mirror of https://github.com/MISP/MISP
fix: Re-added the accidentally removed code in a merge, fixes #1965
- affects f0e1a27b7d
pull/1972/head
parent
2db4751f65
commit
a59aab9b23
|
@ -138,7 +138,14 @@ service apache2 reload
|
|||
# Check out the /var/www/MISP/INSTALL/apache.misp.ssl file for an example
|
||||
|
||||
|
||||
8/ MISP configuration
|
||||
8/ Log rotation
|
||||
---------------
|
||||
# MISP saves the stdout and stderr of its workers in /var/www/MISP/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
cp INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
|
||||
9/ MISP configuration
|
||||
---------------------
|
||||
# There are 4 sample configuration files in /var/www/MISP/app/Config that need to be copied
|
||||
cd /var/www/MISP/app/Config
|
||||
|
|
|
@ -185,7 +185,14 @@ sudo systemctl restart apache2
|
|||
|
||||
sudo cp INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
|
||||
9/ MISP configuration
|
||||
9/ Log rotation
|
||||
---------------
|
||||
# MISP saves the stdout and stderr of its workers in /var/www/MISP/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
sudo cp INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
|
||||
10/ MISP configuration
|
||||
---------------------
|
||||
# There are 4 sample configuration files in /var/www/MISP/app/Config that need to be copied
|
||||
sudo -u www-data cp -a /var/www/MISP/app/Config/bootstrap.default.php /var/www/MISP/app/Config/bootstrap.php
|
||||
|
|
|
@ -129,7 +129,14 @@ service apache2 reload
|
|||
# Check out the apache.misp.ssl file for an example
|
||||
|
||||
|
||||
8/ MISP configuration
|
||||
-8/ Log rotation
|
||||
----------------
|
||||
# MISP saves the stdout and stderr of its workers in /var/www/MISP/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
cp INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
|
||||
9/ MISP configuration
|
||||
---------------------
|
||||
# There are 4 sample configuration files in /var/www/MISP/app/Config that need to be copied
|
||||
cd /var/www/MISP/app/Config
|
||||
|
|
|
@ -186,6 +186,13 @@ sudo systemctl restart apache2
|
|||
|
||||
sudo cp INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
|
||||
8/ Log rotation
|
||||
---------------
|
||||
# MISP saves the stdout and stderr of its workers in /var/www/MISP/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
sudo cp INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
|
||||
9/ MISP configuration
|
||||
---------------------
|
||||
# There are 4 sample configuration files in /var/www/MISP/app/Config that need to be copied
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
/var/www/MISP/app/tmp/logs/resque-*-error.log {
|
||||
rotate 30
|
||||
dateext
|
||||
missingok
|
||||
notifempty
|
||||
compress
|
||||
weekly
|
||||
copytruncate
|
||||
}
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
module misplogrotate 1.0;
|
||||
require {
|
||||
type logrotate_t;
|
||||
type httpd_sys_content_t;
|
||||
class dir { ioctl read getattr lock search open };
|
||||
}
|
||||
#============= logrotate_t ==============
|
||||
allow logrotate_t httpd_sys_content_t:dir { ioctl read getattr lock search open };
|
|
@ -177,7 +177,14 @@ service iptables save
|
|||
# Check out the apache.misp.ssl file for an example
|
||||
|
||||
|
||||
8/ MISP configuration
|
||||
8/ Log rotation
|
||||
---------------
|
||||
# MISP saves the stdout and stderr of its workers in /var/www/MISP/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
cp INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
|
||||
9/ MISP configuration
|
||||
---------------------
|
||||
# There are 4 sample configuration files in /var/www/MISP/app/Config that need to be copied
|
||||
cd /var/www/MISP/app/Config
|
||||
|
|
|
@ -194,7 +194,24 @@ firewall-cmd --reload
|
|||
# Check out the apache.misp.ssl file for an example
|
||||
|
||||
|
||||
8/ MISP configuration
|
||||
8/ Log rotation
|
||||
---------------
|
||||
# MISP saves the stdout and stderr of it's workers in /var/www/MISP/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
cp INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
|
||||
# Now make logrotate work under SELinux as well
|
||||
# Allow logrotate to modify the log files
|
||||
semanage fcontext -a -t httpd_log_t "/var/www/MISP/app/tmp/logs(/.*)?"
|
||||
chcon -R -t httpd_log_t /var/www/MISP/app/tmp/logs
|
||||
|
||||
# Allow logrotate to read /var/www
|
||||
checkmodule -M -m -o /tmp/misplogrotate.mod INSTALL/misplogrotate.te
|
||||
semodule_package -o /tmp/misplogrotate.pp -m /tmp/misplogrotate.mod
|
||||
semodule -i /tmp/misplogrotate.pp
|
||||
|
||||
9/ MISP configuration
|
||||
---------------------
|
||||
# There are 4 sample configuration files in /var/www/MISP/app/Config that need to be copied
|
||||
cd /var/www/MISP/app/Config
|
||||
|
|
|
@ -3097,6 +3097,8 @@ class EventsController extends AppController {
|
|||
foreach (${$source} as $k => $attribute) {
|
||||
if ($attribute['type'] == 'ip-src/ip-dst') {
|
||||
$types = array('ip-src', 'ip-dst');
|
||||
} else if ($attribute['type'] == 'ip-src|port/ip-dst|port') {
|
||||
$types = array('ip-src|port', 'ip-dst|port');
|
||||
} else if ($attribute['type'] == 'malware-sample') {
|
||||
if (!isset($attribute['data_is_handled']) || !$attribute['data_is_handled']) {
|
||||
App::uses('FileAccessTool', 'Tools');
|
||||
|
|
|
@ -8,6 +8,7 @@ class ComplexTypeTool {
|
|||
'/^h\[tt\]p/i' => 'http',
|
||||
'/\[\.\]/' => '.',
|
||||
'/\[dot\]/' => '.',
|
||||
'/\(dot\)/' => '.',
|
||||
'/\\\\\./' => '.',
|
||||
'/\.+/' => '.'
|
||||
);
|
||||
|
@ -217,7 +218,13 @@ class ComplexTypeTool {
|
|||
$inputRefangedNoPort = $inputRefanged;
|
||||
}
|
||||
// check for IP
|
||||
if (filter_var($inputRefangedNoPort, FILTER_VALIDATE_IP)) return array('types' => array('ip-dst', 'ip-src', 'ip-src/ip-dst'), 'to_ids' => true, 'default_type' => 'ip-dst', 'comment' => $comment, 'value' => $inputRefangedNoPort);
|
||||
if (filter_var($inputRefangedNoPort, FILTER_VALIDATE_IP)) {
|
||||
if (isset($port)) {
|
||||
return array('types' => array('ip-dst|port', 'ip-src|port', 'ip-src|port/ip-dst|port'), 'to_ids' => true, 'default_type' => 'ip-dst|port', 'comment' => $comment, 'value' => $inputRefangedNoPort . '|' . $port);
|
||||
} else {
|
||||
return array('types' => array('ip-dst', 'ip-src', 'ip-src/ip-dst'), 'to_ids' => true, 'default_type' => 'ip-dst', 'comment' => $comment, 'value' => $inputRefangedNoPort);
|
||||
}
|
||||
}
|
||||
if (strpos($inputRefangedNoPort, '/')) {
|
||||
$temp = explode('/', $inputRefangedNoPort);
|
||||
if (count($temp) == 2) {
|
||||
|
|
|
@ -918,8 +918,14 @@ class Event extends AppModel {
|
|||
// cleanup the array from things we do not want to expose
|
||||
foreach (array('Org', 'org_id', 'orgc_id', 'proposal_email_lock', 'org', 'orgc') as $field) unset($event['Event'][$field]);
|
||||
foreach ($event['Event']['EventTag'] as $kt => $tag) {
|
||||
if (!$tag['Tag']['exportable']) unset($event['Event']['EventTag'][$kt]);
|
||||
if (!$tag['Tag']['exportable']) {
|
||||
unset($event['Event']['EventTag'][$kt]);
|
||||
} else {
|
||||
unset($tag['org_id']);
|
||||
$event['Event']['Tag'][] = $tag['Tag'];
|
||||
}
|
||||
}
|
||||
unset($event['Event']['EventTag']);
|
||||
|
||||
// Add the local server to the list of instances in the SG
|
||||
if (isset($event['Event']['SharingGroup']) && isset($event['Event']['SharingGroup']['SharingGroupServer'])) {
|
||||
|
@ -961,6 +967,15 @@ class Event extends AppModel {
|
|||
}
|
||||
}
|
||||
}
|
||||
foreach ($attribute['AttributeTag'] as $kt => $tag) {
|
||||
if (!$tag['Tag']['exportable']) {
|
||||
unset($attribute['AttributeTag'][$kt]);
|
||||
} else {
|
||||
unset($tag['Tag']['org_id']);
|
||||
$attribute['Tag'][] = $tag['Tag'];
|
||||
}
|
||||
}
|
||||
unset($attribute['AttributeTag']);
|
||||
|
||||
// remove value1 and value2 from the output
|
||||
unset($attribute['value1']);
|
||||
|
@ -1458,6 +1473,10 @@ class Event extends AppModel {
|
|||
}
|
||||
$event['ShadowAttribute'] = array_values($event['ShadowAttribute']);
|
||||
}
|
||||
if ($event['Event']['orgc_id'] === $user['org_id'] && $user['Role']['perm_audit']) {
|
||||
$UserEmail = $this->User->getAuthUser($event['Event']['user_id'])['email'];
|
||||
$event['Event']['event_creator_email'] = $UserEmail;
|
||||
}
|
||||
}
|
||||
return $results;
|
||||
}
|
||||
|
@ -2435,7 +2454,8 @@ class Event extends AppModel {
|
|||
'fields' => array('id', 'url', 'name')
|
||||
)
|
||||
),
|
||||
)
|
||||
),
|
||||
'AttributeTag' => array('Tag')
|
||||
),
|
||||
'EventTag' => array('Tag'),
|
||||
'Org' => array('fields' => array('id', 'uuid', 'name', 'local')),
|
||||
|
|
|
@ -655,12 +655,20 @@ class Feed extends AppModel {
|
|||
if (empty($data)) {
|
||||
return true;
|
||||
}
|
||||
$prunedCopy = array();
|
||||
foreach ($data as $key => $value) {
|
||||
foreach ($prunedCopy as $copy) {
|
||||
if ($copy['type'] == $value['type'] && $copy['category'] == $value['category'] && $copy['value'] == $value['value']) {
|
||||
continue 2;
|
||||
}
|
||||
}
|
||||
$data[$key]['event_id'] = $event['Event']['id'];
|
||||
$data[$key]['distribution'] = $feed['Feed']['distribution'];
|
||||
$data[$key]['sharing_group_id'] = $feed['Feed']['sharing_group_id'];
|
||||
$data[$key]['to_ids'] = $feed['Feed']['override_ids'] ? 0 : $data[$key]['to_ids'];
|
||||
$prunedCopy[] = $data[$key];
|
||||
}
|
||||
$data = $prunedCopy;
|
||||
if ($jobId) {
|
||||
$job = ClassRegistry::init('Job');
|
||||
$job->id = $jobId;
|
||||
|
|
|
@ -39,22 +39,24 @@ class Role extends AppModel {
|
|||
);
|
||||
|
||||
public $permFlags = array(
|
||||
'perm_admin' => array('id' => 'RolePermAdmin', 'text' => 'Admin'),
|
||||
'perm_site_admin' => array('id' => 'RolePermSiteAdmin', 'text' => 'Site Admin'),
|
||||
'perm_sync' => array('id' => 'RolePermSync', 'text' => 'Sync Actions'),
|
||||
'perm_audit' => array('id' => 'RolePermAudit', 'text' => 'Audit Actions'),
|
||||
'perm_auth' => array('id' => 'RolePermAuth', 'text' => 'Auth key access'),
|
||||
'perm_regexp_access' => array('id' => 'RolePermRegexpAccess', 'text' => 'Regex Actions'),
|
||||
'perm_tagger' => array('id' => 'RolePermTagger', 'text' => 'Tagger'),
|
||||
'perm_tag_editor' => array('id' => 'RolePermTagEditor', 'text' => 'Tag Editor'),
|
||||
'perm_template' => array('id' => 'RolePermTemplate', 'text' => 'Template Editor'),
|
||||
'perm_sharing_group' => array('id' => 'RolePermSharingGroup', 'text' => 'Sharing Group Editor'),
|
||||
'perm_delegate' => array('id' => 'RolePermDelegate', 'text' => 'Delegations access')
|
||||
'perm_admin' => array('id' => 'RolePermAdmin', 'text' => 'Admin', 'readonlyenabled' => false),
|
||||
'perm_site_admin' => array('id' => 'RolePermSiteAdmin', 'text' => 'Site Admin', 'readonlyenabled' => false),
|
||||
'perm_sync' => array('id' => 'RolePermSync', 'text' => 'Sync Actions', 'readonlyenabled' => false),
|
||||
'perm_audit' => array('id' => 'RolePermAudit', 'text' => 'Audit Actions', 'readonlyenabled' => true),
|
||||
'perm_auth' => array('id' => 'RolePermAuth', 'text' => 'Auth key access', 'readonlyenabled' => true),
|
||||
'perm_regexp_access' => array('id' => 'RolePermRegexpAccess', 'text' => 'Regex Actions', 'readonlyenabled' => false),
|
||||
'perm_tagger' => array('id' => 'RolePermTagger', 'text' => 'Tagger', 'readonlyenabled' => false),
|
||||
'perm_tag_editor' => array('id' => 'RolePermTagEditor', 'text' => 'Tag Editor', 'readonlyenabled' => false),
|
||||
'perm_template' => array('id' => 'RolePermTemplate', 'text' => 'Template Editor', 'readonlyenabled' => false),
|
||||
'perm_sharing_group' => array('id' => 'RolePermSharingGroup', 'text' => 'Sharing Group Editor', 'readonlyenabled' => false),
|
||||
'perm_delegate' => array('id' => 'RolePermDelegate', 'text' => 'Delegations Access', 'readonlyenabled' => false),
|
||||
'perm_sighting' => array('id' => 'RolePermSighting', 'text' => 'Sighting Creator', 'readonlyenabled' => true)
|
||||
);
|
||||
|
||||
public $premissionLevelName = array('Read Only', 'Manage Own Events', 'Manage Organisation Events', 'Manage and Publish Organisation Events');
|
||||
|
||||
public function beforeSave($options = array()) {
|
||||
//Conversion from the named data access permission levels
|
||||
switch ($this->data['Role']['permission']) {
|
||||
case '0':
|
||||
$this->data['Role']['perm_add'] = 0;
|
||||
|
@ -64,7 +66,7 @@ class Role extends AppModel {
|
|||
break;
|
||||
case '1':
|
||||
$this->data['Role']['perm_add'] = 1;
|
||||
$this->data['Role']['perm_modify'] = 1; // SHOULD BE true
|
||||
$this->data['Role']['perm_modify'] = 1;
|
||||
$this->data['Role']['perm_modify_org'] = 0;
|
||||
$this->data['Role']['perm_publish'] = 0;
|
||||
break;
|
||||
|
@ -76,8 +78,8 @@ class Role extends AppModel {
|
|||
break;
|
||||
case '3':
|
||||
$this->data['Role']['perm_add'] = 1;
|
||||
$this->data['Role']['perm_modify'] = 1; // ?
|
||||
$this->data['Role']['perm_modify_org'] = 1; // ?
|
||||
$this->data['Role']['perm_modify'] = 1;
|
||||
$this->data['Role']['perm_modify_org'] = 1;
|
||||
$this->data['Role']['perm_publish'] = 1;
|
||||
break;
|
||||
default:
|
||||
|
|
|
@ -900,6 +900,9 @@ App::uses('RandomTool', 'Tools');
|
|||
'conditions' => $conditions
|
||||
);
|
||||
$orgs = $this->find($findType, $params);
|
||||
if (empty($orgs)) {
|
||||
return 0;
|
||||
}
|
||||
if ($org_id !== false) {
|
||||
return $orgs[0]['num_members'];
|
||||
} else {
|
||||
|
@ -954,7 +957,7 @@ App::uses('RandomTool', 'Tools');
|
|||
if ($fixedPassword) {
|
||||
$password = $fixedPassword;
|
||||
} else {
|
||||
$password = $this->generateRandomPassword();
|
||||
$password = $this->generateRandomPassword();
|
||||
}
|
||||
$body = str_replace('$password', $password, $body);
|
||||
$body = str_replace('$username', $user['User']['email'], $body);
|
||||
|
|
|
@ -24,6 +24,9 @@ echo $this->Form->end();
|
|||
echo $this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'addRole'));
|
||||
$this->Js->get('#RolePermission')->event('change', 'deactivateActions()');
|
||||
foreach ($permFlags as $k => $flag) {
|
||||
if ($k == 'perm_audit' || $k == 'perm_auth') {
|
||||
continue;
|
||||
}
|
||||
if ($k !== 'perm_site_admin') $this->Js->get('#' . $flag['id'])->event('change', 'checkPerms("' . $flag['id'] . '")');
|
||||
else $this->Js->get('#RolePermSiteAdmin')->event('change', 'checkPerms("RolePermSiteAdmin");activateAll();');
|
||||
}
|
||||
|
|
|
@ -24,6 +24,9 @@
|
|||
echo $this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'editRole'));
|
||||
$this->Js->get('#RolePermission')->event('change', 'deactivateActions()');
|
||||
foreach ($permFlags as $k => $flag) {
|
||||
if ($k == 'perm_audit' || $k == 'perm_auth') {
|
||||
continue;
|
||||
}
|
||||
if ($k !== 'perm_site_admin') $this->Js->get('#' . $flag['id'])->event('change', 'checkPerms("' . $flag['id'] . '")');
|
||||
else $this->Js->get('#RolePermSiteAdmin')->event('change', 'checkPerms("RolePermSiteAdmin");activateAll();');
|
||||
}
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
<div class="whitelist index">
|
||||
<h2>Import Whitelist</h2>
|
||||
<h2>Signature Whitelist</h2>
|
||||
<p>Regex entries (in the standard php regex /{regex}/{modifier} format) entered below will restrict matching attributes from being included in the IDS flag sensitive exports (such as NIDS exports).</p>
|
||||
<div class="pagination">
|
||||
<ul>
|
||||
<?php
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
<div class="whitelist index">
|
||||
<h2>Signature Whitelist</h2>
|
||||
<p>Regex entries (in the standard php regex /{regex}/{modifier} format) entered below will restrict matching attributes from being included in the IDS flag sensitive exports (such as NIDS exports).</p>
|
||||
<div class="pagination">
|
||||
<ul>
|
||||
<?php
|
||||
|
|
Loading…
Reference in New Issue