MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
25,602 Commits
35 Branches
366 Tags
190 MiB
Commit Graph

16 Commits (3c163d0c12b233ae0d095b71c00bcb7fab6f7099)

Author SHA1 Message Date
iglocska 100702244b
fix: [correlation] exclusion cleaning was broken for noacl correlations, fixes #8899 2023-12-14 12:45:00 +01:00
Luciano Righetti 478d1c6440 fix: fix "'sharing_group_id' doesn't have a default value error" error when importing OpenIOC file 2023-04-12 14:54:15 +02:00
iglocska d123b27960
fix: [object correlations] fixed - ACL was incorrectly hiding valid correlations for a user, fixes #8929 
- inherit as the object distribution was blocked when showing correlations
 2023-02-27 14:21:47 +01:00
Jakub Onderka d399df00d1 fix: [correlation] Convert to int 2022-10-21 15:49:04 +02:00
Jakub Onderka de4ba342e0 chg: [correlation] Optimise saving object timestamp 2022-10-13 09:51:12 +02:00
Jakub Onderka f8f2e0e43d fix: [correlations] Do not fetch unnecessary data 2022-09-13 16:13:51 +02:00
Jakub Onderka 21335d7d1f fix: [internal] Optimise fetching related attributes 2022-09-13 16:13:51 +02:00
Jakub Onderka b98be56f41 fix: [correlation] Undefined index for long values 2022-09-10 20:12:50 +02:00
Jakub Onderka 1daab04ce2 chg: [correlation] Faster saving correlations 2022-09-08 09:30:45 +02:00
Jakub Onderka 48c8a7eab3 chg: [internal] Code cleanup 2022-08-11 12:55:23 +02:00
Jakub Onderka 14501e8a78 chg: [internal] Use less SQL queries for event fetching 2022-08-11 12:55:23 +02:00
Jakub Onderka b53d8c828d chg: [internal] Cleanup code for new correlation engine 2022-08-11 12:53:14 +02:00
iglocska fa3a67d22b
fix: [compatibility] Support for php < 7.2 for an organisation that shall go unnamed 2022-08-08 15:56:55 +02:00
Sami Mokaddem 3f65c3ef94
fix: [correlation:defaultCorrelation] Ignore ACL check for site_admins 2022-08-04 10:48:17 +02:00
iglocska dbd992dbef
fix: [correlation engines] added additional event fields to the retrieved event metadata to match the old behaviour 2022-08-01 10:36:18 +02:00
iglocska 3a4289d631
new: [correlation] engine rewrite 
- allow for multiple concurrent engines
  - default: similar behaviour as before, ACL enforced
  - No ACL: for endpoint misps, disable the enforcement of ACL for correlations altogether

- rework:
  - correlation entries are fully indexed reference tables
  - values are now stored separately
  - built in protection against overcorrelating values (defaults to 20 max)
  - 1 way correlations to cut the size in half
  - unsigned IDs to double the ID space
  - loads of performance improvements
  - fix to the broken event index with correlation counts enabled

- UI improvements
  - search for values from the correlation column directly (in case there are non-correlating versions of the same value)
  - added correlations to the attribute search/index

- TODO:
  - upgrade scripts
 2022-07-31 23:48:38 +02:00