MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
9,049 Commits
41 Branches
370 Tags
181 MiB
Commit Graph

1120 Commits (8d699d35a9d766b79cc05666c40c00599756d979)

Author SHA1 Message Date
Tristan METAYER 66a43f5511 Add an imput for search on all attributes in an event. 
field to search can be modify in administration page.
 2017-10-04 19:07:58 +02:00
iglocska 09dd5b12c0 fix: Fix some restsearch filters fetching the same event more than once 2017-09-29 16:37:24 +02:00
iglocska 6a12f122db fix: Corrected filename for array of events 2017-09-29 16:10:38 +02:00
iglocska b658c20b75 fix: Flatten events for the correlation graph 2017-09-26 10:18:04 +02:00
iglocska 9e71fbb5f7 fix: flatten the events for the restSearch API's lookup functions 
- otherwise valid events that only contain objects get blocked
 2017-09-25 14:00:17 +02:00
iglocska 3f76fd6ea7 new: Rework of the attachment uploader 
- add attachments and upload_sample now share code
- allow the same features via upload_sample (object creation / use of advanced add attachments)
- new flag: advanced

- example:

  POST to mymisp/events/upload_sample
  BODY:
{"request":{"files": [{"filename": "bla.exe", "data": "U3RhckNyYWZ0IElJIGZvcmV2ZXI="}], "distribution": 1, "advanced":1, "info":"bla"}}

- this commit was brought to you by CEF and

MMMH$= -  .,   ,,.          %H++  ,= %%$$$$X+ ;=== .=  :+HHHMMMHMMM####MMH@@@@@@HHH$=      HHH@HHHHH+XXX$$$$$$$$XXXXXXX+
MMH = -.  . ,-,,-,.         :H@H  =;;++$HH+XX$%+X%+$++=:=.XH@@@HMMMMMMMMH@@@@@@@HHX$   ,X@@@@@@@HHHHHHHHHHXXXXXXXXXXXXXX
  . ---,  -    ,,,            +@ .. ;++$HH+HHH++$+++HH+++, .+%HHMHHHHHHHHH+%%%++++$+   +++HHHHHHH+++++++++HHHHHHHHHHHHHH
- -- ,,,  --,. -                 , ,; +$XHH@@@@HHH@@@HHHH+$+$X+HH+$$+ ;  ;=  .    %   +  ,+$X+++XXXXXXXXXXXXX++HH+++++++
---==,,--,-,-., :     .          -,,:/ $XHH@HMMMMMMMMMM@HHX$H@MHHHHX+H%%$%+H/:.%. $. @,,,. $$XXXXXXXXXXXXXXXXXXXXXXXXXX+
  =  - --,,   , --   ..             =/ +$+H@@HMMMMMMMMH+H+++HHHHHHHH@+++++H+X++X+$$  = ,,, - $$XXXXX$$$$X$$$$$$$$$$$$$$X
====== --,,,, ,= =              ,==== ++$$+HHMMM####MH+$$+++HH@+HH@MHMMH@@H@@@HH+$+    ,,, ,. $$+$++$$$$$$$$$$++$$$$$$$X
 :==-===-,. ,., ==   .           :;; +++%$+H@HMMMMMMM%$%$$$+H@@+HH@MMMMMM@@@@HHH++H. .,,-,,--=/+$$%%%%%%%%$+%%$$$$$XXXXX
,  =  ==- -  .  ==             . =; ++++%++HHHHHHHHHH++%$$X+@@H+HHHMMMMMMHH@@@+X+    , ,,,,-  , ,$$$$$$$+++++$$$$XXXXX$$
,,-       ,    --=    ..       . ;/ ++++%$X+HHHHHHH  ++$++X+HH+X+H@HMMHHHHHHHH+.       ,,  ,,  , .    +$$$$+%+$$$$$$$$$$
,-----=-=--,   ,==             ..;/ +% +%$XX+HH++HH+/+$%++H@@HHXHHH@@@@@@@@HXX  .   .,,,.  ,,,,     ,-=$$$$$$$$$$$$$$$$$
 - ,- --  -,   ,-=     .         =/++%++%+++++XXXXX$$+.  +HHH@+$XHHHHHHHHH++$        -,,,  ,,      ,,,.   ,+$$$$$$$$$$$$
 ---,-----, .   ==               =/+%+++%++$$+++$X$$$$++,$$+++XXHHHHHHHH+X$+%       ,-,-,        ,,    .  .  ,+$$+++++++
== --, -- =--, ,,=          .    ./++$$++$+X$+/++$$XXXX$$$$XXXXXXH+HH+H+X$%%/     .,,,,,,    ..  ..    ,. ,,,-=+%+++ /++
+   -- -  -,,-  .,    .  . .      = +$$++++HH+.  ,+$$+++++++$XX$X$XHHH+X$$+      ..--,-    .. .        .    ,-, = ======
MH - ---- --,,,    .       .. ,      %++$$X++++ +%++++++++%++$$$$$+H++X$$+        --,    .         .   .        =  .====
MM=,-, ---,,,,,    . .     ...,,,   =/++%$$XXXX+/+++@@H@HX$+%$$+HHHHH$$$+:       ,--    .     ,. ..       .. ==::;=-:;;;
MM+ ,----,,,,              , .. ,.      +++X+HH+++++%++$++++$$+HHH+++$$          ,-          ,   .       .   : ;/ +%+.
MMH ,-,-,, ,,.        .    -,     =     = +$+H@HH++++$$X$$+++HHH+++$                       ,    ..       ,  +++++++%%+%+
MM@,--,-,,,,,. .     ,,     .    ,-,    .=+$XHHHXXHHHHHHHH@@@@HX$%+:          ,, .      ..,,  .....    ...%%%%++%%%%%%%%
M@@== ,,,  ,                               ++++XX++HHHHHH++HHH+,              ,         ,  .  ....     . +$+%%%%%%+%%%%%
H@H+=,,,  ..                                  ,,+%$+H@HHHXX++,               ,         ,,  .  ...   . ,$$$$$%%%%%+%+%%%%
@H+,-,,.....       .                          .,.;; ++$$X+%+:-              ,  .     .,,,  .  ...   . XXX$$$%%%%%%+%%%%%
+++ -, . ...                             .  .======== === ,                          ,, . .  ..   . -,XXX$X$+$+%%%%%%%%%
$+     .                                ===:; ++++ ++++-,.  ,                       ,-,          .  $X+XX+XXX$$+%++%%%%%
++: ,. .                         ,-,,-==:; %%%%%+%$$%$$X$$$+%+:==        .        . ,,           ..+X$XXXXXX$$$+%%$$%%%%
=:                              ,,,  ==   ++++++$+$$%+++$$$++$+ . ==     .        .,,,             +$$$$$$$$$$$$$$+$%%%+
 ,                          ,---, =:;/++$$XX$$$$$$X+H@H@HHH$%%%$X$++;===== .      .,            .. +%%+$++$%$$$$$$%%++%+
                               ===; +++$$$$+ +%+++%+HH@@@@HH+++ ++%+$+,  ===      ..             ,=;   +++++++++..   :;;
                      .   =:;   /++%$$++,  ,++HHMMHH@@@@HHHH@HH++++++ ,+$$+ .     ..                :=;;:;;;;;==========
                  .,,-==;;;+%  %%+$$$$ /+++@@@@@@@@@@HH@M@MH@@@HHHHH$$% /%$XXX$X  .                -=====::::=========::
                .    =;  ++++++$+++  , +%H@@@HHH@HH++HHH@MHHH@HHHHHH++++ , +%%+$                    ,, -       --- ==:=:
               ====;    ++++$$+%  ++H@HHHHHHH+X++X++@@@HHH@MMMMHHHHHH@HHHH+++++.                        ,,,,-,--- =:==;;
     .,., ==;// / ++++%+%+%+++$$+@H@@@@H@HHH+XXX$%+HHHH@@HH@HMMMMMMMMMMMMMMH@+%;                       ...,,,,,--==;;;/;
 .  ...=    .,+%$++%+$XXX$++%+++H@@@@HHH@HHH+++.   ++++H+HHHHHHHMMMMMMMMMMMM@++:                            ,,, ===;;;;;
==: .  ++++++++HH%H+++X++HH+H@HHHH@HHHHHHH+++++%++%%+%%++ . ,   = ++$H@@HMHMMH%=                                .  ..,,=
+++%$XXHHHHHH@H@@@@@H@HH@MMM@@HH@HH+HXH@HH%%+HH+XX$$$+++/;:=== ,,,,,, = ::; % :,                                   ...,,
%+++HHH@HHH@@HMHHHH@HHHMHMHHHHHH+XH+HHH++++HHHH@HHHHH++%+ -,  = ,=== ,,  ,,, .
H@HHHH#M#M#MHHHM#MMMMMMMHHHH@H@H++@H$+++HHM#MMMMHMMH@@HHHHHH%+++++%%%+++    ,  .
%%%%%%%%%%%%%%++++%%++   ..   ...  ..  .                                   +++%+++++++%++++%+++++++++%+%++%+%%++%++++++%
 2017-09-25 12:22:19 +02:00
iglocska b5c4d0749b new: Added object relations to the CSV export 2017-09-19 16:50:56 +02:00
iglocska b442a273fc new: Further progress on the synchronisation 2017-09-07 12:20:20 +02:00
iglocska 89bc6d1690 fix: Fixed the empty event warning if an event only has objects but no attributes 2017-09-05 10:41:55 +02:00
iglocska 40ea22a272 Merge branch '2.4' into objects_wip 2017-09-04 17:38:06 +02:00
iglocska 2f02097590 fix: Fixed an invalid user call in the paginator 2017-09-04 09:01:08 +02:00
iglocska 52bf961dea Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2017-08-31 16:45:01 +02:00
iglocska bb4f74bb1a new: Massive performance improvements to the restSearch API 
- smarter choice of pre-filtering gives a huge boost for non attribute level parameters
- caching the results of certain parts of the algorithm
- cleaned up some inefficient looping merges
 2017-08-31 16:43:20 +02:00
iglocska 5d2c8822ad fix: Fixed a bug where /events/uuid would return the incorrect event. 2017-08-28 20:39:06 +02:00
iglocska 8474913862 fix: Slight improvement to event uuid lookup on the event view 2017-08-25 14:38:58 +02:00
iglocska 78f49e5e62 new: Added back referencing from a referenced object 
- also fixed some view file issues
 2017-08-24 07:49:11 +02:00
iglocska d3d6566b16 new: Various new features for the objects 2017-08-23 11:57:40 +02:00
iglocska 961bc76393 Merge branch '2.4' into objects_wip 2017-08-21 10:17:16 +02:00
iglocska 50a3d78c81 fix: Fixed a group by issue with the event filter overlay 2017-08-17 10:57:18 +02:00
iglocska ead2b9e1fd fix: Various fixes 2017-08-10 11:11:33 +02:00
iglocska aa07299abe Merge branch '2.4' into objects_wip 2017-08-10 07:29:50 +02:00
iglocska 0e7dd2eddc new: Added first iteration of object references and other changes 
- various fixes
- rework of the pagination library
 2017-08-09 17:53:25 +02:00
iglocska 952fff6252 fix: Fixes to several cases of reflected XSS, fixes #2381 
- as reported by @import-au

- Additionally enforce content-type on all async APIs called by the UI using CakeResponse
 2017-08-08 21:37:03 +02:00
iglocska f4c02e60f5 fix: Nicer response for the API to push events to ZMQ 2017-08-03 17:09:04 +02:00
iglocska 23e777c661 fix: Fixed a typo in the pushEventToZMQ function 2017-08-03 17:05:30 +02:00
iglocska 0097e040b1 fix: Previous commit was incorrect, empty filters contain null not false 2017-08-01 01:05:45 +02:00
iglocska 3e4fbcf5ff fix: Fixed "published":0 filter for restsearch 
- also removed an empty function
 2017-08-01 01:02:25 +02:00
iglocska 091175133b fix: GFI uploaded archives don't throw exceptions on failed parsing, instead simply show an error banner after redirect 
- in situations with misconfigured MISPs (debug enabled), a parsing error
  exception thrown while parsing a maliciously malformed archive could include
  arbitrary files in the stacktrace accessed from within the apache user's
  scope if a symlinked file was uploaded in the archive

- Thanks to cert.govt.nz for the security report.
 2017-07-12 15:44:02 +02:00
Kevin Allix 2248846706 attachments_dir: Default value queried through a function to workaround PHP inability to have anything useful stored in a class property 2017-07-10 12:42:23 +02:00
Kevin Allix 1ea33e811a Add an optional setting attachments_dir, and adapt existing code to use that setting 2017-07-07 17:29:13 +02:00
iglocska 154549efd9 fix: Accessing a pivoted event view URL without having the pivot path tracked in the session threw a notice 2017-06-29 07:42:26 +02:00
iglocska 483f425584 fix: JSON export via the UI should download a file, not render the JSON 2017-06-28 10:19:36 +02:00
iglocska 94ee61358c fix: Fixed the invalid CSV download filename 2017-06-28 09:53:34 +02:00
iglocska e72bbd7e07 fix: Removed silly duplicate queries from the event index 2017-06-19 11:12:15 +02:00
iglocska 57857c3a32 new: Performance improvements for the pub-sub modules 
- Only load and open connection to redis for the pub-sub connection once.
- Massive performance boost when the ZMQ functionality is enabled
 2017-06-16 08:41:12 +02:00
iglocska e56dc0d046 fix: fixed error messages for the CSV export API 2017-06-15 14:21:42 +02:00
iglocska bb20f232f8 fix: New way of checking for API access 
- meant to resolve some issues such as being redirected to the news page if a new news item exists while running a CSV export via the API
 2017-06-15 09:57:46 +02:00
iglocska 7f818c7e82 new: Add adhereToWarninglists as a JSON parameter to the freetextImport API 2017-06-13 15:15:19 +02:00
iglocska 3d74dbee28 new: First round of massive performance tuning (tm)(c) 
- Make MISP fast again
 2017-06-09 15:38:45 +02:00
iglocska 6fad375685 new: Mass delete events 
- simply use the multi select on the event index via the UI
- for the API, simply POST to /events/delete with a payload in the following format:
  `{"id": [15, 16, 17]}`

- if you've accidentally deleted all your events using this functionality, feel free to contact @rommelfs or contact the NSA for backups
 2017-06-01 09:45:10 +02:00
iglocska c52439b572 new: Publish event to ZMQ on demand and beaconing of ZMQ tool 2017-05-30 17:16:41 +02:00
iglocska 66613dd38f fix: Fixed a few silly issues with the hids export 
- allow POSTed parameters
- simpler response always responds with txt type, won't complain about view not being set for incorrect accept headers
 2017-05-22 15:03:56 +02:00
iglocska ccde4a8770 fix: hids api threw error on empty result 2017-05-22 14:47:57 +02:00
Andras Iklody c61b58ae73 Merge pull request #2200 from RichieB2B/ncsc-nl/openioc 
Several fixes for OpenIOC importer
 2017-05-18 17:24:29 +02:00
Richard van den Berg ac7b95380d Set OpenIOC attribute distribution to 'Inherit' by default 2017-05-18 17:10:44 +02:00
iglocska 81141ed4e0 fix: Fixed an issue with the freetext importer failing if no tags were set 2017-05-12 06:51:52 +02:00
Tristan METAYER e71045571c add possibility to define tags for import module. 
Add possibility to desable validation for String field when empty
 2017-05-10 19:51:27 +02:00
iglocska e34634201b fix: fixed an API vs documentation mismatch for the nids exports 2017-05-10 16:35:17 +02:00
iglocska 96574ec335 new: First implementation of the feed analysis system 2017-05-08 14:22:27 +02:00
iglocska 7b24077245 fix: Missing parameters for getenabledmodules 2017-05-03 14:41:39 +02:00
iglocska 26d3e2a0c2 fix: Fixed a failure with cortex modules (hopefully) 2017-05-03 14:27:23 +02:00
iglocska 9ccdc579a6 new: New module type: Cortex 
- similar to Enrichment modules except for not having the options to run hover
 2017-05-03 13:13:36 +02:00
Andras Iklody 120265b185 Merge pull request #2154 from truckydev/2.4 
Add filename key for import modules
 2017-05-02 14:34:06 +02:00
Tristan METAYER 98aafc3c49 add test for empty filename 2017-05-02 14:30:53 +02:00
iglocska ec83f378da new: Use /events/freeTextImport/eventid via the API to directly parse and create attributes from the input 
- expected format is {"value": "my_string_to_parse"} with "distribution" being an optional value (otherwise instnace defaults are assumed)
 2017-05-02 11:02:11 +02:00
Tristan METAYER 9c349caa44 Add filename key for import modules 2017-05-02 10:56:21 +02:00
iglocska ecf00e8c65 fix: Fixed an issue where certain filters removed some elements from the object counter, fixes #2151 2017-04-27 17:09:26 +02:00
iglocska d33b3b1434 fix: Left off controller changes in the previous commit 2017-04-27 16:13:00 +02:00
iglocska f3785d2366 fix: Allow event edits even if the "Event" container isn't set 2017-04-26 15:12:25 +02:00
iglocska c60cc785f4 fix: Fixed the publishtimestamp filter issues with the event index 
- allow for publishtimestmap and publish_timestamp due to some documentation issues
- fixed the lookup to be greater than by default instad of lower than
- added the option to pass a range by passing an array with a start and end publish timestamp
 2017-04-25 09:46:35 +02:00
iglocska 9b3bfd1fd4 fix: Added missing distribution defaults to the import modules 2017-04-20 10:34:00 +02:00
iglocska 17f6fba976 fix: Fixed a format issue with the minimal index 2017-04-13 21:31:23 +02:00
iglocska e638c5350a new: Minimal flag added to the event index 
- used by the sync, greatly reduces the data fetched / transfered on the initial sync negotiation
 2017-04-13 15:09:29 +02:00
iglocska aa7375cd74 fix: Fix to the correlation graph after the relatedevent format changes 2017-04-12 10:59:13 +02:00
iglocska e7f2944918 new: Added new flag to events/restSearch to disable sharing group loading 
- sgReferenceOnly: Will only load the sharing_group_id not the actual sharing group data
 2017-04-12 09:52:09 +02:00
iglocska 9a2aaf9a1c new: Set distribution level in freetext results / module import results, fixes #2023 2017-04-11 15:02:40 +02:00
iglocska 0b0f793dc9 fix: Fixed an invalid JSON serialisation for restSearch 2017-04-04 17:21:55 +02:00
iglocska 3b6807ef72 new: Rework of the restsearch APIs 
- allows for alternate download types (supported for now: openioc)
- major refactor of the openioc export
- refactor of the CIDR tool
 2017-03-31 19:27:34 +02:00
iglocska 958a667d0a fix: NotFoundException when no events found by restSearch, fixes #2096 
- changed to just return an empty set
  - returns {"request":[]} for events/restSearch
  - returns [] for events/restSearch
 2017-03-30 18:37:50 +02:00
Mathieu Deloitte a4018780fa New variable includeAllTags added to NIDS export: even not exportable tags could be included in NIDS export 2017-03-22 11:09:49 +01:00
iglocska 1567504896 fix: Typo fixed 2017-03-02 14:55:09 +01:00
iglocska 62cb2b66b6 new: Added a way to disable cached exports server wide for low disk space instnaces 
- But please consider just adding some more space instead..
 2017-03-02 10:49:18 +01:00
iglocska d70d5f6a3b fix: pushProposals requires that the user has perm_add permissions 2017-03-01 15:45:27 +01:00
iglocska b74548185a Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2017-03-01 15:42:07 +01:00
iglocska c7f4686ab8 chg: Quick deletion of events 
- uses prepared statements instead of the framework's cascading delete
- utterly massive performance boost
 2017-03-01 15:39:42 +01:00
kx499 0b2b49d6f4 Updated comment for enrichment modules to refence value used for enrichment for added context 2017-02-26 13:21:08 -05:00
iglocska 3fca8de6bf new: Added activity charts to tag and galaxy cluster indeces 
- bunch of small improvements additionally
 2017-02-24 19:34:18 +01:00
iglocska a59aab9b23 fix: Re-added the accidentally removed code in a merge, fixes #1965 
- affects f0e1a27b7d
 2017-02-20 18:43:36 +01:00
iglocska 4e41b55572 new: First iteration of the improved sightings 2017-02-05 23:48:18 +01:00
iglocska ee80ecfce7 new: small rework of the thread functionalities 
- API get /threads/view/<thread_id> and /threads/viewEvent/<event_id>
- Added new setting to show post count on the event index including a notification if it has a post newer than 24 hours
 2017-02-01 15:32:22 +01:00
iglocska 1f9a631182 fix: Added missing view file, some small fixes, pymisp version bump 2017-01-31 10:54:33 +01:00
iglocska ad472e8c4b fix: Removing tags now spans its own CSRF tokens in the confirmation popup 
- fixes some CSRF issues
- improves rendering performance
 2017-01-31 09:58:21 +01:00
Iglocska 2a13bf24a3 fix: Temporary fix for no relatedattributes producing an empty string instead of an empty array in the retrieved data 2017-01-18 11:24:17 +01:00
Iglocska 0960791008 Merge branch '2.4' into feature/attribute-tagging 2017-01-17 14:52:59 +01:00
Iglocska 770b69dbc2 fix: Fix a unicode issue with the correlation graphs 2017-01-17 14:50:39 +01:00
Iglocska 0f7d37ce04 fix: Fix an issue with the graphs when no relations are found 2017-01-17 14:22:25 +01:00
Iglocska 5eeb1c85a9 chg: Use cakeresponse for JSON response in updateGraph instead of serialize 2017-01-17 14:06:23 +01:00
iglocska 4ad022b03c Merge branch '2.4' into feature/attribute-tagging 2017-01-16 16:15:06 +01:00
iglocska a5663dfc07 fix: Fixed the editing of tags using the rest API 2017-01-16 16:05:19 +01:00
Iglocska be4d8ed54f chg: Allow disabling/enabling publishing of events imported via the UI, fixes #1845 2017-01-16 11:02:23 +01:00
Iglocska d537fa4447 fix: Edit events by uuid instead of id, fixes #1842 2017-01-15 09:05:17 +01:00
Iglocska c3225e0679 fix: Only allow malware-samples to be created using the upload_sample api, fixes #1843 
- contrary to the documentation, setting the IDS flag decided the type of the resulting upload (malware-sample vs attachment)
- attachments can easily be created without any black magic using the add attribute api anyway

- also fixed a bug that prevented the timestamp of events receiving a sample via the upload_sample api from being re-timestamped
 2017-01-15 08:56:02 +01:00
iglocska da433c3549 Merge branch '2.4' of https://github.com/MISP/MISP into feature/disable_correlation 2016-12-22 21:01:58 +01:00
iglocska 672a681819 fix: Some fixes with the automatic publish/unpublish feedback 
- automatically set the event to unpublished in the view when adding/removing tags
- officially the keep @RichieB2B happy patch ;)
 2016-12-22 17:46:52 +01:00
iglocska 4aec4e4beb fix: Unpublish events when tagging/removing tags 
- same for galaxy clusters
- also, new ajax way of showing/hiding published status
 2016-12-22 17:30:27 +01:00
iglocska ffe880621e new: Disable correlation 
- globally
- on an event level
- on an attribute level
 2016-12-22 15:30:06 +01:00
iglocska 106f8b546f fix: Set event to locked = 1 when importing from a MISP export 2016-12-22 15:11:14 +01:00
iglocska 9214a09028 new: Added new option to the attribute level restsearch 
- filter on attributes using timestamps newer than parameter
 2016-12-19 16:41:14 +01:00
iglocska d6ac23a6f2 new: Added the warninglist enforcement flag to the remaining exports 
- still missing: Export modules
- consider having the flag for misp JSON/XML and STIX perhaps?
 2016-12-19 14:37:26 +01:00
iglocska 6bf03c038a chg: Exposed the new warninglist override via APIs and moved the lookup method to the warninglist model 2016-12-19 10:01:14 +01:00
Iglocska 7a0f0c4aec chg: Changed the event download as filename to misp.event.id.uuid.format, fixes #1515 2016-12-13 20:50:18 +01:00
iglocska 6fe3c49060 fix: Fixes MySQL 5.7 group by issues 2016-12-09 07:57:19 +01:00
Iglocska a8d6484893 fix: Fixed missing publish flag in restsearch 2016-12-07 13:43:52 +01:00
Iglocska de98e8204f fix: Galaxies are now loaded by default 2016-12-07 13:30:19 +01:00
Iglocska 1e7dccf272 Merge branch '2.4' into feature/galaxy 2016-12-06 16:11:59 +01:00
Iglocska e46cbd0991 new: First iteration of the galaxies (WIP) 2016-12-05 00:47:34 +01:00
Iglocska 4c3ef86a7b new: Added the publish_timestamp and timestamp parameters to both restSearch functions, fixes #1703 
- TODO document it
- new way of handling it, both accept lists with 2 values for ranges
 2016-12-01 16:05:50 +01:00
Iglocska e3ace6af54 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2016-11-28 15:55:44 +01:00
Iglocska 1ff91d8541 new: added the published flag to restsearch 
- allows users to specify whether the events / attributes returned should come from published / unpublished events only. If the parameter is not set both are included
 2016-11-28 15:54:44 +01:00
Iglocska 8f2eafb4a0 chg: Allow JSON POSTing to set parameters for the CSV export 
- kill the url parameters with fire
 2016-11-25 23:00:33 +01:00
Iglocska a6734c858a new: Sightings enabled by default 2016-11-21 17:27:30 +01:00
Iglocska b8973bec68 new: Added uuid as a restsearch parameter, fixes #1683 
- search for events/attributes by uuid
 2016-11-21 15:01:57 +01:00
Iglocska abd288d842 fix: Tightened check for tag removals 
- users could remove tags via the api for other organisations
 2016-11-10 13:28:13 +01:00
Iglocska 95e0da7208 chg: Updated the NIDS exports 
- allow posting JSON/XML payloads with filter options
- Added the type field to be able to restrict / attribute type
 2016-11-08 17:26:02 +01:00
Iglocska dc77dc6cfc fix: Fixed annoying capitalisation mess in the event index parameters 
- just throw everything to lowercase
 2016-11-03 16:05:53 +01:00
Iglocska b5718aef1c new: Added two additional api filters to the event index (timestamp, publishtimestamp) 
- Currently these are not exposed to the filter UI
- Easy way to get metadata newer than timestamp/publish timestamp
 2016-11-03 16:01:35 +01:00
Iglocska 77fdb4a854 new: Enrichment queries now pass the base64 encoded data to the enrichment modules 
- first implementation, malware is sent as an encryptet zip base64 encoded
 2016-11-02 21:26:39 +01:00
Iglocska aa141fb54b new: Show file sizes on the export page, fixes #1640 2016-11-01 13:42:17 +01:00
Iglocska f87747ace2 fix: Fixed several issues with the import modules 
- config settings are not passed correctly to the import modules
- not having any paste/file upload in an import module would fail
  - removed the requirement to have either filled, if a module doesn't use any of the two fields it will simple pass an empty data field
  - this could be handy for modules that create event data based on the userconfig fields
 2016-10-27 18:24:40 +02:00
Iglocska c2fc803fed chg: Use the TLD lists from the warninglists, fixes #1149 
- simply load any enable warninglist entries from the pre-defined TLD warninglists
- Pass the resulting array to the complex type tool
- during domain type heuristics, if the TLD list is not empty use the supplied list
- alternatively generate a list based on the old TLD rules
- does not alter any functionality otherwise
 2016-10-25 22:23:01 +02:00
Christophe Vandeplas 90badee3d0 removed Imported via the Freetext Import ... text 2016-10-24 16:27:08 +02:00
Iglocska 4689473072 fix: Separate the GFI upload directory from the attachment directories 
- ensure that no one can't retrieve GFI export files
- As reported by Vytautas Paulikas and Robert Giruckas from SEC Consult
 2016-10-21 15:28:07 +02:00
Iglocska 442757696f chg: Keep the event ID in the correlation graph's event nodes' name in addition to the info field 2016-10-20 11:15:16 +02:00
Iglocska c47ebcaa84 chg: Changed the event node names to (partial) event info fields for the correlation graph 2016-10-20 11:04:52 +02:00
Iglocska 6c493cbdb9 fix: Fixes a bug that returned the wrong user's email address on the event view, viewed by an org admin. 2016-10-18 16:14:41 +02:00
Iglocska da56b153a4 fix: Added default values to some of the event fields when adding a new event 
- basically the only required field now is the info field, everything else uses sane defaults
 2016-10-18 10:39:25 +02:00
Iglocska 9891234662 new: CSV feeds and various fixes 
- Added the CSV feed format
  - users can specify which fields in the CSV should be parsed
  - comment lines are automatically omitted
  - new settings system added to feeds, currently only used for the value fields

- Slight rework of the correlation lookup for the feeds
  - got the Speed Force treatment
  - correctly checks against value1 and value2 instead of value

- Various freetext import fixes
 2016-10-08 14:36:24 +02:00
Iglocska 1a9939631b fix: Fixed a bug with the event view 
- the fetcher was moving proposals within an attribute if the proposal was directed at the attribute (correctly)
- this left the event proposal list in a non progressive array key format, which lead to a weird situation where the JSON format used string numeral keys in a dict as opposed to the desired list. Nobody in their right mind would ever want that.
- fixed
 2016-10-06 17:24:42 +02:00
Iglocska 280f5414bf new: View proposal count on event index and filter events on whether they have proposals 
- only non deleted proposals are counted
- allows users to quickly set up filters to view all events that have pending proposals
 2016-10-06 11:33:59 +02:00
Iglocska d45d66a3bc Merge branch 'attribute_merge' into 2.4 2016-10-04 16:41:36 +02:00
Iglocska 4428c36cd9 fix: Added the capability to merge attachments/samples 2016-10-04 16:40:39 +02:00
Iglocska d511e80a84 Merge branch 'publishalert' into 2.4 2016-10-04 15:58:37 +02:00
Iglocska d0de2cd369 fix: Fixed the event index in various places (such as the user admin view) 
- also added missing view files from previous patch
 2016-10-04 13:33:42 +02:00
Richard van den Berg d392bd8060 Allow merging for site admins 2016-10-04 10:24:53 +02:00
Richard van den Berg 87ac5f9f5a Fix indication of new attributes in E-mail alerts, fixes #1521 2016-10-02 14:46:51 +02:00
Iglocska fd959da341 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2016-10-02 12:47:20 +02:00
Iglocska def69dc969 new: First cut of the popover rework for form selects 2016-10-01 23:25:15 +02:00
Richard van den Berg 36971b57cd Allow merging of event attributes 2016-10-01 12:47:53 +02:00
Iglocska 3cc484dcaf fix: Fixed an issue that resulted in empty event tags showing up in the event index JSON 2016-09-30 15:34:33 +02:00
Iglocska 6c5e72efad fix: Fixed an issue with the restsearch export potentially incorrectly loading all eligible events in one go into memory 2016-09-29 14:33:56 +02:00
Cristian Bell 5be1e17bce Revert "fix: missing new TLDs in free text import, solves #1149 (#1574)" 
This reverts commit e3bb9d3a42.
 2016-09-27 16:38:35 +02:00
Cristian Bell e3bb9d3a42 fix: missing new TLDs in free text import, solves #1149 (#1574) 
* fix: missing new TLDs in free text import, solves #1149
 2016-09-27 15:53:43 +02:00
Iglocska ec99b71bf4 fix: Don't try to show sightings count if sightings aren't enabled 2016-09-23 10:39:31 +02:00
Iglocska 497bda7746 new: add the sightings cont to the event index 2016-09-23 10:35:08 +02:00
Iglocska 1006c109d7 fix: restrict tag usage for restricted tags in a place where it was missed 2016-09-23 10:32:17 +02:00
iglocska a599ec24f7 Merge branch '2.4' into 1501 2016-09-18 11:07:10 +02:00
Iglocska ff6917d313 fix: Added missing changes needed for the new description of the bro export 2016-09-16 17:48:03 +02:00
Iglocska 2cede15e68 Merge branch '2.4' into feature/bro-export 
Conflicts:
	app/Model/Event.php
 2016-09-15 18:00:25 +02:00
Iglocska 59ecf40f42 chg: Refactor of the Bro export 2016-09-15 17:44:59 +02:00
Andreas Ziegler 25e52a6786 chg: remove some references to variables 2016-09-15 17:08:58 +02:00
Cristian Bell 90c28602c3 chg: creator e-mail in the event details, fixes #1252 (#1535) 
* chg: creator e-mail in the event details, fixes #1252
 2016-09-15 14:38:55 +02:00
Iglocska 3527ae56d2 fix: Fixed an issue where non API users could not download events in JSON/XML format, fixes #1525 2016-09-13 01:34:54 +02:00
Iglocska 01695e326a new: Added the metadata flag to the event restsearch API 
- allows fetching metadata only without including attributes/proposals
 2016-09-12 12:09:19 +02:00
Iglocska 6eb6bfb10b fix: removed deprecated path from functions that are allowed for API users 2016-09-12 08:44:56 +02:00
Andreas Ziegler bee861a4c8 Merge pull request #1510 from rotanid/bugfix 
fix: typo recurisve/recursive in EventsController
 2016-09-06 05:35:20 +02:00
Andreas Ziegler 93614cd165 fix: typo recurisve/recursive in EventsController 2016-09-06 05:34:14 +02:00
Iglocska 62260d4c27 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2016-09-06 01:02:46 +02:00
Iglocska 14b82c9277 fix: revert to the old functionality of the stix export where the data is passed back from the internal stix method, fixes #1509 2016-09-05 23:48:35 +02:00
Andreas Ziegler 1fcefa202c chg: replace 2 spaces after tab by double tab 2016-09-05 00:51:37 +02:00
Andreas Ziegler 4b8a82098d chg: replace 4 spaces after tab by double tab 2016-09-05 00:45:51 +02:00
Andras Iklody 619966fa24 Merge pull request #1448 from TheDr1ver/2.4 
Add support to export an OpenIOC file via API
 2016-09-03 23:50:04 +02:00
Andras Iklody 13cb6a5ea3 Merge pull request #1492 from rotanid/small-cleanup 
chg: remove some obsolete code
 2016-09-01 09:30:09 +02:00
iglocska 80ed1cf65d fix: Removed filename check from the AppController 
- rerouted all calls to the method to the Model equivalent
 2016-09-01 09:18:54 +02:00
Andreas Ziegler cf2f0dc625 chg: remove some obsolete code 2016-09-01 05:15:36 +02:00
iglocska 9e7d20578f fix: removed unused lookup in EventsController::index(), fixes #1484 
- old code became obsolete when the taxonomies were implemented
 2016-08-31 10:09:06 +02:00
iglocska b9cb442172 fix: event index should respect pagination requests for API users 2016-08-30 11:20:53 +02:00
ppanero 131e2f760a bro export funtionality 2016-08-29 17:26:14 +02:00
iglocska 5a72f84c22 Merge branch '2.4' into 2.4.51 2016-08-28 21:08:02 +02:00
iglocska 873b201eb0 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2016-08-25 11:38:59 +02:00
iglocska 822b0bf8fa chg: Cleanup of the controllers and models 
- removed incorrect, useless boiler plate comments
- kept useful comments intact
- added some missing line breaks to make the codebase a bit more uniform
- removed some obviously obsolete TODO comments
 2016-08-25 11:38:37 +02:00
Andreas Ziegler e8599fb16c chg: new filename regex & separate functions 2016-08-24 15:31:17 +02:00
Andras Iklody c6bd6efe67 Merge pull request #1469 from rotanid/centralize-cidr-check 
Centralize CIDR checks
 2016-08-24 09:44:22 +02:00
Andreas Ziegler eb66a80c76 chg: filename regex changes 2016-08-24 02:35:04 +02:00
Andreas Ziegler bab3061ba3 chg: use central function for CIDR checks 2016-08-24 01:11:09 +02:00
Andreas Ziegler e5478e4bdf fix: remove substr() from value in CIDR part of restSearch 2016-08-24 01:07:02 +02:00
iglocska 734df04000 new: New piece by piece stix export allowing large datasets to be exported 2016-08-23 00:24:54 +02:00
Iglocska c81519b74e chg: If the quickfilter on the event index only returns a single event, redirect to the event view directly, fixes #1430 
- the perfect last-minute-saturday-night patch
 2016-08-20 21:32:17 +02:00
Andreas Ziegler f0905dc536 chg: rename FileAccess to FileAccessTool 
every other tool classes name in the Lib/Tools/ folder also ends with "Tool"
 2016-08-19 19:25:32 +02:00
Andreas Ziegler a2ff5424e1 chg: change FileAccess from static to instantiable class 2016-08-19 19:22:15 +02:00
Nick Driver 7a1f89333a Extra indent 2016-08-18 12:52:31 -04:00
Nick Driver c18d344ff3 Spaces to Tabs 2016-08-18 10:11:21 -04:00
Nick Driver 4d32a16da8 Add support to export an OpenIOC file via API 
(Change spaces to tabs)
 2016-08-18 10:04:54 -04:00
iglocska c0e1bc1c3f fix: Invalid response by the queryEnrichment() function if the module server is not reachable 2016-08-17 13:38:19 +02:00
iglocska e5bce5ac3c fix: Fixed an issue with large samples from modules causing the import process to fail 2016-08-16 11:42:43 +02:00
iglocska f436ab51fc fix: Show tag value in event history, fixes #1422 
- also log removed tags
 2016-08-14 23:46:50 +02:00
iglocska 3763f83522 Merge branch '2.4' into feature/import-export-modules 2016-08-10 14:22:32 +02:00
iglocska b9f5297b3a fix: Fixed some issues with the misp export importer and added better logging. 2016-08-10 12:06:36 +02:00
Iglocska 1c4215bdc7 fix: Some cleanup 2016-08-06 09:55:11 +02:00
Iglocska 00b013988b new: Added export module first iteration 2016-08-05 21:54:54 +02:00
Iglocska 4e9d02ac00 fix: removed debug 2016-08-04 18:37:07 +02:00
Iglocska e1d5c431d8 fix: Further work on the modules 2016-08-04 17:49:37 +02:00
Iglocska ef6a9593ba fix: Capitalisation > me 2016-08-04 16:30:36 +02:00
Iglocska 8f1a50f9d0 fix: I suck at capitalisation 2016-08-04 15:31:52 +02:00
Iglocska f1de2383c2 fix: lowercasetypo 2016-08-04 15:28:20 +02:00
Iglocska 80198be4a9 fix: Fixed some issues with the module services not using the correct url/port settings 2016-08-04 15:10:47 +02:00
Iglocska 629eb3b9d9 fix: Fixed the import module 
- correctly populates the resolved attribute list
- added validation by input type for fields
- added error message from introspection config to the validation check
- still needs plenty of refinement
 2016-08-04 07:55:58 +02:00
Iglocska e3768d24b3 chg: Handle module results in one place 2016-08-02 23:57:59 +02:00
Iglocska 1f1c8c814e new: First revision of the new import system 2016-08-01 16:15:24 +02:00
Iglocska 2d3b3aa772 chg: Added a warning for site admins for the export page to avoid site admins sharing a full export by accident 2016-07-30 19:04:01 +02:00
Iglocska 47c6feab4d fix: Various fixes to the cached exports 
- Tightened the rules for export generation when no valid published events exist
- Corrected various issues with the progress bars
- Added the missing JSON export to the caches
- XML/JSON caches now correctly take into account the cached attachent inclusion setting
- MISP will now show the users browsing the export page whether attachments will be cached with the current settings or not
- Added correct progress bar to the HIDS export
 2016-07-30 18:08:19 +02:00