diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php
index 74c427e4c..df9df684c 100755
--- a/app/Model/Attribute.php
+++ b/app/Model/Attribute.php
@@ -663,7 +663,7 @@ class Attribute extends AppModel {
}
break;
case 'named pipe':
- if (preg_match('#^(\\\\\\\\.\\\\pipe\\\\)#', $value) && !preg_match("#\n#", $value)) {
+ if (!preg_match("#\n#", $value)) {
$returnValue = true;
}
break;
diff --git a/app/Model/ShadowAttribute.php b/app/Model/ShadowAttribute.php
index a56b4069f..5c69a9dc6 100644
--- a/app/Model/ShadowAttribute.php
+++ b/app/Model/ShadowAttribute.php
@@ -492,6 +492,11 @@ class ShadowAttribute extends AppModel {
$returnValue = 'IP address has invalid format. Please double check the value or select "other" for a type.';
}
break;
+ case 'named pipe':
+ if (!preg_match("#\n#", $value)) {
+ $returnValue = true;
+ }
+ break;
case 'hostname':
case 'domain':
if (preg_match("#^[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value)) {
diff --git a/app/View/Events/add.ctp b/app/View/Events/add.ctp
index 209b56ed3..c7f7f7cad 100755
--- a/app/View/Events/add.ctp
+++ b/app/View/Events/add.ctp
@@ -25,8 +25,11 @@
'options' => array($analysisLevels),
));
echo $this->Form->input('info', array(
- 'div' => 'clear',
- 'class' => 'input-xxlarge'
+ 'label' => 'Event Description',
+ 'div' => 'clear',
+ 'type' => 'text',
+ 'class' => 'form-control span6',
+ 'placeholder' => 'Quick Event Description or Tracking Info'
));
echo $this->Form->input('Event.submittedgfi', array(
'label' => 'GFI sandbox',
diff --git a/app/View/Events/edit.ctp b/app/View/Events/edit.ctp
index 0d27e185c..29d30203c 100755
--- a/app/View/Events/edit.ctp
+++ b/app/View/Events/edit.ctp
@@ -26,7 +26,11 @@ if ('true' == Configure::read('MISP.sync')) {
));
echo $this->Form->input('info', array(
'div' => 'clear',
- 'class' => 'input-xxlarge'
+ 'label' => 'Event Description',
+ 'div' => 'clear',
+ 'type' => 'text',
+ 'class' => 'form-control span6',
+ 'placeholder' => 'Quick Event Description or Tracking Info'
));
?>
diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp
index 03805a4b6..5b6e98d95 100755
--- a/app/View/Events/view.ctp
+++ b/app/View/Events/view.ctp
@@ -12,12 +12,14 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
echo $this->element('img', array('id' => $event['Event']['orgc']));
$left = true;
}
+ $title = $event['Event']['info'];
+ if (strlen($title) > 55) $title = substr($title, 0, 55) . '...';
?>
-
Event
+
- - ID
+ - Event ID
-
@@ -120,7 +122,7 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
- - Risk
+ - Threat Level
-
>
- - Info
+ - Description
-
@@ -199,7 +201,7 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
+if (!empty($event['Attribute']) || !empty($remaining)):?>
Date |
diff --git a/app/View/Layouts/default.ctp b/app/View/Layouts/default.ctp
index c4f73f921..c85dfffea 100755
--- a/app/View/Layouts/default.ctp
+++ b/app/View/Layouts/default.ctp
@@ -32,14 +32,13 @@
element('global_menu');
- //throw new Exception(serialize($this->Session->read('Message.flash.message')));
if ($debugMode == 'debugOff') {
?>
-
+
Session->flash('auth');
@@ -50,11 +49,7 @@
Session->check('Message');
- if (Configure::read('debug') == 0 && $this->Session->check('Message')) {
- echo 'class="topGap"';
- }
+ if (Configure::read('debug') == 0) echo 'class="topGap"';
?>
>
fetch('content'); ?>
diff --git a/app/View/Pages/doc/administration.ctp b/app/View/Pages/doc/administration.ctp
index 97db7849d..f5a49076c 100755
--- a/app/View/Pages/doc/administration.ctp
+++ b/app/View/Pages/doc/administration.ctp
@@ -193,6 +193,7 @@ The "Jobs" menu item within the Administration menu allows site admins to get an
Retries: Currently unused, it is planned to introduced automatic delayed retries for the background processing to add resilience.
Progress: A progress bar showing how the job is coming along.
+
Scheduling Jobs and Recurring Jobs
Apart from off-loading long-lasting jobs to the background workers, there is a second major benefit of enabling the background workers: Site-administrators can schedule recurring tasks for the jobs that generally take the longest to execute. At the moment this includes pushing / pulling other instances and generating a full export cache for every organisation and export type. MISP comes with these 3 tasks pre-defined, but further tasks are planned. The following fields make up the scheduled tasks table:
@@ -204,4 +205,5 @@ Apart from off-loading long-lasting jobs to the background workers, there is a s
- Description: A brief description of the task.
- Message: This field shows when the job was queued by the scheduler for execution.
+
\ No newline at end of file
diff --git a/app/View/Pages/doc/using_the_system.ctp b/app/View/Pages/doc/using_the_system.ctp
index 254d2a474..a90151772 100755
--- a/app/View/Pages/doc/using_the_system.ctp
+++ b/app/View/Pages/doc/using_the_system.ctp
@@ -72,7 +72,7 @@ and attachments and finally publishing it.
Ongoing: The analysis is in progress
Completed: The analysis is complete
-
Info: The info field, where the malware/incident can get a brief description starting with the internal reference. This field should be as brief and concise as possible, the more detailed description happens through attributes in the next stage of the event's creation. Keep in mind that the system will automatically replace detected text strings that match a regular expression entry set up by your server's administrator(s).
+
Event Description: The info field, where the malware/incident can get a brief description starting with the internal reference. This field should be as brief and concise as possible, the more detailed description happens through attributes in the next stage of the event's creation. Keep in mind that the system will automatically replace detected text strings that match a regular expression entry set up by your server's administrator(s).
GFI Sandbox: It is possible to upload the exported .zip file from GFI sandbox with the help of this tool. These will be dissected by the MISP and a list of attributes and attachments will automatically be generated from the .zip file. Whilst this does most of the work needed to be done in the second step of the event's creation, it is important to manually look over all the data that is being entered.
@@ -294,6 +294,7 @@ A quick description of each of the fields in the table:
Progress: Shows the progress of the last initiated generation process.
Actions: Download or Generate the given cache with these buttons.
+
Exporting search results and individual events
Apart from the options offered by the export pages, it's also possible to export all events involved in a search attribute result table, by using the "Download results as XML" button on the left menu bar.
![Download a .xml from all the events that are shown through an attribute in the search results.](/img/doc/export_search.png)
diff --git a/app/View/Users/login.ctp b/app/View/Users/login.ctp
index c072a5d85..383691e34 100755
--- a/app/View/Users/login.ctp
+++ b/app/View/Users/login.ctp
@@ -26,10 +26,10 @@
echo Configure::read('MISP.welcome_text_top');
}?>
- Malware
- Information
- Sharing
- Platform
+ Malware
+ Information
+ Sharing
+ Platform