MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
21,078 Commits
42 Branches
370 Tags
181 MiB
Commit Graph

1041 Commits (f796071d6494e7b21e4c6fb7a7cbd10b1427be52)

Author SHA1 Message Date
Jakub Onderka 2f71e0f7f4 chg: [internal] Allow to save raw data 2021-10-09 17:07:29 +02:00
Jakub Onderka 65b17aa701
Merge pull request #7710 from JakubOnderka/filename-pattern 
fix: [attribute] Use `filename-pattern`
 2021-10-08 16:26:09 +02:00
Jakub Onderka df86ab3daa
Merge pull request #7808 from JakubOnderka/tag-add 
chg: [internal] Faster adding tags to attributes
 2021-10-07 12:22:26 +02:00
Jakub Onderka 13f1ce0d64 fix: [log] Do not call callbacks when deleting 2021-10-07 11:49:53 +02:00
Jakub Onderka 4e02f421c8 chg: [internal] Generate correlations just once 2021-10-07 09:31:19 +02:00
Jakub Onderka 8bee6de811 chg: [internal] Faster adding tags to attributes 2021-10-06 18:28:46 +02:00
Jakub Onderka 812a424e69 chg: [internal] Faster Attribute search 2021-09-29 13:49:24 +02:00
Jakub Onderka 295d550dfb
Merge pull request #7722 from JakubOnderka/attribute-validation-fix 
chg: [internal] Try to fix validation when value1 and value2 provided
 2021-09-17 18:35:52 +02:00
Jakub Onderka cd05a1027e fix: [internal] Modifying domain|ip attribute 2021-09-16 13:23:13 +02:00
Jakub Onderka 36a3754d66 chg: [internal] Try to fix validation when value1 and value2 provided 2021-09-13 09:25:27 +02:00
Jakub Onderka 47808bd542
Merge pull request #7733 from JakubOnderka/capture-object-attributes 
chg: [internal] Faster capturing object attributes
 2021-09-08 15:36:09 +02:00
Jakub Onderka 26024c6f19 chg: [UI] Add link to exact attribute for related attribute 2021-09-08 12:23:38 +02:00
Jakub Onderka 41e6033be5 chg: [internal] Do not fetch tags for related attributes 2021-09-08 12:11:04 +02:00
Jakub Onderka 3ae8a09814 chg: [internal] Faster editing attributes when change is required 2021-09-07 15:59:58 +02:00
Jakub Onderka d582893bdf chg: [internal] Faster capturing object attributes 2021-09-07 15:59:58 +02:00
Jakub Onderka 541f8f03c3 chg: [internal] Simplify code for editing attribute 2021-09-03 22:17:14 +02:00
Jakub Onderka 14ca413d4b
Merge pull request #7727 from JakubOnderka/correlation-optim 
Correlation optim
 2021-09-03 17:00:56 +02:00
Jakub Onderka 497910b941 fix: [internal] Remove ssdeep data when deleting attribute 2021-09-03 16:38:49 +02:00
Jakub Onderka 12cc881ff6 chg: [internal] Use correlation object from attribute 2021-09-03 12:28:54 +02:00
Jakub Onderka 56dd8ef049 chg: [internal] Fetch just necessary attributes when editing attribute 2021-09-02 21:38:50 +02:00
Jakub Onderka cbf3b1c824 chg: [internal] Fetch less CIDR for correlation 2021-09-02 21:12:31 +02:00
Jakub Onderka 4ef3d88895 fix: [attribute] Use `filename-pattern` 2021-08-31 15:06:02 +02:00
mokaddem f2af0a2e49
Merge branch 'develop' of github.com:MISP/MISP into develop 2021-08-31 08:14:22 +02:00
mokaddem a7270cc7c8
new: [export:host] RestSearch export for blackholing via host file 2021-08-31 08:09:43 +02:00
Jakub Onderka 9acc30d7a0 chg: [internal] Simplify capturing attribute code 2021-08-30 15:49:46 +02:00
Jakub Onderka 3c3cee7735
Merge pull request #7659 from JakubOnderka/unique-indexes 
chg: [schema] Mark more indexes as unique
 2021-08-20 09:22:23 +02:00
Christophe Vandeplas 02e62d132d chg: [attributes] fixed typo in genCategoriesDefinitions function name 2021-08-20 08:38:17 +02:00
Jakub Onderka 67f986a8b5 chg: [validation] UUID unique validation 2021-08-15 20:08:28 +02:00
Jakub Onderka bb091931b5 chg: [internal] Do not fetch attribute tags when editing attribute 2021-08-12 14:05:13 +02:00
Jakub Onderka 673f48c10d chg: [internal] Cleanup code responsible for adding events 2021-08-11 10:05:18 +02:00
Jakub Onderka e6348d3a21
Merge pull request #7606 from JakubOnderka/undefined-index-fix 
fix: [API] Undefined index when just last_seen is set
 2021-08-03 09:40:09 +02:00
Jakub Onderka 180fb627cc chg: [internal] Convert array to const 2021-07-27 18:58:04 +02:00
Jakub Onderka bcb9328841 chg: [internal] Simplified Attribute::deleteAttribute method 2021-07-27 18:43:27 +02:00
Jakub Onderka 974c28d8a7 chg: [internal] Remove unused variable 2021-07-27 18:42:47 +02:00
Jakub Onderka d4c2d10fe3 chg: [internal] Convert array to const 2021-07-27 16:43:27 +02:00
iglocska 98e1f3f2f9
fix: [compatibility] several scoped constants reverted 2021-07-27 16:16:52 +02:00
Jakub Onderka 073eaf9a0a fix: [API] Undefined index when just last_seen is set 2021-07-27 14:33:54 +02:00
Jakub Onderka 1a30c2f7dc chg: [internal] Use const arrays 2021-07-22 13:02:32 +02:00
Jakub Onderka a9aad9c2c2
Merge pull request #7581 from JakubOnderka/simplified-template 
chg: [UI] Simplified generating categories that can be malware sample
 2021-07-22 09:32:04 +02:00
Jakub Onderka 6440133989 chg: [internal] Convert variable to const 2021-07-21 09:32:51 +02:00
Jakub Onderka b32d68ac9d fix: [internal] Remove unused variable 2021-07-20 18:10:01 +02:00
Jakub Onderka 02ad3866cf chg: [internal] Use constants that should be faster 2021-07-20 18:10:01 +02:00
iglocska e0c9ab3213
fix: [validation] account for the edge-case where a composite attribute does not yet have a second value 2021-06-15 20:10:56 +02:00
iglocska f84f6b3780
fix: [attribute validation] - also check for composite values containing control characters, fixes #7391 2021-06-15 15:56:41 +02:00
iglocska e80e7c6348
fix: [validation] fixed issue introduced in last commit 2021-06-15 13:54:38 +02:00
iglocska b0272b0a0c
fix: [attribute] validation tightened for empty strings 
- a value containing only control characters will now be blocked from entry
 2021-06-15 13:14:02 +02:00
iglocska a71aafdeb5
fix: [security] Always capture attribute sharing groups 
- via object edits it was omitted, leading to a possible misassociation of sharing groups by using the local ID of a referenced SG

- as reported by Jeroen Pinoy
 2021-06-07 14:44:36 +02:00
mokaddem 25cb3942d7
fix: [attribute:first_seen/last_seen] First seen value can be equal to the last_seen value. 
Fix #7404
 2021-05-11 11:23:36 +02:00
mokaddem 7be6575e9b
fix: [attributes] Enforce FS to be before LS (also for ShadowAttributes & Objects) 2021-05-06 15:03:06 +02:00
Jakub Onderka ad1b373766 new: [log] Audit log 2021-05-03 13:44:44 +02:00
iglocska 823a870ca0
Merge branch 'develop' of github.com:MISP/MISP into develop 2021-04-25 17:54:53 +02:00
iglocska 15fc60ebbf
new: [Correlations] refactor / rework 
- moved to own controller and model
- refactored several long incomprehensible functions

- extracted reused tasks from functions and made them reusable
- added a way to correlate individual values as opposed to attributes

- Added top correlations index
 2021-04-25 17:36:29 +02:00
iglocska e711fcc7c5
chg: [internal] fetchEventIds refactored 
- the stupid ordered params were driving me nuts
 2021-04-21 09:09:29 +02:00
iglocska c150dbfe6e
Merge branch '2.4' into develop 2021-04-08 11:12:05 +02:00
Luciano Righetti c8286a10f5 fix: remove call to private method, call __alterAttributeCount() from Attribute::restore() method. 2021-04-06 14:33:43 +02:00
Jakub Onderka 81a6454c94
Merge pull request #7187 from JakubOnderka/related-attributes 
chg: [internal] Move fetching related attributes to one place
 2021-04-03 17:53:10 +02:00
Jeroen Pinoy d8415342b0
chg: [attributes/restSearch] add clarifying comments 2021-03-30 14:22:46 -07:00
mokaddem 934d43db59
fix: [attribute:restSearch] `includeCorrelations` Do not longer returns 
soft-deleted attributes
 2021-03-29 10:37:27 +02:00
Alexandre Dulaunoy a227db40eb
fix: [attribute] typo in place-port-of-original-embarkation fixed 2021-03-25 13:45:50 +01:00
mokaddem 71e8dc9641
fix: [attributes:restSearch] pop attribute timestamp filtering condition 
This avoid the condition to propagates to the event level.
Fix #7096
 2021-03-24 14:42:09 +01:00
Tom King 045595968c fix: [API] Fixes crash when a new indicator in existing event has a sighting 2021-03-15 16:53:01 +00:00
Jakub Onderka 0d4c86086d chg: [internal] Move fetching related attributes to one place 2021-03-10 15:52:34 +01:00
iglocska b08befbf26
Merge branch '2.4' into develop 2021-03-03 00:07:02 +01:00
adammchugh aed61504c8
Inclusion of full-name under person 
Proposing the inclusion of full-name under person to allow for better capture and correlation of full names of identified persons in events. Particularly where there are multiple identities within an event which may create confusion with multiple first-name and last-name entries.
 2021-02-22 22:06:59 +10:30
Alexandre Dulaunoy c473019e67
Merge branch '2.4' into develop 2021-02-19 22:28:35 +01:00
Alexandre Dulaunoy 80ec77eec2
new: [type] new dkim and dkim-signature attribute type 2021-02-19 18:18:07 +01:00
Tom King 053ab340b0 Merge branch '2.4' into feature/attribute_sightings 2021-02-11 16:33:54 +00:00
Tom King 626443af47 chg: Use a more suitable Sighting creation function as recommended, grab the Org ID from the user if present 2021-02-11 16:31:51 +00:00
iglocska 83e9580b97
fix: [bro] export fixed 
- invalid group by statement removed
 2021-02-08 23:15:34 +01:00
iglocska b87c80cd3b
fix: [zmq/kafka] attribute edits should include non exportable attributes 2021-02-08 16:59:57 +01:00
Jakub Onderka 5a12d1ebf0
Merge pull request #6964 from JakubOnderka/attribute-validation-order 
fix: [internal] First check if attribute value is valid composite
 2021-02-04 11:50:21 +01:00
Jakub Onderka be88afaba8 fix: [internal] First check if attribute value is valid composite, then run other checks 2021-02-04 11:31:38 +01:00
iglocska 122e9c8cc6
Merge branch 'develop' of github.com:MISP/MISP into develop 2021-02-03 08:49:39 +01:00
iglocska f889ba91c9
Merge branch '2.4' into develop 2021-02-03 08:49:23 +01:00
Jakub Onderka b4fe070ff7 fix: [internal] Capturing sightings for attributes 2021-02-02 23:11:27 +01:00
Tom King 07b79aee78 chg: Add in ability to update sightings against each attribute from a POSTed MISP Event 2021-02-01 14:10:39 +00:00
Jakub Onderka 49c8176473 chg: [internal] Optimise correlation exclusion 2021-01-29 16:02:24 +01:00
mokaddem dab00a9569
fix: [shadowAttributes:viewPicture] Allows shadow attribute's pictures to be displayed 2021-01-25 15:26:53 +01:00
Jakub Onderka b3eac486ca chg: [internal] Remove unnecessary Attribute::defaultCategories array 2021-01-10 20:28:30 +01:00
Jakub Onderka 20aa97f486 fix: [internal] Remove unused method isOwnedByOrg 2021-01-09 23:06:50 +01:00
Jakub Onderka 2218546944 chg: [internal] Generate type definitions just when required 2021-01-09 23:06:50 +01:00
Jakub Onderka f910d8538b
Merge pull request #6809 from JakubOnderka/optimise-sightings-saving 
chg: [internal] Optimise sightings saving
 2021-01-09 13:23:36 +01:00
iglocska b8823b86e2
new: [correlation] added system to exclude certain values from the correlation engine 
- simply add values at /exclude_correlations
- new values coming in will not correlate if they trip over the values listed there
- to remove existing correlations run the cleaner tool on the above endpoint

- values can be 1:1 matches, or substring searches (denoted with a leading, ending, or both '%')
  - https://www.google.com/%  will match anything starting with https://www.google.com/
  - %google.com% will match anything that contains google.com
 2021-01-07 09:31:38 +01:00
Jakub Onderka 432fb10509 chg: [optimisation] Faster fetching attributes with tags 2021-01-02 15:23:59 +01:00
Jakub Onderka 2bbe36c0ed chg: [internal] Optimise sightings saving 2021-01-01 15:45:05 +01:00
Alexandre Dulaunoy ad4431f156
Merge branch '2.4' into develop 2020-12-27 17:05:19 +01:00
Alexandre Dulaunoy 80871f7b52
new: [type] favicon-mmh3 is the murmur3 hash of a favicon as used in Shodan. 2020-12-24 11:56:58 +01:00
Jakub Onderka 9bc52c18fe chg: [internal] Use find('column') on more places 2020-12-23 13:45:57 +01:00
Jakub Onderka 4d4b306b60 new: [internal] New model method find('column') 2020-12-23 10:42:05 +01:00
Jakub Onderka 1a184ebbb5 new: [internal] Allow to output directly TmpFileTool 2020-12-21 21:02:37 +01:00
Andras Iklody 953f044481
chg: [vhash] removed validation altogether 
- vhash is like a box of chocolates, you never know what you're going to get.
 2020-11-25 21:53:56 +01:00
Alexandre Dulaunoy f980494d73
chg: [attribute] new process-state type 2020-11-24 12:19:05 +01:00
Kory Kyzar 9d0eff5f2a new: [datamodels] added jarm-fingerprint type 2020-11-23 14:03:36 -06:00
mokaddem 89f307bd07 Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-18 09:22:40 +01:00
mokaddem ffa0ab54f9
fix: [attribute:fetch_attributes] Respect group_by request 2020-11-17 12:08:46 +01:00
mokaddem f0bc398e60
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-16 14:59:17 +01:00
Jakub Onderka d4a3d847b4 fix: [internal] Try to prevent deadlocks when updating event attribute count 2020-11-09 10:20:21 +01:00
mokaddem 150b4cb7d1
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-11-09 10:07:43 +01:00
Jakub Onderka 6160ad5e34 chg: [rest] For attribute REST search with includeContext, fetch events just once 2020-11-09 08:05:01 +01:00
Jakub Onderka df9687238d
Merge pull request #6529 from JakubOnderka/experimenteal-faster-rest-fetch 
chg: [rest] Faster attributes restSearch
 2020-11-08 14:16:45 +01:00