iglocska
f18f8b579a
new: [API] events/restsearch rework - chunked export for performance gains
2018-09-29 23:43:52 +02:00
iglocska
7624149224
fix: [cleanup] Some cleanup and fixes to invalid exception invocations
2018-09-28 15:48:00 +02:00
iglocska
e9807aa5bc
fix: [API] handle to_ids better in the restSearch APIs
...
- invalid default settings for text/suricata exports on the event scope fixed
- 'exclude' re-introduced as a valid value
2018-09-28 15:42:25 +02:00
Sami Mokaddem
126ee9eaf8
fix: [Event] Prevents bug if object has no attributes
...
While using the event quick filter, prevents accessing a non existing index
if the object has no attributes.
2018-09-27 16:34:16 +02:00
iglocska
9d83c840ec
new: [freetext] Freetext ingestion is now delegated to the background processing
...
- no setup needed
- data to be ingested dropped to file, background worker ingests and processes the file
2018-09-23 17:44:23 +02:00
iglocska
072f85fe66
fix: [enrichment] Made the payload of the API enriching an event with a list of modules a bit more lax
2018-09-23 15:21:13 +02:00
chrisr3d
9ecfe5c40d
Merge branch '2.4' of github.com:MISP/MISP into stix2
2018-09-21 13:51:26 +02:00
iglocska
d43570932a
fix: [API] malware samples not encoded with withAttachments=1 on the event level restSearch
2018-09-19 07:25:37 +02:00
iglocska
417f2452ae
fix: [API] CSV export snafu fixed
...
- perhaps not ignoring the filter parameters and getting the full dataset visible to the current user is a helpful idea
2018-09-17 19:13:50 +02:00
iglocska
2e7dfc9273
new: [API] Correctly handle objects in flat exports and exposed text export to event level search
2018-09-14 14:34:01 +02:00
iglocska
55fe130385
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-09-09 15:39:32 +02:00
iglocska
f995b561fb
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-09-09 00:25:28 +02:00
iglocska
1b4e566937
new: [API] Tied the RPZ export into the restsearch APIs
...
- also, made the export modules aware of the exhaustive parameter list
2018-09-08 23:45:08 +02:00
iglocska
b12c8549c8
fix: [API] downloading events in XML format via the UI returns JSON
2018-09-07 18:44:35 +02:00
chrisr3d
685c5c6b8c
fix: [API] Quick fix on a dict key to fetch the name of the stix file imported
2018-09-06 14:35:38 +02:00
chrisr3d
e7c43cd372
Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch
2018-09-06 13:55:03 +02:00
chrisr3d
71d1b9075a
new: [API] Added possibility to include the original file while importing STIX data
2018-09-06 13:37:29 +02:00
iglocska
289b13be88
new: [API] set default behaviour to require to_ids and published set to 1 to be included in exports
...
- doesn't affect MISP json and xml formats
2018-09-06 00:20:03 +02:00
iglocska
daaa5a1f1f
new: [automation description] Added legacy mode toggle
2018-09-05 17:56:27 +02:00
iglocska
7e5be5f37b
fix: [API] using "download" as a returnformat via the URL breaks the restSearch API
...
- we have to keep it as a legacy option and map it to json
2018-09-05 14:27:34 +02:00
iglocska
bcfc1f3a1a
fix: [API] Fixed the broken CSV export
2018-09-05 11:36:31 +02:00
iglocska
6e2f18a891
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-09-05 09:21:35 +02:00
chrisr3d
c0525eaf4d
Merge branch '2.4' of github.com:MISP/MISP into stix2
2018-09-04 17:26:04 +02:00
Xavier Mehrenberger
65f0b2bb6f
fix: create temp folder if it doesn't exist in EventsController::export()
2018-09-03 18:06:23 +02:00
iglocska
a8fae82020
new: [API] evnet level restsearch switched to new modular conversion system
2018-09-03 17:56:13 +02:00
chrisr3d
d9370efcb9
Merge branch '2.4' of github.com:MISP/MISP into stix2
2018-09-03 15:19:56 +02:00
chrisr3d
cb9e094148
Merge branch '2.4' of github.com:MISP/MISP into stix2
2018-08-28 09:40:12 +02:00
iglocska
864c0c767a
fix: [internal] Block attributes by tag using the event level restsearch API
2018-08-21 13:15:00 +02:00
iglocska
b407aba746
fix: [CS] Updated recent changes
2018-08-20 10:50:09 +02:00
iglocska
006a922e9f
chg: [API] further work on the new CSV export
2018-08-14 23:38:01 +02:00
Paolo Vecchi
6f373e5d8b
Update EventsController.php
...
Just a ) missing.
2018-08-13 09:10:57 +02:00
chrisr3d
11faddc07a
Merge branch '2.4' of github.com:MISP/MISP into stix2
2018-08-12 19:22:17 +02:00
iglocska
4765d22b7d
new: [API] WIP work in progress - moving CSV export to standardised converter format
2018-08-11 16:38:49 +02:00
iglocska
0694263e15
Merge branch '2.4' into feature/api_rework
2018-08-09 16:51:20 +02:00
iglocska
4c604636d4
fix: [API] allow other returnFormats besides download to work for restsearch
2018-08-09 16:26:12 +02:00
iglocska
e2a268aea7
new: [API] further rework of the restsearch api
...
- move to the new popping filter system
2018-08-09 15:11:57 +02:00
iglocska
b6c757e4aa
new: [API] rework of the event level restSearch (WIP)
2018-08-09 07:46:52 +02:00
iglocska
23a2611202
fix: [API] Some API rearrange issues fixed in events/add
2018-08-08 11:27:49 +02:00
iglocska
5215ee1c5a
chg: [api] reworked the CSV api to use the new standardised function calls
2018-08-06 10:49:45 +02:00
iglocska
76ede22308
new: [refactor] CSV api refactor
...
- performance gains
- first step in unifying all APIs
- moved the CSV data lookup into fetchattributes
- internal pagination is now more clever with a watchdog flag that can prevent unneeded executions by whatever calls fetchattributes
2018-08-05 19:10:52 +02:00
chrisr3d
0ed3f0617c
Merge branch '2.4' of github.com:MISP/MISP into stix2
2018-08-03 13:51:33 +02:00
chrisr3d
afbb83a827
fix: [import modules] Avoiding issues with userConfig when module is csvimport
...
- If users tick the checkbox to specify there is a
header in the csv file to import, there should
not be an error with empty userConfig header
2018-08-03 13:32:51 +02:00
chrisr3d
d85131f538
fix: [stix2 export] Fixed syntax in stix2 function
2018-07-30 23:52:41 +02:00
chrisr3d
ce6c8752c0
Merge branch '2.4' of github.com:MISP/MISP into stix2
2018-07-30 15:09:43 +02:00
Steve Clement
8402df48f3
chg: [except] Closed the brackets correctly on the throw except
2018-07-28 09:34:51 +02:00
iglocska
959628a4f8
chg: [csv] added the object_relation field to the CSV export
2018-07-27 14:06:38 +02:00
chrisr3d
5dc761ea7b
chg: [stix2 export] Using the RestResponse view call instead of having view files
2018-07-26 12:10:57 +02:00
chrisr3d
53ccf51e71
chg: [stix2 export] Multiple events export prepared in Controller & Model side
...
- Changes on automation side coming soon
2018-07-20 23:59:51 +02:00
iglocska
a81894f14c
chg: [CS] Changed to PSR-2
...
- to make contributions easier, adopted PSR-2
- used php-cs-fixer to rework the style
- *sniff sniff* Goodbye tab indentation
2018-07-19 11:48:22 +02:00
Steve Clement
c607729e18
chg: [i18n] More __();
2018-07-12 23:36:47 +02:00
Andras Iklody
ad15ffa7ce
Merge pull request #3460 from kalyparker/fix-export-events-csv
...
fix: export events csv with CR (fix #3458 )
2018-07-10 09:28:22 +02:00
kalyparker
34f15268d2
fix: export events csv with CR ( fix #3458 )
...
Export using automation functionnality for ids does not clean the special char like CRLF.
When there is a carriage return in the event info, the csv is broken.
2018-07-09 08:58:12 -07:00
Sami Mokaddem
eb1b8bcba5
chg: [attackMatrix] support of quick tagging from the attackMatrix at
...
event view level
2018-07-09 09:55:17 +00:00
iglocska
8d567782d9
chg: [cleanup] Removed the deprecated GFI sandbox import
...
- Burn the heretic. Kill the mutant. Purge the unclean.
2018-07-06 10:57:44 +02:00
iglocska
5ba322076b
chg: [refactor] Fixed an issue where too many events would cause a query too large for mysql to handle when querying /events/index via the API, fixes #3444
2018-07-05 18:52:25 +02:00
iglocska
73c18f8833
new: [API] Updated the timestmap handling in the restSearch APIs to use the new smart-system
2018-07-04 15:53:01 +02:00
iglocska
c3158b50ba
new: [edit strategy API] To support a smoother integration with the Hive, new API that describes what the edit strategy is for an event
...
- GET on /events/getEditStrategy/[id]
- where id can be either a local ID or a UUID
- returns a JSON dictionary with the following fields:
- strategy: edit | extend (edit if it's an own event, extend otherwise)
- extensions: list of dictionaries with existing extensions created by the user's org (containing the id, uuid, info fields)
- The algorithms implementing this should prioritise as such:
1. Check if user can edit the event (strategy == edit) - if yes, edit
2. If no, check if extensions exist - if yes, edit one of those
3. If no, create a new extension to the original event
2018-07-02 17:29:53 +02:00
iglocska
4bff6092e5
fix: Correlation popup format
2018-06-23 23:59:34 +02:00
iglocska
c721142f9b
fix: [sync] pull not working due to invalid lookup against galaxies
2018-06-20 17:03:31 +02:00
iglocska
505cccdbaf
fix: [error messages] made some of the error messages a bit more uniform
2018-06-20 15:12:23 +02:00
Sami Mokaddem
e3988c73ad
new: [attackMatrix] Also consider attack galaxy at event level in the
...
heatmap
fix: [attackMatrix] Typo in ATT&CK + division by 0 in gradiendTool
2018-06-18 14:51:29 +00:00
Sami Mokaddem
3a27009775
Merge remote-tracking branch 'upstream/2.4' into attack
2018-06-18 12:18:31 +00:00
Sami Mokaddem
929946f055
new: [attackMatrix] added instance UUID in rest response
2018-06-18 12:04:38 +00:00
Sami Mokaddem
8d145086f0
new: [attackMatrix] statistic about attack tags used in the instance
...
chg: [attackMatrix] moved functions in to model and matrix view into elements
2018-06-18 09:58:20 +00:00
Sami Mokaddem
bc156ab13a
new: [AttackMatrix] added Mobile/Pre-Attack Matrix support, UI
...
improvements and code refacto
2018-06-15 09:19:53 +00:00
iglocska
3e5e432436
fix: Fixed permission check for adding tags to an event
2018-06-12 17:01:54 +02:00
Sami Mokaddem
95e694f054
fix: [AttackMatrix] picking Att&ck tactic correctly redirect on the
...
matrix
2018-06-12 14:25:43 +00:00
Sami Mokaddem
6c8bdeaff6
chg: [attackMatrix] Restrict view to be ajax only
2018-06-12 13:16:23 +00:00
Sami Mokaddem
5f36725ede
new: [attackMatrix] Ability to attach Mitre att&ck galaxy from the
...
matrix
2018-06-12 12:39:48 +00:00
iglocska
6890b734cc
new: [UI/UX] Event lock initial version
...
- Show if another user is editing the event you're viewing (same org only)
2018-06-12 09:40:23 +02:00
Sami Mokaddem
34c69d00e2
fix: [eventView] Hide galaxy tags after search
2018-06-11 14:05:45 +00:00
Sami Mokaddem
5d8c2ccf5e
new: [attackMatrix] legend scale of the heatmap with dynamic updates
2018-06-11 10:24:55 +00:00
Sami Mokaddem
4fdf7f6340
new: [attackMatrix] force kill chaine header order
2018-06-08 14:28:42 +00:00
Sami Mokaddem
775001f2cc
new: [attackMatrix] addition of heatmap on tiles depending on occurence
...
of the tag
2018-06-08 14:16:40 +00:00
Sami Mokaddem
cd0d75a4c6
new: Initial skeleton of Mitre attack matrix
2018-06-07 14:43:04 +00:00
Sami Mokaddem
00ec493414
chg: [UI Filtering] Do not set searchFor in the URL if no value.
...
After a discussion with iglocksa, it is better to fix it js side than
server side.
2018-05-22 14:16:27 +00:00
Sami Mokaddem
4d39d3296a
fix: [UI filtering] be sure that '0' is not interpreted as empty.
2018-05-22 13:49:03 +00:00
iglocska
5780d0c5d8
fix: [UI filtering] Attribute quick filter broke all the tabbed filters, fixes #3247
2018-05-22 11:29:17 +02:00
iglocska
68b8266584
new: New flash message system, fixes #3252
...
- 3 types of flash messages (success, error, warning)
- uses bootstrap's own classes/structure
2018-05-16 19:32:38 +02:00
iglocska
645d996c14
new: Remove galaxy cluster information from the sync mechanism for now
...
- currently galaxy clusters aren't shared anyway, no point in blowing up the data size / processing time
2018-05-15 07:44:37 +02:00
iglocska
962461890c
new: Added attribute level galaxy clusters
2018-05-14 23:20:09 +02:00
iglocska
fefe92bde8
new: [Export] Added a secondary CSV export that includes more context to the UI download tool
2018-05-09 14:10:23 +02:00
Sami Mokaddem
680311f68f
chg: [Controllers] sets the ajax variable globally
...
As well as removing useless set in controllers and accessing it instead
of passing through the request.
2018-05-07 14:44:59 +00:00
Sami Mokaddem
a3d6fb3497
chg: [EventController] replaced if/else by ternary condition
2018-05-04 06:32:59 +00:00
Sami Mokaddem
507cd0ee85
chg: Trying not to break the MVC pattern
...
Server model is not passed to the constructor anymore, as well as the
Organisation model.
2018-05-04 06:27:54 +00:00
Sami Mokaddem
6d476814b0
Merge remote-tracking branch 'upstream/2.4' into distributionGraphDonut
2018-05-03 13:52:40 +00:00
Sami Mokaddem
f4e4c7b335
chg: moved sharing group outside of the distribution progressbar (as it is a special case), distribution range is displayed when clicking on the pb labels and lots of minor improvements.
2018-05-02 13:37:48 +00:00
iglocska
5795b1974a
new: Added warning about missing warninglists used for TLD resolution in the freetext import tool
...
- following the twitter feedback
2018-04-26 18:57:00 +02:00
Sami Mokaddem
7a94612161
new: Possibility to view connected communities and concerned sharing groups in distribution graph's tooltip
2018-04-25 09:48:03 +00:00
Sami Mokaddem
56b37d08fc
Merge remote-tracking branch 'upstream/2.4' into distributionGraph
2018-04-25 07:08:54 +00:00
iglocska
df80f702d0
Merge branch 'correlation_integration' into 2.4
2018-04-24 17:10:16 +02:00
iglocska
2af8bfec4e
new: Added event enrichment functionality
...
- select and run a set of enrichments on all applicable attributes of the event
- exposed to the API
- exposed to the command line tool
- adheres to attribute distributions
2018-04-24 16:41:09 +02:00
Sami Mokaddem
828426b0c9
fix: support of filtering for distribution=0 (empty(0) is true ini
...
php). Also, only consider attr and obj_attr (ignoring object as they
only carry meta-data)
2018-04-23 14:33:32 +00:00
Sami Mokaddem
02b4f32c4f
Possibility to filter valueInFieldAttribute with multiple value.
...
distribution graph support inherit distribution level
2018-04-23 14:14:06 +00:00
Sami Mokaddem
bdcecfb1e6
Allow filtering attributes based on specific columns (previsouly not
...
accessible) like distribution.
Partial support of onClick for distribution graph.
2018-04-23 13:54:36 +00:00
Sami Mokaddem
72ca4260be
Merge remote-tracking branch 'upstream/2.4' into distributionGraph
2018-04-23 12:52:12 +00:00
Sami Mokaddem
f9414871b8
Initial version of the distribution graph
2018-04-23 12:51:15 +00:00
iglocska
110cff08d8
fix: Fixed empty event tags on the event index api
2018-04-23 11:48:39 +02:00
Sami Mokaddem
43e8529b9d
Correlation graph in event view
2018-04-20 12:38:14 +00:00
Andras Iklody
607d203c04
Merge pull request #3170 from mokaddem/ref_graph
...
Extended event support and tag filtergin in the event graph
2018-04-20 13:40:48 +02:00
Sami Mokaddem
2ca3515f10
Feature: Possibility to filter on tags
2018-04-20 08:35:38 +00:00
iglocska
279a6459ff
new: Preview the extended event ID / UUID
...
- Also, cleanup of the nasty event tag code
2018-04-19 13:56:50 +02:00
iglocska
3c438243f4
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-04-17 13:45:04 +02:00
iglocska
9b2e212b3d
new: Added getEventInfoById API
2018-04-17 13:43:47 +02:00
Sami Mokaddem
368aa2f128
feature: Added support of extended event in event graph
2018-04-16 12:02:43 +00:00
Sami Mokaddem
e14df3d066
Merge branch '2.4' of https://github.com/MISP/MISP into ref_graph
2018-04-16 11:15:06 +00:00
iglocska
1ec6412709
fix: Removed the validity check for the event UUID in the extended UUID field
2018-04-16 10:48:16 +02:00
iglocska
c34067b8a7
fix: If no extension uuid is added to an event the editing via the UI would fail
2018-04-16 10:19:18 +02:00
iglocska
6e06642f6a
chg: Added the command line functions to the automation page's parameters via the controller
2018-04-16 07:56:39 +02:00
iglocska
72f261a9b1
fix: Potentially fix an issue if no extended UUID is passed on edit
2018-04-11 16:44:59 +02:00
iglocska
caf53e0c7f
new: Extended event first iteration added
...
- when adding/editing an event, add another event's UUID as an extended event UUID to extend the targeted event with the current
- extender events can be viewed in the merged event view
2018-04-10 18:43:09 +02:00
Sami Mokaddem
4f96fb50a1
Moved event graph into its own view file
2018-04-09 15:41:13 +00:00
Sami Mokaddem
6ee5419297
feature: Draft of generic graphing from any key
2018-04-09 09:12:26 +00:00
iglocska
1cf495c201
fix: Fixed missing reason for failure if the freetext import had a single attribute fail during the saving process, fixes #3141
2018-04-07 23:57:23 +02:00
Sami Mokaddem
f3b2741843
feature: Support of Tags in the event graph
2018-04-06 14:44:40 +00:00
Sami Mokaddem
921224ed40
Merge branch 'quick-fix-metacategory-graph' into ref_graph
2018-04-06 07:50:27 +00:00
Sami Mokaddem
3933baf9c9
Compute graph serverside
2018-04-04 13:12:16 +00:00
iglocska
ed70624354
new: Added event/attribute add/edit to the restresponse describe functionality
2018-04-02 21:53:08 +02:00
Sami Mokaddem
5e83caf8fb
Added retreiving of object templates in order to let the user choose the field we want to see in the event graph
2018-03-29 16:05:19 +00:00
iglocska
74937ea934
fix: Fixed the contactination issue from before
2018-03-28 11:41:27 +02:00
iglocska
9a692346a3
fix: Fixed a crappy event concatination bug for restsearch
2018-03-28 11:35:31 +02:00
StefanKelm
6ae842a0a4
Update EventsController.php
2018-03-27 15:40:34 +02:00
iglocska
6e7def472b
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2018-03-26 17:02:43 +02:00
iglocska
d97e42296f
new: Add event last modified to the event view
2018-03-26 17:02:03 +02:00
John Doe
606b18562b
Pass attribute uuid to enrichment modules
2018-03-26 09:56:37 +08:00
iglocska
65385eb323
new: Added STIX 2.x import to the GUI
2018-03-23 14:37:43 +01:00
iglocska
5df34ea17d
fix: Handle edge case scenarios where orphaned correlations would throw notices in the event view
2018-03-23 11:07:18 +01:00
Alexandre Dulaunoy
f0d95887a4
Merge pull request #3063 from mokaddem/ref_graph
...
Event graph viewer editor
2018-03-23 09:08:20 +01:00
Sami Mokaddem
6a0abcce22
Renamed script again
2018-03-22 16:56:43 +00:00
Sami Mokaddem
c78fca0ede
Added possibility to edit references on the fly + edit objects on their dedicated webpage
2018-03-22 15:53:53 +00:00
iglocska
66c5594fb7
fix: Fixed error message if an attribute fails validation via the freetext import tool, fixes #3052
2018-03-19 23:32:18 +01:00
root
a3a6a77611
Initial references graphs commit
2018-03-19 08:44:25 +00:00
iglocska
6e1528db1a
fix: added uuid to organisations in the event index
...
- also unset empty sharing groups from the output
2018-03-08 12:07:30 +01:00
iglocska
a38bccec77
new: Allow the searching of organisations by uuid on the event index (via the API)
2018-03-08 11:43:25 +01:00
iglocska
22e6fb57a8
fix: Reworked the way tags are attached to events on the index
...
- solves issues with the preview when an instance has an extremely high number of events
2018-02-28 17:09:55 +01:00
iglocska
714067c621
fix: Handle the no modules enabled error more gracefully
2018-02-27 10:29:41 +01:00
iglocska
3556df7658
fix: Nicer error message when trying to add a tag to an event that doesn't exist
2018-02-26 17:52:24 +01:00
iglocska
032844321c
fix: Misleading failure message when failing to create Attributes partially fixes #2955
2018-02-25 23:20:37 +01:00
iglocska
10bd1f69c4
new: Allow requesting of misp standard format for the export modules
...
- just set the `require_standard_format` to true in the moduleinfo disctionary
2018-02-21 11:42:30 +01:00
Andras Iklody
297fe776fc
Merge pull request #2934 from cvandeplas/fix/modules-api
...
fix - allows upload of files using the misp-modules API
2018-02-18 10:07:21 +01:00
truckydev
c247cfb77d
don't exlude attributes with non-exportable tag
...
exclude filter on attributes when tag is non-exportable
2018-02-15 17:17:50 +01:00
Christophe Vandeplas
637a500c1e
fix - allows upload of files using the misp-modules API
...
See also #2719
2018-02-14 13:40:04 +01:00
iglocska
9af6130d43
new: Added STIX import directly to the UI
2018-02-09 11:30:28 +01:00
iglocska
23937eebb9
fix: Fixes to several cases of handling blocked access incorrectly / non-gracefully
...
- As reported by Christophe Vandeplas
- stix export: Ungraceful handling of attempted access of unauthorised event (no unauthorised data returned)
- import module: Allows creation of proposals to unauthorised events (no unauthorised data returned, proposals are for new attributes only meaning no automatic override triggered)
- saveFreetext: same as import module
2018-02-06 16:37:37 +01:00
iglocska
010557b042
new: Added returnMetaAttributes flag to the /events/freeTextImport API
...
- directly returns the raw parsing data instead of creating the attributes if set
- 177 days, 23 hours 40 minutes faster implementation than expected by @ilmoka - #PMD
2018-02-02 15:33:07 +01:00
iglocska
a7f3bb7f76
fix: Load orgc data after attributes are loaded in search csv export
...
- functionality still needs further fixes, WIP
2018-01-25 07:45:38 +01:00
iglocska
00f711a86c
fix: Fixes the object issues pointed out in #2543
...
- Shoutout to the debug hero finding them: @StefanKelm
2018-01-19 16:25:39 +01:00
iglocska
7f29a9a74b
fix: Fixed a set of issues with sharing groups that lead to synced events not saving/updating
2018-01-18 23:34:04 +01:00
iglocska
3430383583
fix: Add timestamp to the CSV api
2018-01-18 15:59:13 +01:00
iglocska
b18b64e833
new: Filter the event index on sharing group IDs, fixes #2845
2018-01-18 08:38:23 +01:00