iglocska
2de0e3a941
fix: [enveloping] Fixed typo and added actual event ID to the message saved
...
gremmar meestakes are anoying.
2020-02-19 16:12:23 +01:00
Jason Kendall
e3b1e8c74a
Ensure we only have the last line from the shell command
2020-02-07 13:43:11 -05:00
Jeroen Pinoy
cc99945f31
fix: [API] make param tag alias of tags for /events/restSearch
2020-02-02 00:42:00 +01:00
iglocska
181e5579da
fix: [internal] fetcher logic fail fixed
2020-01-30 22:35:48 +01:00
iglocska
bae2717eaf
new: [API] Enveloping improvements
...
- user controlled envelope settings to control memory estimation for attribute/event sizes
- logging of potentially too large events for the current memory envelope
- tuning of the default values
- added a divider for the event:attribute conversion to account for objects / event level contextualisation / correlations
2020-01-29 22:33:27 +01:00
mokaddem
d16369f4b3
Merge branch '2.4' of github.com:MISP/MISP into pr-view_picutre
2020-01-24 10:42:35 +01:00
mokaddem
2a5112cc1e
Merge branch '2.4' of github.com:MISP/MISP into zoidberg-final
2020-01-17 09:20:49 +01:00
chrisr3d
df570e93c5
fix: [module results handler] Setting attribute category/ies accordingly
...
- Depending on whether there is one or more type(s)
and the category is not already set
2020-01-07 14:37:56 +01:00
chrisr3d
5aa6447a26
fix: [module results handler] Fixed wrong call
...
- $this->Attribute directly instead of
$this->Event->Attribute
2020-01-06 16:40:36 +01:00
mokaddem
3a45d473b2
Merge branch '2.4' of github.com:MISP/MISP into zoidberg-final
2019-12-19 10:44:43 +01:00
iglocska
eb50b68708
fix: [UI] adding attack-like galaxy clusters to tag collections was slow
...
- was generating a heatmap out of all event metadata each time for no good reason
2019-12-18 15:07:41 +01:00
mokaddem
7797aeed94
Merge branch '2.4' of github.com:MISP/MISP into zoidberg-final
...
Not a simple merge. Needed to fix forms and simplified how
form_seen_input works
2019-12-16 13:36:01 +01:00
iglocska
208e9e9cfc
fix: [API] include the local flag in tags when using restSearch
2019-12-11 10:29:45 +01:00
mokaddem
a1fdea754d
Merge branch 'zoidberg-timeline' into zoidberg-final
2019-12-06 15:40:51 +01:00
mokaddem
f4c767a273
fix: [event:publishRouter] Fixed parenthesis issue
2019-12-03 15:13:49 +01:00
Richard van den Berg
4f1ca7ef1b
Push sightings regardsless of distribution level
2019-12-03 14:28:22 +01:00
Richard van den Berg
1c6278d354
Select right servers for pushing sightings
2019-11-29 11:54:15 +01:00
iglocska
1c5afa49ed
new: [refactor] Massive internal refactor and cleanup of deprecated APIs
...
- new centralised restSearch function in AppController as entry point via all controllers
- new component handling restSearch related support functions, such as parameter mapping
- hollowed out all deprecated export functions on the event/attribute controller
- replaced with a new functionality that remaps them to restSearch
- all functionality should be maintained with all additional advantages introduced with restsearch
- additional cleanup (some unused functions removed)
2019-11-29 10:11:30 +01:00
iglocska
f1c6465050
fix: [internal] potential fix to the sighting_timestamp missing issue when syncing with older instances
2019-11-26 17:12:55 +01:00
iglocska
bdfe59766a
chg: [cleanup] debug() removed
2019-11-25 16:02:54 +01:00
iglocska
8ee304eff9
fix: [sync] Set org_id to 0 on proposal push if the sighting is anonymised
...
- correctly prevents the remote side from misattributing the sighting to the sync user's org
2019-11-25 15:45:40 +01:00
iglocska
95f17d6acd
fix: [sync] Some minor changes to the sighting push
...
- correctly handle anonymisation
- only push sightings, not rest of the event (decide on sender side)
- handle receiving sanitised sightings
2019-11-25 14:32:22 +01:00
Richard van den Berg
dd963c2e21
Sync sightings on push, pull and push on add
2019-11-22 21:53:51 +01:00
iglocska
1cc6a67335
fix: [internal] site admins should not have to be host org users to see server correlations
2019-11-16 14:06:46 +01:00
iglocska
1b13734483
fix: [internal] Removed duplicate loading of configuration
...
- lazy-loading the event model after an on-the-fly config change would purge the change otherwise
- config already loaded in bootstrap anyway
2019-11-12 13:10:17 +01:00
iglocska
0f40cef0f1
fix: [internal] Attribute/Event connectors for attribute_timestamp added
2019-11-11 16:09:54 +01:00
mokaddem
437490872b
chg: [restSearch] Improved meta-search code
...
- Correctly returns nothing if search on metas does not return anything
- Renamed `orgc.sector` into `org.sector` while still being `orgc`
behind the hood
- Removed duplicated code
2019-11-08 11:37:43 +01:00
mokaddem
8e60c3d8d4
Merge branch '2.4' of github.com:MISP/MISP into feature-meta-search
2019-11-08 11:15:34 +01:00
iglocska
d24f23b5bd
Merge branch '2.4' into sightingdb
2019-11-06 21:22:00 +01:00
iglocska
c4f1d4d15e
new: [SightingDB] Added integration with SightingDB
...
- Added configuration tool
- Added lookups from the event view
- Added includeSightingdb flag for the restSearch searches
- Added SightingDB search tool
- Added SightingDB connection test tool
2019-11-06 21:20:04 +01:00
mokaddem
a53a06d080
new: [attribute:restSearch] Support of Orgc and GalaxyElement meta searches
2019-11-06 11:12:30 +01:00
mokaddem
1b1a3f61f3
new: [event:restSearch] Support of Orgc meta searches
2019-11-06 11:04:16 +01:00
mokaddem
7bb01d9b76
new: [event:restSearch] Initial work for GalaxyElement searches
2019-11-06 10:38:34 +01:00
mokaddem
f58770a90a
Merge branch '2.4' of github.com:MISP/MISP into zoidberg-timeline
2019-11-05 13:51:03 +01:00
Alexandre Dulaunoy
983a58afba
chg: [default] old default 'TLP Amber' is now 'tlp:amber' to be consistent and use MISP taxonomy naming
2019-11-04 12:41:52 +01:00
chrisr3d
b140d6be09
add: [restSearch] Support of stix1 json export
2019-10-15 09:54:48 +02:00
Jakub Onderka
caa62220ff
new: [internal] Attribute::isImage method
2019-10-12 09:34:49 +02:00
mokaddem
015ec7d989
Merge branch '2.4' of github.com:MISP/MISP into zoidberg-timeline
2019-10-08 14:12:38 +02:00
garanews
85c28ce36e
Fix some typo
...
Fix some typo
2019-10-04 13:02:59 +02:00
iglocska
5f8ff97616
fix: [internal] massive performance boost when loading events with a lot of objects
2019-10-04 09:40:04 +02:00
mokaddem
b44b369eec
Merge remote-tracking branch 'origin/2.4' into zoidberg-timeline
2019-10-02 14:35:00 +02:00
mokaddem
bb3cf85776
Merge branch '2.4' into zoidberg-timeline
2019-10-02 11:23:04 +02:00
iglocska
68b23b8d67
fix: [performance] Small speed boost to the publishing process
...
- don't fetch the event's first degree relations when preparing to publish it
2019-09-30 09:17:56 +02:00
iglocska
8168cc79db
fix: [API] proposals overriding attributes wasn't always working as expected, fixes #4032
...
- until now it was bound to the to_ids setting (badly) which caused nothing but headache
- moved the new configuration to instead use the non-permissive nature of the given export formats
- non-permissive export: if the proposal block is enabled, override attributes
- permissive export types: ignore the proposals
The reasoning is simple: we use the permissive export types for types that can express additional structures such as proposals, IDS flags, publish flags etc (meaning the MISP JSON/XML formats for example)
2019-09-29 20:35:51 +02:00
iglocska
480e3b2969
Merge branch 'dev_session' into 2.4
2019-09-29 20:23:00 +02:00
chrisr3d
1784b5d76f
fix: [stix 1/2 import] Making the publish checkbox work as expected
...
- Publishing as exxpected when the option is
checked AND the user has the right to publish
2019-09-28 02:35:22 +02:00
chrisr3d
de9184d4de
fix: [stix 1/2 import] Avoid adding the original stix file in the event if the option is not checked
2019-09-28 01:47:23 +02:00
chrisr3d
6239738192
fix: [stix 1/2 import] Adding misp event json data within the 'Event' field if it is not already in
2019-09-28 01:46:06 +02:00
iglocska
40cf160c53
new: [API] Netfilter added as new export format
2019-09-25 20:17:25 +02:00
iglocska
946602a696
new: [User settings] Added user settings system
...
- set settings / user
- settings can be set by user themselves or their org admin / site admin
- added first setting: publish_alert_filter
- accepts boolean branched filter options
- supports deep logical trees
- OR/NOT/AND
- currently supports filtering on tags and the creator organisation
2019-09-25 11:50:54 +02:00