8bb1fd678e
Merge branch '2.4' of github.com:MISP/MISP into feature/tag_filter_rework
2017-12-05 00:09:37 +01:00
4f6dba5f35
new: various improvements
...
- use the feed uuid caches to link directly to affected MISP events
- various UI improvements
- Feed preview pagination / POSTed event ID filters added
2017-12-05 00:05:11 +01:00
05a89f5e87
Merge branch '2.4' into feature/tag_filter_rework
2017-11-30 22:28:35 +01:00
e760ba7b6a
new: Add the possibility to limit fields for the CSV export via POST requests
2017-11-30 19:12:14 +01:00
3b893d3b69
fix: Fixes to various issues with adding proposals via the freetext import tool
...
- no feedback on whether the resulting dataset will be stored as attributes/proposals
- unpublishing of the event when proposals get entered
- alerting the event creator of new proposals if coming from the freetext import tool
2017-11-29 07:59:09 +01:00
678eecf224
new: Add attribute tag filters to the fetchEvents() functionality
...
- tag filters now filter on:
- all events cotaining matching tags on event + attribute level (positive lookup)
- all events not containing matching tags (negative lookup)
- filter attributes within a matched event for blocked attributes (negative lookup)
- moved tag filtering to subquery filtering - should improve performance massively on larger instances when filtering on tags
- first round of implementations, more on the way
2017-11-19 21:21:32 +01:00
d09edd434c
fix: Fixes an issue where assigning sharing groups based on existing IDs didn't work for event creation via the API
...
- expected full sharing groups as provided by the sync, references didn't work
2017-11-17 13:31:55 +01:00
27e3faeba5
fix: Fixed silly lookup with injected event IDs on the export page for normal users
...
- broke instances with a few hundred k events
2017-11-13 16:32:28 +01:00
97b0edcbfd
chg: pass event_id to import modules, fixes #2612
...
As described by @Vince147
2017-11-03 08:43:16 +01:00
08d71413cb
fix: Fixed default distribution for upload_sample(), fixes #2608
2017-11-02 07:52:55 +01:00
7f5c03f007
fix: Convert - to _ in csv headers
...
- to match the previous output
2017-10-28 19:10:34 +02:00
c02f91722f
fix: Add the object fields by default to the CSV export
2017-10-27 17:53:37 +02:00
6cd0a29f02
fix: Fixed the CSV field name for date
2017-10-27 16:38:39 +02:00
35ad0f2f57
fix: Fixed an issue with the CVE export if no field parameters were passed
2017-10-27 16:14:37 +02:00
96635dca78
the last useless coma
2017-10-27 11:16:42 +02:00
5ac042da67
harmonizes arrays initializations
2017-10-27 11:04:57 +02:00
9e93b61838
Enables the user to select the attributes to be included in the CSV export (event and object attributes).
2017-10-27 11:00:32 +02:00
b5972fb6e7
Speed up tag searches, fixes #2407
2017-10-20 14:22:22 +02:00
7372831614
fix: Fixed a bug with the restSearch API
2017-10-13 16:56:13 +02:00
0efa2bef1a
new: Rework of the feed correlation lookups for the event view
...
- massive performance boost by using redis pipelining
- for events with 10k+ attributes, show truncated feed correlation lookups, informing the user about the number of correlating attributes and a boolean flag on attributes saying that they correlate
- The overall feed correlation counter also allows users to pivot to a view that loads all correlations, though it should be used with some caution as it can be somewhat heavy
2017-10-11 11:12:34 +02:00
483c8704ac
new: Added first experimental STIX 2 export implementation
...
- kudos to @chrisr3d for digging into the deepest bowels of the scary beast that is STIX2
- PoC, definitely needs further improvements/mapping. Let us know about issues you find!
2017-10-08 20:29:50 +02:00
fa7d3fdb36
new: First round of updates to the correlation engine ready
...
- node deletion temporarily disabled until a bug is resolved
2017-10-08 19:50:28 +02:00
f5bcd37944
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2017-10-08 15:32:57 +02:00
a399ef1186
new: Further work on the graphing engine
2017-10-07 16:18:39 +02:00
5290214c9b
new: First iteration of the graphing engine rework
2017-10-06 10:05:00 +02:00
cd9fe1883e
fix: Some cleanup of the attribute filtering
2017-10-05 11:59:59 +02:00
66a43f5511
Add an imput for search on all attributes in an event.
...
field to search can be modify in administration page.
2017-10-04 19:07:58 +02:00
09dd5b12c0
fix: Fix some restsearch filters fetching the same event more than once
2017-09-29 16:37:24 +02:00
6a12f122db
fix: Corrected filename for array of events
2017-09-29 16:10:38 +02:00
b658c20b75
fix: Flatten events for the correlation graph
2017-09-26 10:18:04 +02:00
9e71fbb5f7
fix: flatten the events for the restSearch API's lookup functions
...
- otherwise valid events that only contain objects get blocked
2017-09-25 14:00:17 +02:00
3f76fd6ea7
new: Rework of the attachment uploader
...
- add attachments and upload_sample now share code
- allow the same features via upload_sample (object creation / use of advanced add attachments)
- new flag: advanced
- example:
POST to mymisp/events/upload_sample
BODY:
{"request":{"files": [{"filename": "bla.exe", "data": "U3RhckNyYWZ0IElJIGZvcmV2ZXI="}], "distribution": 1, "advanced":1, "info":"bla"}}
- this commit was brought to you by CEF and
MMMH$= - ., ,,. %H++ ,= %%$$$$X+ ;=== .= :+HHHMMMHMMM####MMH@@@@@@HHH$= HHH@HHHHH+XXX$$$$$$$$XXXXXXX+
MMH = -. . ,-,,-,. :H@H =;;++$HH+XX$%+X%+$++=:=.XH@@@HMMMMMMMMH@@@@@@@HHX$ ,X@@@@@@@HHHHHHHHHHXXXXXXXXXXXXXX
. ---, - ,,, +@ .. ;++$HH+HHH++$+++HH+++, .+%HHMHHHHHHHHH+%%%++++$+ +++HHHHHHH+++++++++HHHHHHHHHHHHHH
- -- ,,, --,. - , ,; +$XHH@@@@HHH@@@HHHH+$+$X+HH+$$+ ; ;= . % + ,+$X+++XXXXXXXXXXXXX++HH+++++++
---==,,--,-,-., : . -,,:/ $XHH@HMMMMMMMMMM@HHX$H@MHHHHX+H%%$%+H/:.%. $. @,,,. $$XXXXXXXXXXXXXXXXXXXXXXXXXX+
= - --,, , -- .. =/ +$+H@@HMMMMMMMMH+H+++HHHHHHHH@+++++H+X++X+$$ = ,,, - $$XXXXX$$$$X$$$$$$$$$$$$$$X
====== --,,,, ,= = ,==== ++$$+HHMMM####MH+$$+++HH@+HH@MHMMH@@H@@@HH+$+ ,,, ,. $$+$++$$$$$$$$$$++$$$$$$$X
:==-===-,. ,., == . :;; +++%$+H@HMMMMMMM%$%$$$+H@@+HH@MMMMMM@@@@HHH++H. .,,-,,--=/+$$%%%%%%%%$+%%$$$$$XXXXX
, = ==- - . == . =; ++++%++HHHHHHHHHH++%$$X+@@H+HHHMMMMMMHH@@@+X+ , ,,,,- , ,$$$$$$$+++++$$$$XXXXX$$
,,- , --= .. . ;/ ++++%$X+HHHHHHH ++$++X+HH+X+H@HMMHHHHHHHH+. ,, ,, , . +$$$$+%+$$$$$$$$$$
,-----=-=--, ,== ..;/ +% +%$XX+HH++HH+/+$%++H@@HHXHHH@@@@@@@@HXX . .,,,. ,,,, ,-=$$$$$$$$$$$$$$$$$
- ,- -- -, ,-= . =/++%++%+++++XXXXX$$+. +HHH@+$XHHHHHHHHH++$ -,,, ,, ,,,. ,+$$$$$$$$$$$$
---,-----, . == =/+%+++%++$$+++$X$$$$++,$$+++XXHHHHHHHH+X$+% ,-,-, ,, . . ,+$$+++++++
== --, -- =--, ,,= . ./++$$++$+X$+/++$$XXXX$$$$XXXXXXH+HH+H+X$%%/ .,,,,,, .. .. ,. ,,,-=+%+++ /++
+ -- - -,,- ., . . . = +$$++++HH+. ,+$$+++++++$XX$X$XHHH+X$$+ ..--,- .. . . ,-, = ======
MH - ---- --,,, . .. , %++$$X++++ +%++++++++%++$$$$$+H++X$$+ --, . . . = .====
MM=,-, ---,,,,, . . ...,,, =/++%$$XXXX+/+++@@H@HX$+%$$+HHHHH$$$+: ,-- . ,. .. .. ==::;=-:;;;
MM+ ,----,,,, , .. ,. +++X+HH+++++%++$++++$$+HHH+++$$ ,- , . . : ;/ +%+.
MMH ,-,-,, ,,. . -, = = +$+H@HH++++$$X$$+++HHH+++$ , .. , +++++++%%+%+
MM@,--,-,,,,,. . ,, . ,-, .=+$XHHHXXHHHHHHHH@@@@HX$%+: ,, . ..,, ..... ...%%%%++%%%%%%%%
M@@== ,,, , ++++XX++HHHHHH++HHH+, , , . .... . +$+%%%%%%+%%%%%
H@H+=,,, .. ,,+%$+H@HHHXX++, , ,, . ... . ,$$$$$%%%%%+%+%%%%
@H+,-,,..... . .,.;; ++$$X+%+:- , . .,,, . ... . XXX$$$%%%%%%+%%%%%
+++ -, . ... . .======== === , ,, . . .. . -,XXX$X$+$+%%%%%%%%%
$+ . ===:; ++++ ++++-,. , ,-, . $X+XX+XXX$$+%++%%%%%
++: ,. . ,-,,-==:; %%%%%+%$$%$$X$$$+%+:== . . ,, ..+X$XXXXXX$$$+%%$$%%%%
=: ,,, == ++++++$+$$%+++$$$++$+ . == . .,,, +$$$$$$$$$$$$$$+$%%%+
, ,---, =:;/++$$XX$$$$$$X+H@H@HHH$%%%$X$++;===== . ., .. +%%+$++$%$$$$$$%%++%+
===; +++$$$$+ +%+++%+HH@@@@HH+++ ++%+$+, === .. ,=; +++++++++.. :;;
. =:; /++%$$++, ,++HHMMHH@@@@HHHH@HH++++++ ,+$$+ . .. :=;;:;;;;;==========
.,,-==;;;+% %%+$$$$ /+++@@@@@@@@@@HH@M@MH@@@HHHHH$$% /%$XXX$X . -=====::::=========::
. =; ++++++$+++ , +%H@@@HHH@HH++HHH@MHHH@HHHHHH++++ , +%%+$ ,, - --- ==:=:
====; ++++$$+% ++H@HHHHHHH+X++X++@@@HHH@MMMMHHHHHH@HHHH+++++. ,,,,-,--- =:==;;
.,., ==;// / ++++%+%+%+++$$+@H@@@@H@HHH+XXX$%+HHHH@@HH@HMMMMMMMMMMMMMMH@+%; ...,,,,,--==;;;/;
. ...= .,+%$++%+$XXX$++%+++H@@@@HHH@HHH+++. ++++H+HHHHHHHMMMMMMMMMMMM@++: ,,, ===;;;;;
==: . ++++++++HH%H+++X++HH+H@HHHH@HHHHHHH+++++%++%%+%%++ . , = ++$H@@HMHMMH%= . ..,,=
+++%$XXHHHHHH@H@@@@@H@HH@MMM@@HH@HH+HXH@HH%%+HH+XX$$$+++/;:=== ,,,,,, = ::; % :, ...,,
%+++HHH@HHH@@HMHHHH@HHHMHMHHHHHH+XH+HHH++++HHHH@HHHHH++%+ -, = ,=== ,, ,,, .
H@HHHH#M#M#MHHHM#MMMMMMMHHHH@H@H++@H$+++HHM#MMMMHMMH@@HHHHHH%+++++%%%+++ , .
%%%%%%%%%%%%%%++++%%++ .. ... .. . +++%+++++++%++++%+++++++++%+%++%+%%++%++++++%
2017-09-25 12:22:19 +02:00
b5c4d0749b
new: Added object relations to the CSV export
2017-09-19 16:50:56 +02:00
b442a273fc
new: Further progress on the synchronisation
2017-09-07 12:20:20 +02:00
89bc6d1690
fix: Fixed the empty event warning if an event only has objects but no attributes
2017-09-05 10:41:55 +02:00
40ea22a272
Merge branch '2.4' into objects_wip
2017-09-04 17:38:06 +02:00
2f02097590
fix: Fixed an invalid user call in the paginator
2017-09-04 09:01:08 +02:00
52bf961dea
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2017-08-31 16:45:01 +02:00
bb4f74bb1a
new: Massive performance improvements to the restSearch API
...
- smarter choice of pre-filtering gives a huge boost for non attribute level parameters
- caching the results of certain parts of the algorithm
- cleaned up some inefficient looping merges
2017-08-31 16:43:20 +02:00
5d2c8822ad
fix: Fixed a bug where /events/uuid would return the incorrect event.
2017-08-28 20:39:06 +02:00
8474913862
fix: Slight improvement to event uuid lookup on the event view
2017-08-25 14:38:58 +02:00
78f49e5e62
new: Added back referencing from a referenced object
...
- also fixed some view file issues
2017-08-24 07:49:11 +02:00
d3d6566b16
new: Various new features for the objects
2017-08-23 11:57:40 +02:00
961bc76393
Merge branch '2.4' into objects_wip
2017-08-21 10:17:16 +02:00
50a3d78c81
fix: Fixed a group by issue with the event filter overlay
2017-08-17 10:57:18 +02:00
ead2b9e1fd
fix: Various fixes
2017-08-10 11:11:33 +02:00
aa07299abe
Merge branch '2.4' into objects_wip
2017-08-10 07:29:50 +02:00
0e7dd2eddc
new: Added first iteration of object references and other changes
...
- various fixes
- rework of the pagination library
2017-08-09 17:53:25 +02:00
952fff6252
fix: Fixes to several cases of reflected XSS, fixes #2381
...
- as reported by @import-au
- Additionally enforce content-type on all async APIs called by the UI using CakeResponse
2017-08-08 21:37:03 +02:00
f4c02e60f5
fix: Nicer response for the API to push events to ZMQ
2017-08-03 17:09:04 +02:00
23e777c661
fix: Fixed a typo in the pushEventToZMQ function
2017-08-03 17:05:30 +02:00
0097e040b1
fix: Previous commit was incorrect, empty filters contain null not false
2017-08-01 01:05:45 +02:00
3e4fbcf5ff
fix: Fixed "published":0 filter for restsearch
...
- also removed an empty function
2017-08-01 01:02:25 +02:00
091175133b
fix: GFI uploaded archives don't throw exceptions on failed parsing, instead simply show an error banner after redirect
...
- in situations with misconfigured MISPs (debug enabled), a parsing error
exception thrown while parsing a maliciously malformed archive could include
arbitrary files in the stacktrace accessed from within the apache user's
scope if a symlinked file was uploaded in the archive
- Thanks to cert.govt.nz for the security report.
2017-07-12 15:44:02 +02:00
2248846706
attachments_dir: Default value queried through a function to workaround PHP inability to have anything useful stored in a class property
2017-07-10 12:42:23 +02:00
1ea33e811a
Add an optional setting attachments_dir, and adapt existing code to use that setting
2017-07-07 17:29:13 +02:00
154549efd9
fix: Accessing a pivoted event view URL without having the pivot path tracked in the session threw a notice
2017-06-29 07:42:26 +02:00
483f425584
fix: JSON export via the UI should download a file, not render the JSON
2017-06-28 10:19:36 +02:00
94ee61358c
fix: Fixed the invalid CSV download filename
2017-06-28 09:53:34 +02:00
e72bbd7e07
fix: Removed silly duplicate queries from the event index
2017-06-19 11:12:15 +02:00
57857c3a32
new: Performance improvements for the pub-sub modules
...
- Only load and open connection to redis for the pub-sub connection once.
- Massive performance boost when the ZMQ functionality is enabled
2017-06-16 08:41:12 +02:00
e56dc0d046
fix: fixed error messages for the CSV export API
2017-06-15 14:21:42 +02:00
bb20f232f8
fix: New way of checking for API access
...
- meant to resolve some issues such as being redirected to the news page if a new news item exists while running a CSV export via the API
2017-06-15 09:57:46 +02:00
7f818c7e82
new: Add adhereToWarninglists as a JSON parameter to the freetextImport API
2017-06-13 15:15:19 +02:00
3d74dbee28
new: First round of massive performance tuning (tm)(c)
...
- Make MISP fast again
2017-06-09 15:38:45 +02:00
6fad375685
new: Mass delete events
...
- simply use the multi select on the event index via the UI
- for the API, simply POST to /events/delete with a payload in the following format:
`{"id": [15, 16, 17]}`
- if you've accidentally deleted all your events using this functionality, feel free to contact @rommelfs or contact the NSA for backups
2017-06-01 09:45:10 +02:00
c52439b572
new: Publish event to ZMQ on demand and beaconing of ZMQ tool
2017-05-30 17:16:41 +02:00
66613dd38f
fix: Fixed a few silly issues with the hids export
...
- allow POSTed parameters
- simpler response always responds with txt type, won't complain about view not being set for incorrect accept headers
2017-05-22 15:03:56 +02:00
ccde4a8770
fix: hids api threw error on empty result
2017-05-22 14:47:57 +02:00
c61b58ae73
Merge pull request #2200 from RichieB2B/ncsc-nl/openioc
...
Several fixes for OpenIOC importer
2017-05-18 17:24:29 +02:00
ac7b95380d
Set OpenIOC attribute distribution to 'Inherit' by default
2017-05-18 17:10:44 +02:00
81141ed4e0
fix: Fixed an issue with the freetext importer failing if no tags were set
2017-05-12 06:51:52 +02:00
e71045571c
add possibility to define tags for import module.
...
Add possibility to desable validation for String field when empty
2017-05-10 19:51:27 +02:00
e34634201b
fix: fixed an API vs documentation mismatch for the nids exports
2017-05-10 16:35:17 +02:00
96574ec335
new: First implementation of the feed analysis system
2017-05-08 14:22:27 +02:00
7b24077245
fix: Missing parameters for getenabledmodules
2017-05-03 14:41:39 +02:00
26d3e2a0c2
fix: Fixed a failure with cortex modules (hopefully)
2017-05-03 14:27:23 +02:00
9ccdc579a6
new: New module type: Cortex
...
- similar to Enrichment modules except for not having the options to run hover
2017-05-03 13:13:36 +02:00
120265b185
Merge pull request #2154 from truckydev/2.4
...
Add filename key for import modules
2017-05-02 14:34:06 +02:00
98aafc3c49
add test for empty filename
2017-05-02 14:30:53 +02:00
ec83f378da
new: Use /events/freeTextImport/eventid via the API to directly parse and create attributes from the input
...
- expected format is {"value": "my_string_to_parse"} with "distribution" being an optional value (otherwise instnace defaults are assumed)
2017-05-02 11:02:11 +02:00
9c349caa44
Add filename key for import modules
2017-05-02 10:56:21 +02:00
ecf00e8c65
fix: Fixed an issue where certain filters removed some elements from the object counter, fixes #2151
2017-04-27 17:09:26 +02:00
d33b3b1434
fix: Left off controller changes in the previous commit
2017-04-27 16:13:00 +02:00
f3785d2366
fix: Allow event edits even if the "Event" container isn't set
2017-04-26 15:12:25 +02:00
c60cc785f4
fix: Fixed the publishtimestamp filter issues with the event index
...
- allow for publishtimestmap and publish_timestamp due to some documentation issues
- fixed the lookup to be greater than by default instad of lower than
- added the option to pass a range by passing an array with a start and end publish timestamp
2017-04-25 09:46:35 +02:00
9b3bfd1fd4
fix: Added missing distribution defaults to the import modules
2017-04-20 10:34:00 +02:00
17f6fba976
fix: Fixed a format issue with the minimal index
2017-04-13 21:31:23 +02:00
e638c5350a
new: Minimal flag added to the event index
...
- used by the sync, greatly reduces the data fetched / transfered on the initial sync negotiation
2017-04-13 15:09:29 +02:00
aa7375cd74
fix: Fix to the correlation graph after the relatedevent format changes
2017-04-12 10:59:13 +02:00
e7f2944918
new: Added new flag to events/restSearch to disable sharing group loading
...
- sgReferenceOnly: Will only load the sharing_group_id not the actual sharing group data
2017-04-12 09:52:09 +02:00
9a2aaf9a1c
new: Set distribution level in freetext results / module import results, fixes #2023
2017-04-11 15:02:40 +02:00
0b0f793dc9
fix: Fixed an invalid JSON serialisation for restSearch
2017-04-04 17:21:55 +02:00
3b6807ef72
new: Rework of the restsearch APIs
...
- allows for alternate download types (supported for now: openioc)
- major refactor of the openioc export
- refactor of the CIDR tool
2017-03-31 19:27:34 +02:00
958a667d0a
fix: NotFoundException when no events found by restSearch, fixes #2096
...
- changed to just return an empty set
- returns {"request":[]} for events/restSearch
- returns [] for events/restSearch
2017-03-30 18:37:50 +02:00
a4018780fa
New variable includeAllTags added to NIDS export: even not exportable tags could be included in NIDS export
2017-03-22 11:09:49 +01:00
1567504896
fix: Typo fixed
2017-03-02 14:55:09 +01:00
62cb2b66b6
new: Added a way to disable cached exports server wide for low disk space instnaces
...
- But please consider just adding some more space instead..
2017-03-02 10:49:18 +01:00
d70d5f6a3b
fix: pushProposals requires that the user has perm_add permissions
2017-03-01 15:45:27 +01:00
b74548185a
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2017-03-01 15:42:07 +01:00
c7f4686ab8
chg: Quick deletion of events
...
- uses prepared statements instead of the framework's cascading delete
- utterly massive performance boost
2017-03-01 15:39:42 +01:00
0b2b49d6f4
Updated comment for enrichment modules to refence value used for enrichment for added context
2017-02-26 13:21:08 -05:00
3fca8de6bf
new: Added activity charts to tag and galaxy cluster indeces
...
- bunch of small improvements additionally
2017-02-24 19:34:18 +01:00
a59aab9b23
fix: Re-added the accidentally removed code in a merge, fixes #1965
...
- affects f0e1a27b7d
2017-02-20 18:43:36 +01:00
4e41b55572
new: First iteration of the improved sightings
2017-02-05 23:48:18 +01:00
ee80ecfce7
new: small rework of the thread functionalities
...
- API get /threads/view/<thread_id> and /threads/viewEvent/<event_id>
- Added new setting to show post count on the event index including a notification if it has a post newer than 24 hours
2017-02-01 15:32:22 +01:00
1f9a631182
fix: Added missing view file, some small fixes, pymisp version bump
2017-01-31 10:54:33 +01:00
ad472e8c4b
fix: Removing tags now spans its own CSRF tokens in the confirmation popup
...
- fixes some CSRF issues
- improves rendering performance
2017-01-31 09:58:21 +01:00
2a13bf24a3
fix: Temporary fix for no relatedattributes producing an empty string instead of an empty array in the retrieved data
2017-01-18 11:24:17 +01:00
0960791008
Merge branch '2.4' into feature/attribute-tagging
2017-01-17 14:52:59 +01:00
770b69dbc2
fix: Fix a unicode issue with the correlation graphs
2017-01-17 14:50:39 +01:00
0f7d37ce04
fix: Fix an issue with the graphs when no relations are found
2017-01-17 14:22:25 +01:00
5eeb1c85a9
chg: Use cakeresponse for JSON response in updateGraph instead of serialize
2017-01-17 14:06:23 +01:00
4ad022b03c
Merge branch '2.4' into feature/attribute-tagging
2017-01-16 16:15:06 +01:00
a5663dfc07
fix: Fixed the editing of tags using the rest API
2017-01-16 16:05:19 +01:00
be4d8ed54f
chg: Allow disabling/enabling publishing of events imported via the UI, fixes #1845
2017-01-16 11:02:23 +01:00
d537fa4447
fix: Edit events by uuid instead of id, fixes #1842
2017-01-15 09:05:17 +01:00
c3225e0679
fix: Only allow malware-samples to be created using the upload_sample api, fixes #1843
...
- contrary to the documentation, setting the IDS flag decided the type of the resulting upload (malware-sample vs attachment)
- attachments can easily be created without any black magic using the add attribute api anyway
- also fixed a bug that prevented the timestamp of events receiving a sample via the upload_sample api from being re-timestamped
2017-01-15 08:56:02 +01:00
da433c3549
Merge branch '2.4' of https://github.com/MISP/MISP into feature/disable_correlation
2016-12-22 21:01:58 +01:00
672a681819
fix: Some fixes with the automatic publish/unpublish feedback
...
- automatically set the event to unpublished in the view when adding/removing tags
- officially the keep @RichieB2B happy patch ;)
2016-12-22 17:46:52 +01:00
4aec4e4beb
fix: Unpublish events when tagging/removing tags
...
- same for galaxy clusters
- also, new ajax way of showing/hiding published status
2016-12-22 17:30:27 +01:00
ffe880621e
new: Disable correlation
...
- globally
- on an event level
- on an attribute level
2016-12-22 15:30:06 +01:00
106f8b546f
fix: Set event to locked = 1 when importing from a MISP export
2016-12-22 15:11:14 +01:00
9214a09028
new: Added new option to the attribute level restsearch
...
- filter on attributes using timestamps newer than parameter
2016-12-19 16:41:14 +01:00
d6ac23a6f2
new: Added the warninglist enforcement flag to the remaining exports
...
- still missing: Export modules
- consider having the flag for misp JSON/XML and STIX perhaps?
2016-12-19 14:37:26 +01:00
6bf03c038a
chg: Exposed the new warninglist override via APIs and moved the lookup method to the warninglist model
2016-12-19 10:01:14 +01:00
7a0f0c4aec
chg: Changed the event download as filename to misp.event.id.uuid.format, fixes #1515
2016-12-13 20:50:18 +01:00
6fe3c49060
fix: Fixes MySQL 5.7 group by issues
2016-12-09 07:57:19 +01:00
a8d6484893
fix: Fixed missing publish flag in restsearch
2016-12-07 13:43:52 +01:00
de98e8204f
fix: Galaxies are now loaded by default
2016-12-07 13:30:19 +01:00
1e7dccf272
Merge branch '2.4' into feature/galaxy
2016-12-06 16:11:59 +01:00
e46cbd0991
new: First iteration of the galaxies (WIP)
2016-12-05 00:47:34 +01:00
4c3ef86a7b
new: Added the publish_timestamp and timestamp parameters to both restSearch functions, fixes #1703
...
- TODO document it
- new way of handling it, both accept lists with 2 values for ranges
2016-12-01 16:05:50 +01:00
e3ace6af54
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2016-11-28 15:55:44 +01:00
1ff91d8541
new: added the published flag to restsearch
...
- allows users to specify whether the events / attributes returned should come from published / unpublished events only. If the parameter is not set both are included
2016-11-28 15:54:44 +01:00
8f2eafb4a0
chg: Allow JSON POSTing to set parameters for the CSV export
...
- kill the url parameters with fire
2016-11-25 23:00:33 +01:00
a6734c858a
new: Sightings enabled by default
2016-11-21 17:27:30 +01:00
b8973bec68
new: Added uuid as a restsearch parameter, fixes #1683
...
- search for events/attributes by uuid
2016-11-21 15:01:57 +01:00
abd288d842
fix: Tightened check for tag removals
...
- users could remove tags via the api for other organisations
2016-11-10 13:28:13 +01:00
95e0da7208
chg: Updated the NIDS exports
...
- allow posting JSON/XML payloads with filter options
- Added the type field to be able to restrict / attribute type
2016-11-08 17:26:02 +01:00
dc77dc6cfc
fix: Fixed annoying capitalisation mess in the event index parameters
...
- just throw everything to lowercase
2016-11-03 16:05:53 +01:00
b5718aef1c
new: Added two additional api filters to the event index (timestamp, publishtimestamp)
...
- Currently these are not exposed to the filter UI
- Easy way to get metadata newer than timestamp/publish timestamp
2016-11-03 16:01:35 +01:00
77fdb4a854
new: Enrichment queries now pass the base64 encoded data to the enrichment modules
...
- first implementation, malware is sent as an encryptet zip base64 encoded
2016-11-02 21:26:39 +01:00
aa141fb54b
new: Show file sizes on the export page, fixes #1640
2016-11-01 13:42:17 +01:00
f87747ace2
fix: Fixed several issues with the import modules
...
- config settings are not passed correctly to the import modules
- not having any paste/file upload in an import module would fail
- removed the requirement to have either filled, if a module doesn't use any of the two fields it will simple pass an empty data field
- this could be handy for modules that create event data based on the userconfig fields
2016-10-27 18:24:40 +02:00
c2fc803fed
chg: Use the TLD lists from the warninglists, fixes #1149
...
- simply load any enable warninglist entries from the pre-defined TLD warninglists
- Pass the resulting array to the complex type tool
- during domain type heuristics, if the TLD list is not empty use the supplied list
- alternatively generate a list based on the old TLD rules
- does not alter any functionality otherwise
2016-10-25 22:23:01 +02:00
90badee3d0
removed Imported via the Freetext Import ... text
2016-10-24 16:27:08 +02:00
4689473072
fix: Separate the GFI upload directory from the attachment directories
...
- ensure that no one can't retrieve GFI export files
- As reported by Vytautas Paulikas and Robert Giruckas from SEC Consult
2016-10-21 15:28:07 +02:00
442757696f
chg: Keep the event ID in the correlation graph's event nodes' name in addition to the info field
2016-10-20 11:15:16 +02:00
c47ebcaa84
chg: Changed the event node names to (partial) event info fields for the correlation graph
2016-10-20 11:04:52 +02:00
6c493cbdb9
fix: Fixes a bug that returned the wrong user's email address on the event view, viewed by an org admin.
2016-10-18 16:14:41 +02:00
da56b153a4
fix: Added default values to some of the event fields when adding a new event
...
- basically the only required field now is the info field, everything else uses sane defaults
2016-10-18 10:39:25 +02:00
9891234662
new: CSV feeds and various fixes
...
- Added the CSV feed format
- users can specify which fields in the CSV should be parsed
- comment lines are automatically omitted
- new settings system added to feeds, currently only used for the value fields
- Slight rework of the correlation lookup for the feeds
- got the Speed Force treatment
- correctly checks against value1 and value2 instead of value
- Various freetext import fixes
2016-10-08 14:36:24 +02:00
1a9939631b
fix: Fixed a bug with the event view
...
- the fetcher was moving proposals within an attribute if the proposal was directed at the attribute (correctly)
- this left the event proposal list in a non progressive array key format, which lead to a weird situation where the JSON format used string numeral keys in a dict as opposed to the desired list. Nobody in their right mind would ever want that.
- fixed
2016-10-06 17:24:42 +02:00
280f5414bf
new: View proposal count on event index and filter events on whether they have proposals
...
- only non deleted proposals are counted
- allows users to quickly set up filters to view all events that have pending proposals
2016-10-06 11:33:59 +02:00
d45d66a3bc
Merge branch 'attribute_merge' into 2.4
2016-10-04 16:41:36 +02:00
4428c36cd9
fix: Added the capability to merge attachments/samples
2016-10-04 16:40:39 +02:00
d511e80a84
Merge branch 'publishalert' into 2.4
2016-10-04 15:58:37 +02:00
d0de2cd369
fix: Fixed the event index in various places (such as the user admin view)
...
- also added missing view files from previous patch
2016-10-04 13:33:42 +02:00
d392bd8060
Allow merging for site admins
2016-10-04 10:24:53 +02:00
87ac5f9f5a
Fix indication of new attributes in E-mail alerts, fixes #1521
2016-10-02 14:46:51 +02:00
fd959da341
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2016-10-02 12:47:20 +02:00
def69dc969
new: First cut of the popover rework for form selects
2016-10-01 23:25:15 +02:00
36971b57cd
Allow merging of event attributes
2016-10-01 12:47:53 +02:00
3cc484dcaf
fix: Fixed an issue that resulted in empty event tags showing up in the event index JSON
2016-09-30 15:34:33 +02:00
6c5e72efad
fix: Fixed an issue with the restsearch export potentially incorrectly loading all eligible events in one go into memory
2016-09-29 14:33:56 +02:00
5be1e17bce
Revert "fix: missing new TLDs in free text import, solves #1149 ( #1574 )"
...
This reverts commit e3bb9d3a42
2016-09-27 16:38:35 +02:00
e3bb9d3a42
fix: missing new TLDs in free text import, solves #1149 ( #1574 )
...
* fix: missing new TLDs in free text import, solves #1149
2016-09-27 15:53:43 +02:00
ec99b71bf4
fix: Don't try to show sightings count if sightings aren't enabled
2016-09-23 10:39:31 +02:00
497bda7746
new: add the sightings cont to the event index
2016-09-23 10:35:08 +02:00
1006c109d7
fix: restrict tag usage for restricted tags in a place where it was missed
2016-09-23 10:32:17 +02:00
a599ec24f7
Merge branch '2.4' into 1501
2016-09-18 11:07:10 +02:00
ff6917d313
fix: Added missing changes needed for the new description of the bro export
2016-09-16 17:48:03 +02:00
2cede15e68
Merge branch '2.4' into feature/bro-export
...
Conflicts:
app/Model/Event.php
2016-09-15 18:00:25 +02:00
59ecf40f42
chg: Refactor of the Bro export
2016-09-15 17:44:59 +02:00
25e52a6786
chg: remove some references to variables
2016-09-15 17:08:58 +02:00
90c28602c3
chg: creator e-mail in the event details, fixes #1252 ( #1535 )
...
* chg: creator e-mail in the event details, fixes #1252
2016-09-15 14:38:55 +02:00
3527ae56d2
fix: Fixed an issue where non API users could not download events in JSON/XML format, fixes #1525
2016-09-13 01:34:54 +02:00
01695e326a
new: Added the metadata flag to the event restsearch API
...
- allows fetching metadata only without including attributes/proposals
2016-09-12 12:09:19 +02:00
6eb6bfb10b
fix: removed deprecated path from functions that are allowed for API users
2016-09-12 08:44:56 +02:00
bee861a4c8
Merge pull request #1510 from rotanid/bugfix
...
fix: typo recurisve/recursive in EventsController
2016-09-06 05:35:20 +02:00
93614cd165
fix: typo recurisve/recursive in EventsController
2016-09-06 05:34:14 +02:00
62260d4c27
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2016-09-06 01:02:46 +02:00
14b82c9277
fix: revert to the old functionality of the stix export where the data is passed back from the internal stix method, fixes #1509
2016-09-05 23:48:35 +02:00
1fcefa202c
chg: replace 2 spaces after tab by double tab
2016-09-05 00:51:37 +02:00
4b8a82098d
chg: replace 4 spaces after tab by double tab
2016-09-05 00:45:51 +02:00
619966fa24
Merge pull request #1448 from TheDr1ver/2.4
...
Add support to export an OpenIOC file via API
2016-09-03 23:50:04 +02:00
13cb6a5ea3
Merge pull request #1492 from rotanid/small-cleanup
...
chg: remove some obsolete code
2016-09-01 09:30:09 +02:00
80ed1cf65d
fix: Removed filename check from the AppController
...
- rerouted all calls to the method to the Model equivalent
2016-09-01 09:18:54 +02:00
cf2f0dc625
chg: remove some obsolete code
2016-09-01 05:15:36 +02:00
9e7d20578f
fix: removed unused lookup in EventsController::index(), fixes #1484
...
- old code became obsolete when the taxonomies were implemented
2016-08-31 10:09:06 +02:00
b9cb442172
fix: event index should respect pagination requests for API users
2016-08-30 11:20:53 +02:00
131e2f760a
bro export funtionality
2016-08-29 17:26:14 +02:00
5a72f84c22
Merge branch '2.4' into 2.4.51
2016-08-28 21:08:02 +02:00
873b201eb0
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2016-08-25 11:38:59 +02:00
822b0bf8fa
chg: Cleanup of the controllers and models
...
- removed incorrect, useless boiler plate comments
- kept useful comments intact
- added some missing line breaks to make the codebase a bit more uniform
- removed some obviously obsolete TODO comments
2016-08-25 11:38:37 +02:00
e8599fb16c
chg: new filename regex & separate functions
2016-08-24 15:31:17 +02:00
c6bd6efe67
Merge pull request #1469 from rotanid/centralize-cidr-check
...
Centralize CIDR checks
2016-08-24 09:44:22 +02:00
eb66a80c76
chg: filename regex changes
2016-08-24 02:35:04 +02:00
bab3061ba3
chg: use central function for CIDR checks
2016-08-24 01:11:09 +02:00
e5478e4bdf
fix: remove substr() from value in CIDR part of restSearch
2016-08-24 01:07:02 +02:00
734df04000
new: New piece by piece stix export allowing large datasets to be exported
2016-08-23 00:24:54 +02:00
c81519b74e
chg: If the quickfilter on the event index only returns a single event, redirect to the event view directly, fixes #1430
...
- the perfect last-minute-saturday-night patch
2016-08-20 21:32:17 +02:00
f0905dc536
chg: rename FileAccess to FileAccessTool
...
every other tool classes name in the Lib/Tools/ folder also ends with "Tool"
2016-08-19 19:25:32 +02:00
a2ff5424e1
chg: change FileAccess from static to instantiable class
2016-08-19 19:22:15 +02:00
7a1f89333a
Extra indent
2016-08-18 12:52:31 -04:00
c18d344ff3
Spaces to Tabs
2016-08-18 10:11:21 -04:00
4d32a16da8
Add support to export an OpenIOC file via API
...
(Change spaces to tabs)
2016-08-18 10:04:54 -04:00
c0e1bc1c3f
fix: Invalid response by the queryEnrichment() function if the module server is not reachable
2016-08-17 13:38:19 +02:00
e5bce5ac3c
fix: Fixed an issue with large samples from modules causing the import process to fail
2016-08-16 11:42:43 +02:00
f436ab51fc
fix: Show tag value in event history, fixes #1422
...
- also log removed tags
2016-08-14 23:46:50 +02:00
3763f83522
Merge branch '2.4' into feature/import-export-modules
2016-08-10 14:22:32 +02:00
b9f5297b3a
fix: Fixed some issues with the misp export importer and added better logging.
2016-08-10 12:06:36 +02:00
1c4215bdc7
fix: Some cleanup
2016-08-06 09:55:11 +02:00
00b013988b
new: Added export module first iteration
2016-08-05 21:54:54 +02:00
4e9d02ac00
fix: removed debug
2016-08-04 18:37:07 +02:00
e1d5c431d8
fix: Further work on the modules
2016-08-04 17:49:37 +02:00
ef6a9593ba
fix: Capitalisation > me
2016-08-04 16:30:36 +02:00
8f1a50f9d0
fix: I suck at capitalisation
2016-08-04 15:31:52 +02:00
f1de2383c2
fix: lowercasetypo
2016-08-04 15:28:20 +02:00
80198be4a9
fix: Fixed some issues with the module services not using the correct url/port settings
2016-08-04 15:10:47 +02:00
629eb3b9d9
fix: Fixed the import module
...
- correctly populates the resolved attribute list
- added validation by input type for fields
- added error message from introspection config to the validation check
- still needs plenty of refinement
2016-08-04 07:55:58 +02:00
e3768d24b3
chg: Handle module results in one place
2016-08-02 23:57:59 +02:00
1f1c8c814e
new: First revision of the new import system
2016-08-01 16:15:24 +02:00
2d3b3aa772
chg: Added a warning for site admins for the export page to avoid site admins sharing a full export by accident
2016-07-30 19:04:01 +02:00
47c6feab4d
fix: Various fixes to the cached exports
...
- Tightened the rules for export generation when no valid published events exist
- Corrected various issues with the progress bars
- Added the missing JSON export to the caches
- XML/JSON caches now correctly take into account the cached attachent inclusion setting
- MISP will now show the users browsing the export page whether attachments will be cached with the current settings or not
- Added correct progress bar to the HIDS export
2016-07-30 18:08:19 +02:00
74b245ee3a
fix: No categories set in a module causes the enrichment to fail
2016-07-29 16:45:29 +02:00
5e84dcf691
Create categories array, if only one category given
2016-07-27 12:01:59 +02:00
7ac39630ff
Using custom comments for module return value
2016-07-27 10:41:51 +02:00
23fca68d17
chg: Viewing the public attributes of an event
...
- new named parameter /public:1 for the event view to view the public information of an event
- it will filter out all attributes that are not visible to all or inherit the event
- if an event is not set to distribution all, the view will throw an exception if the parameter is passed
- it can be used for data views by accessing /events/view/event_id/public:1.json or /events/view/event_id/public:1.xml
- Also some fixes to the fetchEvent algorithm that ignored optional sharing group and distribution settings for site admins
2016-07-26 18:33:02 +02:00
6cc81a011a
fix: If the types field passed back from the enrichment module is a string the import fails
2016-07-26 14:09:18 +02:00
53e2033568
chg: Small change to allow for categories to be passed through the enrichment modules
2016-07-26 11:15:48 +02:00
d25a484df1
fix: Allow distribution level 5 as an option for the upload_sample api, fixes #1377
2016-07-23 23:45:56 +02:00
c5ea4bf76e
fix: Publish/Alert responses for API users added
...
- publishing/alerting worked via the API, but it wasn't returning a response
2016-07-22 10:29:53 +02:00
74e8ffb840
Merge branch '2.4' into feature/modulerework
...
Conflicts:
app/Model/Module.php
2016-07-21 10:43:25 +02:00
ff7a7de938
chg: use 1/0 not true/false for conditions & other boolean sqlquery elements
2016-07-11 21:26:16 +02:00
7f1f6f3ab2
fix: Tightened lookups for the addTag / removeTag APIs
...
- no longer a substring match, users have to specify the full tag name
2016-07-11 18:49:49 +02:00
9522c96d54
Revert "Revert "chg: remove obsolete uuid() wrapper""
...
This reverts commit bae6eadfe7
2016-07-11 00:59:47 +02:00
bae6eadfe7
Revert "chg: remove obsolete uuid() wrapper"
...
This reverts commit 77ca0f8dd4
2016-07-08 14:50:00 +02:00
77ca0f8dd4
chg: remove obsolete uuid() wrapper
2016-07-07 15:13:16 +02:00
19781ee3c9
Revert "fix: Fixed an issue where an event view by a malformed UUID would result in a lookup against the leading numerical value in the malformed UUID, fixes #1338"
...
This reverts commit 1b06413375
2016-07-07 15:06:53 +02:00
b0ca0d6130
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2016-07-07 08:49:59 +02:00
1b06413375
fix: Fixed an issue where an event view by a malformed UUID would result in a lookup against the leading numerical value in the malformed UUID, fixes #1338
2016-07-07 08:48:42 +02:00
30fe924e25
fix: check for correct event uuid and id
2016-07-07 03:44:30 +02:00
c10c24aa6b
Update EventsController.php
2016-07-06 12:04:10 +02:00
7f8f430913
Merge branch 'cleanup3' into 2.4
2016-07-04 19:43:12 +02:00
b80cc56ec9
Merge branch '2.4' into write
2016-07-04 19:33:45 +02:00
28af0d1bd4
Merge branch '2.4' into feature/modulerework
2016-06-30 14:39:20 +02:00
ab3b85b1cc
fix: Filtering on attributes in the event view gives a no attributes warning if a tab doesn't contain attributes
...
- Warning now only triggers if the event doesn't have any attributes in any tabs
2016-06-30 11:44:26 +02:00
ce0615efcb
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2016-06-28 19:11:36 +02:00
iglocska