Richard van den Berg
2eddbb5dcc
Export MISP tags as STIX journal entries
2015-08-31 12:55:42 +02:00
Richard van den Berg
0b7df293ea
Convert tab to spaces
2015-07-16 18:05:41 +02:00
Richard van den Berg
93c1849780
Remove unused relatedTTP
2015-07-16 18:04:39 +02:00
Richard van den Berg
b126db534a
Add timezone +00:00 to timestamp
2015-07-16 17:56:52 +02:00
Richard van den Berg
27d09b4e22
Change incident description to title
2015-07-16 17:53:49 +02:00
Richard van den Berg
2e1864f28d
Add Indicated_TTP
2015-07-16 17:49:51 +02:00
Richard van den Berg
ab2aeeb868
Add Valid_Time_Position
2015-07-16 12:55:20 +02:00
Richard van den Berg
f68bd3f785
Add indicator types
2015-07-16 12:36:42 +02:00
Richard van den Berg
c15a178013
Add condition attributes
2015-07-15 17:10:55 +02:00
Iglocska
3f215743f0
Complete rework of the ZeroMQ implementation
...
- python server running in the background doing the publishing
- MISP -> python script communication via redis
- configurable / controllable via the admin UI
2015-06-29 08:56:45 +02:00
Iglocska
707140243a
Updated the documentation to reflect the correct STIX / CyBox versions required
...
- Updated the admin tool to check the STIX / Cybox versions
2015-06-10 12:47:00 +02:00
Iglocska
c2d5a5f1fc
Merge branch 'stix_no_random_ids' into hotfix-2.3.59
2015-04-08 22:30:39 +02:00
Richard van den Berg
7f201fdf81
Consistent timestamps for STIX objects
2015-03-05 13:26:13 +01:00
Richard van den Berg
2a56a00e88
Consistent id's for malware-sample artifacts
2015-03-04 17:28:44 +01:00
Richard van den Berg
bff42361ef
Consistent id's for observable compositions
2015-03-04 17:07:32 +01:00
Richard van den Berg
a4fd3b957a
Use property class name in object ID
2015-02-25 09:50:00 +01:00
Richard van den Berg
8b89caf5b9
Use attribute uuid for cybox id's
2015-02-24 18:02:51 +01:00
Richard van den Berg
d2556ff91d
Use org name and baseurl in XML namespace for STIX
2015-02-19 15:46:54 +01:00
Richard van den Berg
c9bd754adc
More informative CIQ titles
2015-02-19 15:46:45 +01:00
Richard van den Berg
3c205c66f7
More informative STIX titles
2015-02-19 15:46:34 +01:00
iglocska
be0fbfd108
Merge branch 'RichieB2B-ncsc-nl/stix_indicator_comments' into hotfix-2.3.41
2015-02-02 10:41:28 +01:00
Richard van den Berg
c3615eff32
Pretify some comments
2015-01-29 17:24:44 +01:00
Richard van den Berg
e6e66f3f1c
Fixed typo
2015-01-29 17:21:54 +01:00
Richard van den Berg
883fe07861
Fixed typo
2015-01-29 17:20:57 +01:00
Richard van den Berg
0aa09fec4d
Fix string assignments to StructuredText
2015-01-29 17:19:10 +01:00
Richard van den Berg
09511986e7
Map most MISP attribute comments into STIX
2015-01-28 17:48:11 +01:00
Richard van den Berg
05cfbde5e7
Export md5 hashes without file name in STIX
2015-01-27 09:58:13 +01:00
Richard van den Berg
728e8cd29e
Preserve indicator comments in STIX export
2015-01-27 09:54:52 +01:00
iglocska
800c550cc9
STIX export now correctly uses a custom namespace instead of the default "example", fixes #301
2014-12-03 16:23:30 +01:00
iglocska
1346f7e931
Fix to an issue with the markings in the STIX export
...
- xpath describing the current node and descendants is incorrect
2014-12-02 16:13:29 +01:00
iglocska
9e8803c6eb
Confidence mapping changed to boolean in stix export, fixes #326
2014-11-25 13:37:22 +01:00
iglocska
a98dd9b489
Fix to the STIX export fixes #311 and a temporary fix to an OpenIOC import issue
...
- STIX export had 2 issues as pointed out by RichieB2B:
- Incorrect name assigned to incidents due to copy-pasta fail
- Historyitems incorrectly handled
- For the OpenIOC import:
- Mapping DnsEntryItem/Host to hostname
- Mapping of hostnames to Network activity failed due to incorrect capitalistion
- Temporarily removed the ignore function on certain indicators. Ignoring an element in an AND-ed branch happens without a pruning of the element IDs
2014-10-30 10:30:55 +01:00
iglocska
15fa296fdb
Update to the terms and conditions
...
- use terms file as before if nothing else specified
- specify a file in the app/files/terms directory via the server settings tool
- specify whether to show it inline or create a download link for users instead
- by default everything is the same as before, except that the MISP installation path is no longer exposed by a non-existing terms file
2014-10-28 15:11:40 +01:00
iglocska
4fec5d041f
Added missing empty file
2014-10-23 15:59:38 +02:00
iglocska
34cc73b21a
Several changes for the diagnostic tool
...
- Added extra diagnostic tools
2014-09-10 16:55:34 +02:00
iglocska
83369da25a
Several fixes including compatibility with the STIX to_xml() performance fix
...
- STIX export performance greatly improved thanks to 84ce8d8be6376797053668d68e1b863713f008dd
- some junk removed
- fixed some minor pagination issues on the event view
- site admin dummy event creator now has target-* type attributes
2014-08-28 14:27:45 +02:00
iglocska
b983147061
Some cleanup
2014-08-01 15:29:16 +02:00
iglocska
167e5e43a3
First version of the STIX export implementation
...
- currently to_xml() has performance issues, if it's not resolved fast, it would be a good idea to move the export to the background workers
- some UI changes
2014-08-01 14:14:20 +02:00
iglocska
7651f95faa
Python scripts to handle the conversion from a MISP JSON event to stix/cybox
2014-07-25 10:47:08 +02:00
iglocska
0873b305a5
Some cleanup
2014-03-11 11:45:40 +01:00
iglocska
8fc85f95b9
Fixes with the synchronisation
...
- background pulls fixed
- now correctly logs changes
- now correctly updates attributes
2014-02-25 12:27:20 +01:00
noud
957b3e27b8
Merge branch 'master' into develop
...
Conflicts:
app/Controller/ServersController.php
2012-11-20 11:01:18 +01:00
Christophe Vandeplas
da2687846b
Implemented file-upload of attachment or password protected
...
malware-samples. Base code contributed by Andrzej Dereszowski
2012-03-23 20:04:22 +01:00