diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php index 74c427e4c..df9df684c 100755 --- a/app/Model/Attribute.php +++ b/app/Model/Attribute.php @@ -663,7 +663,7 @@ class Attribute extends AppModel { } break; case 'named pipe': - if (preg_match('#^(\\\\\\\\.\\\\pipe\\\\)#', $value) && !preg_match("#\n#", $value)) { + if (!preg_match("#\n#", $value)) { $returnValue = true; } break; diff --git a/app/Model/ShadowAttribute.php b/app/Model/ShadowAttribute.php index a56b4069f..5c69a9dc6 100644 --- a/app/Model/ShadowAttribute.php +++ b/app/Model/ShadowAttribute.php @@ -492,6 +492,11 @@ class ShadowAttribute extends AppModel { $returnValue = 'IP address has invalid format. Please double check the value or select "other" for a type.'; } break; + case 'named pipe': + if (!preg_match("#\n#", $value)) { + $returnValue = true; + } + break; case 'hostname': case 'domain': if (preg_match("#^[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value)) { diff --git a/app/View/Events/add.ctp b/app/View/Events/add.ctp index 209b56ed3..c7f7f7cad 100755 --- a/app/View/Events/add.ctp +++ b/app/View/Events/add.ctp @@ -25,8 +25,11 @@ 'options' => array($analysisLevels), )); echo $this->Form->input('info', array( - 'div' => 'clear', - 'class' => 'input-xxlarge' + 'label' => 'Event Description', + 'div' => 'clear', + 'type' => 'text', + 'class' => 'form-control span6', + 'placeholder' => 'Quick Event Description or Tracking Info' )); echo $this->Form->input('Event.submittedgfi', array( 'label' => 'GFI sandbox', diff --git a/app/View/Events/edit.ctp b/app/View/Events/edit.ctp index 0d27e185c..29d30203c 100755 --- a/app/View/Events/edit.ctp +++ b/app/View/Events/edit.ctp @@ -26,7 +26,11 @@ if ('true' == Configure::read('MISP.sync')) { )); echo $this->Form->input('info', array( 'div' => 'clear', - 'class' => 'input-xxlarge' + 'label' => 'Event Description', + 'div' => 'clear', + 'type' => 'text', + 'class' => 'form-control span6', + 'placeholder' => 'Quick Event Description or Tracking Info' )); ?> diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp index 03805a4b6..5b6e98d95 100755 --- a/app/View/Events/view.ctp +++ b/app/View/Events/view.ctp @@ -12,12 +12,14 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']); echo $this->element('img', array('id' => $event['Event']['orgc'])); $left = true; } + $title = $event['Event']['info']; + if (strlen($title) > 55) $title = substr($title, 0, 55) . '...'; ?>
-

Event

+

-
ID
+
Event ID
  @@ -120,7 +122,7 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);  
-
Risk
+
Threat Level
>
-
Info
+
Description
  @@ -199,7 +201,7 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
+if (!empty($event['Attribute']) || !empty($remaining)):?> diff --git a/app/View/Layouts/default.ctp b/app/View/Layouts/default.ctp index c4f73f921..c85dfffea 100755 --- a/app/View/Layouts/default.ctp +++ b/app/View/Layouts/default.ctp @@ -32,14 +32,13 @@
element('global_menu'); - //throw new Exception(serialize($this->Session->read('Message.flash.message'))); if ($debugMode == 'debugOff') { ?>
-
+
Session->flash('auth'); @@ -50,11 +49,7 @@
Session->check('Message'); - if (Configure::read('debug') == 0 && $this->Session->check('Message')) { - echo 'class="topGap"'; - } + if (Configure::read('debug') == 0) echo 'class="topGap"'; ?> > fetch('content'); ?> diff --git a/app/View/Pages/doc/administration.ctp b/app/View/Pages/doc/administration.ctp index 97db7849d..f5a49076c 100755 --- a/app/View/Pages/doc/administration.ctp +++ b/app/View/Pages/doc/administration.ctp @@ -193,6 +193,7 @@ The "Jobs" menu item within the Administration menu allows site admins to get an
  • Retries: Currently unused, it is planned to introduced automatic delayed retries for the background processing to add resilience.
  • Progress: A progress bar showing how the job is coming along.
    • +

    Scheduling Jobs and Recurring Jobs

    Apart from off-loading long-lasting jobs to the background workers, there is a second major benefit of enabling the background workers: Site-administrators can schedule recurring tasks for the jobs that generally take the longest to execute. At the moment this includes pushing / pulling other instances and generating a full export cache for every organisation and export type. MISP comes with these 3 tasks pre-defined, but further tasks are planned. The following fields make up the scheduled tasks table:

      @@ -204,4 +205,5 @@ Apart from off-loading long-lasting jobs to the background workers, there is a s
    • Description: A brief description of the task.
    • Message: This field shows when the job was queued by the scheduler for execution.

    +

    \ No newline at end of file diff --git a/app/View/Pages/doc/using_the_system.ctp b/app/View/Pages/doc/using_the_system.ctp index 254d2a474..a90151772 100755 --- a/app/View/Pages/doc/using_the_system.ctp +++ b/app/View/Pages/doc/using_the_system.ctp @@ -72,7 +72,7 @@ and attachments and finally publishing it.

  • Ongoing: The analysis is in progress
  • Completed: The analysis is complete

    • -
  • Info: The info field, where the malware/incident can get a brief description starting with the internal reference. This field should be as brief and concise as possible, the more detailed description happens through attributes in the next stage of the event's creation. Keep in mind that the system will automatically replace detected text strings that match a regular expression entry set up by your server's administrator(s).

    • +
  • Event Description: The info field, where the malware/incident can get a brief description starting with the internal reference. This field should be as brief and concise as possible, the more detailed description happens through attributes in the next stage of the event's creation. Keep in mind that the system will automatically replace detected text strings that match a regular expression entry set up by your server's administrator(s).

  • GFI Sandbox: It is possible to upload the exported .zip file from GFI sandbox with the help of this tool. These will be dissected by the MISP and a list of attributes and attachments will automatically be generated from the .zip file. Whilst this does most of the work needed to be done in the second step of the event's creation, it is important to manually look over all the data that is being entered.

    • @@ -294,6 +294,7 @@ A quick description of each of the fields in the table:

  • Progress: Shows the progress of the last initiated generation process.

  • Actions: Download or Generate the given cache with these buttons.

    • +


    Exporting search results and individual events

    Apart from the options offered by the export pages, it's also possible to export all events involved in a search attribute result table, by using the "Download results as XML" button on the left menu bar.




    diff --git a/app/View/Users/login.ctp b/app/View/Users/login.ctp index c072a5d85..383691e34 100755 --- a/app/View/Users/login.ctp +++ b/app/View/Users/login.ctp @@ -26,10 +26,10 @@ echo Configure::read('MISP.welcome_text_top'); }?>

    - Malware - Information - Sharing - Platform + Malware + Information + Sharing + Platform
    Date