- decision to be revised: exports don't expose Sharing groups / org uuids to users unless they are admin (for the future: at least sync users have to be added for the new sync)
- Performance improvements for the event search exports
- JSON view code moved to Lib
- Fixed an issue that didn't restrict the dates correctly with the from / to parameters
- XML export was slow, replaced SimpleXML with a simple script that outputs XML for massive performance gains
- New option in bootstrap to allow the cached XML export to also include the attachments
- CSV caching slightly rearranged, it's much more memory efficient now
- Some fixes to relatedevent orgs being shown even if showorg is disabled
- Added a new site admin action to generate several 3k events for load testing (slow)
- currently to_xml() has performance issues, if it's not resolved fast, it would be a good idea to move the export to the background workers
- some UI changes
- xml version now included in the xml exports
- MISP will now check the xml version on all imports related to sync / add MISP XML and try to update the incoming info if it detects an older version
- exports now take tag names as a parameter (affected exports: XML, text, HIDS, NIDS)
- eventtags now correctly get removed when an event is deleted
- Also some improvements to the shadow attributes
- some minor UI changes
Conflicts:
app/Controller/EventsController.php
app/View/Elements/global_menu.ctp
app/View/Layouts/default.ctp
- users can search RESTfully for attributes based on various filtering mechanisms and get either an event that includes the located attribute(s) or just an array of attributes returned.
- users can also request all attributes of a (or several) types and get them returned as an XML
redid the sync, so if add and exist, send HTTP 302 and different
Location, and do edit there.
Still, the final result has to compare the attributes and if needed
RESTfull delete.
Private events are true private and
running a server in 2 modes (private and sync),
so real private (red) or private to server (amber)
or full distributable (green).
Mind this needs a change to tables events, attributes and correlation.
These are in MYSQL.private.sql.
Made tools/curl/input/event.xml more anonymous.
Events/xml/view.ctp wrongly showed category_order.
REST Event add did not work anymore given GFI sandbox import.