MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
21,193 Commits
42 Branches
370 Tags
181 MiB
Commit Graph

1511 Commits (2b7736e3e5a164ea90146e93c67c7304212f85b8)

Author SHA1 Message Date
mokaddem 2229809e9b
Merge branch 'develop' of github.com:MISP/MISP into feature-email-notification-bans 2021-09-07 09:00:24 +02:00
Jakub Onderka 62e90a1817 chg: [internal] Simplify code for editing object 2021-09-04 07:17:04 +02:00
Jakub Onderka 541f8f03c3 chg: [internal] Simplify code for editing attribute 2021-09-03 22:17:14 +02:00
Jakub Onderka 12cc881ff6 chg: [internal] Use correlation object from attribute 2021-09-03 12:28:54 +02:00
Jakub Onderka ed19de5b82 fix: [internal] Filtering warninglist in objects 2021-09-02 17:01:09 +02:00
Jakub Onderka ee62d185f9 fix: [internal] Typo 2021-09-02 16:38:16 +02:00
Jakub Onderka 8caa73ccc8
Merge pull request #7719 from JakubOnderka/warninglist-filtering 
new: [UI] Allow to filter attributes by specific warninglist
 2021-09-02 16:23:01 +02:00
Jakub Onderka c6519b2939 new: [UI] Allow to filter attributes by specific warninglist 2021-09-02 15:02:18 +02:00
mokaddem 2153537e01
new: [event:notification] Added email notification ban system based on users triggering the notification 2021-08-31 09:39:05 +02:00
mokaddem f2af0a2e49
Merge branch 'develop' of github.com:MISP/MISP into develop 2021-08-31 08:14:22 +02:00
mokaddem a7270cc7c8
new: [export:host] RestSearch export for blackholing via host file 2021-08-31 08:09:43 +02:00
Jakub Onderka 80675e1745 chg: [internal] Simplify capturing object code 2021-08-30 17:08:49 +02:00
Jakub Onderka 9acc30d7a0 chg: [internal] Simplify capturing attribute code 2021-08-30 15:49:46 +02:00
Jakub Onderka 439ec5cceb fix: [internal] Code cleanup 2021-08-23 17:03:44 +02:00
Jakub Onderka faf5054583
Merge pull request #7649 from JakubOnderka/pull-sightings 
chg: [sync] Pull just necessary data when pulling sightings
 2021-08-20 09:26:09 +02:00
Jakub Onderka 3c3cee7735
Merge pull request #7659 from JakubOnderka/unique-indexes 
chg: [schema] Mark more indexes as unique
 2021-08-20 09:22:23 +02:00
mokaddem ec2cb29fe0
fix: [event:filter_value] Allow searching for multiple values 2021-08-18 14:32:40 +02:00
Jakub Onderka 2e506ea430 fix: [log] Array to string conversion 2021-08-17 14:05:41 +02:00
Jakub Onderka 67f986a8b5 chg: [validation] UUID unique validation 2021-08-15 20:08:28 +02:00
Jakub Onderka a5712b8edd chg: [sync] Use server sync tool for compatibility check 2021-08-13 10:32:38 +02:00
Jakub Onderka 0174336156 chg: [sync] Pull just necessary data when pulling sightings 2021-08-11 18:42:22 +02:00
Jakub Onderka bed7ada3af chg: [internal] Simplified code for adding events 2021-08-11 10:06:53 +02:00
Jakub Onderka c797cb6ac0 chg: [internal] Do not keep original variable to save memory 2021-08-11 10:06:37 +02:00
Jakub Onderka 164c85f5c0 chg: [internal] Simplified Event::getRelatedAttributes 2021-08-11 10:06:09 +02:00
Jakub Onderka 7cc38f67ba chg: [internal] Use hash for removing duplicate attributes 2021-08-11 10:05:38 +02:00
Jakub Onderka c53c860b58 chg: [internal] Use one EventLock instance 2021-08-11 10:05:28 +02:00
Jakub Onderka 673f48c10d chg: [internal] Cleanup code responsible for adding events 2021-08-11 10:05:18 +02:00
Jakub Onderka 97a7d1cc73 fix: [internal] Shadow attributes don't have tags 2021-08-05 10:46:33 +02:00
Jakub Onderka 15e3cc799c chg: [internal] Removed unused variables 2021-07-27 18:43:16 +02:00
Jakub Onderka bf9ee25239 fix: [internal] Remove unused variable 2021-07-21 09:32:51 +02:00
Jakub Onderka 52d8ac6060 chg: [alert] Deprecate `publish_alerts_summary_only`, this option just duplicate `event_alert_metadata_only` 2021-07-20 15:19:10 +02:00
mokaddem 88b1772244
fix: [event:contact] User object passed in contact reporter 
Fix #7471
 2021-07-13 15:20:12 +02:00
Jakub Onderka f747d98877
Merge pull request #6817 from JakubOnderka/upload-sightings 
chg: [sync] New separate method for uploading sightings to remote server
 2021-07-09 12:25:16 +02:00
Jakub Onderka c14e070912 fix: [internal] Relationship import 2021-07-07 12:38:49 +02:00
mokaddem 8921b3b3ba
fix: [event:add] Typo in accessing sharing group roaming information 2021-06-30 12:41:07 +02:00
iglocska c516d4d6ef
fix: [emailing] added missing if branch for the publish alert summary mode to trigger 2021-06-15 20:12:08 +02:00
mokaddem 3820528edc
Merge remote-tracking branch 'origin/develop' into fix-sg-api-edit 2021-06-04 15:22:54 +02:00
mokaddem bd26a1671c
fix: [event:__prepareForPushToServer] Slight refactoring 2021-06-04 15:22:06 +02:00
mokaddem eee298f19f
fix: [event:prepareForPush] Gracefully handle the case if SharingGroupServer is empty 2021-06-04 14:30:16 +02:00
mokaddem 0a68e339e8
chg: [sharinggroup] Allow pushing SG if remote internal server is not in the list of SG servers 2021-06-04 08:34:47 +02:00
mokaddem 9f17bb0c41
fix: [Event:set_filter_value] Support of wildcard searches 2021-06-03 15:37:51 +02:00
mokaddem 604670f048
Merge remote-tracking branch 'origin/develop' into fix-composite-attribute-filtering 2021-06-03 11:29:49 +02:00
chrisr3d 308787918e Merge branch '2.4' of https://github.com/MISP/MISP into develop 2021-05-11 17:52:31 +02:00
chrisr3d 258e68df9b
fix: [module results] References between objects returned with module results and the original object attribute are now pointing to the original object itself 
- A reference between an object and an object
  attribute is supported in the API, but does not
  appear on the event graph
- Instead of pointing to the initial object
  attribute then, we look for the uuid of the
  object containing the attribute and use this
  uuid for the reference
- The references between objects returned as
  module results and the object containing the
  attribute initially used for the enrichment
  with a module are then handled properly
 2021-05-11 17:26:07 +02:00
chrisr3d 3cf7c5848c
fix: [module results] Included the object references handling loop in the objects handling loop 
- If we did not get any object in a result from
  a misp module, the `$references` variable would
  not have been defined and would have raised an
  issue. The references are related to objects,
  it is then obvious to handle them both together
 2021-05-11 11:58:10 +02:00
chrisr3d 7573c5abb9
fix: [modules results] Fixed the query to find the uuid of the attribute used as input of a misp-module 
- With `Attribute.object_id => 0`, the query did
  only return attributes outside of a MISP object
- This was causing issues with references between
  the MISP objects returned by the modules and the
  attribute used as input to the module. Those
  references were visible in the module results
  preview, but skipped then after the submit
  button is pressed.
- The references are now correctly handled
 2021-05-11 11:37:23 +02:00
Jakub Onderka ad1b373766 new: [log] Audit log 2021-05-03 13:44:44 +02:00
mokaddem 95ceeebebb
chg: [event:alert] Added option to refresh to ban 2021-04-30 15:00:08 +02:00
mokaddem b71c73a304
chg: [event:getEventRepublishBanStatus] Improved wording 2021-04-30 13:59:15 +02:00
mokaddem eac4918ab6
new: [event:alert] Re-publishing ban feature based on configurable threshold 2021-04-30 13:58:53 +02:00
iglocska e711fcc7c5
chg: [internal] fetchEventIds refactored 
- the stupid ordered params were driving me nuts
 2021-04-21 09:09:29 +02:00
mokaddem 108d1a3c76
chg: [event:search] Allow filtering by org uuid. 
Fix #7288
 2021-04-06 14:05:11 +02:00
Jakub Onderka 77f4e3e6a6 chg: [internal] Optimise fetching correlation count for events 2021-03-29 14:19:53 +02:00
mokaddem 0eb106ef34
Merge branch '2.4' of github.com:MISP/MISP into develop 2021-03-25 16:07:30 +01:00
mokaddem e72579f5a9
fix: [sync:local-tag] Local tags converted into global after sync for internal sync 
Fix #7253
 2021-03-25 16:04:23 +01:00
mokaddem 71e8dc9641
fix: [attributes:restSearch] pop attribute timestamp filtering condition 
This avoid the condition to propagates to the event level.
Fix #7096
 2021-03-24 14:42:09 +01:00
mokaddem c9dafbf412
fix: [Event:set_filter_value] Reset array indexing 2021-03-23 16:25:38 +01:00
mokaddem 6ae72280b2
fix: [Event:set_filter_value] Allows searching for composite attributes 
Fix #7119
 2021-03-23 16:19:15 +01:00
Jakub Onderka 683e52702d new: [sync] When saving sightings, push just new sightings 2021-03-14 09:28:15 +01:00
Jakub Onderka d82a95b903 new: [sync] When pushing event, upload sightings by another call 2021-03-11 12:14:52 +01:00
Jakub Onderka 6af83b5d5a new: [sync] Filter out existing sightings if remote sever supports that method 2021-03-11 12:14:52 +01:00
Jakub Onderka 362707deb1 chg: [sync] Faster capturing sighting when pushing whole event 2021-03-11 12:14:52 +01:00
Jakub Onderka 0e9f9abdb3 chg: [sync] Optimise event filtering 2021-03-11 12:14:52 +01:00
Jakub Onderka 6472839187 chg: [sync] Check if event exists before pushing 2021-03-11 12:14:52 +01:00
Jakub Onderka 937766ec58 fix: [sync] Do not append 'metadata:1' when pushing event 2021-03-11 12:14:52 +01:00
Jakub Onderka 5fc9d03bd8 chg: [sync] Remove old method for uploading sightings 2021-03-11 12:14:52 +01:00
Jakub Onderka aa75290165 chg: [sync] Check event existence before pushing sightings 2021-03-11 12:14:52 +01:00
Jakub Onderka 8830696c4d chg: [sync] New separate method for uploading sightings to remote server 2021-03-11 12:14:52 +01:00
Jakub Onderka 032302dbf9 fix: [workers] Worker name when processing freetext 2021-03-10 21:34:14 +01:00
Jakub Onderka e716df5259
Merge pull request #7182 from JakubOnderka/merge-local-tags 
fix: [merge] Local tags should stay local
 2021-03-09 20:12:32 +01:00
Jakub Onderka 1d08e3eef2 fix: [merge] Local tags should stay local 2021-03-09 20:05:22 +01:00
iglocska c6ccda3cc6
Merge branch '2.4' into develop 2021-03-09 17:59:15 +01:00
iglocska ad20eb3562
new: [event loader] has a new extensionList parameter 
- boolean, if set includes a list of extension events, metadata only
 2021-03-09 17:57:22 +01:00
Jakub Onderka 92b51aad4e
Merge pull request #7173 from JakubOnderka/disable-correlation-info-date 
chg: [correlation] Do not update info and date column
 2021-03-08 09:01:01 +01:00
Jakub Onderka f4cb072d58 chg: [correlation] Do not update info and date column, since they are not used anymore 2021-03-08 08:43:40 +01:00
Jakub Onderka 71e1d486fd
Merge pull request #6967 from JakubOnderka/html-alert-email 
HTML alert email
 2021-03-06 12:18:33 +01:00
Jakub Onderka 1915cf4724
Merge pull request #7156 from JakubOnderka/fix-empty-object 
fix: [internal] Warning when object has no attributes
 2021-03-06 10:44:27 +01:00
Jakub Onderka 29040c4f1c new: [email] New setting `MISP.event_alert_metadata_only` 2021-03-06 10:39:16 +01:00
Jakub Onderka 0d493efb1b chg: [email] Move event alert email subject generting 2021-03-06 10:39:16 +01:00
Jakub Onderka 56508cce17 new: [mail] Add reference for event alert emails 2021-03-06 10:39:16 +01:00
Jakub Onderka 17fb5db3cf new: [mail] Move contact alert email to templates 2021-03-06 10:39:16 +01:00
Jakub Onderka e2b1ba18a3 new: [mail] HTML alert emails 2021-03-06 10:39:16 +01:00
Jakub Onderka cc9b50fb8e fix: [sync] Warning when sync object without attributes 2021-03-05 10:13:16 +01:00
Jakub Onderka 062390ed83
Merge pull request #7155 from JakubOnderka/push-optim 
Push optim
 2021-03-04 19:12:31 +01:00
Jakub Onderka 5113ae34c7 fix: [internal] Warning when object has no attributes 2021-03-04 18:46:57 +01:00
Jakub Onderka 921583f24d chg: [sync] Code cleanup 2021-03-04 18:30:28 +01:00
iglocska 66e371a19c
fix: [comments] updated for two recent changes in the code 2021-03-02 13:03:54 +01:00
iglocska 76a2727583
fix: [sharing groups] Allow users to see events they own, even if their organisation is not explicitly mentioned in the SG 
- however, show a clear message that this is the case
- in-line with the rest of the ACL
 2021-03-02 00:09:37 +01:00
iglocska 7bb9466e9c
Merge branch '2.4' into develop 2021-03-01 23:33:42 +01:00
iglocska 1727a748eb
fix: [pull] invalid internal vs external server lookup when deciding whether to pull local tags 2021-03-01 23:32:25 +01:00
iglocska ccdbdd1606
Merge branch '2.4' into develop 2021-03-01 11:39:29 +01:00
iglocska d24e2a085a
fix: [Sharing group] refactored and fixed 
- include own org in pulled sharing groups (to avoid implicit inclusion not being visible after a pull)
- refactor the pulling method to be more maintainable
- avoid pulling proposals/sightings on each event cherry pick
 2021-03-01 11:38:05 +01:00
Jakub Onderka 7d8fdc25a4 chg: [internal] Check missing taxonomies at one place 2021-02-24 08:13:45 +01:00
Jakub Onderka 28b6a9066b chg: [internal] Faster fetching galaxy clusters when fetching event 2021-02-22 08:18:40 +01:00
iglocska 6b5715386a
Merge branch '2.4' into develop 2021-02-19 20:33:44 +01:00
iglocska c63468fd2f
fix: [restsearch] fixed a bug introduced via the new page/limit filters 2021-02-19 20:33:00 +01:00
mokaddem f1d10ebbcf
Merge branch 'feature-reference-for-extended-event' into develop 2021-02-19 09:09:21 +01:00
Jakub Onderka 1f937ab27a
Merge pull request #6925 from JakubOnderka/event-locks 
new: [UI] Event locks for background jobs and automatic tools
 2021-02-18 20:41:57 +01:00
Jakub Onderka c1399b36f9 new: [UI] Event locks for background jobs and automatic tools 2021-02-18 19:03:54 +01:00
Jakub Onderka cd9714fd37
Merge pull request #6871 from JakubOnderka/faster-pull 
chg: [internal] Faster Event::removeOlder method used when pulling
 2021-02-18 18:02:18 +01:00
mokaddem a225ac4483
fix: [Event] Correctly save references after sync 2021-02-18 15:02:22 +01:00
mokaddem a2a1dca26c
fix: [event] Provide text for missing referenced elements 
- The event might not contain the referenced elements if they belong to
an extended event
 2021-02-17 12:26:28 +01:00
mokaddem cc4ef95da2
new: [objectReference] Allow adding reference across extended events 
Fix #6255
 2021-02-16 15:02:34 +01:00
iglocska 8bde7d01f4
fix: [breakOnDuplicate] on event add fixed, fixes #6917 
- add breakOnDuplicate on the event level as a flag
  - {"Event":{"breakOnDuplicate":1, "info": "foo", ...}}

- correctly handle 2 equal objects added to the same event in memory
 2021-02-16 00:15:18 +01:00
iglocska 6112c0d406
chg: [event model] fetchEvent() now accepts page/limit/order as parameters 2021-02-15 18:08:41 +01:00
mokaddem 08e556e198
new: [event] Added supports of eventReport coming from modules 2021-02-15 16:32:47 +01:00
Alexandre Dulaunoy d76c0559fb
fix: [STIX] fix typo in message 2021-02-15 11:49:17 +01:00
Jakub Onderka c999d22930
Merge pull request #6816 from JakubOnderka/filter-event-ids-optimisation 
chg: [internal] Small optimisation for filterEventIds
 2021-02-10 21:49:14 +01:00
Jakub Onderka ec0227228d
Merge pull request #6898 from JakubOnderka/export-module-fetch-options 
new: [modules] Export module can specify event fetch options
 2021-02-10 21:45:36 +01:00
Jakub Onderka e07d682378 new: [settings] Allow to use ThreatLevel.name for alert filter 2021-02-06 16:04:02 +01:00
mokaddem 10f5e5137e
fix: [logs:event] Added missing line breaks 2021-01-29 10:34:13 +01:00
mokaddem b86c58c8ae
fix: [eventReport:edit] Editing event via /events/edit should work as expected 
- Correct call to editReport
- Force local ID to match provided UUID
 2021-01-26 15:21:41 +01:00
mokaddem 8131ad86e3
fix: [eventReport:getProxyElement] Prevent crash if viewing a report for an extended event 
- Make sure merging array happens in existing keys
 2021-01-22 14:49:27 +01:00
Jakub Onderka e5d5b79e3f new: [modules] Export module can specify event fetch options 2021-01-20 19:22:35 +01:00
Jakub Onderka f172389970 chg: [internal] Faster Event::removeOlder method used when pulling from remote server 2021-01-17 18:41:31 +01:00
Jakub Onderka 3fcd0010b6 chg: [internal] Remove deprecated Set class calls 2021-01-17 14:57:06 +01:00
Jakub Onderka 669a9d2e92 chg: [internal] Optimise appending tags to events 2021-01-17 10:55:15 +01:00
Jakub Onderka 7162a8eeaa
Merge pull request #6833 from JakubOnderka/id-translator-push 
chg: [idTranslator] Check also servers that we push
 2021-01-11 16:28:18 +01:00
Jakub Onderka a337fa30cc chg: [internal] Call array_values method just when necessary 2021-01-10 20:12:31 +01:00
Jakub Onderka 3574240e03 fix: [internal] Remove duplicate array definition 2021-01-09 23:06:50 +01:00
Jakub Onderka d80475241b chg: [idTranslator] Check also servers that we push 2021-01-08 10:52:07 +01:00
Jakub Onderka 3f49bf0f34 chg: [sync] Optimise version compatibility checking to save sql queries 2021-01-07 14:00:55 +01:00
Jakub Onderka 355abc05eb chg: [internal] Small optimisation for filterEventIds 2021-01-04 18:30:52 +01:00
Jakub Onderka 37acdc21fa chg: [internal] Use find('column') on more places 2020-12-31 09:55:37 +01:00
Jakub Onderka 4d4b306b60 new: [internal] New model method find('column') 2020-12-23 10:42:05 +01:00
Jakub Onderka 1a184ebbb5 new: [internal] Allow to output directly TmpFileTool 2020-12-21 21:02:37 +01:00
Jakub Onderka a5b2b4f908 chg: [sync] When pushing event to remote server, request back just metadata 2020-12-18 14:54:34 +01:00
Jakub Onderka 185d3e0941 fix: [distribution graph] Graph doesn't work for non sync users when event is shared to sharing group 2020-12-13 21:47:14 +01:00
Jakub Onderka 1f258ebe66 chg: [sighting] Sighting statistics 2020-11-24 16:30:00 +01:00
Jakub Onderka b626b23abd chg: [internal] Attach event correlations in one call for attribute UI search 2020-11-24 13:28:12 +01:00
mokaddem 89f307bd07 Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-18 09:22:40 +01:00
Jakub Onderka 791dc9deab new: [internal] JSON stream convert 2020-11-17 19:28:59 +01:00
mokaddem f0bc398e60
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-16 14:59:17 +01:00
mokaddem 150b4cb7d1
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-11-09 10:07:43 +01:00
Jakub Onderka 6160ad5e34 chg: [rest] For attribute REST search with includeContext, fetch events just once 2020-11-09 08:05:01 +01:00
Jakub Onderka 19c13dc5a9 fix: [internal] Do not load all attributes and sightings when editing event 2020-11-02 15:03:36 +01:00
Jakub Onderka b0c28858c0 chg: [module] Allow to specify module timeout 2020-10-22 19:47:18 +02:00
Jakub Onderka 49660255fe new: [av] Malware protection for uploaded files 2020-10-22 16:38:07 +02:00
Jakub Onderka 150600e4af chg: [module] Serialize post data at one place 2020-10-22 12:58:17 +02:00
Jakub Onderka a8cd412729 fix: [internal] Unused variable in Event::__generateCachedTagFilters 2020-10-18 22:22:59 +02:00
iglocska cc78b0185a
Merge branch '2.4' of github.com:MISP/MISP into HEAD 2020-10-16 12:46:57 +02:00
iglocska 039721aa6a
fix: [attribute tag culling] fixed 
- no longer hides tags that should be included in the export
 2020-10-16 12:46:06 +02:00
Jakub Onderka 2a9feb7cd3
Merge pull request #6417 from JakubOnderka/fetch-event-optimisation 
Fetch event optimisation
 2020-10-12 08:17:39 +02:00
Jakub Onderka 0b3f5a5eeb chg: [freetext] Process just big number of attributes in background 2020-10-11 12:35:59 +02:00
Jakub Onderka 150ccfcd73 chg: [internal] Merge EventReports for extended view 2020-10-10 14:27:07 +02:00
Jakub Onderka c46db527f6 chg: [internal] Optimise event fetching 2020-10-10 14:23:55 +02:00
mokaddem b628e15eb9
Merge remote-tracking branch 'origin/2.4' into feature-event-report 2020-10-09 14:54:47 +02:00
mokaddem d891143b8c
new: [evenReport] Support of extended event 2020-10-08 09:05:44 +02:00
mokaddem 1c4aea010b
fix: [event:push] Setup requests headers before sending request 2020-10-05 09:54:10 +02:00
Jakub Onderka 503206a13d chg: [internal] Initialize Sighting class just when necessary 2020-10-04 13:01:30 +02:00