + private function __pullEvent($eventId, &$successes, &$fails, $eventModel, $server, $user, $jobId, $force = false) { $event = $eventModel->downloadEventFromServer( $eventId, @@ -2480,7 +2546,7 @@ class Server extends AppModel if (!$this->__checkIfEventSaveAble($event)) { $fails[$eventId] = __('Empty event detected.'); } else { - $this->__checkIfPulledEventExistsAndAddOrUpdate($event, $eventId, $successes, $fails, $eventModel, $server, $user, $jobId); + $this->__checkIfPulledEventExistsAndAddOrUpdate($event, $eventId, $successes, $fails, $eventModel, $server, $user, $jobId, $force); } } else { // error @@ -2545,7 +2611,7 @@ class Server extends AppModel return $pulledProposals; } - public function pull($user, $id = null, $technique=false, $server, $jobId = false) + public function pull($user, $id = null, $technique=false, $server, $jobId = false, $force = false) { if ($jobId) { $job = ClassRegistry::init('Job'); @@ -2559,7 +2625,7 @@ class Server extends AppModel $eventIds = array(); // if we are downloading a single event, don't fetch all proposals $conditions = is_numeric($technique) ? array('Event.id' => $technique) : array(); - $eventIds = $this->__getEventIdListBasedOnPullTechnique($technique, $server); + $eventIds = $this->__getEventIdListBasedOnPullTechnique($technique, $server, $force); $server['Server']['version'] = $this->getRemoteVersion($id); if (!empty($eventIds['error'])) { $errors = array( @@ -2588,7 +2654,7 @@ class Server extends AppModel if (!empty($eventIds)) { // download each event foreach ($eventIds as $k => $eventId) { - $this->__pullEvent($eventId, $successes, $fails, $eventModel, $server, $user, $jobId); + $this->__pullEvent($eventId, $successes, $fails, $eventModel, $server, $user, $jobId, $force); if ($jobId) { if ($k % 10 == 0) { $job->saveField('progress', 50 * (($k + 1) / count($eventIds))); @@ -2701,7 +2767,7 @@ class Server extends AppModel } // Get an array of event_ids that are present on the remote server - public function getEventIdsFromServer($server, $all = false, $HttpSocket=null, $force_uuid=false, $ignoreFilterRules = false, $scope = 'events') + public function getEventIdsFromServer($server, $all = false, $HttpSocket=null, $force_uuid=false, $ignoreFilterRules = false, $scope = 'events', $force = false) { $url = $server['Server']['url']; if ($ignoreFilterRules) { @@ -2785,7 +2851,9 @@ class Server extends AppModel } } } - $this->Event->removeOlder($eventArray, $scope); + if (!$force) { + $this->Event->removeOlder($eventArray, $scope); + } if (!empty($eventArray)) { foreach ($eventArray as $event) { if ($force_uuid) { @@ -3122,15 +3190,6 @@ class Server extends AppModel private function readModuleSettings($serverSettings, $moduleTypes) { $this->Module = ClassRegistry::init('Module'); - $orgs = $this->Organisation->find('list', array( - 'conditions' => array( - 'Organisation.local' => 1 - ), - 'fields' => array( - 'Organisation.id', 'Organisation.name' - ) - )); - $orgs = array_merge(array('Unrestricted'), $orgs); foreach ($moduleTypes as $moduleType) { if (Configure::read('Plugin.' . $moduleType . '_services_enable')) { $results = $this->Module->getModuleSettings($moduleType); @@ -3559,7 +3618,7 @@ class Server extends AppModel if ($errorMessage) { return $errorMessage; } - return 'Value is not a boolean, make sure that you convert \'true\' to true for example.'; + return __('Value is not a boolean, make sure that you convert \'true\' to true for example.'); } return true; } @@ -3749,6 +3808,14 @@ class Server extends AppModel return true; } + public function otpBeforeHook($setting, $value) + { + if ($value && !empty(Configure::read('MISP.disable_emailing'))) { + return __('Emailing is currently disabled. Enabling OTP without e-mailing being configured would lock all users out.'); + } + return true; + } + public function testForRPZSerial($value) { if ($this->testForEmpty($value) !== true) { @@ -3910,7 +3977,6 @@ class Server extends AppModel } else { $serverSettings = $this->serverSettings; } - $relevantSettings = (array_intersect_key(Configure::read(), $serverSettings)); $setting = false; foreach ($serverSettings as $k => $s) { if (isset($s['branch'])) { @@ -4564,26 +4630,28 @@ class Server extends AppModel switch($field['error_type']) { case 'missing_column': $field['sql'] = sprintf( - 'ALTER TABLE `%s` ADD COLUMN `%s` %s%s %s %s %s;', + 'ALTER TABLE `%s` ADD COLUMN `%s` %s%s %s %s %s %s;', $table, $field['column_name'], $field['expected']['data_type'], $length !== null ? sprintf('(%d)', $length) : '', isset($field['expected']['column_default']) ? 'DEFAULT "' . $field['expected']['column_default'] . '"' : '', $field['expected']['is_nullable'] === 'NO' ? 'NOT NULL' : 'NULL', - empty($field['expected']['collation_name']) ? '' : 'COLLATE ' . $field['expected']['collation_name'] + empty($field['expected']['collation_name']) ? '' : 'COLLATE ' . $field['expected']['collation_name'], + empty($field['expected']['extra']) ? '' : $field['expected']['extra'] ); break; case 'column_different': $field['sql'] = sprintf( - 'ALTER TABLE `%s` MODIFY COLUMN `%s` %s%s %s %s %s;', + 'ALTER TABLE `%s` MODIFY COLUMN `%s` %s%s %s %s %s %s;', $table, $field['column_name'], $field['expected']['data_type'], $length !== null ? sprintf('(%d)', $length) : '', isset($field['expected']['column_default']) ? 'DEFAULT "' . $field['expected']['column_default'] . '"' : '', $field['expected']['is_nullable'] === 'NO' ? 'NOT NULL' : 'NULL', - empty($field['expected']['collation_name']) ? '' : 'COLLATE ' . $field['expected']['collation_name'] + empty($field['expected']['collation_name']) ? '' : 'COLLATE ' . $field['expected']['collation_name'], + empty($field['expected']['extra']) ? '' : $field['expected']['extra'] ); break; } @@ -4600,13 +4668,14 @@ class Server extends AppModel } elseif ($expectedField['data_type'] === 'text') { $length = null; } - $fieldSql = sprintf('`%s` %s%s %s %s %s', + $fieldSql = sprintf('`%s` %s%s %s %s %s %s', $expectedField['column_name'], $expectedField['data_type'], $length !== null ? sprintf('(%d)', $length) : '', isset($expectedField['column_default']) ? 'DEFAULT "' . $expectedField['column_default'] . '"' : '', $expectedField['is_nullable'] === 'NO' ? 'NOT NULL' : 'NULL', - empty($expectedField['collation_name']) ? '' : 'COLLATE ' . $expectedField['collation_name'] + empty($expectedField['collation_name']) ? '' : 'COLLATE ' . $expectedField['collation_name'], + empty($field['expected']['extra']) ? '' : $field['expected']['extra'] ); $allFields[] = $fieldSql; } @@ -4657,7 +4726,8 @@ class Server extends AppModel // 'datetime_precision', -- Only available on MySQL 5.6+ 'collation_name', 'column_type', - 'column_default' + 'column_default', + 'extra', ) ){ $dbActualSchema = array(); @@ -4939,7 +5009,7 @@ class Server extends AppModel public function stixDiagnostics(&$diagnostic_errors, &$stixVersion, &$cyboxVersion, &$mixboxVersion, &$maecVersion, &$stix2Version, &$pymispVersion) { $result = array(); - $expected = array('stix' => '>1.2.0.6', 'cybox' => '>2.1.0.18.dev0', 'mixbox' => '1.0.3', 'maec' => '>4.1.0.14', 'stix2' => '>1.2.0', 'pymisp' => '>2.4.120'); + $expected = array('stix' => '>1.2.0.9', 'cybox' => '>2.1.0.21', 'mixbox' => '1.0.3', 'maec' => '>4.1.0.14', 'stix2' => '>1.2.0', 'pymisp' => '>2.4.120'); // check if the STIX and Cybox libraries are working using the test script stixtest.py $scriptResult = shell_exec($this->getPythonVersion() . ' ' . APP . 'files' . DS . 'scripts' . DS . 'stixtest.py'); $scriptResult = json_decode($scriptResult, true); @@ -5761,7 +5831,7 @@ class Server extends AppModel $params['conditions']['Server.id'] = $id; } else { $redis->del('misp:server_cache:combined'); - $redis->del('misp:server_cache:event_uuid_lookup:'); + $redis->del($redis->keys('misp:server_cache:event_uuid_lookup:*')); } $servers = $this->find('all', $params); if ($jobId) { diff --git a/app/Model/SharingGroup.php b/app/Model/SharingGroup.php index 89c51a1aa..ba9605411 100644 --- a/app/Model/SharingGroup.php +++ b/app/Model/SharingGroup.php @@ -54,6 +54,10 @@ class SharingGroup extends AppModel ); private $__sgoCache = array(); + private $__sgAuthorisationCache = array( + 'save' => array(), + 'access' => array() + ); public function beforeValidate($options = array()) @@ -353,6 +357,9 @@ class SharingGroup extends AppModel // returns true if the SG exists and the user is allowed to see it public function checkIfAuthorised($user, $id, $adminCheck = true) { + if (isset($this->__sgAuthorisationCache['access'][boolval($adminCheck)][$id])) { + return $this->__sgAuthorisationCache['access'][boolval($adminCheck)][$id]; + } if (Validation::uuid($id)) { $sgid = $this->SharingGroup->find('first', array( 'conditions' => array('SharingGroup.uuid' => $id), @@ -372,8 +379,10 @@ class SharingGroup extends AppModel return false; } if (($adminCheck && $user['Role']['perm_site_admin']) || $this->SharingGroupServer->checkIfAuthorised($id) || $this->SharingGroupOrg->checkIfAuthorised($id, $user['org_id'])) { + $this->__sgAuthorisationCache['access'][boolval($adminCheck)][$id] = true; return true; } + $this->__sgAuthorisationCache['access'][boolval($adminCheck)][$id] = false; return false; } @@ -485,7 +494,7 @@ class SharingGroup extends AppModel return $results; } - public function captureSG($sg, $user) + public function captureSG($sg, $user, $syncLocal=false) { $existingSG = !isset($sg['uuid']) ? null : $this->find('first', array( 'recursive' => -1, @@ -501,6 +510,34 @@ class SharingGroup extends AppModel if (!$user['Role']['perm_sharing_group']) { return false; } + // check if current user is contained in the SG and we are in a local sync setup + if (!empty($sg['uuid'])) { + if (isset($this->__sgAuthorisationCache['save'][boolval($syncLocal)][$sg['uuid']])) { + $authorisedToSave = $this->__sgAuthorisationCache['save'][boolval($syncLocal)][$sg['uuid']]; + } else { + $authorisedToSave = $this->checkIfAuthorisedToSave($user, $sg); + $this->__sgAuthorisationCache['save'][boolval($syncLocal)][$sg['uuid']] = $authorisedToSave; + } + } else { + $authorisedToSave = $this->checkIfAuthorisedToSave($user, $sg); + } + if (!$user['Role']['perm_site_admin'] && + !($user['Role']['perm_sync'] && $syncLocal ) && + !$authorisedToSave + ) { + $this->Log->create(); + $entry = array( + 'org' => $user['Organisation']['name'], + 'model' => 'SharingGroup', + 'model_id' => $sg['SharingGroup']['uuid'], + 'email' => $user['email'], + 'action' => 'error', + 'user_id' => $user['id'], + 'title' => 'Tried to save a sharing group but the user does not belong to it.' + ); + $this->Log->save($entry); + return false; + } $this->create(); $newSG = array(); $attributes = array( diff --git a/app/Model/User.php b/app/Model/User.php index 934fccbe1..eb51e2591 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -910,7 +910,21 @@ class User extends AppModel } } $Email->attachments($attachments); - $result = $Email->send($body); + try { + $result = $Email->send($body); + } catch (Exception $e) { + $this->Log = ClassRegistry::init('Log'); + $this->Log->save(array( + 'org' => 'SYSTEM', + 'model' => 'User', + 'model_id' => $user['User']['id'], + 'email' => $user['User']['email'], + 'action' => 'send_mail', + 'title' => sprintf(__('Could not send mail. Reasons: %s'), $e->getMessage()), + 'change' => null, + )); + $result = false; + } $Email->reset(); return $result; } @@ -1540,7 +1554,7 @@ class User extends AppModel 'model' => 'User', 'model_id' => $added_by['id'], 'email' => $added_by['email'], - 'action' => 'failed_registration', + 'action' => 'registration_error', 'title' => 'User registration failed for ' . $user['email'] . '. Reason(s): ' . $error, 'change' => null, )); @@ -1555,7 +1569,7 @@ class User extends AppModel 'model' => 'User', 'model_id' => $added_by['id'], 'email' => $added_by['email'], - 'action' => 'succeeded_registration', + 'action' => 'registration', 'title' => sprintf('User registration success for %s (id=%s)', $user['User']['email'], $user['User']['id']), 'change' => null, )); diff --git a/app/Plugin/SysLog/Lib/SysLog.php b/app/Plugin/SysLog/Lib/SysLog.php index 6f23144b2..cf0a71dd2 100644 --- a/app/Plugin/SysLog/Lib/SysLog.php +++ b/app/Plugin/SysLog/Lib/SysLog.php @@ -68,10 +68,10 @@ class SysLog { } else if (in_array($type, $debugTypes)) { $priority = LOG_DEBUG; } - $output = date('Y-m-d H:i:s') . ' ' . ucfirst($type) . ': ' . $message . "\n"; if (!openlog($this->_ident, LOG_PID | LOG_PERROR, $this->_facility)) { return false; } + $output = date('Y-m-d H:i:s') . ' ' . ucfirst($type) . ': ' . $message; $result = syslog($priority, $output); closelog(); return $result; diff --git a/app/View/Attributes/add_attachment.ctp b/app/View/Attributes/add_attachment.ctp index 7cfca776d..eb81d71a3 100644 --- a/app/View/Attributes/add_attachment.ctp +++ b/app/View/Attributes/add_attachment.ctp @@ -67,9 +67,11 @@ Form->input('advanced', array( 'type' => 'checkbox', - 'checked' => false, + 'checked' => true, + 'disabled' => !$advancedExtractionAvailable, + 'data-disabled-reason' => !$advancedExtractionAvailable ? __('Advanced extraction is not installed') : '', 'div' => array('id' => 'advanced_input', 'style' => 'display:none'), - 'label' => __('Advanced extraction (if installed)'), + 'label' => __('Advanced extraction'), )); ?> @@ -131,7 +133,7 @@ $(document).ready(function() { $("#AttributeCategory, #AttributeDistribution").change(function() { initPopoverContent('Attribute'); }); - + $("#AttributeMalware").change(function () { if (this.checked) { $('#advanced_input').show(); diff --git a/app/View/Elements/eventdiscussion.ctp b/app/View/Elements/eventdiscussion.ctp index 6f30ae69a..0fe61c52e 100644 --- a/app/View/Elements/eventdiscussion.ctp +++ b/app/View/Elements/eventdiscussion.ctp @@ -1,3 +1,4 @@ +

-
+
- - > +
@@ -36,7 +36,7 @@
Top | - " class="whitelink"># + #
@@ -58,14 +58,14 @@ echo $this->Command->convertQuotes(nl2br(h($post['contents']))); if ($post['post_id'] !=0 || ($post['date_created'] != $post['date_modified'])) { ?> -

+

In reply to post - "># + # - +
@@ -90,14 +90,14 @@ echo $this->Form->postLink('', array('controller' => 'posts', 'action' => 'delete', h($post['id']), h($context)), array('class' => 'fa fa-trash', 'title' => __('Delete'), 'aria-label' => __('Delete')), __('Are you sure you want to delete this post?')); } else { ?> - + Html->link('', array('controller' => 'posts', 'action' => 'edit', h($post['id']), h($context)), array('class' => 'fa fa-edit', 'title' => __('Edit'), 'aria-label' => __('Edit'))); echo $this->Form->postLink('', array('controller' => 'posts', 'action' => 'delete', h($post['id']), h($context)), array('class' => 'fa fa-trash', 'title' => __('Delete'), 'aria-label' => __('Delete')), __('Are you sure you want to delete this post?')); ?> - +
-
+
@@ -139,11 +139,11 @@ ?>
- - - - - + + + + +
Form->input('message', array( @@ -154,7 +154,7 @@ )); ?>
- + Form->end(); ?> @@ -177,7 +177,7 @@ document.getElementById("PostMessage").value+="[Code][/Code]"; } - $(document).ready(function() { + $(function() { location.hash = "#message_"; }); diff --git a/app/View/Elements/genericElements/IndexTable/index_table.ctp b/app/View/Elements/genericElements/IndexTable/index_table.ctp index c6ead8ee9..7d4bdd66a 100644 --- a/app/View/Elements/genericElements/IndexTable/index_table.ctp +++ b/app/View/Elements/genericElements/IndexTable/index_table.ctp @@ -32,6 +32,7 @@ if (!$skipPagination) { $paginationData = !empty($data['paginatorOptions']) ? $data['paginatorOptions'] : array(); echo $this->element('/genericElements/IndexTable/pagination', array('paginationOptions' => $paginationData)); + echo $this->element('/genericElements/IndexTable/pagination_links'); } if (!empty($data['top_bar'])) { echo $this->element('/genericElements/ListTopBar/scaffold', array('data' => $data['top_bar'])); @@ -81,7 +82,7 @@ echo '
'; if (!$skipPagination) { echo $this->element('/genericElements/IndexTable/pagination_counter', $paginationData); - echo $this->element('/genericElements/IndexTable/pagination', $paginationData); + echo $this->element('/genericElements/IndexTable/pagination_links'); } ?>