- site admins can set the monitoring flag on a user if the feature is enabled on the instance
- monitored users will have all requests logged along with POST bodies
- keep in mind this functionality is quite heavy and intrusive - so use it with care. The idea is that this allows us to track potentially malicious users during an investigation
- export dashboard state
- import dashboard state
- save dashboard state
- make it available to others on the instance on demand
- admins can set a default password for users that don't have anything configured yet
- load another template based on what the community has shared
- added Whoami widget which was an outcome of the ESDC training
- various improvements, new fields for genericElements, etc
- Dashboard
- modular similar to restSearch
- build your own widgets
- use a set of visualisation options (more coming!)
- full access to internal functions for queries
- auto discover core and 3rd party widgets
- rearrange / configure widgets for each user individually
- rearrange / resize widgets
- settings can be configured by a site-admin on behalf of others
- modules have a self-explain mode to guide users
- caching mechanism for the modules / org
- set homepage / user
- various other fixes
- bug introduced by a merge gone wrong
- attribute edits that modify fields that do not affect the correlations (such as to_ids, comment, etc) would cause correlations to be purged
- feature is optional and needs to be enabled in the server settings
- on successful login logs the associated user ID for a given IP (30 day retention)
- also logs the IP for the associated user ID (indefinite retention)
- added two command line tools to query
- Get IPs For User ID: MISP/app/Console/cake Admin UserIP [user_id]
- Get User ID For User IP: MISP/app/Console/cake Admin IPUser [ip]
- returns an error if the object already exists
- objects of the same template_uuid are compared
- non deleted attributes only
- type + category + value + object_relation tuple is compared
- resolved a potential failure of the subsystem when the MySQL and the webserver time settings are diverged
- as reported by Dawid Czarnecki
- several tightenings of the checks to avoid potential foul play