Jakub Onderka
ad1b373766
new: [log] Audit log
2021-05-03 13:44:44 +02:00
iglocska
0d348bfd01
new: [Correlations] Added cached toplist
...
- stored via zset in redis
- very fast, but needs to be generated
- generation background processed
2021-04-27 00:40:40 +02:00
iglocska
823a870ca0
Merge branch 'develop' of github.com:MISP/MISP into develop
2021-04-25 17:54:53 +02:00
iglocska
5622546d5d
new: [correlations] added new background task for correlating individual values
2021-04-25 17:40:41 +02:00
Jakub Onderka
d989759211
Merge pull request #7191 from JakubOnderka/create-no-need
...
fix: [internal] Remove unnecessary create call
2021-03-11 12:14:16 +01:00
Jakub Onderka
a748134551
fix: [internal] Remove unnecessary create call
2021-03-11 12:03:00 +01:00
Jakub Onderka
3f12e95571
new: [test] Alert email generating
2021-03-06 12:03:53 +01:00
Jakub Onderka
29040c4f1c
new: [email] New setting `MISP.event_alert_metadata_only`
2021-03-06 10:39:16 +01:00
Jakub Onderka
d523025b6d
new: [email] Command for testing generated alert email
2021-03-06 10:39:16 +01:00
Jakub Onderka
a5ff4d40bf
fix: [CLI] Check user existence
2021-02-08 08:26:49 +01:00
Jakub Onderka
4d0daf6981
new: [CLI] Import events with compressed file support
...
Useful for importing big files
2020-12-09 17:06:04 +01:00
mokaddem
eb84b3344f
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0
2020-09-22 12:08:12 +02:00
Jakub Onderka
d88cc19a21
chg: [mail] Simplified mail generation
2020-09-21 13:17:00 +02:00
Jakub Onderka
76b2a51253
fix: [ACL] Permissions when sending contact and alert emails
2020-09-21 13:17:00 +02:00
mokaddem
ca61d45441
chg: [event] Forced usage of worker for event recovery
2020-09-16 10:33:05 +02:00
Golbark
3a0bedb104
chg: [internal] Using Allowedlist instead of Whitelist
2020-09-01 16:28:20 +02:00
Vito Piserchia
850034ecc0
recover from upstream version missing bits
2020-08-17 17:57:30 +02:00
Vito Piserchia
7da8b32ada
rebase continue
2020-08-17 17:25:02 +02:00
Jakub Onderka
1714c086b6
fix: [cli] Show error when invalid user ID provided
2020-08-12 18:32:12 +02:00
Jakub Onderka
e4b061c744
fix: [security] Respect ACL for freetext import
2020-08-05 17:37:05 +02:00
mokaddem
f3a9481c61
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0
2020-07-01 16:22:55 +02:00
mokaddem
b54edc0c3a
new: [galaxyCluster:publish] Upon publishing, push the cluster to remote
...
servers
2020-06-26 15:48:50 +02:00
mokaddem
ff7ef393c5
fix: [EventShell:enrichment] Improved reporting of error messages
2020-06-05 07:46:46 +02:00
iglocska
5a29964924
chg: [cleanup] Taking out the trash
...
- old unused functions removed
2020-02-10 16:10:55 +01:00
iglocska
af881189e5
new: [config load task] Added a task that will reload the settings on any console shell execution, fixes #5498
...
- helps with background workers being forced to fetch new settings whenever they start a new job
2020-02-10 15:15:59 +01:00
iglocska
46c3968755
fix: [internal] cleanup of unused line
2020-01-31 11:46:32 +01:00
iglocska
4806652448
fix: [API] several fixes to the Bro API
...
- always use flatten:1 to also include object attributes
- fix the generated full export to only include the header once
2020-01-31 11:45:23 +01:00
Richard van den Berg
dd963c2e21
Sync sightings on push, pull and push on add
2019-11-22 21:53:51 +01:00
Jakub Onderka
4db9553f16
fix: [iternal] Remove unused method EventShell::__recursiveEcho
2019-10-06 21:06:06 +02:00
Bechkalo Evgeny
9cf2ef3a46
fix: more issues with PostgreSQL
...
- fixed error during update Job date_modified field (SQLSTATE[22008]:
Datetime field overflow: 7 ERROR: date/time field value out of range)
- fixed error during fetching events while updating from feeds (
SQLSTATE[42P01]: Undefined table: 7 ERROR: missing FROM-clause entry for
table events)
- fixed Feed edit view with wrong boolean forms (combobox instead
checkbox)
2019-08-29 18:36:47 +03:00
chrisr3d
7b4c09a249
wip: [enrichment] Capturing objects & attributes
2019-04-08 19:07:13 +02:00
chrisr3d
d13d898f7a
fix: [cleanup] Fixed indentations
2019-04-08 18:57:41 +02:00
iglocska
435bf28df6
fix: [publishing] Fixed several bugs in the background job responsible for publishing events
2018-12-19 15:55:06 +01:00
Kevin
9446c93ad4
Fixes #3907 , enrich event job not marked as completed.
...
The enrichment background process did not do anything to update the job
after completing its task. I used the same logic as the adjcacent
'publish' function to record progress, update the message and create a
log entry.
2018-12-17 13:55:59 -05:00
iglocska
e592bb80ca
new: [exports] New export system using restsearch
2018-10-05 14:48:02 +02:00
iglocska
9d83c840ec
new: [freetext] Freetext ingestion is now delegated to the background processing
...
- no setup needed
- data to be ingested dropped to file, background worker ingests and processes the file
2018-09-23 17:44:23 +02:00
iglocska
3b2927a47f
fix: [cleanup] removed debug, fixes #3257
2018-05-19 22:53:16 +02:00
iglocska
2af8bfec4e
new: Added event enrichment functionality
...
- select and run a set of enrichments on all applicable attributes of the event
- exposed to the API
- exposed to the command line tool
- adheres to attribute distributions
2018-04-24 16:41:09 +02:00
StefanKelm
8692e7457a
Update EventShell.php
2018-04-04 12:26:12 +02:00
arnydo
20ff380e17
move ns_alt parameter to end of api list
2017-09-21 11:11:30 -04:00
Kyle Parrish
c5d3ae7b1f
RPZExport - Alternate NS
...
Added option to add an alternate nameserver to RPZ export.
2017-09-19 13:25:17 -04:00
iglocska
3b6807ef72
new: Rework of the restsearch APIs
...
- allows for alternate download types (supported for now: openioc)
- major refactor of the openioc export
- refactor of the CIDR tool
2017-03-31 19:27:34 +02:00
Richard van den Berg
b7c8ea0ff5
Truncate bro cached export files
2017-01-23 13:32:06 +01:00
iglocska
c14869a35b
fix: Changed bro cached export to the .intel extension
2016-12-21 19:10:55 +01:00
Liviu Valsan
4c022beafc
- Performance improvements when exporting a large number of attributes into Bro format.
...
- Fixed file header formatting for the export to Bro format (tabs used consistently).
- Computing the time needed for generating the export to Bro format when done using a background job.
- When generating the Bro export from the UI all the attributes are generated in one single text file similar to the CSV export instead of a zip file with different files inside.
- Changed the file extension of Bro export files from ".intel" to ".txt".
- Removed the allowNonIDS option from the Bro export as it doesn’t make sense to have it (Bro is an IDS).
- Fixed some of the API endpoints which were not accepted (ACL issues).
- Added support for a list of events that should be / should not be included in the export.
- Added a new "meta.desc" column (added in Bro 2.5, see https://www.bro.org/sphinx/frameworks/intel.html ) containing the description of the event and of the attribute.
- Sanitized the exported data for Bro.
- Fixed a number of value substitutions which were imported from Snort/Suricata and which were not working for Bro. Did instead substitutions needed for Bro.
2016-12-07 16:33:17 +01:00
Iglocska
d9bac88c73
fix: Attempted fix for an issue with large stix exports getting truncated
2016-11-01 17:57:56 +01:00
Richard van den Berg
87ac5f9f5a
Fix indication of new attributes in E-mail alerts, fixes #1521
2016-10-02 14:46:51 +02:00
Iglocska
cb956221b6
fix: Remove the temp directory after generating the bro cache
2016-09-16 16:53:58 +02:00
Iglocska
6d822ee45e
fix: Refactor of the bro export to always create a zip archive with separate files if "all" types are queried
2016-09-16 16:49:54 +02:00
Iglocska
2cede15e68
Merge branch '2.4' into feature/bro-export
...
Conflicts:
app/Model/Event.php
2016-09-15 18:00:25 +02:00