mirror of https://github.com/MISP/MISP
fix: [llm test] should work nao
iglocska
parent
da3df61950
commit
d4256ad87a
|
|
@ -382,7 +382,7 @@ class EventReportsController extends AppController
|
|||
$report = $this->EventReport->fetchIfAuthorized($this->Auth->user(), $reportId, 'edit', true, false);
|
||||
if ($this->request->is('post')) {
|
||||
$errors = [];
|
||||
$result = $this->EventReport->sendToLLM($report, $errors);
|
||||
$result = $this->EventReport->sendToLLM($report, $this->Auth->user(), $errors);
|
||||
if ($result !== false) {
|
||||
$successMessage = __('Successfully sent to Event Report %s to LLM', $reportId);
|
||||
return $this->__getSuccessResponseBasedOnContext($successMessage, $result, 'sendToLLM', $reportId);
|
||||
|
|
@ -551,4 +551,11 @@ class EventReportsController extends AppController
|
|||
}
|
||||
return $savedReport;
|
||||
}
|
||||
|
||||
public function test()
|
||||
{
|
||||
$report = $this->EventReport->find('first', ['conditions' => ['EventReport.id' => 25]]);
|
||||
$errors = [];
|
||||
$this->EventReport->sendToLLM($report, $this->Auth->user(), $errors);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3547,7 +3547,7 @@ class Attribute extends AppModel
|
|||
if (isset($attribute['id'])) {
|
||||
$conditions['Attribute.id !='] = $attribute['id'];
|
||||
}
|
||||
|
||||
|
||||
return $this->find('first', [
|
||||
'recursive' => -1,
|
||||
'conditions' => $conditions,
|
||||
|
|
|
|||
|
|
@ -962,7 +962,7 @@ class EventReport extends AppModel
|
|||
return $report;
|
||||
}
|
||||
|
||||
public function sendToLLM($report, &$errors)
|
||||
public function sendToLLM($report, $user, &$errors)
|
||||
{
|
||||
$syncTool = new SyncTool();
|
||||
$config = [];
|
||||
|
|
@ -985,7 +985,44 @@ class EventReport extends AppModel
|
|||
'x-api-key' => $apiKey,
|
||||
])
|
||||
];
|
||||
|
||||
$response = $HttpSocket->post($url, $data, $request);
|
||||
return $response->body;
|
||||
$data = json_decode($response->body, true);
|
||||
/*
|
||||
debug($data);
|
||||
|
||||
$data = array(
|
||||
'AI_ThreatActor' => 'Sofacy',
|
||||
'AI_AttributedCountry' => 'unknown',
|
||||
'AI_Type' => 'Developments in IT Security',
|
||||
'AI_Motivation' => 'Espionage',
|
||||
'AI_ExecutiveSummary' => 'The Sofacy group, also known as APT28 or Fancy Bear, continues to target government and strategic organizations primarily in North America and Europe. They have recently been using a tool called Zebrocy, delivered via phishing attacks, to cast a wider net within target organizations. They have also been observed leveraging the Dynamic Data Exchange (DDE) exploit technique to deliver different payloads, including the Koadic toolkit. This report provides details on the campaigns and tactics used by the Sofacy group.',
|
||||
'AI_CouldWeBeAffected' => true
|
||||
);
|
||||
*/
|
||||
|
||||
if (!empty($data['AI_ExecutiveSummary'])) {
|
||||
$report['EventReport']['content'] = '# Executive Summary' . PHP_EOL . $data['AI_ExecutiveSummary'] . PHP_EOL . PHP_EOL . '# Report' . PHP_EOL . $report['EventReport']['content'];
|
||||
}
|
||||
$this->save($report);
|
||||
$event = $this->Event->find('first', [
|
||||
'conditions' => ['Event.id' => $report['EventReport']['event_id']],
|
||||
'recursive' => -1
|
||||
]);
|
||||
if (!empty($data['AI_ThreatActor'])) {
|
||||
$tag_id = $this->Event->EventTag->Tag->captureTag(['name' => 'misp-galaxy:threat-actor="' . $data['AI_ThreatActor'] . '"'], $user);
|
||||
$this->Event->EventTag->attachTagToEvent($event['Event']['id'], ['id' => $tag_id]);
|
||||
}
|
||||
|
||||
if (!empty($data['AI_AttributedCountry'])) {
|
||||
$tag_id = $this->Event->EventTag->Tag->captureTag(['name' => 'misp-galaxy:threat-actor-country="' . $data['AI_AttributedCountry'] . '"'], $user);
|
||||
$this->Event->EventTag->attachTagToEvent($event['Event']['id'], ['id' => $tag_id]);
|
||||
}
|
||||
|
||||
if (!empty($data['AI_Motivation'])) {
|
||||
$tag_id = $this->Event->EventTag->Tag->captureTag(['name' => 'misp-galaxy:threat-actor-motivation="' . $data['AI_Motivation'] . '"'], $user);
|
||||
$this->Event->EventTag->attachTagToEvent($event['Event']['id'], ['id' => $tag_id]);
|
||||
}
|
||||
return $report;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ echo $this->element('genericElements/Form/genericForm', array(
|
|||
<script>
|
||||
function confirmSubmissionToLLM() {
|
||||
submitGenericFormInPlace(function(data) {
|
||||
console.log(data)
|
||||
})
|
||||
window.location.reload();
|
||||
});
|
||||
}
|
||||
</script>
|
||||
Loading…
Reference in New Issue