Koen Van Impe
bb9674b480
Avoid us of extra variable treshold
2020-06-09 23:17:21 +02:00
Jakub Onderka
91cb7cc299
chg: [internal] Bump CakePHP to 2.10.22
2020-06-08 12:55:27 +02:00
mokaddem
c32eff5849
chg: [galaxyCluster:capture] Improved cluster catpure
...
- Allow to capture relationships pointing to unknown clusters
- Improved display of relationships
2020-06-08 11:10:59 +02:00
Koen Van Impe
306eda5328
Dashboard widgets
...
- Widget to display system resources (df, cpu, mem)
- Widget to display the latest sightings
- Widget to display the false positive sightings above certain treshold
2020-06-06 16:17:21 +02:00
mokaddem
5c04b9a8c1
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0
2020-05-28 14:06:30 +02:00
mokaddem
51391f8e57
chg: [galaxyCluster] Added drafty version of restSearch
2020-05-26 11:17:58 +02:00
mokaddem
e0d73e099c
fix: [clusterRelations:relations_graph] Support of fallback `MISP`
...
Organisation and improved tooltip layout
2020-05-25 17:01:54 +02:00
mokaddem
9ba5bc186f
chg: [galaxyCluster] Usage of both ID and UUID for relation with drafty working
...
version of import/export
2020-05-25 10:04:07 +02:00
iglocska
f46ec87cc0
chg: [cakephp] bump
...
- updates cakephp to include the UUID generation fix by @RichieB2B to solve the deficiency discovered by @JakubOnderka. You guys rock.
2020-05-23 18:24:43 +02:00
chrisr3d
efadd73a58
fix: [opendata export] Using external_baseurl if set, before baseurl
...
- If external_baseurl is not set, baseurl is used
2020-05-15 14:22:14 +02:00
chrisr3d
f44b22f8d5
fix: [opendata export] Internalization of the error messages
2020-05-15 14:12:59 +02:00
chrisr3d
932e51d4d7
fix: [opendata export] Less confusing variable name for the parameter to only skip exporting the data and keep only the header
2020-05-15 14:08:34 +02:00
chrisr3d
2bf534a882
Merge branch '2.4' of https://github.com/MISP/MISP into opendata
2020-05-15 11:40:20 +02:00
mokaddem
4c0e4984e1
chg: [clusterRelations] Moved relation_tree into its own `tool` and
...
added modal support for galaxyQuickView
2020-05-13 11:01:16 +02:00
mokaddem
77c4eb2795
fix: [ClusterRelationsGraphTool] Inject Orgs and SharingGroup info for
...
referencing nodes
2020-05-12 10:32:18 +02:00
mokaddem
3bc2b2c50a
chg: [clusterRelations:networkGenerator] Moved function in `Lib/Tools`
2020-05-12 10:29:52 +02:00
chrisr3d
18d6e38b4f
chg: [restSearch] Option to skip fetching attributes/events when only the metadata is wanted
...
- As for the opendata export we do not need to get
the attributes or event, and are only interested
in using the metadata, a parameter to skip
fetching the actual data collection has been
added, and we avoid iterating through the entire
data collection.
2020-05-11 12:54:11 +02:00
Jakub Onderka
1e07dfc9ae
chg: [pubsub] Refactored PubSub tool
2020-05-11 08:22:37 +02:00
chrisr3d
b8f47718cc
fix: [opendata export] No longer using the returnFormat field as the dataset resource format
...
- The resource format can be defined with a
'format' field within the resource field in the
setup filter
2020-05-08 14:53:41 +02:00
chrisr3d
8265a95d4c
chg: [opendata export] Checking opendata setup and raising exception in case of error
2020-05-08 14:35:35 +02:00
chrisr3d
fc8ef9aefa
add: [opendata export] Support of the deleting abilities
...
- Deleting a dataset or its resource(s) is now
available from the restSearch side as it already
is with the python script
2020-05-07 21:17:15 +02:00
chrisr3d
b3a94a18f5
add: [restSearch] OpenData export module
2020-05-06 18:15:30 +02:00
iglocska
5ccf914278
fix: [json converter] fixed an issue if an expected key was not found
...
- was only accessible due to another bug, but it's more graceful either way
2020-05-06 09:30:26 +02:00
iglocska
37c5684e79
fix: [export] JSON export used the wrong handler for /objects/restSearch
2020-05-06 09:29:52 +02:00
mokaddem
8525dda7f8
Merge remote-tracking branch 'origin/2.4' into eventTimeline-sightings
2020-04-30 08:38:39 +02:00
iglocska
01b552d7e9
Revert "Merge branch '5835' into 2.4"
...
This reverts commit 48132af179
, reversing
changes made to 9a22aa1f3c
.
2020-04-30 07:09:56 +02:00
kscheetz
631800b80e
Simplification for code complexity reqs.
2020-04-29 09:48:48 -04:00
mokaddem
720aa4a7db
Merge remote-tracking branch 'origin/2.4' into feature/tags-deletion
2020-04-29 09:00:31 +02:00
iglocska
1c3dc3fe51
Merge branch '2.4' into 5272
2020-04-28 15:31:17 +02:00
Cooper Dale
601a0ed4f2
bugfix in Suricata export template
...
PR for reported bug https://github.com/MISP/MISP/issues/5766 based on suggestion @stacsirt, tested on my instance and it is working great
2020-04-27 09:49:09 +02:00
mokaddem
93bd5eddba
chg: [event:timeline] Added Sightings visualisation
2020-04-23 10:08:34 +02:00
iglocska
cf6d82aa3a
fix: [observer datasource] fixed for the QueryTool
2020-04-17 14:14:33 +02:00
mokaddem
dd1be03597
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0
2020-04-09 14:26:48 +02:00
iglocska
9d63e427e6
new: [dashboard] COVID active cases backported from widget collections
2020-04-09 07:59:20 +02:00
iglocska
31662d6e15
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2020-04-06 22:29:38 +02:00
iglocska
75d6a4b829
chg: [cakephp] version bump to get TLS 1.3 support, fixes #5764
...
- #yolo
2020-04-06 22:29:12 +02:00
chrisr3d
8f90f79255
fix: [stix2 export] Avoiding the "end" function to return a notice
...
- It looks like depending on the Php version, the
end function does not like to have the reference
of an array. By delaying its call, we pass the
actual array and the notice no longer appears
2020-04-06 15:14:23 +02:00
iglocska
e898c121b1
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2020-04-06 09:23:30 +02:00
iglocska
78ad3cb368
chg: [dashboard] Added COVID widgets to the default installation from widget-collections
...
- should be interesting enough for all at this point. We might remove it again once COVID-19 is finally gone from our lives
2020-04-06 09:22:37 +02:00
mokaddem
0856bc5c04
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2020-04-06 09:21:56 +02:00
mokaddem
901af2b7b2
chg: [widgets:trendingTags] Added threshold parameter to let user
...
decide the # to show
2020-04-06 09:20:41 +02:00
mokaddem
5f74b9c4e8
fix: [widgets:trendingTags] Removes unused vars. fix #5761
2020-04-06 09:19:15 +02:00
Andras Iklody
ca85806312
Merge pull request #5672 from patriziotufarolo/2.4
...
Fixes STIX2 export failing with "ANTLR runtime and generated code versions disagree: 4.8!=4.7.1"
2020-04-06 05:18:22 +02:00
iglocska
c8a111447c
fix: [suricata] fixed an invalid validation of https hostnames that blocked the attributes from being included in the exports
2020-03-19 09:16:10 +01:00
mokaddem
04dcdebb1f
new: [galaxyCluster] Initial import of Galaxy2.0 codebase - WiP
2020-03-12 10:26:09 +01:00
iglocska
8d02332b31
new: [dashboard] persistence package
...
- export dashboard state
- import dashboard state
- save dashboard state
- make it available to others on the instance on demand
- admins can set a default password for users that don't have anything configured yet
- load another template based on what the community has shared
- added Whoami widget which was an outcome of the ESDC training
- various improvements, new fields for genericElements, etc
2020-03-08 23:36:27 +01:00
iglocska
cd4b6936c8
new: [widgets] Whoami widget added
2020-03-06 10:06:31 +01:00
iglocska
5e56e7dfc7
new: [dashboard] various fixes / improvements
...
- simple list now accepts arrays for values
- fixed margin issues
- fixed empty sync test issues
2020-03-05 10:08:15 +01:00
iglocska
218ea0333c
new: [dashboard] added a way to auto reload widgets
...
- has to be defined in the code of the widget
2020-03-04 14:46:01 +01:00
iglocska
03dc9a8206
fix: [synctool] tests improved
2020-03-02 23:09:47 +01:00
iglocska
44ff66445d
new: [dashboard] Resource widget added
2020-03-02 23:06:31 +01:00
iglocska
7b5374a81d
new: [dashboard] Added server resource module and some fixes
2020-03-02 00:32:26 +01:00
iglocska
376f6fa358
chg: [dashboard] Custom dir added
2020-03-01 23:25:50 +01:00
iglocska
de87ecfaf2
Merge branch '2.4' into feature/dashboard
2020-03-01 23:04:07 +01:00
iglocska
95eb2af765
fix: [API] Json converter fixed
2020-03-01 22:33:49 +01:00
iglocska
0d4df7c98b
new: [Dashboard] system
...
- Dashboard
- modular similar to restSearch
- build your own widgets
- use a set of visualisation options (more coming!)
- full access to internal functions for queries
- auto discover core and 3rd party widgets
- rearrange / configure widgets for each user individually
- rearrange / resize widgets
- settings can be configured by a site-admin on behalf of others
- modules have a self-explain mode to guide users
- caching mechanism for the modules / org
- set homepage / user
- various other fixes
2020-03-01 18:05:21 +01:00
iglocska
4bfcc3211b
new: [API] object level restSearch added
...
still WiP
2020-02-29 08:57:32 +01:00
Patrizio Tufarolo
44fef2903c
Ensure we only have the last line from the shell command when exporting STIX2
...
Same as e3b1e8c74a
but for exporting STIX2
2020-02-27 12:59:12 +01:00
mokaddem
5de5453dbd
Merge branch '2.4' of github.com:MISP/MISP into pr-feature/tags_deletion
2020-02-27 11:19:53 +01:00
Jakub Onderka
cfe18d8c39
chg: [internal] Removed unused function
2020-02-16 14:13:34 +01:00
Jakub Onderka
8717c3f1c5
fix: [pubsub] Do not fetch setting for every push
2020-02-14 15:26:49 +01:00
Tom King
bee49f7028
Merge remote-tracking branch 'upstream/2.4' into feature/tags_deletion
2020-02-13 16:17:03 +00:00
mokaddem
6e66256f7a
Merge branch '2.4' of github.com:MISP/MISP into pr-5210
2020-02-10 11:09:14 +01:00
Jakub Onderka
73b9513a38
chg: [internal] Refactoring malware handling
2020-01-26 18:56:41 +01:00
chrisr3d
ec9328c50c
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2020-01-20 11:45:02 +01:00
chrisr3d
88ea4523b8
fix: [stix 1&2 export] Checking is an error message is returned
2020-01-20 11:43:46 +01:00
Tom King
0a4fbc80c5
Merge branch '2.4' into feature/tags_deletion
2020-01-14 10:03:44 +00:00
mokaddem
8d6946b386
chg: [eventTimeline] Cleaner array append
2019-12-16 09:57:10 +01:00
mokaddem
a1fdea754d
Merge branch 'zoidberg-timeline' into zoidberg-final
2019-12-06 15:40:51 +01:00
iglocska
1c5afa49ed
new: [refactor] Massive internal refactor and cleanup of deprecated APIs
...
- new centralised restSearch function in AppController as entry point via all controllers
- new component handling restSearch related support functions, such as parameter mapping
- hollowed out all deprecated export functions on the event/attribute controller
- replaced with a new functionality that remaps them to restSearch
- all functionality should be maintained with all additional advantages introduced with restsearch
- additional cleanup (some unused functions removed)
2019-11-29 10:11:30 +01:00
Tom King
34c5570692
new: Allow for attribute tag deletion via Event or Attribute edit. Clean and return the attribute tags on response from editing an attribute, update code to remove legacy
2019-11-26 12:27:15 +00:00
iglocska
10bc49ae13
fix: [proxy] Skip_proxy was broken up until now, fixes #5324
...
- was simply ignored, added the hook for it for the sync tool
2019-11-08 10:06:44 +01:00
iglocska
c4f1d4d15e
new: [SightingDB] Added integration with SightingDB
...
- Added configuration tool
- Added lookups from the event view
- Added includeSightingdb flag for the restSearch searches
- Added SightingDB search tool
- Added SightingDB connection test tool
2019-11-06 21:20:04 +01:00
mokaddem
f58770a90a
Merge branch '2.4' of github.com:MISP/MISP into zoidberg-timeline
2019-11-05 13:51:03 +01:00
chrisr3d
b140d6be09
add: [restSearch] Support of stix1 json export
2019-10-15 09:54:48 +02:00
mokaddem
cd68ea018f
fix: [eventGraph] Fixed UI issue with duplicated ID (attributes and
...
objects)
Fix #5181
2019-10-09 16:29:20 +02:00
mokaddem
09646bf913
chg: [eventGraph] Renamed `rotation key` to `pivot key` and do not
...
collaspe when adding/removing edges.
Fix #3683
2019-10-09 15:59:16 +02:00
mokaddem
015ec7d989
Merge branch '2.4' of github.com:MISP/MISP into zoidberg-timeline
2019-10-08 14:12:38 +02:00
garanews
85c28ce36e
Fix some typo
...
Fix some typo
2019-10-04 13:02:59 +02:00
iglocska
c28314076b
fix: [API] massive performance boost for large events with many correlations
...
- the logic of the JSON converter was heavy and unnecesary
2019-10-04 12:26:49 +02:00
chrisr3d
3b3a1e0067
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2019-10-03 10:43:39 +02:00
chrisr3d
f60e66fa00
fix: [stix 1/2 export] Catching potential exceptions and returning it as result in restSearch
2019-10-03 10:39:34 +02:00
mokaddem
b44b369eec
Merge remote-tracking branch 'origin/2.4' into zoidberg-timeline
2019-10-02 14:35:00 +02:00
mokaddem
bb3cf85776
Merge branch '2.4' into zoidberg-timeline
2019-10-02 11:23:04 +02:00
iglocska
c93620c277
chg: [cakephp] updated to latest 2.x commit
2019-09-30 11:03:50 +02:00
iglocska
d92fa3d281
Merge branch 'cacert' into 2.4
2019-09-30 09:48:03 +02:00
chrisr3d
d0b99bebda
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2019-09-26 16:54:09 +02:00
Jakub Onderka
bc8aa0e2b4
new: [internal] Allow to use custom CA
2019-09-26 14:26:58 +02:00
iglocska
1a6ab3bec7
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2019-09-25 20:18:10 +02:00
iglocska
40cf160c53
new: [API] Netfilter added as new export format
2019-09-25 20:17:25 +02:00
chrisr3d
78dc7e7512
fix: [stix 1/2 restSearch] Deleting temporary files in case of an error in the python side
2019-09-25 18:28:37 +02:00
Jakub Onderka
a9f6af9fcb
chg: [user] GPG key fetching by server
2019-09-23 22:09:02 +02:00
Andras Iklody
d10495f789
Relaxed defanging rules, fixes #5203
...
Removed multiple dot implosion for links/urls
2019-09-23 14:26:42 +02:00
chrisr3d
fbb25bad6f
new: [restSearch] restSearch module for ATT&CK Sightings
...
- Returning ATTA&CK Sightings in json format for
events and attributes with mitre-attack-pattern
galaxies attached
- For further details on the ATT&CK Sightings,
please visit https://attack.mitre.org/resources/sightings/
- Also thanks to @johnwunder for the clarification
on the output format
2019-09-12 17:03:35 +02:00
iglocska
58148c0aa3
new: [Internal] Index generator refactor
...
- loads of new features added
- bunch of helpers updated
- mainly a back/forward port from the frozen feed-rework branch with some custom changes
2019-08-28 17:02:43 +02:00
iglocska
f6df9c2767
fix: [API] csv export incorrect handling of include context parameter if it was pushed and set to 0
2019-08-02 16:46:19 +02:00
iglocska
877be26afc
fix: [CSV] headerless flag fixed, fixes #2761
2019-08-02 15:24:27 +02:00
Bechkalo Evgeny
f2e299ba19
fix: error during creating and deleting Attributes on PostgreSQL
2019-07-23 13:46:06 +03:00
Bechkalo Evgeny
672601f7b8
fix: MariaDB error for quoting tablename
2019-07-23 11:58:18 +03:00
Bechkalo Evgeny
76d58e6e53
fix: some PostgreSQL issues
...
Closes : #3066 , #3067
Fixes issues:
- wrong boolean and smallint conversion;
- postgresql table and field naming (field 1_event_id is wrong name for
field for example);
- postgresql grouping (you cannot select columns without grouping them);
- wrong checkbox rendering without keyword.
2019-07-23 11:17:56 +03:00
Richard van den Berg
9da8ed86c5
Fix errors on NIDS export when whitelist is empty
2019-07-17 12:46:43 +02:00
mokaddem
e7f3d0d9df
new: [timeline/*-seen] Initial import of the timeline code from the
...
zoidberg branch
2019-06-13 09:16:34 +02:00
mokaddem
52ae153c0e
Merge branch '2.4' of github.com:MISP/MISP into galaxyMatrixImprovements
2019-06-11 15:56:10 +02:00
mokaddem
11a4bdb959
chg: [restSearch:attack] Only expose attack return format to the `event`
...
scope
2019-06-11 15:50:51 +02:00
Richard van den Berg
22cc03bb23
Match EDNS packets with snort rules
2019-05-17 14:34:18 +02:00
mokaddem
bd1b5f6e97
chg: [export:attack] Performance improvements
2019-05-15 11:06:27 +02:00
Alexandre Dulaunoy
97ab3ddca0
chg: [yara export] fix the correct Python version is used
2019-05-13 21:33:25 +02:00
mokaddem
4fbe857f90
chg: [galaxyMatrix] Added sorting by score. Fix #4608
2019-05-13 15:07:38 +02:00
iglocska
c54839d2eb
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2019-05-10 14:42:25 +02:00
iglocska
5ee6013dff
fix: [API] Some fixes for the restsearch -> attack export
2019-05-10 14:41:50 +02:00
iglocska
e899eb8b9d
new: [ATT&CK] Added new export system for restsearch for ATT&CK
...
- Return the ATT&CK matrix data as HTML via the API
- Directly viewable via the REST client
- Greetings from the ATT&CK workshop @ Eurocontrol
2019-05-10 14:25:38 +02:00
Steve Clement
45e6d740f0
fix: [bug] getPythonVersion undefined, pull in where it is defined.
2019-05-10 07:23:14 +09:00
frpet
38a64e0ba9
rpz: action policy rename (to Local-Data)
...
Rename action policy "walled-garden" to "Local-Data" as per the IETF draft (and other documentation for RPZ)
2019-05-08 15:54:34 +02:00
Andras Iklody
3c6a336774
Merge pull request #4581 from pettai/RPZ-policy-action
...
RPZ - Add additional policy actions
2019-05-07 17:03:27 +02:00
frpet
76fcc6553a
Add additional policy actions
...
Add the last policy actions from the RPZ draft.
* rpz-passthru allows for testing without applying changes on the returned answer.
* TCP-only forces the client over to use TCP.
2019-05-07 16:29:32 +02:00
Steve Clement
fc1f15c4c0
fix: [export] Yara Export variable typo fix. Use getPythonVersion.
2019-05-07 08:37:47 +09:00
mokaddem
93673b4d4c
chg: [distributionNetwork] Filter out organisations not being marked as
...
local. Fix #4568
2019-05-03 15:32:02 +02:00
edhoedt
b9463e513c
Yara export
2019-04-29 19:23:14 +02:00
iglocska
69c6562888
fix: [freetext] Also trim out no-break spaces
...
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
░░░░░░░░███████████████░░░░░░░░░░
░░░░░░███████████████████░░░░░░░░
░░░░░███░░░░░░░░░░░░░░████░░░░░░░
░░░░██░░░░░░░░░░░░░░░░░░░███░░░░░
░░░██░░░░░░░░░░░░░░░░░░░░░███░░░░
░░██░░███████░░░░░░██████░░██░░░░
░██░░██─────██░░░░██────██░░██░░░
░██░░█▄▄▄▄▄▄▄██░░░█▄▄▄▄▄▄██░░██░░
░██░░████─────█░░░████────█░░░██░
░██░░█────────█░░░█───────█░░░██░
██░░░██──────██░░░██─────██░░░░██
██░░░░████████░░░░░███████░░░░░██
█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█
█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█
█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█
█░░░░░███████████████░░░░░░░░░░░█
█░░░████░░░░░░░░░░░░░░░░░░░░░░░░█
█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█
█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█
██░░░░░░░░░░░░░░░░░░░░░░░░░░░░░██
░██░░░░░░░░░░░░░░░░░░░░░░░░░░░░█░
░░███░░░░░░░░░░░░░░░░░░░░░░░░░██░
░░░░██░░░░░░░░░░░░░░░░░░░░░░░██░░
2019-04-26 09:39:10 +02:00
chrisr3d
c527077b1c
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2019-04-12 15:25:22 +02:00
chrisr3d
50c18eebb1
fix: [stix restSearch] Fixed output json format in case of empty results
2019-04-12 14:46:57 +02:00
chrisr3d
2b8f655415
fix: [stix restSearch[ Quick file extension clarification
...
- Depending on the format (.stix or .stix2)
- Impacting temporary files, it is thus for
debugging purpose in case of error
2019-04-12 14:41:54 +02:00
iglocska
8076dbfad1
fix: [refanging] Removed invalid pattern
2019-04-09 15:51:13 +02:00
iglocska
5eecd75e5b
fix: [bug] Typo causing "\" to be stripped from attributes where it shouldn't be stripped
2019-04-09 15:48:29 +02:00
iglocska
a3381b8196
new: [refanging] Attributes automatically refanged in beforeValidate, fixes #4442
2019-04-09 14:53:39 +02:00
iglocska
510b781762
fix: [freetext] Stop parsing dates as phone numbers
2019-03-20 13:10:53 +01:00
iglocska
09ae8a5364
fix: [bro] typo fixed that caused an exception, fixes #4343
2019-03-20 07:02:50 +01:00
iglocska
beed84a335
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2019-03-19 17:23:22 +01:00
Liviu Valsan
4656a5c1fa
Fixing bug when exporting to Bro MISP attributes from events that contain a percentage sign inside the event info
2019-03-19 14:46:16 +01:00
Nikos Filippakis
9d59b10368
Publish events to Kafka
...
Signed-off-by: Nikos Filippakis <nikolaos.filippakis@cern.ch>
2019-03-18 15:53:22 +01:00
Andras Iklody
37e9ebdc39
Merge pull request #4313 from pettai/RPZexport
...
Add $time for Plugin.RPZ_serial
2019-03-15 17:41:34 +02:00
frpet
06b1d74c7a
Add $time for serial
...
Add $time for generating unixtime as serial
2019-03-15 15:28:14 +01:00
mokaddem
b8334521d3
chg: Updated comments
2019-03-15 11:52:37 +01:00
mokaddem
7ce6ef34de
Merge branch '2.4' of github.com:MISP/MISP into extendedDistributionGraph
2019-03-15 10:59:38 +01:00
iglocska
fb26e3495f
chg: [cakephp version] bump
2019-03-14 08:46:10 +01:00
mokaddem
d67af3c4dd
fix: [distributionGraph] Transform associative array into regular array
2019-03-12 10:59:51 +01:00
mokaddem
8a5cce8cb3
chg: [distributionNetwork] Improved consistency in event index and
...
improved UX - WiP
2019-03-12 10:47:16 +01:00
mokaddem
ead0b96e13
chg: [distributionGraphNetwork] Adjusted gravitationalConstant and mass
2019-03-01 14:55:51 +01:00
mokaddem
24d8f197ef
new: [DistributionGraph] Added pie chart on sharing group. fix #4101
2019-03-01 10:56:33 +01:00
mokaddem
ef045e01b3
chg: [distributionGraph] Added support of sharing group - WiP
2019-02-27 15:34:20 +01:00
mokaddem
431529c81c
chg: [attackMatrix] UI: improved color scale - WiP
2019-02-11 17:54:29 +01:00
chrisr3d
4f4fe45633
fix: [stix2 export] Fixed attribute counting on restSearch
2019-02-02 12:09:52 +01:00
iglocska
4dd53eb8e3
fix: [freetext import] Handle cases where a value can be both a hash and a btc address better
2019-01-22 08:58:02 +01:00
iglocska
a9a47fb46c
new: [cache export] Added the includeEventUuid flag to the output
2019-01-17 15:04:01 +01:00
Daniel Roethlisberger
5b4079637a
new: [attributes] Add cdhash attribute, 40+ digit hash, default Payload delivery, ids=1 ( #3965 )
2018-12-19 20:19:49 +01:00
chrisr3d
87190f6510
fix: [restSearch] Using the correct python version to call STIX scripts
...
- Using the correct python defined in virtual env,
if available, and the default global python3
otherwise
2018-12-07 15:31:04 +01:00
Anthony Vaccaro
eab6ca62e3
fix typo in called method name
2018-11-27 10:02:25 +10:00
iglocska
db5d61725a
chg: [bro] Preparation for the move to restsearch
...
- also fixed some edge-case issues
2018-11-24 21:35:50 +01:00
iglocska
86a27e7c31
fix: [CSV] Fixed some defaults for the CSV export
2018-11-23 13:47:06 +01:00
iglocska
a28909d366
new: [freetext] Added BTC recognition, fixes #3864
2018-11-13 12:06:00 +01:00
iglocska
ce3c78cd7d
Merge branch 'sighting_api' into 2.4
2018-10-29 20:20:17 +01:00
iglocska
bbc8a8bf4d
fix: [API] minor fixes to the sightings api
...
- fixed duplicate sighting tags in XML output
- added attribute value to the sighting
2018-10-29 20:18:29 +01:00
Hannah Ward
608ddaa969
fix: aws would error if asked to del non-existing
2018-10-26 11:01:44 +01:00
Sami Mokaddem
ff5f5faf02
new: [sighting/api] xml output format + improved error feedback
2018-10-23 13:06:37 +02:00
Sami Mokaddem
01cba114f2
fix: [sightings/api] now support json output format
2018-10-23 12:17:54 +02:00
Sami Mokaddem
99e5f560a8
new: [sighting/api] trying to follow the new API architecture. JSON
...
export is broken but CSV is working. WIP...
2018-10-23 11:24:03 +02:00
iglocska
1187fb2a27
new: [API] Added CSV as return format for event index
2018-10-21 22:47:22 +02:00
www-data
f9183dee3b
Merge branch '2.4' into py-virtualenv
2018-10-15 17:09:18 +09:00
iglocska
158d0580b3
new: [API] Added a new export that simply hashes all values with a requested hash format
2018-10-09 11:21:35 +02:00
iglocska
40b1a4a271
chg: [CSV] Added timestamp in CSV output with include context on the event level
2018-10-08 21:43:23 +02:00
Steve Clement
e26e4a2e92
Merge branch '2.4' into py-virtualenv
2018-10-08 07:45:04 +08:00
iglocska
abc83000c0
fix: [CSV] boolean fields should be set to 1/0 instead of true/false
2018-10-06 18:59:24 +02:00
chrisr3d
69c4b58638
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-10-05 14:59:33 +02:00
chrisr3d
a42b3ab756
fix: [restSearch] Avoiding useless stix python script calls on empty files
2018-10-05 14:58:39 +02:00
iglocska
77258728ee
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-10-05 14:50:33 +02:00
iglocska
1c8b17416f
chg: [API] made the CSV export type less restrictive by default (to_ids / published ignored by default)
2018-10-05 14:49:12 +02:00
chrisr3d
d65482c297
fix: [restSearch] Ignoring square brackets around STIX2 objects returned by the python script
...
Because they are already provided by the framing script
2018-10-05 10:28:48 +02:00
chrisr3d
09a138fd38
Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests
2018-10-04 23:09:11 +02:00
chrisr3d
445bd0c84c
add: [restSearch] STIX 1 & 2 export for restSearch
...
Features to be merged:
- Export of multiple MISP events
- Fetching events and writing them into files, each
file containing at most a number of attributes
defined by a limit
- Each file is then parsed instead of parsing each
event individualy, which reduces the number of
times the python scripts are called, reducing
the execution time of the overall process
- The result is then returned as on single file
read and displayed
2018-10-04 22:11:30 +02:00
chrisr3d
54b90cf8f5
fix: [restSearch] Changed how data is handled eeeeeeeeeee
...
- Criteria was number of events and is now number
of attributes
- Writing data in a file until the limit number of
attributes is reached, then writing in the next
file and looping again until all data is written
- Then for each file, calling the python script to
parse MISP events and translate them into STIX
- Writing parsed STIX data into 1 file used to
return the result
2018-10-04 11:40:45 +02:00
iglocska
e461029b9d
new: [API] CSV export tool completely reworked
2018-10-03 07:59:46 +02:00
Steve Clement
a699c5fcd4
Merge branch '2.4' into py-virtualenv
2018-10-02 20:55:46 +08:00
chrisr3d
5a87b64c74
Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests
2018-10-02 13:35:21 +02:00
iglocska
58b9a3c50b
fix: [graph] Made the correlation graph aware of the new correlation loading
2018-10-02 07:35:34 +02:00
chrisr3d
d6595e00c6
wip: [restSearch] Passing multiple events to the STIX parsing script
...
- atm calling the python script every 10 events
fetched with fetchEvent
2018-09-30 20:32:38 +02:00
chrisr3d
4ac455d7c4
Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests
2018-09-29 19:20:19 +02:00
Steve Clement
df3d87b5c8
Merge branch '2.4' into py-virtualenv
2018-09-28 15:00:46 +02:00
Steve Clement
05e0c412ef
chg: [fix] Some fixed to the python virtualenv tweaks
2018-09-28 14:58:55 +02:00
Sami Mokaddem
b66eeefffa
fix: [eventGraph] prevents bug if object has no attributes
2018-09-28 12:05:46 +02:00
iglocska
46cb19df2d
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-09-28 09:24:40 +02:00
iglocska
cfe86512a2
fix: [API] Fixed an invalid lookup in the openioc export
2018-09-27 23:02:59 +02:00
chrisr3d
72c0aa9987
fix: [restSearch] Prettifying stix packages with indents
...
- As it is in stix export function from Model/Event.php
2018-09-27 12:03:49 +02:00
chrisr3d
aa69d6ca1a
fix: [cleanup] Fixed indentation in restSearch
2018-09-25 20:33:41 +02:00
chrisr3d
52115cdf85
fix: Added variable to have attribute with no ids flag from fetchEvent
2018-09-25 20:13:20 +02:00
chrisr3d
8a4911d18c
fix: [restSearch] Fixed variables & indent
2018-09-25 12:10:39 +02:00
chrisr3d
933af46dfb
wip: [restSearch] Stix1 export for restSearch
2018-09-24 14:52:33 +02:00
iglocska
cefab3e01c
new: [freetext import] Added detection for AS
2018-09-23 11:43:55 +02:00
iglocska
48c6150257
new: [Complex type tool] Detection of [1] style refanging
2018-09-21 15:08:33 +02:00
iglocska
2e7dfc9273
new: [API] Correctly handle objects in flat exports and exposed text export to event level search
2018-09-14 14:34:01 +02:00
iglocska
51b3ef61dd
new: [API] Added the includeEventTags parameter to the /attributes/restSearch API
...
- appends all event level tags to each attribute
2018-09-09 16:49:59 +02:00
iglocska
f995b561fb
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-09-09 00:25:28 +02:00
iglocska
926e973179
new: [API] Updated the RPZ export to follow the new API patterns
2018-09-08 23:44:38 +02:00
iglocska
bc9524c712
fix: [feeds] Feed caching generates a lot of notices
2018-09-07 13:29:26 +02:00
iglocska
289b13be88
new: [API] set default behaviour to require to_ids and published set to 1 to be included in exports
...
- doesn't affect MISP json and xml formats
2018-09-06 00:20:03 +02:00
iglocska
bcfc1f3a1a
fix: [API] Fixed the broken CSV export
2018-09-05 11:36:31 +02:00
iglocska
57a6460d81
chg: [internal] JSONConverterTool's support for the deprecated showorg flag removed
2018-09-03 17:53:51 +02:00
iglocska
924dfcbec9
new: [API] XML export now exports both event and attribute level data
...
- relying on the old XMLConverterTool for event level conversions
2018-09-03 17:53:03 +02:00
iglocska
9c725ebff1
new: [API] OpenIOC export library correctly handles both events and attributes as their payload
...
- fixed annoying line breaks in the output
2018-09-03 17:50:59 +02:00
iglocska
7c3ddacd1e
new: [API] NIDS exports now correctly support event and attribute level exports
...
- also, suricata/snort rules now include both the event and the attribute tags in the metadata
2018-09-03 17:50:08 +02:00
iglocska
ba5bafd13f
new: [API] JSON export library updated to support both attribute and event level conversions.
...
- relies on the old JSON library for event level conversions
2018-09-03 17:49:03 +02:00
iglocska
5f1edc9bad
Merge branch 'feature/api_rework2' into 2.4
2018-08-31 13:37:41 +02:00
iglocska
a75fa11457
Merge branch 'feature/api_rework2' into 2.4
2018-08-31 13:35:21 +02:00
iglocska
ac86f89c6e
new: [API] Added the libraries for the JSON, XML and Text exports
2018-08-31 13:23:07 +02:00
iglocska
590f0ac1ea
chg: [cleanup] removed leftover converter
2018-08-31 13:18:36 +02:00
iglocska
f3558fb18a
Merge branch 'feature/api_rework' into 2.4
2018-08-31 12:58:44 +02:00
iglocska
a000d86f85
new: [API] Made the NIDS export compatible with the new API
2018-08-30 21:56:00 +02:00
iglocska
7ad08d9553
new: [API] Added the new XML converter
2018-08-30 21:54:47 +02:00
iglocska
80dc30c7bc
new: [api] Added new open IOC export system
2018-08-27 23:55:07 +02:00
iglocska
7b233de4cd
new: [api] first revision of the attribute export
2018-08-27 23:52:39 +02:00
Daniel Roethlisberger
b19e405b32
Fix broken timestamps by using 24 hour clock and ISO 8601 date format
...
The event view shows a wrong "Last change", e.g. "2018/08/23 06:01:45"
for "2018/08/23 18:01:45". The same problem affects the timestamp in
the XML generated by IOCExportTool.php. Fix by correcting the PHP
date() code "h" to "H".
While here, also switch to a clearer ISO 8601 date representation for
"Last change", using dashes instead of slashes for separation of year,
month and day.
2018-08-23 18:39:01 +02:00
iglocska
f675fb8b29
Merge branch '2.4' into feature/api_rework
2018-08-17 14:49:09 +02:00
Hannah Ward
c883a7b6d6
new: Add upload/download for attachments
2018-08-15 14:07:44 +01:00
Hannah Ward
597802501f
new: Add S3 client class
2018-08-15 11:14:03 +01:00
iglocska
006a922e9f
chg: [API] further work on the new CSV export
2018-08-14 23:38:01 +02:00
iglocska
1d5ff2f146
fix: [API] Class name fixed
2018-08-13 21:49:47 +02:00
iglocska
ffa1a77391
new: [API] CSV export tool added
2018-08-12 23:49:01 +02:00
iglocska
32f79d2eab
fix: [cleanup] Fixed an assignment in a comparison
2018-08-05 19:22:07 +02:00
iglocska
a81894f14c
chg: [CS] Changed to PSR-2
...
- to make contributions easier, adopted PSR-2
- used php-cs-fixer to rework the style
- *sniff sniff* Goodbye tab indentation
2018-07-19 11:48:22 +02:00
Andras Iklody
f0964c11f6
Merge pull request #3479 from FloatingGhost/feature-send-logs-to-elasticsearch
...
Feature: send logs to elasticsearch
2018-07-12 12:09:53 +02:00
iglocska
53f974895e
fix: [zmq] Fixed execution of the ZMQ start/stop commands still being python 2
2018-07-12 08:01:41 +02:00
iglocska
90a8e9110b
fix: [freetext] parser was detecting any number as a phone number, fixes #3469
...
- new requirement: must start with + or contain a -
2018-07-11 15:02:30 +02:00
Hannah Ward
a62b23088e
fix: Use spaces entirely
2018-07-10 17:06:56 +01:00
Hannah Ward
09aacabe26
fix: Indentation on ES client
2018-07-10 17:05:42 +01:00
Hannah Ward
a70f8e45d8
new: Add ability to log to elasticsearch
2018-07-10 17:01:57 +01:00
iglocska
898aef2e10
new: [data model] Added support for monero - new type xmr
...
- soft validation
- secondary validation with warnings for malformed addresses
- supporting epic facial hair styles
2018-07-04 10:22:58 +02:00
iglocska
59b17b5af6
new: [sync] Added flag to avoid using the proxy
...
- in some cases you have internal sync between instances in which case going through the proxy is silly
2018-07-02 16:56:50 +02:00
Sami Mokaddem
e3988c73ad
new: [attackMatrix] Also consider attack galaxy at event level in the
...
heatmap
fix: [attackMatrix] Typo in ATT&CK + division by 0 in gradiendTool
2018-06-18 14:51:29 +00:00
Sami Mokaddem
8d145086f0
new: [attackMatrix] statistic about attack tags used in the instance
...
chg: [attackMatrix] moved functions in to model and matrix view into elements
2018-06-18 09:58:20 +00:00
iglocska
6bf2dd91ab
fix: cakephp version bumped to latest 2.x
...
- also gets rid of the stupid mcrypt requirement that breaks compatibility with newer ubuntu versions
2018-05-08 17:48:51 +02:00
iglocska
ea389ef3ce
fix: Edge case with empty objects caused *barf*
2018-05-08 15:02:22 +02:00
Sami Mokaddem
f1cefb3503
fix: [DistributionGraph] include metadata for all distribution level
...
When fetching distribution graph data, returns information about all
distribution level (even not concerned).
2018-05-08 07:19:51 +00:00
Sami Mokaddem
9c5b05a679
fix: Directly take the sharing group name from the event
...
Do not fetch the sharing group name as it is already included in the
event.
+ fixed a css glitch
2018-05-04 12:40:35 +00:00
Sami Mokaddem
d6f02fe1b6
fix: [DistributionGraph] incorrect number in the sg progressbar tooltip
...
Set the correct number of involved sharing instead of the sum of sharing
group in the sg progressbar tooltip
2018-05-04 12:00:55 +00:00
Sami Mokaddem
37f0281d59
fix: [DistributionGraph] sharing group search and uniqueness of results
...
fix a bug where filtering per sharing group was not inlcuding inherit
attributes.
Enforce uniqueness of involved entities.
2018-05-04 09:33:14 +00:00
Sami Mokaddem
507cd0ee85
chg: Trying not to break the MVC pattern
...
Server model is not passed to the constructor anymore, as well as the
Organisation model.
2018-05-04 06:27:54 +00:00
Sami Mokaddem
6d476814b0
Merge remote-tracking branch 'upstream/2.4' into distributionGraphDonut
2018-05-03 13:52:40 +00:00
Sami Mokaddem
3db21f0396
chg: [distributionGraph] support of the sharing group event distribution
...
chg: [distributionGraph] code cleanup
2018-05-03 12:55:00 +00:00
Sami Mokaddem
73e432f16d
chg: sanitization of data for distribution graph
2018-05-03 08:42:53 +00:00
Sami Mokaddem
668488b8c9
chg: add additional distribution info about to whom we are sharing even
...
if we don't have element on this distribution level
2018-05-03 08:27:34 +00:00
Sami Mokaddem
f4e4c7b335
chg: moved sharing group outside of the distribution progressbar (as it is a special case), distribution range is displayed when clicking on the pb labels and lots of minor improvements.
2018-05-02 13:37:48 +00:00
iglocska
8cc1d86068
fix: Allow filename as an alternative for parsed domains/hostnames
2018-04-25 15:41:58 +02:00
Sami Mokaddem
7a94612161
new: Possibility to view connected communities and concerned sharing groups in distribution graph's tooltip
2018-04-25 09:48:03 +00:00
Sami Mokaddem
0c593728de
removed useless codes
2018-04-24 10:13:28 +00:00
Sami Mokaddem
f9414871b8
Initial version of the distribution graph
2018-04-23 12:51:15 +00:00
Andras Iklody
607d203c04
Merge pull request #3170 from mokaddem/ref_graph
...
Extended event support and tag filtergin in the event graph
2018-04-20 13:40:48 +02:00
Sami Mokaddem
7ee1717628
Added confirmation box to draw the network based on a threshold
2018-04-20 11:20:52 +00:00
Sami Mokaddem
677f466c4e
perf: unset filtered data instead of adding them to a new array (thus,
...
reducing memory consumption by a factor of 2)
2018-04-20 09:10:51 +00:00
Sami Mokaddem
ee1e39360e
Being consistent with indentation + removed useless comment.
2018-04-20 08:46:11 +00:00
Sami Mokaddem
2ca3515f10
Feature: Possibility to filter on tags
2018-04-20 08:35:38 +00:00
iglocska
8c2dd6d00a
fix: Fix to the invalid refanging (Third time's the charm)
2018-04-18 11:25:58 +02:00