MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
18,990 Commits
35 Branches
366 Tags
190 MiB
Commit Graph

784 Commits (74acfacde01918f46a088632a9b69bc0a81ab64f)

Author SHA1 Message Date
Koen Van Impe bb9674b480 Avoid us of extra variable treshold 2020-06-09 23:17:21 +02:00
Jakub Onderka 91cb7cc299 chg: [internal] Bump CakePHP to 2.10.22 2020-06-08 12:55:27 +02:00
mokaddem c32eff5849
chg: [galaxyCluster:capture] Improved cluster catpure 
- Allow to capture relationships pointing to unknown clusters
- Improved display of relationships
 2020-06-08 11:10:59 +02:00
Koen Van Impe 306eda5328 Dashboard widgets 
- Widget to display system resources (df, cpu, mem)
- Widget to display the latest sightings
- Widget to display the false positive sightings above certain treshold
 2020-06-06 16:17:21 +02:00
mokaddem 5c04b9a8c1
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-05-28 14:06:30 +02:00
mokaddem 51391f8e57
chg: [galaxyCluster] Added drafty version of restSearch 2020-05-26 11:17:58 +02:00
mokaddem e0d73e099c
fix: [clusterRelations:relations_graph] Support of fallback `MISP` 
Organisation and improved tooltip layout
 2020-05-25 17:01:54 +02:00
mokaddem 9ba5bc186f
chg: [galaxyCluster] Usage of both ID and UUID for relation with drafty working 
version of import/export
 2020-05-25 10:04:07 +02:00
iglocska f46ec87cc0
chg: [cakephp] bump 
- updates cakephp to include the UUID generation fix by @RichieB2B to solve the deficiency discovered by @JakubOnderka. You guys rock.
 2020-05-23 18:24:43 +02:00
chrisr3d efadd73a58
fix: [opendata export] Using external_baseurl if set, before baseurl 
- If external_baseurl is not set, baseurl is used
 2020-05-15 14:22:14 +02:00
chrisr3d f44b22f8d5
fix: [opendata export] Internalization of the error messages 2020-05-15 14:12:59 +02:00
chrisr3d 932e51d4d7
fix: [opendata export] Less confusing variable name for the parameter to only skip exporting the data and keep only the header 2020-05-15 14:08:34 +02:00
chrisr3d 2bf534a882 Merge branch '2.4' of https://github.com/MISP/MISP into opendata 2020-05-15 11:40:20 +02:00
mokaddem 4c0e4984e1
chg: [clusterRelations] Moved relation_tree into its own `tool` and 
added modal support for galaxyQuickView
 2020-05-13 11:01:16 +02:00
mokaddem 77c4eb2795
fix: [ClusterRelationsGraphTool] Inject Orgs and SharingGroup info for 
referencing nodes
 2020-05-12 10:32:18 +02:00
mokaddem 3bc2b2c50a
chg: [clusterRelations:networkGenerator] Moved function in `Lib/Tools` 2020-05-12 10:29:52 +02:00
chrisr3d 18d6e38b4f
chg: [restSearch] Option to skip fetching attributes/events when only the metadata is wanted 
- As for the opendata export we do not need to get
  the attributes or event, and are only interested
  in using the metadata, a parameter to skip
  fetching the actual data collection has been
  added, and we avoid iterating through the entire
  data collection.
 2020-05-11 12:54:11 +02:00
Jakub Onderka 1e07dfc9ae chg: [pubsub] Refactored PubSub tool 2020-05-11 08:22:37 +02:00
chrisr3d b8f47718cc
fix: [opendata export] No longer using the returnFormat field as the dataset resource format 
- The resource format can be defined with a
  'format' field within the resource field in the
  setup filter
 2020-05-08 14:53:41 +02:00
chrisr3d 8265a95d4c
chg: [opendata export] Checking opendata setup and raising exception in case of error 2020-05-08 14:35:35 +02:00
chrisr3d fc8ef9aefa
add: [opendata export] Support of the deleting abilities 
- Deleting a dataset or its resource(s) is now
  available from the restSearch side as it already
  is with the python script
 2020-05-07 21:17:15 +02:00
chrisr3d b3a94a18f5 add: [restSearch] OpenData export module 2020-05-06 18:15:30 +02:00
iglocska 5ccf914278
fix: [json converter] fixed an issue if an expected key was not found 
- was only accessible due to another bug, but it's more graceful either way
 2020-05-06 09:30:26 +02:00
iglocska 37c5684e79
fix: [export] JSON export used the wrong handler for /objects/restSearch 2020-05-06 09:29:52 +02:00
mokaddem 8525dda7f8
Merge remote-tracking branch 'origin/2.4' into eventTimeline-sightings 2020-04-30 08:38:39 +02:00
iglocska 01b552d7e9
Revert "Merge branch '5835' into 2.4" 
This reverts commit 48132af179, reversing
changes made to 9a22aa1f3c.
 2020-04-30 07:09:56 +02:00
kscheetz 631800b80e Simplification for code complexity reqs. 2020-04-29 09:48:48 -04:00
mokaddem 720aa4a7db
Merge remote-tracking branch 'origin/2.4' into feature/tags-deletion 2020-04-29 09:00:31 +02:00
iglocska 1c3dc3fe51
Merge branch '2.4' into 5272 2020-04-28 15:31:17 +02:00
Cooper Dale 601a0ed4f2
bugfix in Suricata export template 
PR for reported bug https://github.com/MISP/MISP/issues/5766 based on suggestion @stacsirt, tested on my instance and it is working great
 2020-04-27 09:49:09 +02:00
mokaddem 93bd5eddba
chg: [event:timeline] Added Sightings visualisation 2020-04-23 10:08:34 +02:00
iglocska cf6d82aa3a
fix: [observer datasource] fixed for the QueryTool 2020-04-17 14:14:33 +02:00
mokaddem dd1be03597
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-04-09 14:26:48 +02:00
iglocska 9d63e427e6
new: [dashboard] COVID active cases backported from widget collections 2020-04-09 07:59:20 +02:00
iglocska 31662d6e15
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-04-06 22:29:38 +02:00
iglocska 75d6a4b829
chg: [cakephp] version bump to get TLS 1.3 support, fixes #5764 
- #yolo
 2020-04-06 22:29:12 +02:00
chrisr3d 8f90f79255
fix: [stix2 export] Avoiding the "end" function to return a notice 
- It looks like depending on the Php version, the
  end function does not like to have the reference
  of an array. By delaying its call, we pass the
  actual array and the notice no longer appears
 2020-04-06 15:14:23 +02:00
iglocska e898c121b1
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-04-06 09:23:30 +02:00
iglocska 78ad3cb368
chg: [dashboard] Added COVID widgets to the default installation from widget-collections 
- should be interesting enough for all at this point. We might remove it again once COVID-19 is finally gone from our lives
 2020-04-06 09:22:37 +02:00
mokaddem 0856bc5c04
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-04-06 09:21:56 +02:00
mokaddem 901af2b7b2
chg: [widgets:trendingTags] Added threshold parameter to let user 
decide the # to show
 2020-04-06 09:20:41 +02:00
mokaddem 5f74b9c4e8
fix: [widgets:trendingTags] Removes unused vars. fix #5761 2020-04-06 09:19:15 +02:00
Andras Iklody ca85806312
Merge pull request #5672 from patriziotufarolo/2.4 
Fixes STIX2 export failing with "ANTLR runtime and generated code versions disagree: 4.8!=4.7.1"
 2020-04-06 05:18:22 +02:00
iglocska c8a111447c
fix: [suricata] fixed an invalid validation of https hostnames that blocked the attributes from being included in the exports 2020-03-19 09:16:10 +01:00
mokaddem 04dcdebb1f
new: [galaxyCluster] Initial import of Galaxy2.0 codebase - WiP 2020-03-12 10:26:09 +01:00
iglocska 8d02332b31
new: [dashboard] persistence package 
- export dashboard state
- import dashboard state
- save dashboard state
  - make it available to others on the instance on demand
  - admins can set a default password for users that don't have anything configured yet
  - load another template based on what the community has shared
- added Whoami widget which was an outcome of the ESDC training
- various improvements, new fields for genericElements, etc
 2020-03-08 23:36:27 +01:00
iglocska cd4b6936c8
new: [widgets] Whoami widget added 2020-03-06 10:06:31 +01:00
iglocska 5e56e7dfc7
new: [dashboard] various fixes / improvements 
- simple list now accepts arrays for values
- fixed margin issues
- fixed empty sync test issues
 2020-03-05 10:08:15 +01:00
iglocska 218ea0333c
new: [dashboard] added a way to auto reload widgets 
- has to be defined in the code of the widget
 2020-03-04 14:46:01 +01:00
iglocska 03dc9a8206
fix: [synctool] tests improved 2020-03-02 23:09:47 +01:00
iglocska 44ff66445d
new: [dashboard] Resource widget added 2020-03-02 23:06:31 +01:00
iglocska 7b5374a81d
new: [dashboard] Added server resource module and some fixes 2020-03-02 00:32:26 +01:00
iglocska 376f6fa358
chg: [dashboard] Custom dir added 2020-03-01 23:25:50 +01:00
iglocska de87ecfaf2
Merge branch '2.4' into feature/dashboard 2020-03-01 23:04:07 +01:00
iglocska 95eb2af765
fix: [API] Json converter fixed 2020-03-01 22:33:49 +01:00
iglocska 0d4df7c98b
new: [Dashboard] system 
- Dashboard
  - modular similar to restSearch
  - build your own widgets
  - use a set of visualisation options (more coming!)
  - full access to internal functions for queries
  - auto discover core and 3rd party widgets
  - rearrange / configure widgets for each user individually
  - rearrange / resize widgets
  - settings can be configured by a site-admin on behalf of others
  - modules have a self-explain mode to guide users
  - caching mechanism for the modules / org

- set homepage / user
- various other fixes
 2020-03-01 18:05:21 +01:00
iglocska 4bfcc3211b
new: [API] object level restSearch added 
still WiP
 2020-02-29 08:57:32 +01:00
Patrizio Tufarolo 44fef2903c
Ensure we only have the last line from the shell command when exporting STIX2 
Same as  e3b1e8c74a but for exporting STIX2
 2020-02-27 12:59:12 +01:00
mokaddem 5de5453dbd
Merge branch '2.4' of github.com:MISP/MISP into pr-feature/tags_deletion 2020-02-27 11:19:53 +01:00
Jakub Onderka cfe18d8c39
chg: [internal] Removed unused function 2020-02-16 14:13:34 +01:00
Jakub Onderka 8717c3f1c5
fix: [pubsub] Do not fetch setting for every push 2020-02-14 15:26:49 +01:00
Tom King bee49f7028 Merge remote-tracking branch 'upstream/2.4' into feature/tags_deletion 2020-02-13 16:17:03 +00:00
mokaddem 6e66256f7a
Merge branch '2.4' of github.com:MISP/MISP into pr-5210 2020-02-10 11:09:14 +01:00
Jakub Onderka 73b9513a38 chg: [internal] Refactoring malware handling 2020-01-26 18:56:41 +01:00
chrisr3d ec9328c50c Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2020-01-20 11:45:02 +01:00
chrisr3d 88ea4523b8
fix: [stix 1&2 export] Checking is an error message is returned 2020-01-20 11:43:46 +01:00
Tom King 0a4fbc80c5 Merge branch '2.4' into feature/tags_deletion 2020-01-14 10:03:44 +00:00
mokaddem 8d6946b386
chg: [eventTimeline] Cleaner array append 2019-12-16 09:57:10 +01:00
mokaddem a1fdea754d
Merge branch 'zoidberg-timeline' into zoidberg-final 2019-12-06 15:40:51 +01:00
iglocska 1c5afa49ed
new: [refactor] Massive internal refactor and cleanup of deprecated APIs 
- new centralised restSearch function in AppController as entry point via all controllers
- new component handling restSearch related support functions, such as parameter mapping
- hollowed out all deprecated export functions on the event/attribute controller
  - replaced with a new functionality that remaps them to restSearch
  - all functionality should be maintained with all additional advantages introduced with restsearch
- additional cleanup (some unused functions removed)
 2019-11-29 10:11:30 +01:00
Tom King 34c5570692 new: Allow for attribute tag deletion via Event or Attribute edit. Clean and return the attribute tags on response from editing an attribute, update code to remove legacy 2019-11-26 12:27:15 +00:00
iglocska 10bc49ae13
fix: [proxy] Skip_proxy was broken up until now, fixes #5324 
- was simply ignored, added the hook for it for the sync tool
 2019-11-08 10:06:44 +01:00
iglocska c4f1d4d15e
new: [SightingDB] Added integration with SightingDB 
- Added configuration tool
- Added lookups from the event view
- Added includeSightingdb flag for the restSearch searches
- Added SightingDB search tool
- Added SightingDB connection test tool
 2019-11-06 21:20:04 +01:00
mokaddem f58770a90a
Merge branch '2.4' of github.com:MISP/MISP into zoidberg-timeline 2019-11-05 13:51:03 +01:00
chrisr3d b140d6be09
add: [restSearch] Support of stix1 json export 2019-10-15 09:54:48 +02:00
mokaddem cd68ea018f
fix: [eventGraph] Fixed UI issue with duplicated ID (attributes and 
objects)
Fix #5181
 2019-10-09 16:29:20 +02:00
mokaddem 09646bf913
chg: [eventGraph] Renamed `rotation key` to `pivot key` and do not 
collaspe when adding/removing edges.
Fix #3683
 2019-10-09 15:59:16 +02:00
mokaddem 015ec7d989
Merge branch '2.4' of github.com:MISP/MISP into zoidberg-timeline 2019-10-08 14:12:38 +02:00
garanews 85c28ce36e Fix some typo 
Fix some typo
 2019-10-04 13:02:59 +02:00
iglocska c28314076b
fix: [API] massive performance boost for large events with many correlations 
- the logic of the JSON converter was heavy and unnecesary
 2019-10-04 12:26:49 +02:00
chrisr3d 3b3a1e0067 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2019-10-03 10:43:39 +02:00
chrisr3d f60e66fa00
fix: [stix 1/2 export] Catching potential exceptions and returning it as result in restSearch 2019-10-03 10:39:34 +02:00
mokaddem b44b369eec
Merge remote-tracking branch 'origin/2.4' into zoidberg-timeline 2019-10-02 14:35:00 +02:00
mokaddem bb3cf85776
Merge branch '2.4' into zoidberg-timeline 2019-10-02 11:23:04 +02:00
iglocska c93620c277
chg: [cakephp] updated to latest 2.x commit 2019-09-30 11:03:50 +02:00
iglocska d92fa3d281
Merge branch 'cacert' into 2.4 2019-09-30 09:48:03 +02:00
chrisr3d d0b99bebda Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2019-09-26 16:54:09 +02:00
Jakub Onderka bc8aa0e2b4
new: [internal] Allow to use custom CA 2019-09-26 14:26:58 +02:00
iglocska 1a6ab3bec7
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-09-25 20:18:10 +02:00
iglocska 40cf160c53
new: [API] Netfilter added as new export format 2019-09-25 20:17:25 +02:00
chrisr3d 78dc7e7512
fix: [stix 1/2 restSearch] Deleting temporary files in case of an error in the python side 2019-09-25 18:28:37 +02:00
Jakub Onderka a9f6af9fcb chg: [user] GPG key fetching by server 2019-09-23 22:09:02 +02:00
Andras Iklody d10495f789
Relaxed defanging rules, fixes #5203 
Removed multiple dot implosion for links/urls
 2019-09-23 14:26:42 +02:00
chrisr3d fbb25bad6f
new: [restSearch] restSearch module for ATT&CK Sightings 
- Returning ATTA&CK Sightings in json format for
  events and attributes with mitre-attack-pattern
  galaxies attached
- For further details on the ATT&CK Sightings,
  please visit https://attack.mitre.org/resources/sightings/
- Also thanks to @johnwunder for the clarification
  on the output format
 2019-09-12 17:03:35 +02:00
iglocska 58148c0aa3
new: [Internal] Index generator refactor 
- loads of new features added
- bunch of helpers updated
- mainly a back/forward port from the frozen feed-rework branch with some custom changes
 2019-08-28 17:02:43 +02:00
iglocska f6df9c2767
fix: [API] csv export incorrect handling of include context parameter if it was pushed and set to 0 2019-08-02 16:46:19 +02:00
iglocska 877be26afc
fix: [CSV] headerless flag fixed, fixes #2761 2019-08-02 15:24:27 +02:00
Bechkalo Evgeny f2e299ba19 fix: error during creating and deleting Attributes on PostgreSQL 2019-07-23 13:46:06 +03:00
Bechkalo Evgeny 672601f7b8 fix: MariaDB error for quoting tablename 2019-07-23 11:58:18 +03:00
Bechkalo Evgeny 76d58e6e53 fix: some PostgreSQL issues 
Closes: #3066, #3067
Fixes issues:
- wrong boolean and smallint conversion;
- postgresql table and field naming (field 1_event_id is wrong name for
field for example);
- postgresql grouping (you cannot select columns without grouping them);
- wrong checkbox rendering without keyword.
 2019-07-23 11:17:56 +03:00
Richard van den Berg 9da8ed86c5 Fix errors on NIDS export when whitelist is empty 2019-07-17 12:46:43 +02:00
mokaddem e7f3d0d9df new: [timeline/*-seen] Initial import of the timeline code from the 
zoidberg branch
 2019-06-13 09:16:34 +02:00
mokaddem 52ae153c0e Merge branch '2.4' of github.com:MISP/MISP into galaxyMatrixImprovements 2019-06-11 15:56:10 +02:00
mokaddem 11a4bdb959 chg: [restSearch:attack] Only expose attack return format to the `event` 
scope
 2019-06-11 15:50:51 +02:00
Richard van den Berg 22cc03bb23 Match EDNS packets with snort rules 2019-05-17 14:34:18 +02:00
mokaddem bd1b5f6e97 chg: [export:attack] Performance improvements 2019-05-15 11:06:27 +02:00
Alexandre Dulaunoy 97ab3ddca0
chg: [yara export] fix the correct Python version is used 2019-05-13 21:33:25 +02:00
mokaddem 4fbe857f90 chg: [galaxyMatrix] Added sorting by score. Fix #4608 2019-05-13 15:07:38 +02:00
iglocska c54839d2eb Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-05-10 14:42:25 +02:00
iglocska 5ee6013dff fix: [API] Some fixes for the restsearch -> attack export 2019-05-10 14:41:50 +02:00
iglocska e899eb8b9d new: [ATT&CK] Added new export system for restsearch for ATT&CK 
- Return the ATT&CK matrix data as HTML via the API
- Directly viewable via the REST client

- Greetings from the ATT&CK workshop @ Eurocontrol
 2019-05-10 14:25:38 +02:00
Steve Clement 45e6d740f0 fix: [bug] getPythonVersion undefined, pull in where it is defined. 2019-05-10 07:23:14 +09:00
frpet 38a64e0ba9 rpz: action policy rename (to Local-Data) 
Rename action policy "walled-garden" to "Local-Data" as per the IETF draft (and other documentation for RPZ)
 2019-05-08 15:54:34 +02:00
Andras Iklody 3c6a336774
Merge pull request #4581 from pettai/RPZ-policy-action 
RPZ - Add additional policy actions
 2019-05-07 17:03:27 +02:00
frpet 76fcc6553a Add additional policy actions 
Add the last policy actions from the RPZ draft.
* rpz-passthru allows for testing without applying changes on the returned answer.
* TCP-only forces the client over to use TCP.
 2019-05-07 16:29:32 +02:00
Steve Clement fc1f15c4c0 fix: [export] Yara Export variable typo fix. Use getPythonVersion. 2019-05-07 08:37:47 +09:00
mokaddem 93673b4d4c chg: [distributionNetwork] Filter out organisations not being marked as 
local. Fix #4568
 2019-05-03 15:32:02 +02:00
edhoedt b9463e513c Yara export 2019-04-29 19:23:14 +02:00
iglocska 69c6562888 fix: [freetext] Also trim out no-break spaces 
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
░░░░░░░░███████████████░░░░░░░░░░
░░░░░░███████████████████░░░░░░░░
░░░░░███░░░░░░░░░░░░░░████░░░░░░░
░░░░██░░░░░░░░░░░░░░░░░░░███░░░░░
░░░██░░░░░░░░░░░░░░░░░░░░░███░░░░
░░██░░███████░░░░░░██████░░██░░░░
░██░░██─────██░░░░██────██░░██░░░
░██░░█▄▄▄▄▄▄▄██░░░█▄▄▄▄▄▄██░░██░░
░██░░████─────█░░░████────█░░░██░
░██░░█────────█░░░█───────█░░░██░
██░░░██──────██░░░██─────██░░░░██
██░░░░████████░░░░░███████░░░░░██
█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█
█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█
█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█
█░░░░░███████████████░░░░░░░░░░░█
█░░░████░░░░░░░░░░░░░░░░░░░░░░░░█
█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█
█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█
██░░░░░░░░░░░░░░░░░░░░░░░░░░░░░██
░██░░░░░░░░░░░░░░░░░░░░░░░░░░░░█░
░░███░░░░░░░░░░░░░░░░░░░░░░░░░██░
░░░░██░░░░░░░░░░░░░░░░░░░░░░░██░░
 2019-04-26 09:39:10 +02:00
chrisr3d c527077b1c Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-04-12 15:25:22 +02:00
chrisr3d 50c18eebb1
fix: [stix restSearch] Fixed output json format in case of empty results 2019-04-12 14:46:57 +02:00
chrisr3d 2b8f655415
fix: [stix restSearch[ Quick file extension clarification 
- Depending on the format (.stix or .stix2)
- Impacting temporary files, it is thus for
  debugging purpose in case of error
 2019-04-12 14:41:54 +02:00
iglocska 8076dbfad1 fix: [refanging] Removed invalid pattern 2019-04-09 15:51:13 +02:00
iglocska 5eecd75e5b fix: [bug] Typo causing "\" to be stripped from attributes where it shouldn't be stripped 2019-04-09 15:48:29 +02:00
iglocska a3381b8196 new: [refanging] Attributes automatically refanged in beforeValidate, fixes #4442 2019-04-09 14:53:39 +02:00
iglocska 510b781762 fix: [freetext] Stop parsing dates as phone numbers 2019-03-20 13:10:53 +01:00
iglocska 09ae8a5364 fix: [bro] typo fixed that caused an exception, fixes #4343 2019-03-20 07:02:50 +01:00
iglocska beed84a335 Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-03-19 17:23:22 +01:00
Liviu Valsan 4656a5c1fa Fixing bug when exporting to Bro MISP attributes from events that contain a percentage sign inside the event info 2019-03-19 14:46:16 +01:00
Nikos Filippakis 9d59b10368 Publish events to Kafka 
Signed-off-by: Nikos Filippakis <nikolaos.filippakis@cern.ch>
 2019-03-18 15:53:22 +01:00
Andras Iklody 37e9ebdc39
Merge pull request #4313 from pettai/RPZexport 
Add $time for Plugin.RPZ_serial
 2019-03-15 17:41:34 +02:00
frpet 06b1d74c7a Add $time for serial 
Add $time for generating unixtime as serial
 2019-03-15 15:28:14 +01:00
mokaddem b8334521d3 chg: Updated comments 2019-03-15 11:52:37 +01:00
mokaddem 7ce6ef34de Merge branch '2.4' of github.com:MISP/MISP into extendedDistributionGraph 2019-03-15 10:59:38 +01:00
iglocska fb26e3495f chg: [cakephp version] bump 2019-03-14 08:46:10 +01:00
mokaddem d67af3c4dd fix: [distributionGraph] Transform associative array into regular array 2019-03-12 10:59:51 +01:00
mokaddem 8a5cce8cb3 chg: [distributionNetwork] Improved consistency in event index and 
improved UX - WiP
 2019-03-12 10:47:16 +01:00
mokaddem ead0b96e13 chg: [distributionGraphNetwork] Adjusted gravitationalConstant and mass 2019-03-01 14:55:51 +01:00
mokaddem 24d8f197ef new: [DistributionGraph] Added pie chart on sharing group. fix #4101 2019-03-01 10:56:33 +01:00
mokaddem ef045e01b3 chg: [distributionGraph] Added support of sharing group - WiP 2019-02-27 15:34:20 +01:00
mokaddem 431529c81c chg: [attackMatrix] UI: improved color scale - WiP 2019-02-11 17:54:29 +01:00
chrisr3d 4f4fe45633
fix: [stix2 export] Fixed attribute counting on restSearch 2019-02-02 12:09:52 +01:00
iglocska 4dd53eb8e3 fix: [freetext import] Handle cases where a value can be both a hash and a btc address better 2019-01-22 08:58:02 +01:00
iglocska a9a47fb46c new: [cache export] Added the includeEventUuid flag to the output 2019-01-17 15:04:01 +01:00
Daniel Roethlisberger 5b4079637a new: [attributes] Add cdhash attribute, 40+ digit hash, default Payload delivery, ids=1 (#3965) 2018-12-19 20:19:49 +01:00
chrisr3d 87190f6510
fix: [restSearch] Using the correct python version to call STIX scripts 
- Using the correct python defined in virtual env,
  if available, and the default global python3
  otherwise
 2018-12-07 15:31:04 +01:00
Anthony Vaccaro eab6ca62e3 fix typo in called method name 2018-11-27 10:02:25 +10:00
iglocska db5d61725a chg: [bro] Preparation for the move to restsearch 
- also fixed some edge-case issues
 2018-11-24 21:35:50 +01:00
iglocska 86a27e7c31 fix: [CSV] Fixed some defaults for the CSV export 2018-11-23 13:47:06 +01:00
iglocska a28909d366 new: [freetext] Added BTC recognition, fixes #3864 2018-11-13 12:06:00 +01:00
iglocska ce3c78cd7d Merge branch 'sighting_api' into 2.4 2018-10-29 20:20:17 +01:00
iglocska bbc8a8bf4d fix: [API] minor fixes to the sightings api 
- fixed duplicate sighting tags in XML output
- added attribute value to the sighting
 2018-10-29 20:18:29 +01:00
Hannah Ward 608ddaa969
fix: aws would error if asked to del non-existing 2018-10-26 11:01:44 +01:00
Sami Mokaddem ff5f5faf02 new: [sighting/api] xml output format + improved error feedback 2018-10-23 13:06:37 +02:00
Sami Mokaddem 01cba114f2 fix: [sightings/api] now support json output format 2018-10-23 12:17:54 +02:00
Sami Mokaddem 99e5f560a8 new: [sighting/api] trying to follow the new API architecture. JSON 
export is broken but CSV is working. WIP...
 2018-10-23 11:24:03 +02:00
iglocska 1187fb2a27 new: [API] Added CSV as return format for event index 2018-10-21 22:47:22 +02:00
www-data f9183dee3b Merge branch '2.4' into py-virtualenv 2018-10-15 17:09:18 +09:00
iglocska 158d0580b3 new: [API] Added a new export that simply hashes all values with a requested hash format 2018-10-09 11:21:35 +02:00
iglocska 40b1a4a271 chg: [CSV] Added timestamp in CSV output with include context on the event level 2018-10-08 21:43:23 +02:00
Steve Clement e26e4a2e92 Merge branch '2.4' into py-virtualenv 2018-10-08 07:45:04 +08:00
iglocska abc83000c0 fix: [CSV] boolean fields should be set to 1/0 instead of true/false 2018-10-06 18:59:24 +02:00
chrisr3d 69c4b58638 Merge branch '2.4' of github.com:MISP/MISP into 2.4 2018-10-05 14:59:33 +02:00
chrisr3d a42b3ab756
fix: [restSearch] Avoiding useless stix python script calls on empty files 2018-10-05 14:58:39 +02:00
iglocska 77258728ee Merge branch '2.4' of github.com:MISP/MISP into 2.4 2018-10-05 14:50:33 +02:00
iglocska 1c8b17416f chg: [API] made the CSV export type less restrictive by default (to_ids / published ignored by default) 2018-10-05 14:49:12 +02:00
chrisr3d d65482c297
fix: [restSearch] Ignoring square brackets around STIX2 objects returned by the python script 
Because they are already provided by the framing script
 2018-10-05 10:28:48 +02:00
chrisr3d 09a138fd38 Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests 2018-10-04 23:09:11 +02:00
chrisr3d 445bd0c84c
add: [restSearch] STIX 1 & 2 export for restSearch 
Features to be merged:
- Export of multiple MISP events
- Fetching events and writing them into files, each
  file containing at most a number of attributes
  defined by a limit
- Each file is then parsed instead of parsing each
  event individualy, which reduces the number of
  times the python scripts are called, reducing
  the execution time of the overall process
- The result is then returned as on single file
  read and displayed
 2018-10-04 22:11:30 +02:00
chrisr3d 54b90cf8f5
fix: [restSearch] Changed how data is handled eeeeeeeeeee 
- Criteria was number of events and is now number
  of attributes
- Writing data in a file until the limit number of
  attributes is reached, then writing in the next
  file and looping again until all data is written
- Then for each file, calling the python script to
  parse MISP events and translate them into STIX
- Writing parsed STIX data into 1 file used to
  return the result
 2018-10-04 11:40:45 +02:00
iglocska e461029b9d new: [API] CSV export tool completely reworked 2018-10-03 07:59:46 +02:00
Steve Clement a699c5fcd4 Merge branch '2.4' into py-virtualenv 2018-10-02 20:55:46 +08:00
chrisr3d 5a87b64c74
Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests 2018-10-02 13:35:21 +02:00
iglocska 58b9a3c50b fix: [graph] Made the correlation graph aware of the new correlation loading 2018-10-02 07:35:34 +02:00
chrisr3d d6595e00c6
wip: [restSearch] Passing multiple events to the STIX parsing script 
- atm calling the python script every 10 events
  fetched with fetchEvent
 2018-09-30 20:32:38 +02:00
chrisr3d 4ac455d7c4 Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests 2018-09-29 19:20:19 +02:00
Steve Clement df3d87b5c8 Merge branch '2.4' into py-virtualenv 2018-09-28 15:00:46 +02:00
Steve Clement 05e0c412ef chg: [fix] Some fixed to the python virtualenv tweaks 2018-09-28 14:58:55 +02:00
Sami Mokaddem b66eeefffa fix: [eventGraph] prevents bug if object has no attributes 2018-09-28 12:05:46 +02:00
iglocska 46cb19df2d Merge branch '2.4' of github.com:MISP/MISP into 2.4 2018-09-28 09:24:40 +02:00
iglocska cfe86512a2 fix: [API] Fixed an invalid lookup in the openioc export 2018-09-27 23:02:59 +02:00
chrisr3d 72c0aa9987
fix: [restSearch] Prettifying stix packages with indents 
- As it is in stix export function from Model/Event.php
 2018-09-27 12:03:49 +02:00
chrisr3d aa69d6ca1a
fix: [cleanup] Fixed indentation in restSearch 2018-09-25 20:33:41 +02:00
chrisr3d 52115cdf85
fix: Added variable to have attribute with no ids flag from fetchEvent 2018-09-25 20:13:20 +02:00
chrisr3d 8a4911d18c
fix: [restSearch] Fixed variables & indent 2018-09-25 12:10:39 +02:00
chrisr3d 933af46dfb
wip: [restSearch] Stix1 export for restSearch 2018-09-24 14:52:33 +02:00
iglocska cefab3e01c new: [freetext import] Added detection for AS 2018-09-23 11:43:55 +02:00
iglocska 48c6150257 new: [Complex type tool] Detection of [1] style refanging 2018-09-21 15:08:33 +02:00
iglocska 2e7dfc9273 new: [API] Correctly handle objects in flat exports and exposed text export to event level search 2018-09-14 14:34:01 +02:00
iglocska 51b3ef61dd new: [API] Added the includeEventTags parameter to the /attributes/restSearch API 
- appends all event level tags to each attribute
 2018-09-09 16:49:59 +02:00
iglocska f995b561fb Merge branch '2.4' of github.com:MISP/MISP into 2.4 2018-09-09 00:25:28 +02:00
iglocska 926e973179 new: [API] Updated the RPZ export to follow the new API patterns 2018-09-08 23:44:38 +02:00
iglocska bc9524c712 fix: [feeds] Feed caching generates a lot of notices 2018-09-07 13:29:26 +02:00
iglocska 289b13be88 new: [API] set default behaviour to require to_ids and published set to 1 to be included in exports 
- doesn't affect MISP json and xml formats
 2018-09-06 00:20:03 +02:00
iglocska bcfc1f3a1a fix: [API] Fixed the broken CSV export 2018-09-05 11:36:31 +02:00
iglocska 57a6460d81 chg: [internal] JSONConverterTool's support for the deprecated showorg flag removed 2018-09-03 17:53:51 +02:00
iglocska 924dfcbec9 new: [API] XML export now exports both event and attribute level data 
- relying on the old XMLConverterTool for event level conversions
 2018-09-03 17:53:03 +02:00
iglocska 9c725ebff1 new: [API] OpenIOC export library correctly handles both events and attributes as their payload 
- fixed annoying line breaks in the output
 2018-09-03 17:50:59 +02:00
iglocska 7c3ddacd1e new: [API] NIDS exports now correctly support event and attribute level exports 
- also, suricata/snort rules now include both the event and the attribute tags in the metadata
 2018-09-03 17:50:08 +02:00
iglocska ba5bafd13f new: [API] JSON export library updated to support both attribute and event level conversions. 
- relies on the old JSON library for event level conversions
 2018-09-03 17:49:03 +02:00
iglocska 5f1edc9bad Merge branch 'feature/api_rework2' into 2.4 2018-08-31 13:37:41 +02:00
iglocska a75fa11457 Merge branch 'feature/api_rework2' into 2.4 2018-08-31 13:35:21 +02:00
iglocska ac86f89c6e new: [API] Added the libraries for the JSON, XML and Text exports 2018-08-31 13:23:07 +02:00
iglocska 590f0ac1ea chg: [cleanup] removed leftover converter 2018-08-31 13:18:36 +02:00
iglocska f3558fb18a Merge branch 'feature/api_rework' into 2.4 2018-08-31 12:58:44 +02:00
iglocska a000d86f85 new: [API] Made the NIDS export compatible with the new API 2018-08-30 21:56:00 +02:00
iglocska 7ad08d9553 new: [API] Added the new XML converter 2018-08-30 21:54:47 +02:00
iglocska 80dc30c7bc new: [api] Added new open IOC export system 2018-08-27 23:55:07 +02:00
iglocska 7b233de4cd new: [api] first revision of the attribute export 2018-08-27 23:52:39 +02:00
Daniel Roethlisberger b19e405b32 Fix broken timestamps by using 24 hour clock and ISO 8601 date format 
The event view shows a wrong "Last change", e.g. "2018/08/23 06:01:45"
for "2018/08/23 18:01:45".  The same problem affects the timestamp in
the XML generated by IOCExportTool.php.  Fix by correcting the PHP
date() code "h" to "H".

While here, also switch to a clearer ISO 8601 date representation for
"Last change", using dashes instead of slashes for separation of year,
month and day.
 2018-08-23 18:39:01 +02:00
iglocska f675fb8b29 Merge branch '2.4' into feature/api_rework 2018-08-17 14:49:09 +02:00
Hannah Ward c883a7b6d6
new: Add upload/download for attachments 2018-08-15 14:07:44 +01:00
Hannah Ward 597802501f
new: Add S3 client class 2018-08-15 11:14:03 +01:00
iglocska 006a922e9f chg: [API] further work on the new CSV export 2018-08-14 23:38:01 +02:00
iglocska 1d5ff2f146 fix: [API] Class name fixed 2018-08-13 21:49:47 +02:00
iglocska ffa1a77391 new: [API] CSV export tool added 2018-08-12 23:49:01 +02:00
iglocska 32f79d2eab fix: [cleanup] Fixed an assignment in a comparison 2018-08-05 19:22:07 +02:00
iglocska a81894f14c chg: [CS] Changed to PSR-2 
- to make contributions easier, adopted PSR-2
- used php-cs-fixer to rework the style
- *sniff sniff* Goodbye tab indentation
 2018-07-19 11:48:22 +02:00
Andras Iklody f0964c11f6
Merge pull request #3479 from FloatingGhost/feature-send-logs-to-elasticsearch 
Feature: send logs to elasticsearch
 2018-07-12 12:09:53 +02:00
iglocska 53f974895e fix: [zmq] Fixed execution of the ZMQ start/stop commands still being python 2 2018-07-12 08:01:41 +02:00
iglocska 90a8e9110b fix: [freetext] parser was detecting any number as a phone number, fixes #3469 
- new requirement: must start with + or contain a -
 2018-07-11 15:02:30 +02:00
Hannah Ward a62b23088e
fix: Use spaces entirely 2018-07-10 17:06:56 +01:00
Hannah Ward 09aacabe26
fix: Indentation on ES client 2018-07-10 17:05:42 +01:00
Hannah Ward a70f8e45d8
new: Add ability to log to elasticsearch 2018-07-10 17:01:57 +01:00
iglocska 898aef2e10 new: [data model] Added support for monero - new type xmr 
- soft validation
- secondary validation with warnings for malformed addresses
- supporting epic facial hair styles
 2018-07-04 10:22:58 +02:00
iglocska 59b17b5af6 new: [sync] Added flag to avoid using the proxy 
- in some cases you have internal sync between instances in which case going through the proxy is silly
 2018-07-02 16:56:50 +02:00
Sami Mokaddem e3988c73ad new: [attackMatrix] Also consider attack galaxy at event level in the 
heatmap
fix: [attackMatrix] Typo in ATT&CK + division by 0 in gradiendTool
 2018-06-18 14:51:29 +00:00
Sami Mokaddem 8d145086f0 new: [attackMatrix] statistic about attack tags used in the instance 
chg: [attackMatrix] moved functions in to model and matrix view into elements
 2018-06-18 09:58:20 +00:00
iglocska 6bf2dd91ab fix: cakephp version bumped to latest 2.x 
- also gets rid of the stupid mcrypt requirement that breaks compatibility with newer ubuntu versions
 2018-05-08 17:48:51 +02:00
iglocska ea389ef3ce fix: Edge case with empty objects caused *barf* 2018-05-08 15:02:22 +02:00
Sami Mokaddem f1cefb3503 fix: [DistributionGraph] include metadata for all distribution level 
When fetching distribution graph data, returns information about all
distribution level (even not concerned).
 2018-05-08 07:19:51 +00:00
Sami Mokaddem 9c5b05a679 fix: Directly take the sharing group name from the event 
Do not fetch the sharing group name as it is already included in the
event.
+ fixed a css glitch
 2018-05-04 12:40:35 +00:00
Sami Mokaddem d6f02fe1b6 fix: [DistributionGraph] incorrect number in the sg progressbar tooltip 
Set the correct number of involved sharing instead of the sum of sharing
group in the sg progressbar tooltip
 2018-05-04 12:00:55 +00:00
Sami Mokaddem 37f0281d59 fix: [DistributionGraph] sharing group search and uniqueness of results 
fix a bug where filtering per sharing group was not inlcuding inherit
attributes.
Enforce uniqueness of involved entities.
 2018-05-04 09:33:14 +00:00
Sami Mokaddem 507cd0ee85 chg: Trying not to break the MVC pattern 
Server model is not passed to the constructor anymore, as well as the
Organisation model.
 2018-05-04 06:27:54 +00:00
Sami Mokaddem 6d476814b0 Merge remote-tracking branch 'upstream/2.4' into distributionGraphDonut 2018-05-03 13:52:40 +00:00
Sami Mokaddem 3db21f0396 chg: [distributionGraph] support of the sharing group event distribution 
chg: [distributionGraph] code cleanup
 2018-05-03 12:55:00 +00:00
Sami Mokaddem 73e432f16d chg: sanitization of data for distribution graph 2018-05-03 08:42:53 +00:00
Sami Mokaddem 668488b8c9 chg: add additional distribution info about to whom we are sharing even 
if we don't have element on this distribution level
 2018-05-03 08:27:34 +00:00
Sami Mokaddem f4e4c7b335 chg: moved sharing group outside of the distribution progressbar (as it is a special case), distribution range is displayed when clicking on the pb labels and lots of minor improvements. 2018-05-02 13:37:48 +00:00
iglocska 8cc1d86068 fix: Allow filename as an alternative for parsed domains/hostnames 2018-04-25 15:41:58 +02:00
Sami Mokaddem 7a94612161 new: Possibility to view connected communities and concerned sharing groups in distribution graph's tooltip 2018-04-25 09:48:03 +00:00
Sami Mokaddem 0c593728de removed useless codes 2018-04-24 10:13:28 +00:00
Sami Mokaddem f9414871b8 Initial version of the distribution graph 2018-04-23 12:51:15 +00:00
Andras Iklody 607d203c04
Merge pull request #3170 from mokaddem/ref_graph 
Extended event support and tag filtergin in the event graph
 2018-04-20 13:40:48 +02:00
Sami Mokaddem 7ee1717628 Added confirmation box to draw the network based on a threshold 2018-04-20 11:20:52 +00:00
Sami Mokaddem 677f466c4e perf: unset filtered data instead of adding them to a new array (thus, 
reducing memory consumption by a factor of 2)
 2018-04-20 09:10:51 +00:00
Sami Mokaddem ee1e39360e Being consistent with indentation + removed useless comment. 2018-04-20 08:46:11 +00:00
Sami Mokaddem 2ca3515f10 Feature: Possibility to filter on tags 2018-04-20 08:35:38 +00:00
iglocska 8c2dd6d00a fix: Fix to the invalid refanging (Third time's the charm) 2018-04-18 11:25:58 +02:00