mokaddem
3efaffdefc
fix: [attribute] `only_full_group_by` fixed for `__getCDIRList`.
...
Fix #6218
2020-11-06 08:36:07 +01:00
Jakub Onderka
a92c1c4fe4
chg: [internal] Speedup sightings saving
2020-11-03 09:20:22 +01:00
Jakub Onderka
9cf7be802d
chg: [rest] Faster attributes restSearch
2020-10-30 18:49:48 +01:00
mokaddem
f9e6aa61f9
Merge branch '2.4' of github.com:MISP/MISP into feature-report-extract-data
2020-10-23 22:25:13 +02:00
Andras Iklody
c5e0671de9
Merge pull request #6484 from crowface28/2.4
...
fix : #6354
2020-10-22 19:34:32 +02:00
Nick
98494cfda9
fix : #6354
...
fix : #6354
Need escape for quote in regex
2020-10-22 12:05:53 -04:00
Jakub Onderka
49660255fe
new: [av] Malware protection for uploaded files
2020-10-22 16:38:07 +02:00
Jakub Onderka
6063ee1547
chg: [UI] For revise object, do not validate unique UUID
2020-10-21 19:38:46 +02:00
Jakub Onderka
28af05528f
chg: [internal] Normalize AS type to asplain notation
2020-10-15 22:46:12 +02:00
Alexandre Dulaunoy
40e8d619cc
chg: [attribute] cpe was already present but not specified in any categories
2020-10-15 14:42:10 +02:00
Alexandre Dulaunoy
cf05b94cdc
new: [attribute type] cpe Common Platform Enumeration attribute type added
2020-10-15 14:39:26 +02:00
mokaddem
b8044d9c07
new: [eventReports] Attributes suggestion replacement + UI - Draft
2020-10-15 11:56:21 +02:00
Jakub Onderka
47d3293880
Merge pull request #6440 from JakubOnderka/event-ui-vol3
...
Event ui vol3
2020-10-14 19:45:20 +02:00
Jakub Onderka
2b24260555
fix: [internal] Missing variable
2020-10-14 18:54:59 +02:00
Jakub Onderka
e96b1afafc
chg: [validation] Provide better invalid messages for ip-dst|port, ip-src|port and hostname|port
2020-10-14 08:19:49 +02:00
Jakub Onderka
3606d368d1
chg: [validation] Simplify composite validation
2020-10-14 08:19:49 +02:00
Jakub Onderka
0d055b12d7
fix: [validation] Correct validation for iban, bic, btc, dash and xmr attributes
2020-10-14 08:19:49 +02:00
Jakub Onderka
cd591e684b
fix: [validation] Normalize mac-address and mac-eui-64 to lowercase
2020-10-14 08:19:49 +02:00
Jakub Onderka
335814af88
fix: [validation] Do not accept floats where should be just integers
2020-10-14 08:19:49 +02:00
Jakub Onderka
d9abb37c8f
Merge pull request #6438 from JakubOnderka/hostname-port-correlation
...
fix: [correlations] Disable correlation for port part in hostname|port
2020-10-13 23:29:17 +02:00
Jakub Onderka
5f98426f7d
fix: [correlations] Disable correlation for port part in hostname|port type
2020-10-13 23:08:59 +02:00
Alexandre Dulaunoy
550f09f628
new: [attribute] telfhash attribute type added - fix #6435
2020-10-13 22:29:43 +02:00
Jakub Onderka
e2c65d2a51
chg: [validation] Provide more precise and faster attribute validation
2020-10-13 10:51:18 +02:00
Jakub Onderka
d1a6a94f78
chg: [internal] URL is already defang in ComplexTypeTool
2020-10-12 08:24:34 +02:00
Jakub Onderka
ace025e085
fix: [internal] Properly convert `hostname|port` when delimiter is `:`
2020-10-12 08:23:49 +02:00
Jakub Onderka
8c6ad2b414
fix: [validation] Convert vulnerability attribute to uppercase
2020-10-12 08:23:49 +02:00
Jakub Onderka
46ea861576
chg: [UI] Validate object when revising
2020-10-12 08:23:46 +02:00
Jakub Onderka
a8dcd9aec4
fix: [validation] Float validation
2020-10-12 08:22:56 +02:00
Jakub Onderka
2f4d38b2f1
chg: [internal] Cleanup and simplify ShadowAttribute model code
2020-10-11 15:20:20 +02:00
Jakub Onderka
0b3f5a5eeb
chg: [freetext] Process just big number of attributes in background
2020-10-11 12:35:59 +02:00
Jakub Onderka
9a5d906e25
fix: [warnings] enforceWarninglist works again
2020-10-03 15:06:32 +02:00
Jakub Onderka
b031ad3a07
chg: [internal] Change method name to show that it just filter one attr
2020-10-03 10:17:05 +02:00
Jakub Onderka
66b270b42e
chg: [internal] Rename Warninglist::simpleCheckForWarning to checkForWarning
2020-10-03 10:17:05 +02:00
Jakub Onderka
bbb08e4074
new: [warninglist] Cache warninglist results
2020-10-03 10:17:05 +02:00
Alexandre Dulaunoy
1ffddca1b2
new: [attribute-type] filename-pattern to describe a filename base on a pattern
...
Fix #403
There is no specific validation on the field. This allows us to have a clear
separation between filename and filename-pattern as many users were
using filename for regexp. This also helps the creation of object
template which requires a filename pattern.
2020-10-01 15:04:13 +02:00
mokaddem
d0c7c44a2f
fix: [attribute] Typo in regex. Fix #6354
2020-09-28 09:34:54 +02:00
rmkml
1f08e9a27a
fix #6336 vhash
2020-09-27 13:45:23 +02:00
mokaddem
eb84b3344f
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0
2020-09-22 12:08:12 +02:00
rmkml
b33193c4d0
fix #6266 vhash &
2020-09-18 20:40:04 +02:00
Jakub Onderka
935437d1bc
chg: [internal] Invalid message for UUID contains that UUID must be RFC 4122 compliant
2020-09-18 10:56:28 +02:00
Jakub Onderka
69955d2fc6
Merge pull request #6272 from JakubOnderka/uuid-validation
...
Experimental: UUID validation
2020-09-08 21:17:53 +02:00
iglocska
b6c871309b
fix: [validation] relaxed first/last/middle name validation
2020-09-08 15:53:04 +02:00
Jakub Onderka
0e916bd364
chg: [internal] Ensure that UUID is always lowecase and real UUID
2020-09-08 10:47:28 +02:00
Alexandre Dulaunoy
6f2b94f09a
chg: [attributes] to_ids for new email type
2020-09-04 16:32:23 +02:00
Alexandre Dulaunoy
c8b7523063
chg: [attribute] pgp is not php ;-)
2020-09-04 15:56:56 +02:00
iglocska
7e2b0ac087
new: [types] pgp-public-key/pgp-private-key added
2020-09-03 17:40:55 +02:00
iglocska
92391ead44
chg: [type] email-src/email-dst descriptions redefined. Also added email to the person category
2020-09-03 12:15:06 +02:00
iglocska
b14e5fbb0e
new: [types] email added as a new type, affects #6281
2020-09-03 12:03:21 +02:00
Jakub Onderka
2f6f97e36e
Merge pull request #6274 from JakubOnderka/acl_filter_attribute_values
...
fix: [internal] Respect ACL for event attribute search
2020-09-02 17:24:16 +02:00
Jakub Onderka
4d819452e4
fix: [internal] Respect ACL for event attribute search
2020-09-02 16:49:45 +02:00
Golbark
3a0bedb104
chg: [internal] Using Allowedlist instead of Whitelist
2020-09-01 16:28:20 +02:00
iglocska
f82e10d1fb
new: [API] added count returnformat for the REST api, fixes #6233
...
- simply counts the number of attributes/events found (on each respective scope)
2020-08-31 12:32:28 +02:00
rmkml
6da01364ba
add SHA3 Hash on Attribut.php
2020-08-23 18:26:56 +02:00
Andras Iklody
eccc3f83e9
Merge pull request #6202 from rmkml/2.4
...
add vhash (VirusTotal Hash) on Attribut.php
2020-08-17 17:05:46 +02:00
rmkml
a6eeb676c4
add vhash (VirusTotal Hash) on Attribut.php
2020-08-17 16:36:47 +02:00
Jakub Onderka
261b54e505
chg: [correlation] Use less memory when generating correlation
2020-08-17 10:54:01 +02:00
Jakub Onderka
cac497158e
chg: [internal] Reuse AttachmentTool instance
2020-08-14 12:30:12 +02:00
Jakub Onderka
ba74ddd689
fix: [UI] Showing image thumbnail
2020-08-13 15:34:32 +02:00
Jakub Onderka
83f5d3ada5
chg: [internal] Generate event date even if attachments doesn't exists
2020-08-13 15:34:32 +02:00
Jakub Onderka
a411b36666
chg: [internal] Move attachment handling to one place
2020-08-13 15:34:32 +02:00
Jakub Onderka
421e94bc2f
fix: [security] Check if user can access sharing group when uploading attachment
2020-08-06 11:52:53 +02:00
Jakub Onderka
8bb2d94c5e
fix: [security] ACL check when loading ajax tags
2020-08-04 12:23:41 +02:00
Jakub Onderka
5611374829
fix: [security] ACL check when editing multiple event attributes
2020-08-04 12:23:38 +02:00
iglocska
a2c0010d48
fix: [unicode] Temporarily escape 4 byte characters until we move the attribute value fields to mb4, fixes #5123
...
- fixes sync/feed issues related to 4 byte unicode characters
2020-07-30 09:17:27 +02:00
Jakub Onderka
d7f7bc725b
chg: [internal] Faster loading sighting
2020-07-28 09:50:28 +02:00
mokaddem
cda56bdbd3
fix: [attribute:editableFields] Typo in variable name
2020-07-24 16:19:02 +02:00
mokaddem
f53ba3675e
chg: [AttributeTags:handleAttributeTags] More generic way to handle
...
capture and association
2020-07-24 14:30:41 +02:00
mokaddem
6c1bbf0fde
chg: [attribute] Added tag handling when saving attributes and objects
2020-07-24 13:55:34 +02:00
mokaddem
5b4cef3e6c
Merge branch 'feature/tags-deletion' into fix-update-tags-on-attribute-edit
2020-07-24 11:41:27 +02:00
mokaddem
0086fcd1dd
chg: [attribute:editAttribute] Uage of `editableFields` instead of
...
hardcoded array
2020-07-24 10:59:42 +02:00
mokaddem
3fc896eaaa
fix: [attribute] Allow editing attributes
...
Added raw values fields in the `editableFields`
2020-07-23 12:44:07 +02:00
mokaddem
77f2a983b2
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2020-07-23 11:19:41 +02:00
mokaddem
d3f9184f21
fix: [attribute:edit] Prevent the edition of system reserved fields
2020-07-23 11:15:01 +02:00
iglocska
6750a05003
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2020-07-22 13:12:50 +02:00
iglocska
662cdbc7b7
fix: [sync] drop the republishing of events when the modification is merely a timestamp bump
...
- due to an already fixed issue still lingering, invalid event edits keep getting synchronised between instances
- these events still generate publish alerts erroneously
- this fix compares the previous state of the event to the modification, if there are no material changes (attributes, objects, object relations, event tags added/updated) then the publishing is dropped.
2020-07-22 13:10:52 +02:00
mokaddem
ad81c60986
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0
2020-07-21 08:09:25 +02:00
Jakub Onderka
35e2aa5837
chg: [internal] Faster generating correlations when enabling for event by toggle
2020-07-17 09:46:34 +02:00
Jakub Onderka
91a1913fed
new: [attribute] Add support for IDN domains
2020-07-16 17:23:49 +02:00
mokaddem
b3dbecb318
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0
2020-07-14 16:25:04 +02:00
Jakub Onderka
3afcf1e070
Merge pull request #5929 from JakubOnderka/fuzzy-purge
...
fix: [correlations] Purge ssdeep table after attribute delete
2020-07-13 22:48:10 +02:00
Andras Iklody
6dca14a6b0
Merge pull request #6067 from JakubOnderka/fix-composite-type-uniquenes
...
fix: [attributes] Possible duplicate attributes
2020-07-10 09:59:55 +02:00
Andras Iklody
bfb2bf1bfd
Merge pull request #6070 from JakubOnderka/cidr-correlation-optim
...
Cidr correlation optim
2020-07-07 12:23:35 +02:00
Andras Iklody
e6995dab67
Merge pull request #6035 from JakubOnderka/rest-search-optim
...
chg: [internal] Attribute REST search optimisations and error handling
2020-07-07 12:18:29 +02:00
mokaddem
f3a9481c61
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0
2020-07-01 16:22:55 +02:00
Jakub Onderka
4d95426ca8
chg: [correlations] Faster checking if CIDR is IPv4 or IPv6 version
2020-06-28 10:15:31 +02:00
Jakub Onderka
e96d632055
chg: [correlations] Just check if redis key exists
2020-06-28 10:14:40 +02:00
Jakub Onderka
08e1fb3b49
fix: [attributes] Possible duplicate attributes
2020-06-26 22:43:16 +02:00
iglocska
6b95047c1e
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2020-06-22 11:11:31 +02:00
iglocska
609bfbd450
fix: [security] missing ACL lookup on attribute correlations
...
- attribute correlation ACL checks are skipped when querying the attribute restsearch API revealing metadata about a correlating but unreachable attribute.
- Thanks to Jakub Onderka for his tireless work and for reporting this!
2020-06-22 11:00:56 +02:00
Jakub Onderka
3d12cb3f3c
chg: [internal] Attribute REST search optimisations and error handling
2020-06-19 23:45:22 +02:00
Jakub Onderka
7eb464a58f
fix: [UI] Typo
2020-06-18 16:34:01 +02:00
Jakub Onderka
5346190afb
new: [correlations] Enable CIDR correlations for ip-src|port and ip-dst|port types
2020-06-17 11:11:51 +02:00
Jakub Onderka
48c9c32e48
chg: [correlations] Faster IPv4 CIDR correlation
2020-06-17 09:17:57 +02:00
Jakub Onderka
8454ca38c7
chg: [correlations] Faster IPv6 correlation
2020-06-17 09:17:57 +02:00
Jakub Onderka
1d0d913972
chg: [correlations] Big speedup when correlating CIDR
2020-06-17 09:17:57 +02:00
mokaddem
a5e7e46cd4
Merge branch '2.4' of github.com:MISP/MISP into decaying-v2
2020-06-08 08:26:15 +02:00
Jakub Onderka
9665b8a091
fix: [internal] Removing attributes from empty event
2020-06-05 16:48:53 +02:00
mokaddem
bb167029eb
new: [userSettings] New setting `default_restsearch_parameters`
...
It allows users to supply restSearch parameters that will be injected
(and possibly overridden) into the restSearch filters.
2020-05-29 15:23:27 +02:00
mokaddem
591bd8f9c5
fix: [attribute:fetchAttribute] Prevent notices if tags not set while
...
computing decay
2020-05-29 15:20:07 +02:00
mokaddem
5c04b9a8c1
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0
2020-05-28 14:06:30 +02:00
Raphaël Vinot
27cdcf2c65
Merge pull request #5941 from MISP/git-commit-id
...
new: [type] git-commit-id
2020-05-26 15:03:52 +02:00
Andras Iklody
130e2970b5
Merge pull request #5942 from JakubOnderka/correlation-saving
...
Correlation saving
2020-05-26 14:28:51 +02:00
Jakub Onderka
f1a1f3d81f
chg: [correlation] When generating correlation, just fetch attributes that can correlate
2020-05-26 13:15:19 +02:00
Jakub Onderka
04c783afd7
chg: [correlations] Refactored correlation saving
...
* Always show other correlating value (useful for CIDR correlations)
* Make correlation saving faster (move more work to database, do not fetch not necessary fields)
* Fix some small bugs
2020-05-26 13:14:57 +02:00
Raphaël Vinot
c03670cf0d
new: [type] git-commit-id
2020-05-26 12:26:24 +02:00
Andras Iklody
ffed7fed4c
Merge pull request #5906 from JakubOnderka/fix-ipv4-cidr-validation
...
fix: [attribute] Do not allow for IPv4 CIDR masklen bigger than 32
2020-05-26 08:59:05 +02:00
Jakub Onderka
a8bc7868cf
fix: [correlations] Purge ssdeep table after attribute delete
2020-05-21 17:54:40 +02:00
chrisr3d
932e51d4d7
fix: [opendata export] Less confusing variable name for the parameter to only skip exporting the data and keep only the header
2020-05-15 14:08:34 +02:00
chrisr3d
2bf534a882
Merge branch '2.4' of https://github.com/MISP/MISP into opendata
2020-05-15 11:40:20 +02:00
Jakub Onderka
c8c599653e
fix: [attribute] Do not allow for IPv4 CIDR masklen bigger than 32
2020-05-14 18:13:39 +02:00
mokaddem
45d2eccd6a
fix: [attribute:simpleAddMalwareSample] Typo in loading `Object` class.
...
Fix #5864
- Was not spotted before because the fixed line was if fact doing
nothing as the class's key was already used
2020-05-14 15:00:43 +02:00
iglocska
a24fe930da
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2020-05-14 09:52:45 +02:00
iglocska
15d6c30649
new: [sync] (for now) undocumented force pull added
...
- can only be triggered via the CLI for now
- usage: /var/www/MISP/app/Console/cake Server pull [user_id] [server_id] [technique] [force]
- the force flag has to be passed as 'force' to avoid accidentally triggering it
- What it does:
- pulls ignoring the timetamp differences
- this means that even older states of events, attributes, objects are ingested
- useful for when wanting to reset an event / all events to align with an upstream server
- Caveats:
- attributes added on the low side are maintained
- tags added on the low side are maintained
- keep in mind this WILL override attributes that are soft deleted
2020-05-14 09:34:49 +02:00
Andras Iklody
049ee88aa7
Merge pull request #5889 from JakubOnderka/attribute_correlation
...
IPv6 CIDR correlations
2020-05-14 08:28:15 +02:00
Andras Iklody
f659ee5871
Merge pull request #5892 from JakubOnderka/fixed_event_freetext_feed_speedup
...
Fixed event freetext feed speedup
2020-05-12 08:43:46 +02:00
Jakub Onderka
47d32a46f4
chg: [internal] Faster saving attributes
2020-05-11 18:18:17 +02:00
chrisr3d
18d6e38b4f
chg: [restSearch] Option to skip fetching attributes/events when only the metadata is wanted
...
- As for the opendata export we do not need to get
the attributes or event, and are only interested
in using the metadata, a parameter to skip
fetching the actual data collection has been
added, and we avoid iterating through the entire
data collection.
2020-05-11 12:54:11 +02:00
Jakub Onderka
e56629daf1
fix: [correlations] Do not correlate CIDR with CIDR
2020-05-10 14:40:04 +02:00
Jakub Onderka
1cf9f3ce2e
fix: [attribute] modifyBeforeValidation fix for `domain|ip` type
2020-05-09 09:42:40 +02:00
Jakub Onderka
5509bb84f5
fix: [correlations] Return just unique values for CIDR list
2020-05-08 22:28:58 +02:00
Jakub Onderka
9269d92147
chg: [correlations] Faster inserting data to Redis
2020-05-08 22:24:28 +02:00
Jakub Onderka
29dba5637a
fix: [correlations] IPv6 CIDR correlations works
2020-05-08 21:40:26 +02:00
Jakub Onderka
7b26546252
fix: [correlations] Removed unnecessary Redis call
2020-05-08 21:39:50 +02:00
Jakub Onderka
c09ef4b8c2
fix: [correlations] Remove references to not exists type 'domain-ip'
2020-05-08 21:28:45 +02:00
Jakub Onderka
91139482cf
chg: [correlations] Use faster algorithm for IPv6 correlations
2020-05-08 21:16:33 +02:00
chrisr3d
b3a94a18f5
add: [restSearch] OpenData export module
2020-05-06 18:15:30 +02:00
chrisr3d
83fe3c1b4c
add: [restSearch] Added opendata to the valid formats
2020-05-06 18:15:18 +02:00
iglocska
eed82bff99
new: [API] added threat_level_id as a restSearch filter
2020-05-05 18:07:51 +02:00
iglocska
e2bbece354
Merge branch '2.4' of github.com:MISP/MISP into 5802
2020-04-30 08:30:01 +02:00
mokaddem
720aa4a7db
Merge remote-tracking branch 'origin/2.4' into feature/tags-deletion
2020-04-29 09:00:31 +02:00
iglocska
1c3dc3fe51
Merge branch '2.4' into 5272
2020-04-28 15:31:17 +02:00
mokaddem
94bf826841
Merge remote-tracking branch 'origin/2.4' into JakubOnderka-event_loading_speedup
2020-04-28 11:39:51 +02:00
Jakub Onderka
f0ada41963
chg: [internal] Speed up of loading event page
2020-04-27 16:00:28 +02:00
mokaddem
eebde57ee1
fix: [attribute:restSearch] Make sure to always pass all tags to Decaying's
...
computation function
2020-04-27 10:45:19 +02:00
mokaddem
3547a8a888
fix: [correlations] Update correlations on Attribute or Event
...
`distribution` change
2020-04-17 11:29:09 +02:00
mokaddem
dd1be03597
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0
2020-04-09 14:26:48 +02:00
iglocska
20e1c62d11
fix: [API] fixes to set_filter_uuid
2020-04-02 07:02:24 +02:00
iglocska
150b5f7338
fix: [search] Fixed the UUID / ID searches on the attribute scope, fixes #5636
2020-04-01 23:14:29 +02:00
mokaddem
04dcdebb1f
new: [galaxyCluster] Initial import of Galaxy2.0 codebase - WiP
2020-03-12 10:26:09 +01:00
mokaddem
4f3ed331f0
chg: Removed unwanted indentation
2020-03-06 10:58:50 +01:00
mokaddem
2061707932
fix: [attribute:validation] Better validation of IPv6-[dst/src] and
...
improved display.
fix #5682
2020-03-06 10:54:06 +01:00
mokaddem
5de5453dbd
Merge branch '2.4' of github.com:MISP/MISP into pr-feature/tags_deletion
2020-02-27 11:19:53 +01:00
mokaddem
8d11600e2b
chg: [tag] Support of untagging in Object's Attribute and other fixes
...
- deleted: 0 is correctly handled
- stopped usage of `editAttribute` from Attribute Controller
2020-02-27 11:17:21 +01:00
iglocska
9913d194fa
fix: [correlations] fix to an issue where attribute edits could purge correlations
...
- bug introduced by a merge gone wrong
- attribute edits that modify fields that do not affect the correlations (such as to_ids, comment, etc) would cause correlations to be purged
2020-02-26 14:28:29 +01:00
mokaddem
f94c693aa0
fix: [decaying] Attributes not having a DM associated will be defaulted
...
as `not decayed`
2020-02-21 14:47:52 +01:00
Tom King
bee49f7028
Merge remote-tracking branch 'upstream/2.4' into feature/tags_deletion
2020-02-13 16:17:03 +00:00
mokaddem
8e2da13e0e
Merge branch '2.4' into enforce-iso-datetime
2020-02-10 14:18:14 +01:00
iglocska
4806652448
fix: [API] several fixes to the Bro API
...
- always use flatten:1 to also include object attributes
- fix the generated full export to only include the header once
2020-01-31 11:45:23 +01:00
iglocska
bae2717eaf
new: [API] Enveloping improvements
...
- user controlled envelope settings to control memory estimation for attribute/event sizes
- logging of potentially too large events for the current memory envelope
- tuning of the default values
- added a divider for the event:attribute conversion to account for objects / event level contextualisation / correlations
2020-01-29 22:33:27 +01:00
mokaddem
b03d86221b
chg: [attribute:type] Datetime value is forced to be a valid ISO format
...
- It is converted into UTC in the server
- /attribute/add Form includes javascript validation part
2020-01-28 14:38:58 +01:00
Jakub Onderka
ed6bb367e3
chg: [UI] Disable Advanced extraction button if it is not installed
2020-01-26 18:56:41 +01:00
Jakub Onderka
73b9513a38
chg: [internal] Refactoring malware handling
2020-01-26 18:56:41 +01:00
Jakub Onderka
6f212dd97c
chg: [UI] Resizing images
2020-01-24 10:58:01 +01:00
mokaddem
d16369f4b3
Merge branch '2.4' of github.com:MISP/MISP into pr-view_picutre
2020-01-24 10:42:35 +01:00
iglocska
f88743cb7a
fix: [internal] slight tuning to the attribute restsearch memory envelop size
2020-01-23 09:45:27 +01:00
Alexandre Dulaunoy
42f106610b
chg: [attributes] new attribute type 'chrome-extension-id'
...
This attribute is used by Chrome to uniquely identify extension.
2020-01-21 09:40:25 +01:00
mokaddem
2a5112cc1e
Merge branch '2.4' of github.com:MISP/MISP into zoidberg-final
2020-01-17 09:20:49 +01:00
mokaddem
96c1f41ffd
chg: [attributeTag] Stop pruning outdated attribute tag when syncing.
...
Will be re-enabled in the future
2020-01-16 15:13:10 +01:00
mokaddem
5c97c5da53
fix: [Attribute:editTag] Correctly escalate the timestamp refresh to the
...
Object
2020-01-16 11:02:56 +01:00
Tom King
0a4fbc80c5
Merge branch '2.4' into feature/tags_deletion
2020-01-14 10:03:44 +00:00
Alexandre Dulaunoy
7a82a9f8d7
new: [attribute type] kusto-query attribute type
...
Kusto query is the query language for the Kusto services in Azure used
to search large dataset. It's used in Windows Defender ATP Hunting-Queries
and also Azure Sentinel (Cloud-native SIEM).
To fix #5475
2019-12-28 15:21:19 +01:00
mokaddem
7797aeed94
Merge branch '2.4' of github.com:MISP/MISP into zoidberg-final
...
Not a simple merge. Needed to fix forms and simplified how
form_seen_input works
2019-12-16 13:36:01 +01:00
mokaddem
092348ffcd
chg: [Attribute:seen] Moved conversion iso<->utc of fs/ls in dedicated
...
functions
2019-12-16 10:47:07 +01:00
iglocska
208e9e9cfc
fix: [API] include the local flag in tags when using restSearch
2019-12-11 10:29:45 +01:00
mokaddem
a1fdea754d
Merge branch 'zoidberg-timeline' into zoidberg-final
2019-12-06 15:40:51 +01:00
Alexandre Dulaunoy
a740d14593
chg: [types] new eppn attribute type added - EduPersonPricincipalName
...
Fix #5448
2019-12-05 19:22:38 +01:00
iglocska
bde75e9443
fix: [internal] attribute restsearch - handle empty lines returned from the module better
...
- no more empty lines hopefully in some exports
2019-12-05 09:42:49 +01:00
iglocska
5768ff9485
fix: [internal] hard delete of attributes after a soft delete fixed
2019-12-04 16:11:38 +01:00
iglocska
1c5afa49ed
new: [refactor] Massive internal refactor and cleanup of deprecated APIs
...
- new centralised restSearch function in AppController as entry point via all controllers
- new component handling restSearch related support functions, such as parameter mapping
- hollowed out all deprecated export functions on the event/attribute controller
- replaced with a new functionality that remaps them to restSearch
- all functionality should be maintained with all additional advantages introduced with restsearch
- additional cleanup (some unused functions removed)
2019-11-29 10:11:30 +01:00
Andras Iklody
ae5c228c05
Merge pull request #5273 from JakubOnderka/patch-54
...
fix: [internal] Remove unused function
2019-11-26 13:42:56 +01:00
Tom King
34c5570692
new: Allow for attribute tag deletion via Event or Attribute edit. Clean and return the attribute tags on response from editing an attribute, update code to remove legacy
2019-11-26 12:27:15 +00:00
iglocska
e4c82eb9ff
fix: [API] adding objects now has better validation errors
...
- instead of silently dropping attributes in certain cases
2019-11-15 14:11:24 +01:00
iglocska
0f40cef0f1
fix: [internal] Attribute/Event connectors for attribute_timestamp added
2019-11-11 16:09:54 +01:00
mokaddem
e396941dcf
fix: [attributes:restSearch] Fixed typo
2019-11-08 15:25:53 +01:00
mokaddem
437490872b
chg: [restSearch] Improved meta-search code
...
- Correctly returns nothing if search on metas does not return anything
- Renamed `orgc.sector` into `org.sector` while still being `orgc`
behind the hood
- Removed duplicated code
2019-11-08 11:37:43 +01:00
mokaddem
8e60c3d8d4
Merge branch '2.4' of github.com:MISP/MISP into feature-meta-search
2019-11-08 11:15:34 +01:00
iglocska
c4f1d4d15e
new: [SightingDB] Added integration with SightingDB
...
- Added configuration tool
- Added lookups from the event view
- Added includeSightingdb flag for the restSearch searches
- Added SightingDB search tool
- Added SightingDB connection test tool
2019-11-06 21:20:04 +01:00
mokaddem
a53a06d080
new: [attribute:restSearch] Support of Orgc and GalaxyElement meta searches
2019-11-06 11:12:30 +01:00
Jakub Onderka
caa62220ff
new: [internal] Attribute::isImage method
2019-10-12 09:34:49 +02:00
mokaddem
015ec7d989
Merge branch '2.4' of github.com:MISP/MISP into zoidberg-timeline
2019-10-08 14:12:38 +02:00
iglocska
173054ccd3
fix: [internal] Set attribute restsearch page to 1 if limit is set without setting the page number
2019-10-08 08:27:21 +02:00
Jakub Onderka
87b568526f
fix: [internal] Remove unused function
2019-10-05 23:17:19 +02:00
garanews
85c28ce36e
Fix some typo
...
Fix some typo
2019-10-04 13:02:59 +02:00
mokaddem
b44b369eec
Merge remote-tracking branch 'origin/2.4' into zoidberg-timeline
2019-10-02 14:35:00 +02:00
mokaddem
265f96dac8
chg: [object:quickAddAttribute] Improved feedback when creation fails
2019-10-02 14:30:34 +02:00
mokaddem
bb3cf85776
Merge branch '2.4' into zoidberg-timeline
2019-10-02 11:23:04 +02:00
Alexandre Dulaunoy
11e4884628
add: [attributes] new dash cryptocurrency address attribute type
2019-10-01 19:47:26 +02:00
iglocska
c53f34e33d
fix: [correlation] Skip correlation on tasks that modify an attribute in a way that wouldn't warrant a recorrelation, fixes #5204
...
- Only recorrelate attribute if:
- attribute is new
- attribute already exists and value, disable_correlation, type is updated
2019-09-29 21:07:35 +02:00
iglocska
8168cc79db
fix: [API] proposals overriding attributes wasn't always working as expected, fixes #4032
...
- until now it was bound to the to_ids setting (badly) which caused nothing but headache
- moved the new configuration to instead use the non-permissive nature of the given export formats
- non-permissive export: if the proposal block is enabled, override attributes
- permissive export types: ignore the proposals
The reasoning is simple: we use the permissive export types for types that can express additional structures such as proposals, IDS flags, publish flags etc (meaning the MISP JSON/XML formats for example)
2019-09-29 20:35:51 +02:00
iglocska
480e3b2969
Merge branch 'dev_session' into 2.4
2019-09-29 20:23:00 +02:00
iglocska
bf35987835
fix: [internal] Proposals block attributes setting broken when to_ids is an array
2019-09-29 18:33:32 +02:00
iglocska
40cf160c53
new: [API] Netfilter added as new export format
2019-09-25 20:17:25 +02:00
iglocska
946602a696
new: [User settings] Added user settings system
...
- set settings / user
- settings can be set by user themselves or their org admin / site admin
- added first setting: publish_alert_filter
- accepts boolean branched filter options
- supports deep logical trees
- OR/NOT/AND
- currently supports filtering on tags and the creator organisation
2019-09-25 11:50:54 +02:00
chrisr3d
c0aec75a09
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2019-09-12 17:13:19 +02:00
chrisr3d
fbb25bad6f
new: [restSearch] restSearch module for ATT&CK Sightings
...
- Returning ATTA&CK Sightings in json format for
events and attributes with mitre-attack-pattern
galaxies attached
- For further details on the ATT&CK Sightings,
please visit https://attack.mitre.org/resources/sightings/
- Also thanks to @johnwunder for the clarification
on the output format
2019-09-12 17:03:35 +02:00
mokaddem
f6f1310a50
chg: [decaying:model] Third batch of fix from the PR review - WiP (not tested)
2019-09-12 11:17:33 +02:00
mokaddem
515f0572df
chg: [decaying] Added alias `score` to override on-the-fly the treshold
...
of a model
2019-09-06 14:55:12 +02:00
mokaddem
893dd617c8
chg: [attribute:restSearch] New paramter `includeFullModel` to attach
...
full model information
2019-09-06 11:32:54 +02:00
mokaddem
a5d06d1333
Merge branch '2.4' of github.com:MISP/MISP into decaying
2019-08-29 10:52:18 +02:00
Pierre-Jean Grenier
1994750db1
fix: Fix 'contain' param in app/Model/Attribute.php:fetchAttributes()
...
When we specified eg. 'contain': array('Event'), the merge done by the function was incorrect, and only kept more restrictive stuff,
while we wanted to get all the keys related to the Event.
2019-08-26 17:59:12 +02:00