f20478587f
Merge: First mactime commit
2018-10-07 18:49:36 +01:00
92eb8a91ad
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-10-04 22:27:28 +02:00
be5b684893
new: [api] CSV export using thin overlay over restsearch
2018-10-04 22:23:32 +02:00
f40f802862
new: [API] events/restSearch reworked, added CSV export
2018-10-03 08:00:35 +02:00
f1c59bb634
Trim spaces from source_id in merge form
2018-10-02 10:44:22 +02:00
0544bb934b
new: [API] Improvements to the fetcher
...
- cache several objects that were loaded over and over before on bulk exports
- includeGranularCorrelations internal flag added to include/exclude correlations from the export for certain types
- some cleanup
2018-10-02 07:34:02 +02:00
f18f8b579a
new: [API] events/restsearch rework - chunked export for performance gains
2018-09-29 23:43:52 +02:00
7624149224
fix: [cleanup] Some cleanup and fixes to invalid exception invocations
2018-09-28 15:48:00 +02:00
e9807aa5bc
fix: [API] handle to_ids better in the restSearch APIs
...
- invalid default settings for text/suricata exports on the event scope fixed
- 'exclude' re-introduced as a valid value
2018-09-28 15:42:25 +02:00
126ee9eaf8
fix: [Event] Prevents bug if object has no attributes
...
While using the event quick filter, prevents accessing a non existing index
if the object has no attributes.
2018-09-27 16:34:16 +02:00
9d83c840ec
new: [freetext] Freetext ingestion is now delegated to the background processing
...
- no setup needed
- data to be ingested dropped to file, background worker ingests and processes the file
2018-09-23 17:44:23 +02:00
072f85fe66
fix: [enrichment] Made the payload of the API enriching an event with a list of modules a bit more lax
2018-09-23 15:21:13 +02:00
9ecfe5c40d
Merge branch '2.4' of github.com:MISP/MISP into stix2
2018-09-21 13:51:26 +02:00
d43570932a
fix: [API] malware samples not encoded with withAttachments=1 on the event level restSearch
2018-09-19 07:25:37 +02:00
417f2452ae
fix: [API] CSV export snafu fixed
...
- perhaps not ignoring the filter parameters and getting the full dataset visible to the current user is a helpful idea
2018-09-17 19:13:50 +02:00
2e7dfc9273
new: [API] Correctly handle objects in flat exports and exposed text export to event level search
2018-09-14 14:34:01 +02:00
55fe130385
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-09-09 15:39:32 +02:00
f995b561fb
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-09-09 00:25:28 +02:00
1b4e566937
new: [API] Tied the RPZ export into the restsearch APIs
...
- also, made the export modules aware of the exhaustive parameter list
2018-09-08 23:45:08 +02:00
b12c8549c8
fix: [API] downloading events in XML format via the UI returns JSON
2018-09-07 18:44:35 +02:00
685c5c6b8c
fix: [API] Quick fix on a dict key to fetch the name of the stix file imported
2018-09-06 14:35:38 +02:00
e7c43cd372
Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch
2018-09-06 13:55:03 +02:00
71d1b9075a
new: [API] Added possibility to include the original file while importing STIX data
2018-09-06 13:37:29 +02:00
289b13be88
new: [API] set default behaviour to require to_ids and published set to 1 to be included in exports
...
- doesn't affect MISP json and xml formats
2018-09-06 00:20:03 +02:00
daaa5a1f1f
new: [automation description] Added legacy mode toggle
2018-09-05 17:56:27 +02:00
7e5be5f37b
fix: [API] using "download" as a returnformat via the URL breaks the restSearch API
...
- we have to keep it as a legacy option and map it to json
2018-09-05 14:27:34 +02:00
bcfc1f3a1a
fix: [API] Fixed the broken CSV export
2018-09-05 11:36:31 +02:00
6e2f18a891
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-09-05 09:21:35 +02:00
c0525eaf4d
Merge branch '2.4' of github.com:MISP/MISP into stix2
2018-09-04 17:26:04 +02:00
65f0b2bb6f
fix: create temp folder if it doesn't exist in EventsController::export()
2018-09-03 18:06:23 +02:00
a8fae82020
new: [API] evnet level restsearch switched to new modular conversion system
2018-09-03 17:56:13 +02:00
d9370efcb9
Merge branch '2.4' of github.com:MISP/MISP into stix2
2018-09-03 15:19:56 +02:00
cb9e094148
Merge branch '2.4' of github.com:MISP/MISP into stix2
2018-08-28 09:40:12 +02:00
864c0c767a
fix: [internal] Block attributes by tag using the event level restsearch API
2018-08-21 13:15:00 +02:00
b407aba746
fix: [CS] Updated recent changes
2018-08-20 10:50:09 +02:00
006a922e9f
chg: [API] further work on the new CSV export
2018-08-14 23:38:01 +02:00
6f373e5d8b
Update EventsController.php
...
Just a ) missing.
2018-08-13 09:10:57 +02:00
11faddc07a
Merge branch '2.4' of github.com:MISP/MISP into stix2
2018-08-12 19:22:17 +02:00
4765d22b7d
new: [API] WIP work in progress - moving CSV export to standardised converter format
2018-08-11 16:38:49 +02:00
0694263e15
Merge branch '2.4' into feature/api_rework
2018-08-09 16:51:20 +02:00
4c604636d4
fix: [API] allow other returnFormats besides download to work for restsearch
2018-08-09 16:26:12 +02:00
e2a268aea7
new: [API] further rework of the restsearch api
...
- move to the new popping filter system
2018-08-09 15:11:57 +02:00
b6c757e4aa
new: [API] rework of the event level restSearch (WIP)
2018-08-09 07:46:52 +02:00
23a2611202
fix: [API] Some API rearrange issues fixed in events/add
2018-08-08 11:27:49 +02:00
5215ee1c5a
chg: [api] reworked the CSV api to use the new standardised function calls
2018-08-06 10:49:45 +02:00
76ede22308
new: [refactor] CSV api refactor
...
- performance gains
- first step in unifying all APIs
- moved the CSV data lookup into fetchattributes
- internal pagination is now more clever with a watchdog flag that can prevent unneeded executions by whatever calls fetchattributes
2018-08-05 19:10:52 +02:00
0ed3f0617c
Merge branch '2.4' of github.com:MISP/MISP into stix2
2018-08-03 13:51:33 +02:00
afbb83a827
fix: [import modules] Avoiding issues with userConfig when module is csvimport
...
- If users tick the checkbox to specify there is a
header in the csv file to import, there should
not be an error with empty userConfig header
2018-08-03 13:32:51 +02:00
d85131f538
fix: [stix2 export] Fixed syntax in stix2 function
2018-07-30 23:52:41 +02:00
ce6c8752c0
Merge branch '2.4' of github.com:MISP/MISP into stix2
2018-07-30 15:09:43 +02:00
Steve Clement
8402df48f3
chg: [except] Closed the brackets correctly on the throw except
2018-07-28 09:34:51 +02:00
959628a4f8
chg: [csv] added the object_relation field to the CSV export
2018-07-27 14:06:38 +02:00
5dc761ea7b
chg: [stix2 export] Using the RestResponse view call instead of having view files
2018-07-26 12:10:57 +02:00
53ccf51e71
chg: [stix2 export] Multiple events export prepared in Controller & Model side
...
- Changes on automation side coming soon
2018-07-20 23:59:51 +02:00
a81894f14c
chg: [CS] Changed to PSR-2
...
- to make contributions easier, adopted PSR-2
- used php-cs-fixer to rework the style
- *sniff sniff* Goodbye tab indentation
2018-07-19 11:48:22 +02:00
Steve Clement
c607729e18
chg: [i18n] More __();
2018-07-12 23:36:47 +02:00
ad15ffa7ce
Merge pull request #3460 from kalyparker/fix-export-events-csv
...
fix: export events csv with CR (fix #3458 )
2018-07-10 09:28:22 +02:00
34f15268d2
fix: export events csv with CR ( fix #3458 )
...
Export using automation functionnality for ids does not clean the special char like CRLF.
When there is a carriage return in the event info, the csv is broken.
2018-07-09 08:58:12 -07:00
eb1b8bcba5
chg: [attackMatrix] support of quick tagging from the attackMatrix at
...
event view level
2018-07-09 09:55:17 +00:00
8d567782d9
chg: [cleanup] Removed the deprecated GFI sandbox import
...
- Burn the heretic. Kill the mutant. Purge the unclean.
2018-07-06 10:57:44 +02:00
5ba322076b
chg: [refactor] Fixed an issue where too many events would cause a query too large for mysql to handle when querying /events/index via the API, fixes #3444
2018-07-05 18:52:25 +02:00
73c18f8833
new: [API] Updated the timestmap handling in the restSearch APIs to use the new smart-system
2018-07-04 15:53:01 +02:00
c3158b50ba
new: [edit strategy API] To support a smoother integration with the Hive, new API that describes what the edit strategy is for an event
...
- GET on /events/getEditStrategy/[id]
- where id can be either a local ID or a UUID
- returns a JSON dictionary with the following fields:
- strategy: edit | extend (edit if it's an own event, extend otherwise)
- extensions: list of dictionaries with existing extensions created by the user's org (containing the id, uuid, info fields)
- The algorithms implementing this should prioritise as such:
1. Check if user can edit the event (strategy == edit) - if yes, edit
2. If no, check if extensions exist - if yes, edit one of those
3. If no, create a new extension to the original event
2018-07-02 17:29:53 +02:00
4bff6092e5
fix: Correlation popup format
2018-06-23 23:59:34 +02:00
c721142f9b
fix: [sync] pull not working due to invalid lookup against galaxies
2018-06-20 17:03:31 +02:00
505cccdbaf
fix: [error messages] made some of the error messages a bit more uniform
2018-06-20 15:12:23 +02:00
e3988c73ad
new: [attackMatrix] Also consider attack galaxy at event level in the
...
heatmap
fix: [attackMatrix] Typo in ATT&CK + division by 0 in gradiendTool
2018-06-18 14:51:29 +00:00
3a27009775
Merge remote-tracking branch 'upstream/2.4' into attack
2018-06-18 12:18:31 +00:00
929946f055
new: [attackMatrix] added instance UUID in rest response
2018-06-18 12:04:38 +00:00
8d145086f0
new: [attackMatrix] statistic about attack tags used in the instance
...
chg: [attackMatrix] moved functions in to model and matrix view into elements
2018-06-18 09:58:20 +00:00
bc156ab13a
new: [AttackMatrix] added Mobile/Pre-Attack Matrix support, UI
...
improvements and code refacto
2018-06-15 09:19:53 +00:00
3e5e432436
fix: Fixed permission check for adding tags to an event
2018-06-12 17:01:54 +02:00
95e694f054
fix: [AttackMatrix] picking Att&ck tactic correctly redirect on the
...
matrix
2018-06-12 14:25:43 +00:00
6c8bdeaff6
chg: [attackMatrix] Restrict view to be ajax only
2018-06-12 13:16:23 +00:00
5f36725ede
new: [attackMatrix] Ability to attach Mitre att&ck galaxy from the
...
matrix
2018-06-12 12:39:48 +00:00
6890b734cc
new: [UI/UX] Event lock initial version
...
- Show if another user is editing the event you're viewing (same org only)
2018-06-12 09:40:23 +02:00
34c69d00e2
fix: [eventView] Hide galaxy tags after search
2018-06-11 14:05:45 +00:00
5d8c2ccf5e
new: [attackMatrix] legend scale of the heatmap with dynamic updates
2018-06-11 10:24:55 +00:00
4fdf7f6340
new: [attackMatrix] force kill chaine header order
2018-06-08 14:28:42 +00:00
775001f2cc
new: [attackMatrix] addition of heatmap on tiles depending on occurence
...
of the tag
2018-06-08 14:16:40 +00:00
cd0d75a4c6
new: Initial skeleton of Mitre attack matrix
2018-06-07 14:43:04 +00:00
00ec493414
chg: [UI Filtering] Do not set searchFor in the URL if no value.
...
After a discussion with iglocksa, it is better to fix it js side than
server side.
2018-05-22 14:16:27 +00:00
4d39d3296a
fix: [UI filtering] be sure that '0' is not interpreted as empty.
2018-05-22 13:49:03 +00:00
5780d0c5d8
fix: [UI filtering] Attribute quick filter broke all the tabbed filters, fixes #3247
2018-05-22 11:29:17 +02:00
68b8266584
new: New flash message system, fixes #3252
...
- 3 types of flash messages (success, error, warning)
- uses bootstrap's own classes/structure
2018-05-16 19:32:38 +02:00
645d996c14
new: Remove galaxy cluster information from the sync mechanism for now
...
- currently galaxy clusters aren't shared anyway, no point in blowing up the data size / processing time
2018-05-15 07:44:37 +02:00
962461890c
new: Added attribute level galaxy clusters
2018-05-14 23:20:09 +02:00
fefe92bde8
new: [Export] Added a secondary CSV export that includes more context to the UI download tool
2018-05-09 14:10:23 +02:00
680311f68f
chg: [Controllers] sets the ajax variable globally
...
As well as removing useless set in controllers and accessing it instead
of passing through the request.
2018-05-07 14:44:59 +00:00
a3d6fb3497
chg: [EventController] replaced if/else by ternary condition
2018-05-04 06:32:59 +00:00
507cd0ee85
chg: Trying not to break the MVC pattern
...
Server model is not passed to the constructor anymore, as well as the
Organisation model.
2018-05-04 06:27:54 +00:00
6d476814b0
Merge remote-tracking branch 'upstream/2.4' into distributionGraphDonut
2018-05-03 13:52:40 +00:00
f4e4c7b335
chg: moved sharing group outside of the distribution progressbar (as it is a special case), distribution range is displayed when clicking on the pb labels and lots of minor improvements.
2018-05-02 13:37:48 +00:00
5795b1974a
new: Added warning about missing warninglists used for TLD resolution in the freetext import tool
...
- following the twitter feedback
2018-04-26 18:57:00 +02:00
7a94612161
new: Possibility to view connected communities and concerned sharing groups in distribution graph's tooltip
2018-04-25 09:48:03 +00:00
56b37d08fc
Merge remote-tracking branch 'upstream/2.4' into distributionGraph
2018-04-25 07:08:54 +00:00
df80f702d0
Merge branch 'correlation_integration' into 2.4
2018-04-24 17:10:16 +02:00
2af8bfec4e
new: Added event enrichment functionality
...
- select and run a set of enrichments on all applicable attributes of the event
- exposed to the API
- exposed to the command line tool
- adheres to attribute distributions
2018-04-24 16:41:09 +02:00
828426b0c9
fix: support of filtering for distribution=0 (empty(0) is true ini
...
php). Also, only consider attr and obj_attr (ignoring object as they
only carry meta-data)
2018-04-23 14:33:32 +00:00
02b4f32c4f
Possibility to filter valueInFieldAttribute with multiple value.
...
distribution graph support inherit distribution level
2018-04-23 14:14:06 +00:00
bdcecfb1e6
Allow filtering attributes based on specific columns (previsouly not
...
accessible) like distribution.
Partial support of onClick for distribution graph.
2018-04-23 13:54:36 +00:00
72ca4260be
Merge remote-tracking branch 'upstream/2.4' into distributionGraph
2018-04-23 12:52:12 +00:00
f9414871b8
Initial version of the distribution graph
2018-04-23 12:51:15 +00:00
110cff08d8
fix: Fixed empty event tags on the event index api
2018-04-23 11:48:39 +02:00
43e8529b9d
Correlation graph in event view
2018-04-20 12:38:14 +00:00
607d203c04
Merge pull request #3170 from mokaddem/ref_graph
...
Extended event support and tag filtergin in the event graph
2018-04-20 13:40:48 +02:00
2ca3515f10
Feature: Possibility to filter on tags
2018-04-20 08:35:38 +00:00
279a6459ff
new: Preview the extended event ID / UUID
...
- Also, cleanup of the nasty event tag code
2018-04-19 13:56:50 +02:00
3c438243f4
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-04-17 13:45:04 +02:00
9b2e212b3d
new: Added getEventInfoById API
2018-04-17 13:43:47 +02:00
368aa2f128
feature: Added support of extended event in event graph
2018-04-16 12:02:43 +00:00
e14df3d066
Merge branch '2.4' of https://github.com/MISP/MISP into ref_graph
2018-04-16 11:15:06 +00:00
1ec6412709
fix: Removed the validity check for the event UUID in the extended UUID field
2018-04-16 10:48:16 +02:00
c34067b8a7
fix: If no extension uuid is added to an event the editing via the UI would fail
2018-04-16 10:19:18 +02:00
6e06642f6a
chg: Added the command line functions to the automation page's parameters via the controller
2018-04-16 07:56:39 +02:00
72f261a9b1
fix: Potentially fix an issue if no extended UUID is passed on edit
2018-04-11 16:44:59 +02:00
caf53e0c7f
new: Extended event first iteration added
...
- when adding/editing an event, add another event's UUID as an extended event UUID to extend the targeted event with the current
- extender events can be viewed in the merged event view
2018-04-10 18:43:09 +02:00
4f96fb50a1
Moved event graph into its own view file
2018-04-09 15:41:13 +00:00
6ee5419297
feature: Draft of generic graphing from any key
2018-04-09 09:12:26 +00:00
1cf495c201
fix: Fixed missing reason for failure if the freetext import had a single attribute fail during the saving process, fixes #3141
2018-04-07 23:57:23 +02:00
f3b2741843
feature: Support of Tags in the event graph
2018-04-06 14:44:40 +00:00
921224ed40
Merge branch 'quick-fix-metacategory-graph' into ref_graph
2018-04-06 07:50:27 +00:00
3933baf9c9
Compute graph serverside
2018-04-04 13:12:16 +00:00
ed70624354
new: Added event/attribute add/edit to the restresponse describe functionality
2018-04-02 21:53:08 +02:00
5e83caf8fb
Added retreiving of object templates in order to let the user choose the field we want to see in the event graph
2018-03-29 16:05:19 +00:00
74937ea934
fix: Fixed the contactination issue from before
2018-03-28 11:41:27 +02:00
9a692346a3
fix: Fixed a crappy event concatination bug for restsearch
2018-03-28 11:35:31 +02:00
6ae842a0a4
Update EventsController.php
2018-03-27 15:40:34 +02:00
6e7def472b
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-03-26 17:02:43 +02:00
d97e42296f
new: Add event last modified to the event view
2018-03-26 17:02:03 +02:00
606b18562b
Pass attribute uuid to enrichment modules
2018-03-26 09:56:37 +08:00
65385eb323
new: Added STIX 2.x import to the GUI
2018-03-23 14:37:43 +01:00
5df34ea17d
fix: Handle edge case scenarios where orphaned correlations would throw notices in the event view
2018-03-23 11:07:18 +01:00
Alexandre Dulaunoy
f0d95887a4
Merge pull request #3063 from mokaddem/ref_graph
...
Event graph viewer editor
2018-03-23 09:08:20 +01:00
6a0abcce22
Renamed script again
2018-03-22 16:56:43 +00:00
c78fca0ede
Added possibility to edit references on the fly + edit objects on their dedicated webpage
2018-03-22 15:53:53 +00:00
66c5594fb7
fix: Fixed error message if an attribute fails validation via the freetext import tool, fixes #3052
2018-03-19 23:32:18 +01:00
a3a6a77611
Initial references graphs commit
2018-03-19 08:44:25 +00:00
6e1528db1a
fix: added uuid to organisations in the event index
...
- also unset empty sharing groups from the output
2018-03-08 12:07:30 +01:00
a38bccec77
new: Allow the searching of organisations by uuid on the event index (via the API)
2018-03-08 11:43:25 +01:00
22e6fb57a8
fix: Reworked the way tags are attached to events on the index
...
- solves issues with the preview when an instance has an extremely high number of events
2018-02-28 17:09:55 +01:00
714067c621
fix: Handle the no modules enabled error more gracefully
2018-02-27 10:29:41 +01:00
3556df7658
fix: Nicer error message when trying to add a tag to an event that doesn't exist
2018-02-26 17:52:24 +01:00
032844321c
fix: Misleading failure message when failing to create Attributes partially fixes #2955
2018-02-25 23:20:37 +01:00
10bd1f69c4
new: Allow requesting of misp standard format for the export modules
...
- just set the `require_standard_format` to true in the moduleinfo disctionary
2018-02-21 11:42:30 +01:00
297fe776fc
Merge pull request #2934 from cvandeplas/fix/modules-api
...
fix - allows upload of files using the misp-modules API
2018-02-18 10:07:21 +01:00
c247cfb77d
don't exlude attributes with non-exportable tag
...
exclude filter on attributes when tag is non-exportable
2018-02-15 17:17:50 +01:00
637a500c1e
fix - allows upload of files using the misp-modules API
...
See also #2719
2018-02-14 13:40:04 +01:00
9af6130d43
new: Added STIX import directly to the UI
2018-02-09 11:30:28 +01:00
23937eebb9
fix: Fixes to several cases of handling blocked access incorrectly / non-gracefully
...
- As reported by Christophe Vandeplas
- stix export: Ungraceful handling of attempted access of unauthorised event (no unauthorised data returned)
- import module: Allows creation of proposals to unauthorised events (no unauthorised data returned, proposals are for new attributes only meaning no automatic override triggered)
- saveFreetext: same as import module
2018-02-06 16:37:37 +01:00
010557b042
new: Added returnMetaAttributes flag to the /events/freeTextImport API
...
- directly returns the raw parsing data instead of creating the attributes if set
- 177 days, 23 hours 40 minutes faster implementation than expected by @ilmoka - #PMD
2018-02-02 15:33:07 +01:00
a7f3bb7f76
fix: Load orgc data after attributes are loaded in search csv export
...
- functionality still needs further fixes, WIP
2018-01-25 07:45:38 +01:00
00f711a86c
fix: Fixes the object issues pointed out in #2543
...
- Shoutout to the debug hero finding them: @StefanKelm
2018-01-19 16:25:39 +01:00
7f29a9a74b
fix: Fixed a set of issues with sharing groups that lead to synced events not saving/updating
2018-01-18 23:34:04 +01:00
3430383583
fix: Add timestamp to the CSV api
2018-01-18 15:59:13 +01:00
b18b64e833
new: Filter the event index on sharing group IDs, fixes #2845
2018-01-18 08:38:23 +01:00
23adc990b9
new: Automatic cateory switching based on currently selected types for the freetext import/module triage screen
2018-01-17 10:15:23 +01:00
a7aa2358b2
fix: Remove the option for disabling sightings - it's an integral feature of the MISP core. Fixes #2820
2018-01-16 12:50:01 +01:00
4e0fe770a7
fix: Removed debug
2018-01-15 11:11:58 +01:00
637e2dda2d
fix: Clarify scope for filter options in quick search
2018-01-15 10:59:44 +01:00
a2205fba31
new: Limit modules to a single organisation
...
- new settings in serverSettings
2018-01-13 12:22:14 +01:00
fee672dd76
fix: quickfilter should include attribute level tags too
2018-01-10 09:57:37 +01:00
7b8da4979b
fix: Pagination on event attributes didn't load the feed correlations
2018-01-09 14:00:50 +01:00
d94c379f37
Merge pull request #2719 from cvandeplas/2.4
...
basic support for misp-modules via API
2017-12-19 20:07:26 +01:00
Alexandre Dulaunoy
710fe0ba7c
fix: STIX2 export is no more experimental and can be safely used
2017-12-19 12:18:19 +01:00
92b441f37a
fix: Fixed an issue where url parameters for restsearch didn't block attributes
...
- url parameters are bad
- shame
- SHAME
2017-12-13 19:22:27 +01:00
c16246598d
new: Add tag restrictions for a single user
2017-12-08 16:31:00 +01:00
7eed575c51
basic support for misp-modules via API
...
- mini cleanup of FileAccessTool that's not needed
- basic support for misp-modules via API (malware-samples not supported yet)
2017-12-07 18:52:31 +01:00
cda57ec92d
fixes issue #2698 - malware-sample fails with import modules
2017-12-07 16:04:38 +01:00
9e32f72f6c
fix: Removed the requirement for a comment from the import modules
...
- if the comment field is set don't override it
2017-12-06 08:49:48 +01:00
9ad39fedee
fix: removed unused variable
2017-12-06 00:21:48 +01:00
8323071b7e
fix: Moved attribute_tags in the CSV export to the includeContext flag instead of the toggle-able attributes
2017-12-05 10:22:26 +01:00
6d0550812d
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2017-12-05 09:24:30 +01:00
3e112be322
new: Various improvements to the CSV export
...
- The @FloatingCode and @ilmoka care package
- Improved CSV performance for instances with large number of events
- Added "value" filter for CSV (use-case: I want all indicators for this value with context)
- Added attribute tags to the output of the CSV export
2017-12-05 09:21:31 +01:00
8bb1fd678e
Merge branch '2.4' of github.com:MISP/MISP into feature/tag_filter_rework
2017-12-05 00:09:37 +01:00
4f6dba5f35
new: various improvements
...
- use the feed uuid caches to link directly to affected MISP events
- various UI improvements
- Feed preview pagination / POSTed event ID filters added
2017-12-05 00:05:11 +01:00
05a89f5e87
Merge branch '2.4' into feature/tag_filter_rework
2017-11-30 22:28:35 +01:00
e760ba7b6a
new: Add the possibility to limit fields for the CSV export via POST requests
2017-11-30 19:12:14 +01:00
3b893d3b69
fix: Fixes to various issues with adding proposals via the freetext import tool
...
- no feedback on whether the resulting dataset will be stored as attributes/proposals
- unpublishing of the event when proposals get entered
- alerting the event creator of new proposals if coming from the freetext import tool
2017-11-29 07:59:09 +01:00
678eecf224
new: Add attribute tag filters to the fetchEvents() functionality
...
- tag filters now filter on:
- all events cotaining matching tags on event + attribute level (positive lookup)
- all events not containing matching tags (negative lookup)
- filter attributes within a matched event for blocked attributes (negative lookup)
- moved tag filtering to subquery filtering - should improve performance massively on larger instances when filtering on tags
- first round of implementations, more on the way
2017-11-19 21:21:32 +01:00
d09edd434c
fix: Fixes an issue where assigning sharing groups based on existing IDs didn't work for event creation via the API
...
- expected full sharing groups as provided by the sync, references didn't work
2017-11-17 13:31:55 +01:00
27e3faeba5
fix: Fixed silly lookup with injected event IDs on the export page for normal users
...
- broke instances with a few hundred k events
2017-11-13 16:32:28 +01:00
97b0edcbfd
chg: pass event_id to import modules, fixes #2612
...
As described by @Vince147
2017-11-03 08:43:16 +01:00
08d71413cb
fix: Fixed default distribution for upload_sample(), fixes #2608
2017-11-02 07:52:55 +01:00
7f5c03f007
fix: Convert - to _ in csv headers
...
- to match the previous output
2017-10-28 19:10:34 +02:00
c02f91722f
fix: Add the object fields by default to the CSV export
2017-10-27 17:53:37 +02:00
6cd0a29f02
fix: Fixed the CSV field name for date
2017-10-27 16:38:39 +02:00
35ad0f2f57
fix: Fixed an issue with the CVE export if no field parameters were passed
2017-10-27 16:14:37 +02:00
96635dca78
the last useless coma
2017-10-27 11:16:42 +02:00
5ac042da67
harmonizes arrays initializations
2017-10-27 11:04:57 +02:00
9e93b61838
Enables the user to select the attributes to be included in the CSV export (event and object attributes).
2017-10-27 11:00:32 +02:00
b5972fb6e7
Speed up tag searches, fixes #2407
2017-10-20 14:22:22 +02:00
7372831614
fix: Fixed a bug with the restSearch API
2017-10-13 16:56:13 +02:00
0efa2bef1a
new: Rework of the feed correlation lookups for the event view
...
- massive performance boost by using redis pipelining
- for events with 10k+ attributes, show truncated feed correlation lookups, informing the user about the number of correlating attributes and a boolean flag on attributes saying that they correlate
- The overall feed correlation counter also allows users to pivot to a view that loads all correlations, though it should be used with some caution as it can be somewhat heavy
2017-10-11 11:12:34 +02:00
483c8704ac
new: Added first experimental STIX 2 export implementation
...
- kudos to @chrisr3d for digging into the deepest bowels of the scary beast that is STIX2
- PoC, definitely needs further improvements/mapping. Let us know about issues you find!
2017-10-08 20:29:50 +02:00
fa7d3fdb36
new: First round of updates to the correlation engine ready
...
- node deletion temporarily disabled until a bug is resolved
2017-10-08 19:50:28 +02:00
f5bcd37944
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2017-10-08 15:32:57 +02:00
a399ef1186
new: Further work on the graphing engine
2017-10-07 16:18:39 +02:00
5290214c9b
new: First iteration of the graphing engine rework
2017-10-06 10:05:00 +02:00
cd9fe1883e
fix: Some cleanup of the attribute filtering
2017-10-05 11:59:59 +02:00
66a43f5511
Add an imput for search on all attributes in an event.
...
field to search can be modify in administration page.
2017-10-04 19:07:58 +02:00
09dd5b12c0
fix: Fix some restsearch filters fetching the same event more than once
2017-09-29 16:37:24 +02:00
6a12f122db
fix: Corrected filename for array of events
2017-09-29 16:10:38 +02:00
b658c20b75
fix: Flatten events for the correlation graph
2017-09-26 10:18:04 +02:00
9e71fbb5f7
fix: flatten the events for the restSearch API's lookup functions
...
- otherwise valid events that only contain objects get blocked
2017-09-25 14:00:17 +02:00
3f76fd6ea7
new: Rework of the attachment uploader
...
- add attachments and upload_sample now share code
- allow the same features via upload_sample (object creation / use of advanced add attachments)
- new flag: advanced
- example:
POST to mymisp/events/upload_sample
BODY:
{"request":{"files": [{"filename": "bla.exe", "data": "U3RhckNyYWZ0IElJIGZvcmV2ZXI="}], "distribution": 1, "advanced":1, "info":"bla"}}
- this commit was brought to you by CEF and
MMMH$= - ., ,,. %H++ ,= %%$$$$X+ ;=== .= :+HHHMMMHMMM####MMH@@@@@@HHH$= HHH@HHHHH+XXX$$$$$$$$XXXXXXX+
MMH = -. . ,-,,-,. :H@H =;;++$HH+XX$%+X%+$++=:=.XH@@@HMMMMMMMMH@@@@@@@HHX$ ,X@@@@@@@HHHHHHHHHHXXXXXXXXXXXXXX
. ---, - ,,, +@ .. ;++$HH+HHH++$+++HH+++, .+%HHMHHHHHHHHH+%%%++++$+ +++HHHHHHH+++++++++HHHHHHHHHHHHHH
- -- ,,, --,. - , ,; +$XHH@@@@HHH@@@HHHH+$+$X+HH+$$+ ; ;= . % + ,+$X+++XXXXXXXXXXXXX++HH+++++++
---==,,--,-,-., : . -,,:/ $XHH@HMMMMMMMMMM@HHX$H@MHHHHX+H%%$%+H/:.%. $. @,,,. $$XXXXXXXXXXXXXXXXXXXXXXXXXX+
= - --,, , -- .. =/ +$+H@@HMMMMMMMMH+H+++HHHHHHHH@+++++H+X++X+$$ = ,,, - $$XXXXX$$$$X$$$$$$$$$$$$$$X
====== --,,,, ,= = ,==== ++$$+HHMMM####MH+$$+++HH@+HH@MHMMH@@H@@@HH+$+ ,,, ,. $$+$++$$$$$$$$$$++$$$$$$$X
:==-===-,. ,., == . :;; +++%$+H@HMMMMMMM%$%$$$+H@@+HH@MMMMMM@@@@HHH++H. .,,-,,--=/+$$%%%%%%%%$+%%$$$$$XXXXX
, = ==- - . == . =; ++++%++HHHHHHHHHH++%$$X+@@H+HHHMMMMMMHH@@@+X+ , ,,,,- , ,$$$$$$$+++++$$$$XXXXX$$
,,- , --= .. . ;/ ++++%$X+HHHHHHH ++$++X+HH+X+H@HMMHHHHHHHH+. ,, ,, , . +$$$$+%+$$$$$$$$$$
,-----=-=--, ,== ..;/ +% +%$XX+HH++HH+/+$%++H@@HHXHHH@@@@@@@@HXX . .,,,. ,,,, ,-=$$$$$$$$$$$$$$$$$
- ,- -- -, ,-= . =/++%++%+++++XXXXX$$+. +HHH@+$XHHHHHHHHH++$ -,,, ,, ,,,. ,+$$$$$$$$$$$$
---,-----, . == =/+%+++%++$$+++$X$$$$++,$$+++XXHHHHHHHH+X$+% ,-,-, ,, . . ,+$$+++++++
== --, -- =--, ,,= . ./++$$++$+X$+/++$$XXXX$$$$XXXXXXH+HH+H+X$%%/ .,,,,,, .. .. ,. ,,,-=+%+++ /++
+ -- - -,,- ., . . . = +$$++++HH+. ,+$$+++++++$XX$X$XHHH+X$$+ ..--,- .. . . ,-, = ======
MH - ---- --,,, . .. , %++$$X++++ +%++++++++%++$$$$$+H++X$$+ --, . . . = .====
MM=,-, ---,,,,, . . ...,,, =/++%$$XXXX+/+++@@H@HX$+%$$+HHHHH$$$+: ,-- . ,. .. .. ==::;=-:;;;
MM+ ,----,,,, , .. ,. +++X+HH+++++%++$++++$$+HHH+++$$ ,- , . . : ;/ +%+.
MMH ,-,-,, ,,. . -, = = +$+H@HH++++$$X$$+++HHH+++$ , .. , +++++++%%+%+
MM@,--,-,,,,,. . ,, . ,-, .=+$XHHHXXHHHHHHHH@@@@HX$%+: ,, . ..,, ..... ...%%%%++%%%%%%%%
M@@== ,,, , ++++XX++HHHHHH++HHH+, , , . .... . +$+%%%%%%+%%%%%
H@H+=,,, .. ,,+%$+H@HHHXX++, , ,, . ... . ,$$$$$%%%%%+%+%%%%
@H+,-,,..... . .,.;; ++$$X+%+:- , . .,,, . ... . XXX$$$%%%%%%+%%%%%
+++ -, . ... . .======== === , ,, . . .. . -,XXX$X$+$+%%%%%%%%%
$+ . ===:; ++++ ++++-,. , ,-, . $X+XX+XXX$$+%++%%%%%
++: ,. . ,-,,-==:; %%%%%+%$$%$$X$$$+%+:== . . ,, ..+X$XXXXXX$$$+%%$$%%%%
=: ,,, == ++++++$+$$%+++$$$++$+ . == . .,,, +$$$$$$$$$$$$$$+$%%%+
, ,---, =:;/++$$XX$$$$$$X+H@H@HHH$%%%$X$++;===== . ., .. +%%+$++$%$$$$$$%%++%+
===; +++$$$$+ +%+++%+HH@@@@HH+++ ++%+$+, === .. ,=; +++++++++.. :;;
. =:; /++%$$++, ,++HHMMHH@@@@HHHH@HH++++++ ,+$$+ . .. :=;;:;;;;;==========
.,,-==;;;+% %%+$$$$ /+++@@@@@@@@@@HH@M@MH@@@HHHHH$$% /%$XXX$X . -=====::::=========::
. =; ++++++$+++ , +%H@@@HHH@HH++HHH@MHHH@HHHHHH++++ , +%%+$ ,, - --- ==:=:
====; ++++$$+% ++H@HHHHHHH+X++X++@@@HHH@MMMMHHHHHH@HHHH+++++. ,,,,-,--- =:==;;
.,., ==;// / ++++%+%+%+++$$+@H@@@@H@HHH+XXX$%+HHHH@@HH@HMMMMMMMMMMMMMMH@+%; ...,,,,,--==;;;/;
. ...= .,+%$++%+$XXX$++%+++H@@@@HHH@HHH+++. ++++H+HHHHHHHMMMMMMMMMMMM@++: ,,, ===;;;;;
==: . ++++++++HH%H+++X++HH+H@HHHH@HHHHHHH+++++%++%%+%%++ . , = ++$H@@HMHMMH%= . ..,,=
+++%$XXHHHHHH@H@@@@@H@HH@MMM@@HH@HH+HXH@HH%%+HH+XX$$$+++/;:=== ,,,,,, = ::; % :, ...,,
%+++HHH@HHH@@HMHHHH@HHHMHMHHHHHH+XH+HHH++++HHHH@HHHHH++%+ -, = ,=== ,, ,,, .
H@HHHH#M#M#MHHHM#MMMMMMMHHHH@H@H++@H$+++HHM#MMMMHMMH@@HHHHHH%+++++%%%+++ , .
%%%%%%%%%%%%%%++++%%++ .. ... .. . +++%+++++++%++++%+++++++++%+%++%+%%++%++++++%
2017-09-25 12:22:19 +02:00
b5c4d0749b
new: Added object relations to the CSV export
2017-09-19 16:50:56 +02:00
b442a273fc
new: Further progress on the synchronisation
2017-09-07 12:20:20 +02:00
89bc6d1690
fix: Fixed the empty event warning if an event only has objects but no attributes
2017-09-05 10:41:55 +02:00
40ea22a272
Merge branch '2.4' into objects_wip
2017-09-04 17:38:06 +02:00
2f02097590
fix: Fixed an invalid user call in the paginator
2017-09-04 09:01:08 +02:00
52bf961dea
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2017-08-31 16:45:01 +02:00
bb4f74bb1a
new: Massive performance improvements to the restSearch API
...
- smarter choice of pre-filtering gives a huge boost for non attribute level parameters
- caching the results of certain parts of the algorithm
- cleaned up some inefficient looping merges
2017-08-31 16:43:20 +02:00
5d2c8822ad
fix: Fixed a bug where /events/uuid would return the incorrect event.
2017-08-28 20:39:06 +02:00
8474913862
fix: Slight improvement to event uuid lookup on the event view
2017-08-25 14:38:58 +02:00
78f49e5e62
new: Added back referencing from a referenced object
...
- also fixed some view file issues
2017-08-24 07:49:11 +02:00
d3d6566b16
new: Various new features for the objects
2017-08-23 11:57:40 +02:00
961bc76393
Merge branch '2.4' into objects_wip
2017-08-21 10:17:16 +02:00
50a3d78c81
fix: Fixed a group by issue with the event filter overlay
2017-08-17 10:57:18 +02:00
ead2b9e1fd
fix: Various fixes
2017-08-10 11:11:33 +02:00
aa07299abe
Merge branch '2.4' into objects_wip
2017-08-10 07:29:50 +02:00
0e7dd2eddc
new: Added first iteration of object references and other changes
...
- various fixes
- rework of the pagination library
2017-08-09 17:53:25 +02:00
952fff6252
fix: Fixes to several cases of reflected XSS, fixes #2381
...
- as reported by @import-au
- Additionally enforce content-type on all async APIs called by the UI using CakeResponse
2017-08-08 21:37:03 +02:00
f4c02e60f5
fix: Nicer response for the API to push events to ZMQ
2017-08-03 17:09:04 +02:00
23e777c661
fix: Fixed a typo in the pushEventToZMQ function
2017-08-03 17:05:30 +02:00
0097e040b1
fix: Previous commit was incorrect, empty filters contain null not false
2017-08-01 01:05:45 +02:00
3e4fbcf5ff
fix: Fixed "published":0 filter for restsearch
...
- also removed an empty function
2017-08-01 01:02:25 +02:00
091175133b
fix: GFI uploaded archives don't throw exceptions on failed parsing, instead simply show an error banner after redirect
...
- in situations with misconfigured MISPs (debug enabled), a parsing error
exception thrown while parsing a maliciously malformed archive could include
arbitrary files in the stacktrace accessed from within the apache user's
scope if a symlinked file was uploaded in the archive
- Thanks to cert.govt.nz for the security report.
2017-07-12 15:44:02 +02:00
2248846706
attachments_dir: Default value queried through a function to workaround PHP inability to have anything useful stored in a class property
2017-07-10 12:42:23 +02:00
1ea33e811a
Add an optional setting attachments_dir, and adapt existing code to use that setting
2017-07-07 17:29:13 +02:00
154549efd9
fix: Accessing a pivoted event view URL without having the pivot path tracked in the session threw a notice
2017-06-29 07:42:26 +02:00
483f425584
fix: JSON export via the UI should download a file, not render the JSON
2017-06-28 10:19:36 +02:00
94ee61358c
fix: Fixed the invalid CSV download filename
2017-06-28 09:53:34 +02:00
e72bbd7e07
fix: Removed silly duplicate queries from the event index
2017-06-19 11:12:15 +02:00
57857c3a32
new: Performance improvements for the pub-sub modules
...
- Only load and open connection to redis for the pub-sub connection once.
- Massive performance boost when the ZMQ functionality is enabled
2017-06-16 08:41:12 +02:00
e56dc0d046
fix: fixed error messages for the CSV export API
2017-06-15 14:21:42 +02:00
bb20f232f8
fix: New way of checking for API access
...
- meant to resolve some issues such as being redirected to the news page if a new news item exists while running a CSV export via the API
2017-06-15 09:57:46 +02:00
7f818c7e82
new: Add adhereToWarninglists as a JSON parameter to the freetextImport API
2017-06-13 15:15:19 +02:00
3d74dbee28
new: First round of massive performance tuning (tm)(c)
...
- Make MISP fast again
2017-06-09 15:38:45 +02:00
6fad375685
new: Mass delete events
...
- simply use the multi select on the event index via the UI
- for the API, simply POST to /events/delete with a payload in the following format:
`{"id": [15, 16, 17]}`
- if you've accidentally deleted all your events using this functionality, feel free to contact @rommelfs or contact the NSA for backups
2017-06-01 09:45:10 +02:00
c52439b572
new: Publish event to ZMQ on demand and beaconing of ZMQ tool
2017-05-30 17:16:41 +02:00
66613dd38f
fix: Fixed a few silly issues with the hids export
...
- allow POSTed parameters
- simpler response always responds with txt type, won't complain about view not being set for incorrect accept headers
2017-05-22 15:03:56 +02:00
ccde4a8770
fix: hids api threw error on empty result
2017-05-22 14:47:57 +02:00
c61b58ae73
Merge pull request #2200 from RichieB2B/ncsc-nl/openioc
...
Several fixes for OpenIOC importer
2017-05-18 17:24:29 +02:00
ac7b95380d
Set OpenIOC attribute distribution to 'Inherit' by default
2017-05-18 17:10:44 +02:00
81141ed4e0
fix: Fixed an issue with the freetext importer failing if no tags were set
2017-05-12 06:51:52 +02:00
e71045571c
add possibility to define tags for import module.
...
Add possibility to desable validation for String field when empty
2017-05-10 19:51:27 +02:00
e34634201b
fix: fixed an API vs documentation mismatch for the nids exports
2017-05-10 16:35:17 +02:00
96574ec335
new: First implementation of the feed analysis system
2017-05-08 14:22:27 +02:00
7b24077245
fix: Missing parameters for getenabledmodules
2017-05-03 14:41:39 +02:00
aksha
Steve Clement
Alexandre Dulaunoy