iglocska
032844321c
fix: Misleading failure message when failing to create Attributes partially fixes #2955
2018-02-25 23:20:37 +01:00
iglocska
10bd1f69c4
new: Allow requesting of misp standard format for the export modules
...
- just set the `require_standard_format` to true in the moduleinfo disctionary
2018-02-21 11:42:30 +01:00
Andras Iklody
297fe776fc
Merge pull request #2934 from cvandeplas/fix/modules-api
...
fix - allows upload of files using the misp-modules API
2018-02-18 10:07:21 +01:00
truckydev
c247cfb77d
don't exlude attributes with non-exportable tag
...
exclude filter on attributes when tag is non-exportable
2018-02-15 17:17:50 +01:00
Christophe Vandeplas
637a500c1e
fix - allows upload of files using the misp-modules API
...
See also #2719
2018-02-14 13:40:04 +01:00
iglocska
9af6130d43
new: Added STIX import directly to the UI
2018-02-09 11:30:28 +01:00
iglocska
23937eebb9
fix: Fixes to several cases of handling blocked access incorrectly / non-gracefully
...
- As reported by Christophe Vandeplas
- stix export: Ungraceful handling of attempted access of unauthorised event (no unauthorised data returned)
- import module: Allows creation of proposals to unauthorised events (no unauthorised data returned, proposals are for new attributes only meaning no automatic override triggered)
- saveFreetext: same as import module
2018-02-06 16:37:37 +01:00
iglocska
010557b042
new: Added returnMetaAttributes flag to the /events/freeTextImport API
...
- directly returns the raw parsing data instead of creating the attributes if set
- 177 days, 23 hours 40 minutes faster implementation than expected by @ilmoka - #PMD
2018-02-02 15:33:07 +01:00
iglocska
a7f3bb7f76
fix: Load orgc data after attributes are loaded in search csv export
...
- functionality still needs further fixes, WIP
2018-01-25 07:45:38 +01:00
iglocska
00f711a86c
fix: Fixes the object issues pointed out in #2543
...
- Shoutout to the debug hero finding them: @StefanKelm
2018-01-19 16:25:39 +01:00
iglocska
7f29a9a74b
fix: Fixed a set of issues with sharing groups that lead to synced events not saving/updating
2018-01-18 23:34:04 +01:00
iglocska
3430383583
fix: Add timestamp to the CSV api
2018-01-18 15:59:13 +01:00
iglocska
b18b64e833
new: Filter the event index on sharing group IDs, fixes #2845
2018-01-18 08:38:23 +01:00
iglocska
23adc990b9
new: Automatic cateory switching based on currently selected types for the freetext import/module triage screen
2018-01-17 10:15:23 +01:00
iglocska
a7aa2358b2
fix: Remove the option for disabling sightings - it's an integral feature of the MISP core. Fixes #2820
2018-01-16 12:50:01 +01:00
iglocska
4e0fe770a7
fix: Removed debug
2018-01-15 11:11:58 +01:00
iglocska
637e2dda2d
fix: Clarify scope for filter options in quick search
2018-01-15 10:59:44 +01:00
iglocska
a2205fba31
new: Limit modules to a single organisation
...
- new settings in serverSettings
2018-01-13 12:22:14 +01:00
iglocska
fee672dd76
fix: quickfilter should include attribute level tags too
2018-01-10 09:57:37 +01:00
iglocska
7b8da4979b
fix: Pagination on event attributes didn't load the feed correlations
2018-01-09 14:00:50 +01:00
Andras Iklody
d94c379f37
Merge pull request #2719 from cvandeplas/2.4
...
basic support for misp-modules via API
2017-12-19 20:07:26 +01:00
Alexandre Dulaunoy
710fe0ba7c
fix: STIX2 export is no more experimental and can be safely used
2017-12-19 12:18:19 +01:00
iglocska
92b441f37a
fix: Fixed an issue where url parameters for restsearch didn't block attributes
...
- url parameters are bad
- shame
- SHAME
2017-12-13 19:22:27 +01:00
iglocska
c16246598d
new: Add tag restrictions for a single user
2017-12-08 16:31:00 +01:00
Christophe Vandeplas
7eed575c51
basic support for misp-modules via API
...
- mini cleanup of FileAccessTool that's not needed
- basic support for misp-modules via API (malware-samples not supported yet)
2017-12-07 18:52:31 +01:00
Christophe Vandeplas
cda57ec92d
fixes issue #2698 - malware-sample fails with import modules
2017-12-07 16:04:38 +01:00
iglocska
9e32f72f6c
fix: Removed the requirement for a comment from the import modules
...
- if the comment field is set don't override it
2017-12-06 08:49:48 +01:00
iglocska
9ad39fedee
fix: removed unused variable
2017-12-06 00:21:48 +01:00
iglocska
8323071b7e
fix: Moved attribute_tags in the CSV export to the includeContext flag instead of the toggle-able attributes
2017-12-05 10:22:26 +01:00
iglocska
6d0550812d
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2017-12-05 09:24:30 +01:00
iglocska
3e112be322
new: Various improvements to the CSV export
...
- The @FloatingCode and @ilmoka care package
- Improved CSV performance for instances with large number of events
- Added "value" filter for CSV (use-case: I want all indicators for this value with context)
- Added attribute tags to the output of the CSV export
2017-12-05 09:21:31 +01:00
iglocska
8bb1fd678e
Merge branch '2.4' of github.com:MISP/MISP into feature/tag_filter_rework
2017-12-05 00:09:37 +01:00
iglocska
4f6dba5f35
new: various improvements
...
- use the feed uuid caches to link directly to affected MISP events
- various UI improvements
- Feed preview pagination / POSTed event ID filters added
2017-12-05 00:05:11 +01:00
iglocska
05a89f5e87
Merge branch '2.4' into feature/tag_filter_rework
2017-11-30 22:28:35 +01:00
iglocska
e760ba7b6a
new: Add the possibility to limit fields for the CSV export via POST requests
2017-11-30 19:12:14 +01:00
iglocska
3b893d3b69
fix: Fixes to various issues with adding proposals via the freetext import tool
...
- no feedback on whether the resulting dataset will be stored as attributes/proposals
- unpublishing of the event when proposals get entered
- alerting the event creator of new proposals if coming from the freetext import tool
2017-11-29 07:59:09 +01:00
iglocska
678eecf224
new: Add attribute tag filters to the fetchEvents() functionality
...
- tag filters now filter on:
- all events cotaining matching tags on event + attribute level (positive lookup)
- all events not containing matching tags (negative lookup)
- filter attributes within a matched event for blocked attributes (negative lookup)
- moved tag filtering to subquery filtering - should improve performance massively on larger instances when filtering on tags
- first round of implementations, more on the way
2017-11-19 21:21:32 +01:00
iglocska
d09edd434c
fix: Fixes an issue where assigning sharing groups based on existing IDs didn't work for event creation via the API
...
- expected full sharing groups as provided by the sync, references didn't work
2017-11-17 13:31:55 +01:00
iglocska
27e3faeba5
fix: Fixed silly lookup with injected event IDs on the export page for normal users
...
- broke instances with a few hundred k events
2017-11-13 16:32:28 +01:00
Andras Iklody
97b0edcbfd
chg: pass event_id to import modules, fixes #2612
...
As described by @Vince147
2017-11-03 08:43:16 +01:00
iglocska
08d71413cb
fix: Fixed default distribution for upload_sample(), fixes #2608
2017-11-02 07:52:55 +01:00
iglocska
7f5c03f007
fix: Convert - to _ in csv headers
...
- to match the previous output
2017-10-28 19:10:34 +02:00
iglocska
c02f91722f
fix: Add the object fields by default to the CSV export
2017-10-27 17:53:37 +02:00
iglocska
6cd0a29f02
fix: Fixed the CSV field name for date
2017-10-27 16:38:39 +02:00
iglocska
35ad0f2f57
fix: Fixed an issue with the CVE export if no field parameters were passed
2017-10-27 16:14:37 +02:00
Cédric Bonhomme
96635dca78
the last useless coma
2017-10-27 11:16:42 +02:00
Cédric Bonhomme
5ac042da67
harmonizes arrays initializations
2017-10-27 11:04:57 +02:00
Cédric Bonhomme
9e93b61838
Enables the user to select the attributes to be included in the CSV export (event and object attributes).
2017-10-27 11:00:32 +02:00
Richard van den Berg
b5972fb6e7
Speed up tag searches, fixes #2407
2017-10-20 14:22:22 +02:00
iglocska
7372831614
fix: Fixed a bug with the restSearch API
2017-10-13 16:56:13 +02:00
iglocska
0efa2bef1a
new: Rework of the feed correlation lookups for the event view
...
- massive performance boost by using redis pipelining
- for events with 10k+ attributes, show truncated feed correlation lookups, informing the user about the number of correlating attributes and a boolean flag on attributes saying that they correlate
- The overall feed correlation counter also allows users to pivot to a view that loads all correlations, though it should be used with some caution as it can be somewhat heavy
2017-10-11 11:12:34 +02:00
iglocska
483c8704ac
new: Added first experimental STIX 2 export implementation
...
- kudos to @chrisr3d for digging into the deepest bowels of the scary beast that is STIX2
- PoC, definitely needs further improvements/mapping. Let us know about issues you find!
2017-10-08 20:29:50 +02:00
iglocska
fa7d3fdb36
new: First round of updates to the correlation engine ready
...
- node deletion temporarily disabled until a bug is resolved
2017-10-08 19:50:28 +02:00
iglocska
f5bcd37944
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2017-10-08 15:32:57 +02:00
iglocska
a399ef1186
new: Further work on the graphing engine
2017-10-07 16:18:39 +02:00
iglocska
5290214c9b
new: First iteration of the graphing engine rework
2017-10-06 10:05:00 +02:00
iglocska
cd9fe1883e
fix: Some cleanup of the attribute filtering
2017-10-05 11:59:59 +02:00
Tristan METAYER
66a43f5511
Add an imput for search on all attributes in an event.
...
field to search can be modify in administration page.
2017-10-04 19:07:58 +02:00
iglocska
09dd5b12c0
fix: Fix some restsearch filters fetching the same event more than once
2017-09-29 16:37:24 +02:00
iglocska
6a12f122db
fix: Corrected filename for array of events
2017-09-29 16:10:38 +02:00
iglocska
b658c20b75
fix: Flatten events for the correlation graph
2017-09-26 10:18:04 +02:00
iglocska
9e71fbb5f7
fix: flatten the events for the restSearch API's lookup functions
...
- otherwise valid events that only contain objects get blocked
2017-09-25 14:00:17 +02:00
iglocska
3f76fd6ea7
new: Rework of the attachment uploader
...
- add attachments and upload_sample now share code
- allow the same features via upload_sample (object creation / use of advanced add attachments)
- new flag: advanced
- example:
POST to mymisp/events/upload_sample
BODY:
{"request":{"files": [{"filename": "bla.exe", "data": "U3RhckNyYWZ0IElJIGZvcmV2ZXI="}], "distribution": 1, "advanced":1, "info":"bla"}}
- this commit was brought to you by CEF and
MMMH$= - ., ,,. %H++ ,= %%$$$$X+ ;=== .= :+HHHMMMHMMM####MMH@@@@@@HHH$= HHH@HHHHH+XXX$$$$$$$$XXXXXXX+
MMH = -. . ,-,,-,. :H@H =;;++$HH+XX$%+X%+$++=:=.XH@@@HMMMMMMMMH@@@@@@@HHX$ ,X@@@@@@@HHHHHHHHHHXXXXXXXXXXXXXX
. ---, - ,,, +@ .. ;++$HH+HHH++$+++HH+++, .+%HHMHHHHHHHHH+%%%++++$+ +++HHHHHHH+++++++++HHHHHHHHHHHHHH
- -- ,,, --,. - , ,; +$XHH@@@@HHH@@@HHHH+$+$X+HH+$$+ ; ;= . % + ,+$X+++XXXXXXXXXXXXX++HH+++++++
---==,,--,-,-., : . -,,:/ $XHH@HMMMMMMMMMM@HHX$H@MHHHHX+H%%$%+H/:.%. $. @,,,. $$XXXXXXXXXXXXXXXXXXXXXXXXXX+
= - --,, , -- .. =/ +$+H@@HMMMMMMMMH+H+++HHHHHHHH@+++++H+X++X+$$ = ,,, - $$XXXXX$$$$X$$$$$$$$$$$$$$X
====== --,,,, ,= = ,==== ++$$+HHMMM####MH+$$+++HH@+HH@MHMMH@@H@@@HH+$+ ,,, ,. $$+$++$$$$$$$$$$++$$$$$$$X
:==-===-,. ,., == . :;; +++%$+H@HMMMMMMM%$%$$$+H@@+HH@MMMMMM@@@@HHH++H. .,,-,,--=/+$$%%%%%%%%$+%%$$$$$XXXXX
, = ==- - . == . =; ++++%++HHHHHHHHHH++%$$X+@@H+HHHMMMMMMHH@@@+X+ , ,,,,- , ,$$$$$$$+++++$$$$XXXXX$$
,,- , --= .. . ;/ ++++%$X+HHHHHHH ++$++X+HH+X+H@HMMHHHHHHHH+. ,, ,, , . +$$$$+%+$$$$$$$$$$
,-----=-=--, ,== ..;/ +% +%$XX+HH++HH+/+$%++H@@HHXHHH@@@@@@@@HXX . .,,,. ,,,, ,-=$$$$$$$$$$$$$$$$$
- ,- -- -, ,-= . =/++%++%+++++XXXXX$$+. +HHH@+$XHHHHHHHHH++$ -,,, ,, ,,,. ,+$$$$$$$$$$$$
---,-----, . == =/+%+++%++$$+++$X$$$$++,$$+++XXHHHHHHHH+X$+% ,-,-, ,, . . ,+$$+++++++
== --, -- =--, ,,= . ./++$$++$+X$+/++$$XXXX$$$$XXXXXXH+HH+H+X$%%/ .,,,,,, .. .. ,. ,,,-=+%+++ /++
+ -- - -,,- ., . . . = +$$++++HH+. ,+$$+++++++$XX$X$XHHH+X$$+ ..--,- .. . . ,-, = ======
MH - ---- --,,, . .. , %++$$X++++ +%++++++++%++$$$$$+H++X$$+ --, . . . = .====
MM=,-, ---,,,,, . . ...,,, =/++%$$XXXX+/+++@@H@HX$+%$$+HHHHH$$$+: ,-- . ,. .. .. ==::;=-:;;;
MM+ ,----,,,, , .. ,. +++X+HH+++++%++$++++$$+HHH+++$$ ,- , . . : ;/ +%+.
MMH ,-,-,, ,,. . -, = = +$+H@HH++++$$X$$+++HHH+++$ , .. , +++++++%%+%+
MM@,--,-,,,,,. . ,, . ,-, .=+$XHHHXXHHHHHHHH@@@@HX$%+: ,, . ..,, ..... ...%%%%++%%%%%%%%
M@@== ,,, , ++++XX++HHHHHH++HHH+, , , . .... . +$+%%%%%%+%%%%%
H@H+=,,, .. ,,+%$+H@HHHXX++, , ,, . ... . ,$$$$$%%%%%+%+%%%%
@H+,-,,..... . .,.;; ++$$X+%+:- , . .,,, . ... . XXX$$$%%%%%%+%%%%%
+++ -, . ... . .======== === , ,, . . .. . -,XXX$X$+$+%%%%%%%%%
$+ . ===:; ++++ ++++-,. , ,-, . $X+XX+XXX$$+%++%%%%%
++: ,. . ,-,,-==:; %%%%%+%$$%$$X$$$+%+:== . . ,, ..+X$XXXXXX$$$+%%$$%%%%
=: ,,, == ++++++$+$$%+++$$$++$+ . == . .,,, +$$$$$$$$$$$$$$+$%%%+
, ,---, =:;/++$$XX$$$$$$X+H@H@HHH$%%%$X$++;===== . ., .. +%%+$++$%$$$$$$%%++%+
===; +++$$$$+ +%+++%+HH@@@@HH+++ ++%+$+, === .. ,=; +++++++++.. :;;
. =:; /++%$$++, ,++HHMMHH@@@@HHHH@HH++++++ ,+$$+ . .. :=;;:;;;;;==========
.,,-==;;;+% %%+$$$$ /+++@@@@@@@@@@HH@M@MH@@@HHHHH$$% /%$XXX$X . -=====::::=========::
. =; ++++++$+++ , +%H@@@HHH@HH++HHH@MHHH@HHHHHH++++ , +%%+$ ,, - --- ==:=:
====; ++++$$+% ++H@HHHHHHH+X++X++@@@HHH@MMMMHHHHHH@HHHH+++++. ,,,,-,--- =:==;;
.,., ==;// / ++++%+%+%+++$$+@H@@@@H@HHH+XXX$%+HHHH@@HH@HMMMMMMMMMMMMMMH@+%; ...,,,,,--==;;;/;
. ...= .,+%$++%+$XXX$++%+++H@@@@HHH@HHH+++. ++++H+HHHHHHHMMMMMMMMMMMM@++: ,,, ===;;;;;
==: . ++++++++HH%H+++X++HH+H@HHHH@HHHHHHH+++++%++%%+%%++ . , = ++$H@@HMHMMH%= . ..,,=
+++%$XXHHHHHH@H@@@@@H@HH@MMM@@HH@HH+HXH@HH%%+HH+XX$$$+++/;:=== ,,,,,, = ::; % :, ...,,
%+++HHH@HHH@@HMHHHH@HHHMHMHHHHHH+XH+HHH++++HHHH@HHHHH++%+ -, = ,=== ,, ,,, .
H@HHHH#M#M#MHHHM#MMMMMMMHHHH@H@H++@H$+++HHM#MMMMHMMH@@HHHHHH%+++++%%%+++ , .
%%%%%%%%%%%%%%++++%%++ .. ... .. . +++%+++++++%++++%+++++++++%+%++%+%%++%++++++%
2017-09-25 12:22:19 +02:00
iglocska
b5c4d0749b
new: Added object relations to the CSV export
2017-09-19 16:50:56 +02:00
iglocska
b442a273fc
new: Further progress on the synchronisation
2017-09-07 12:20:20 +02:00
iglocska
89bc6d1690
fix: Fixed the empty event warning if an event only has objects but no attributes
2017-09-05 10:41:55 +02:00
iglocska
40ea22a272
Merge branch '2.4' into objects_wip
2017-09-04 17:38:06 +02:00
iglocska
2f02097590
fix: Fixed an invalid user call in the paginator
2017-09-04 09:01:08 +02:00
iglocska
52bf961dea
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2017-08-31 16:45:01 +02:00
iglocska
bb4f74bb1a
new: Massive performance improvements to the restSearch API
...
- smarter choice of pre-filtering gives a huge boost for non attribute level parameters
- caching the results of certain parts of the algorithm
- cleaned up some inefficient looping merges
2017-08-31 16:43:20 +02:00
iglocska
5d2c8822ad
fix: Fixed a bug where /events/uuid would return the incorrect event.
2017-08-28 20:39:06 +02:00
iglocska
8474913862
fix: Slight improvement to event uuid lookup on the event view
2017-08-25 14:38:58 +02:00
iglocska
78f49e5e62
new: Added back referencing from a referenced object
...
- also fixed some view file issues
2017-08-24 07:49:11 +02:00
iglocska
d3d6566b16
new: Various new features for the objects
2017-08-23 11:57:40 +02:00
iglocska
961bc76393
Merge branch '2.4' into objects_wip
2017-08-21 10:17:16 +02:00
iglocska
50a3d78c81
fix: Fixed a group by issue with the event filter overlay
2017-08-17 10:57:18 +02:00
iglocska
ead2b9e1fd
fix: Various fixes
2017-08-10 11:11:33 +02:00
iglocska
aa07299abe
Merge branch '2.4' into objects_wip
2017-08-10 07:29:50 +02:00
iglocska
0e7dd2eddc
new: Added first iteration of object references and other changes
...
- various fixes
- rework of the pagination library
2017-08-09 17:53:25 +02:00
iglocska
952fff6252
fix: Fixes to several cases of reflected XSS, fixes #2381
...
- as reported by @import-au
- Additionally enforce content-type on all async APIs called by the UI using CakeResponse
2017-08-08 21:37:03 +02:00
iglocska
f4c02e60f5
fix: Nicer response for the API to push events to ZMQ
2017-08-03 17:09:04 +02:00
iglocska
23e777c661
fix: Fixed a typo in the pushEventToZMQ function
2017-08-03 17:05:30 +02:00
iglocska
0097e040b1
fix: Previous commit was incorrect, empty filters contain null not false
2017-08-01 01:05:45 +02:00
iglocska
3e4fbcf5ff
fix: Fixed "published":0 filter for restsearch
...
- also removed an empty function
2017-08-01 01:02:25 +02:00
iglocska
091175133b
fix: GFI uploaded archives don't throw exceptions on failed parsing, instead simply show an error banner after redirect
...
- in situations with misconfigured MISPs (debug enabled), a parsing error
exception thrown while parsing a maliciously malformed archive could include
arbitrary files in the stacktrace accessed from within the apache user's
scope if a symlinked file was uploaded in the archive
- Thanks to cert.govt.nz for the security report.
2017-07-12 15:44:02 +02:00
Kevin Allix
2248846706
attachments_dir: Default value queried through a function to workaround PHP inability to have anything useful stored in a class property
2017-07-10 12:42:23 +02:00
Kevin Allix
1ea33e811a
Add an optional setting attachments_dir, and adapt existing code to use that setting
2017-07-07 17:29:13 +02:00
iglocska
154549efd9
fix: Accessing a pivoted event view URL without having the pivot path tracked in the session threw a notice
2017-06-29 07:42:26 +02:00
iglocska
483f425584
fix: JSON export via the UI should download a file, not render the JSON
2017-06-28 10:19:36 +02:00
iglocska
94ee61358c
fix: Fixed the invalid CSV download filename
2017-06-28 09:53:34 +02:00
iglocska
e72bbd7e07
fix: Removed silly duplicate queries from the event index
2017-06-19 11:12:15 +02:00
iglocska
57857c3a32
new: Performance improvements for the pub-sub modules
...
- Only load and open connection to redis for the pub-sub connection once.
- Massive performance boost when the ZMQ functionality is enabled
2017-06-16 08:41:12 +02:00
iglocska
e56dc0d046
fix: fixed error messages for the CSV export API
2017-06-15 14:21:42 +02:00
iglocska
bb20f232f8
fix: New way of checking for API access
...
- meant to resolve some issues such as being redirected to the news page if a new news item exists while running a CSV export via the API
2017-06-15 09:57:46 +02:00
iglocska
7f818c7e82
new: Add adhereToWarninglists as a JSON parameter to the freetextImport API
2017-06-13 15:15:19 +02:00
iglocska
3d74dbee28
new: First round of massive performance tuning (tm)(c)
...
- Make MISP fast again
2017-06-09 15:38:45 +02:00
iglocska
6fad375685
new: Mass delete events
...
- simply use the multi select on the event index via the UI
- for the API, simply POST to /events/delete with a payload in the following format:
`{"id": [15, 16, 17]}`
- if you've accidentally deleted all your events using this functionality, feel free to contact @rommelfs or contact the NSA for backups
2017-06-01 09:45:10 +02:00
iglocska
c52439b572
new: Publish event to ZMQ on demand and beaconing of ZMQ tool
2017-05-30 17:16:41 +02:00
iglocska
66613dd38f
fix: Fixed a few silly issues with the hids export
...
- allow POSTed parameters
- simpler response always responds with txt type, won't complain about view not being set for incorrect accept headers
2017-05-22 15:03:56 +02:00
iglocska
ccde4a8770
fix: hids api threw error on empty result
2017-05-22 14:47:57 +02:00
Andras Iklody
c61b58ae73
Merge pull request #2200 from RichieB2B/ncsc-nl/openioc
...
Several fixes for OpenIOC importer
2017-05-18 17:24:29 +02:00
Richard van den Berg
ac7b95380d
Set OpenIOC attribute distribution to 'Inherit' by default
2017-05-18 17:10:44 +02:00
iglocska
81141ed4e0
fix: Fixed an issue with the freetext importer failing if no tags were set
2017-05-12 06:51:52 +02:00
Tristan METAYER
e71045571c
add possibility to define tags for import module.
...
Add possibility to desable validation for String field when empty
2017-05-10 19:51:27 +02:00
iglocska
e34634201b
fix: fixed an API vs documentation mismatch for the nids exports
2017-05-10 16:35:17 +02:00
iglocska
96574ec335
new: First implementation of the feed analysis system
2017-05-08 14:22:27 +02:00
iglocska
7b24077245
fix: Missing parameters for getenabledmodules
2017-05-03 14:41:39 +02:00
iglocska
26d3e2a0c2
fix: Fixed a failure with cortex modules (hopefully)
2017-05-03 14:27:23 +02:00
iglocska
9ccdc579a6
new: New module type: Cortex
...
- similar to Enrichment modules except for not having the options to run hover
2017-05-03 13:13:36 +02:00
Andras Iklody
120265b185
Merge pull request #2154 from truckydev/2.4
...
Add filename key for import modules
2017-05-02 14:34:06 +02:00
Tristan METAYER
98aafc3c49
add test for empty filename
2017-05-02 14:30:53 +02:00
iglocska
ec83f378da
new: Use /events/freeTextImport/eventid via the API to directly parse and create attributes from the input
...
- expected format is {"value": "my_string_to_parse"} with "distribution" being an optional value (otherwise instnace defaults are assumed)
2017-05-02 11:02:11 +02:00
Tristan METAYER
9c349caa44
Add filename key for import modules
2017-05-02 10:56:21 +02:00
iglocska
ecf00e8c65
fix: Fixed an issue where certain filters removed some elements from the object counter, fixes #2151
2017-04-27 17:09:26 +02:00
iglocska
d33b3b1434
fix: Left off controller changes in the previous commit
2017-04-27 16:13:00 +02:00
iglocska
f3785d2366
fix: Allow event edits even if the "Event" container isn't set
2017-04-26 15:12:25 +02:00
iglocska
c60cc785f4
fix: Fixed the publishtimestamp filter issues with the event index
...
- allow for publishtimestmap and publish_timestamp due to some documentation issues
- fixed the lookup to be greater than by default instad of lower than
- added the option to pass a range by passing an array with a start and end publish timestamp
2017-04-25 09:46:35 +02:00
iglocska
9b3bfd1fd4
fix: Added missing distribution defaults to the import modules
2017-04-20 10:34:00 +02:00
iglocska
17f6fba976
fix: Fixed a format issue with the minimal index
2017-04-13 21:31:23 +02:00
iglocska
e638c5350a
new: Minimal flag added to the event index
...
- used by the sync, greatly reduces the data fetched / transfered on the initial sync negotiation
2017-04-13 15:09:29 +02:00
iglocska
aa7375cd74
fix: Fix to the correlation graph after the relatedevent format changes
2017-04-12 10:59:13 +02:00
iglocska
e7f2944918
new: Added new flag to events/restSearch to disable sharing group loading
...
- sgReferenceOnly: Will only load the sharing_group_id not the actual sharing group data
2017-04-12 09:52:09 +02:00
iglocska
9a2aaf9a1c
new: Set distribution level in freetext results / module import results, fixes #2023
2017-04-11 15:02:40 +02:00
iglocska
0b0f793dc9
fix: Fixed an invalid JSON serialisation for restSearch
2017-04-04 17:21:55 +02:00
iglocska
3b6807ef72
new: Rework of the restsearch APIs
...
- allows for alternate download types (supported for now: openioc)
- major refactor of the openioc export
- refactor of the CIDR tool
2017-03-31 19:27:34 +02:00
iglocska
958a667d0a
fix: NotFoundException when no events found by restSearch, fixes #2096
...
- changed to just return an empty set
- returns {"request":[]} for events/restSearch
- returns [] for events/restSearch
2017-03-30 18:37:50 +02:00
Mathieu Deloitte
a4018780fa
New variable includeAllTags added to NIDS export: even not exportable tags could be included in NIDS export
2017-03-22 11:09:49 +01:00
iglocska
1567504896
fix: Typo fixed
2017-03-02 14:55:09 +01:00
iglocska
62cb2b66b6
new: Added a way to disable cached exports server wide for low disk space instnaces
...
- But please consider just adding some more space instead..
2017-03-02 10:49:18 +01:00
iglocska
d70d5f6a3b
fix: pushProposals requires that the user has perm_add permissions
2017-03-01 15:45:27 +01:00
iglocska
b74548185a
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2017-03-01 15:42:07 +01:00
iglocska
c7f4686ab8
chg: Quick deletion of events
...
- uses prepared statements instead of the framework's cascading delete
- utterly massive performance boost
2017-03-01 15:39:42 +01:00
kx499
0b2b49d6f4
Updated comment for enrichment modules to refence value used for enrichment for added context
2017-02-26 13:21:08 -05:00
iglocska
3fca8de6bf
new: Added activity charts to tag and galaxy cluster indeces
...
- bunch of small improvements additionally
2017-02-24 19:34:18 +01:00
iglocska
a59aab9b23
fix: Re-added the accidentally removed code in a merge, fixes #1965
...
- affects f0e1a27b7d
2017-02-20 18:43:36 +01:00
iglocska
4e41b55572
new: First iteration of the improved sightings
2017-02-05 23:48:18 +01:00
iglocska
ee80ecfce7
new: small rework of the thread functionalities
...
- API get /threads/view/<thread_id> and /threads/viewEvent/<event_id>
- Added new setting to show post count on the event index including a notification if it has a post newer than 24 hours
2017-02-01 15:32:22 +01:00
iglocska
1f9a631182
fix: Added missing view file, some small fixes, pymisp version bump
2017-01-31 10:54:33 +01:00
iglocska
ad472e8c4b
fix: Removing tags now spans its own CSRF tokens in the confirmation popup
...
- fixes some CSRF issues
- improves rendering performance
2017-01-31 09:58:21 +01:00
Iglocska
2a13bf24a3
fix: Temporary fix for no relatedattributes producing an empty string instead of an empty array in the retrieved data
2017-01-18 11:24:17 +01:00
Iglocska
0960791008
Merge branch '2.4' into feature/attribute-tagging
2017-01-17 14:52:59 +01:00
Iglocska
770b69dbc2
fix: Fix a unicode issue with the correlation graphs
2017-01-17 14:50:39 +01:00
Iglocska
0f7d37ce04
fix: Fix an issue with the graphs when no relations are found
2017-01-17 14:22:25 +01:00
Iglocska
5eeb1c85a9
chg: Use cakeresponse for JSON response in updateGraph instead of serialize
2017-01-17 14:06:23 +01:00
iglocska
4ad022b03c
Merge branch '2.4' into feature/attribute-tagging
2017-01-16 16:15:06 +01:00
iglocska
a5663dfc07
fix: Fixed the editing of tags using the rest API
2017-01-16 16:05:19 +01:00
Iglocska
be4d8ed54f
chg: Allow disabling/enabling publishing of events imported via the UI, fixes #1845
2017-01-16 11:02:23 +01:00
Iglocska
d537fa4447
fix: Edit events by uuid instead of id, fixes #1842
2017-01-15 09:05:17 +01:00
Iglocska
c3225e0679
fix: Only allow malware-samples to be created using the upload_sample api, fixes #1843
...
- contrary to the documentation, setting the IDS flag decided the type of the resulting upload (malware-sample vs attachment)
- attachments can easily be created without any black magic using the add attribute api anyway
- also fixed a bug that prevented the timestamp of events receiving a sample via the upload_sample api from being re-timestamped
2017-01-15 08:56:02 +01:00
iglocska
da433c3549
Merge branch '2.4' of https://github.com/MISP/MISP into feature/disable_correlation
2016-12-22 21:01:58 +01:00
iglocska
672a681819
fix: Some fixes with the automatic publish/unpublish feedback
...
- automatically set the event to unpublished in the view when adding/removing tags
- officially the keep @RichieB2B happy patch ;)
2016-12-22 17:46:52 +01:00
iglocska
4aec4e4beb
fix: Unpublish events when tagging/removing tags
...
- same for galaxy clusters
- also, new ajax way of showing/hiding published status
2016-12-22 17:30:27 +01:00
iglocska
ffe880621e
new: Disable correlation
...
- globally
- on an event level
- on an attribute level
2016-12-22 15:30:06 +01:00
iglocska
106f8b546f
fix: Set event to locked = 1 when importing from a MISP export
2016-12-22 15:11:14 +01:00
iglocska
9214a09028
new: Added new option to the attribute level restsearch
...
- filter on attributes using timestamps newer than parameter
2016-12-19 16:41:14 +01:00
iglocska
d6ac23a6f2
new: Added the warninglist enforcement flag to the remaining exports
...
- still missing: Export modules
- consider having the flag for misp JSON/XML and STIX perhaps?
2016-12-19 14:37:26 +01:00
iglocska
6bf03c038a
chg: Exposed the new warninglist override via APIs and moved the lookup method to the warninglist model
2016-12-19 10:01:14 +01:00
Iglocska
7a0f0c4aec
chg: Changed the event download as filename to misp.event.id.uuid.format, fixes #1515
2016-12-13 20:50:18 +01:00
iglocska
6fe3c49060
fix: Fixes MySQL 5.7 group by issues
2016-12-09 07:57:19 +01:00
Iglocska
a8d6484893
fix: Fixed missing publish flag in restsearch
2016-12-07 13:43:52 +01:00
Iglocska
de98e8204f
fix: Galaxies are now loaded by default
2016-12-07 13:30:19 +01:00
Iglocska
1e7dccf272
Merge branch '2.4' into feature/galaxy
2016-12-06 16:11:59 +01:00
Iglocska
e46cbd0991
new: First iteration of the galaxies (WIP)
2016-12-05 00:47:34 +01:00
Iglocska
4c3ef86a7b
new: Added the publish_timestamp and timestamp parameters to both restSearch functions, fixes #1703
...
- TODO document it
- new way of handling it, both accept lists with 2 values for ranges
2016-12-01 16:05:50 +01:00
Iglocska
e3ace6af54
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2016-11-28 15:55:44 +01:00
Iglocska
1ff91d8541
new: added the published flag to restsearch
...
- allows users to specify whether the events / attributes returned should come from published / unpublished events only. If the parameter is not set both are included
2016-11-28 15:54:44 +01:00
Iglocska
8f2eafb4a0
chg: Allow JSON POSTing to set parameters for the CSV export
...
- kill the url parameters with fire
2016-11-25 23:00:33 +01:00
Iglocska
a6734c858a
new: Sightings enabled by default
2016-11-21 17:27:30 +01:00
Iglocska
b8973bec68
new: Added uuid as a restsearch parameter, fixes #1683
...
- search for events/attributes by uuid
2016-11-21 15:01:57 +01:00
Iglocska
abd288d842
fix: Tightened check for tag removals
...
- users could remove tags via the api for other organisations
2016-11-10 13:28:13 +01:00
Iglocska
95e0da7208
chg: Updated the NIDS exports
...
- allow posting JSON/XML payloads with filter options
- Added the type field to be able to restrict / attribute type
2016-11-08 17:26:02 +01:00
Iglocska
dc77dc6cfc
fix: Fixed annoying capitalisation mess in the event index parameters
...
- just throw everything to lowercase
2016-11-03 16:05:53 +01:00
Iglocska
b5718aef1c
new: Added two additional api filters to the event index (timestamp, publishtimestamp)
...
- Currently these are not exposed to the filter UI
- Easy way to get metadata newer than timestamp/publish timestamp
2016-11-03 16:01:35 +01:00
Iglocska
77fdb4a854
new: Enrichment queries now pass the base64 encoded data to the enrichment modules
...
- first implementation, malware is sent as an encryptet zip base64 encoded
2016-11-02 21:26:39 +01:00
Iglocska
aa141fb54b
new: Show file sizes on the export page, fixes #1640
2016-11-01 13:42:17 +01:00
Iglocska
f87747ace2
fix: Fixed several issues with the import modules
...
- config settings are not passed correctly to the import modules
- not having any paste/file upload in an import module would fail
- removed the requirement to have either filled, if a module doesn't use any of the two fields it will simple pass an empty data field
- this could be handy for modules that create event data based on the userconfig fields
2016-10-27 18:24:40 +02:00
Iglocska
c2fc803fed
chg: Use the TLD lists from the warninglists, fixes #1149
...
- simply load any enable warninglist entries from the pre-defined TLD warninglists
- Pass the resulting array to the complex type tool
- during domain type heuristics, if the TLD list is not empty use the supplied list
- alternatively generate a list based on the old TLD rules
- does not alter any functionality otherwise
2016-10-25 22:23:01 +02:00
Christophe Vandeplas
90badee3d0
removed Imported via the Freetext Import ... text
2016-10-24 16:27:08 +02:00
Iglocska
4689473072
fix: Separate the GFI upload directory from the attachment directories
...
- ensure that no one can't retrieve GFI export files
- As reported by Vytautas Paulikas and Robert Giruckas from SEC Consult
2016-10-21 15:28:07 +02:00
Iglocska
442757696f
chg: Keep the event ID in the correlation graph's event nodes' name in addition to the info field
2016-10-20 11:15:16 +02:00
Iglocska
c47ebcaa84
chg: Changed the event node names to (partial) event info fields for the correlation graph
2016-10-20 11:04:52 +02:00
Iglocska
6c493cbdb9
fix: Fixes a bug that returned the wrong user's email address on the event view, viewed by an org admin.
2016-10-18 16:14:41 +02:00
Iglocska
da56b153a4
fix: Added default values to some of the event fields when adding a new event
...
- basically the only required field now is the info field, everything else uses sane defaults
2016-10-18 10:39:25 +02:00
Iglocska
9891234662
new: CSV feeds and various fixes
...
- Added the CSV feed format
- users can specify which fields in the CSV should be parsed
- comment lines are automatically omitted
- new settings system added to feeds, currently only used for the value fields
- Slight rework of the correlation lookup for the feeds
- got the Speed Force treatment
- correctly checks against value1 and value2 instead of value
- Various freetext import fixes
2016-10-08 14:36:24 +02:00
Iglocska
1a9939631b
fix: Fixed a bug with the event view
...
- the fetcher was moving proposals within an attribute if the proposal was directed at the attribute (correctly)
- this left the event proposal list in a non progressive array key format, which lead to a weird situation where the JSON format used string numeral keys in a dict as opposed to the desired list. Nobody in their right mind would ever want that.
- fixed
2016-10-06 17:24:42 +02:00
Iglocska
280f5414bf
new: View proposal count on event index and filter events on whether they have proposals
...
- only non deleted proposals are counted
- allows users to quickly set up filters to view all events that have pending proposals
2016-10-06 11:33:59 +02:00
Iglocska
d45d66a3bc
Merge branch 'attribute_merge' into 2.4
2016-10-04 16:41:36 +02:00
Iglocska
4428c36cd9
fix: Added the capability to merge attachments/samples
2016-10-04 16:40:39 +02:00
Iglocska
d511e80a84
Merge branch 'publishalert' into 2.4
2016-10-04 15:58:37 +02:00
Iglocska
d0de2cd369
fix: Fixed the event index in various places (such as the user admin view)
...
- also added missing view files from previous patch
2016-10-04 13:33:42 +02:00
Richard van den Berg
d392bd8060
Allow merging for site admins
2016-10-04 10:24:53 +02:00
Richard van den Berg
87ac5f9f5a
Fix indication of new attributes in E-mail alerts, fixes #1521
2016-10-02 14:46:51 +02:00
Iglocska
fd959da341
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2016-10-02 12:47:20 +02:00
Iglocska
def69dc969
new: First cut of the popover rework for form selects
2016-10-01 23:25:15 +02:00
Richard van den Berg
36971b57cd
Allow merging of event attributes
2016-10-01 12:47:53 +02:00
Iglocska
3cc484dcaf
fix: Fixed an issue that resulted in empty event tags showing up in the event index JSON
2016-09-30 15:34:33 +02:00
Iglocska
6c5e72efad
fix: Fixed an issue with the restsearch export potentially incorrectly loading all eligible events in one go into memory
2016-09-29 14:33:56 +02:00
Cristian Bell
5be1e17bce
Revert "fix: missing new TLDs in free text import, solves #1149 ( #1574 )"
...
This reverts commit e3bb9d3a42
.
2016-09-27 16:38:35 +02:00
Cristian Bell
e3bb9d3a42
fix: missing new TLDs in free text import, solves #1149 ( #1574 )
...
* fix: missing new TLDs in free text import, solves #1149
2016-09-27 15:53:43 +02:00
Iglocska
ec99b71bf4
fix: Don't try to show sightings count if sightings aren't enabled
2016-09-23 10:39:31 +02:00
Iglocska
497bda7746
new: add the sightings cont to the event index
2016-09-23 10:35:08 +02:00
Iglocska
1006c109d7
fix: restrict tag usage for restricted tags in a place where it was missed
2016-09-23 10:32:17 +02:00
iglocska
a599ec24f7
Merge branch '2.4' into 1501
2016-09-18 11:07:10 +02:00
Iglocska
ff6917d313
fix: Added missing changes needed for the new description of the bro export
2016-09-16 17:48:03 +02:00
Iglocska
2cede15e68
Merge branch '2.4' into feature/bro-export
...
Conflicts:
app/Model/Event.php
2016-09-15 18:00:25 +02:00
Iglocska
59ecf40f42
chg: Refactor of the Bro export
2016-09-15 17:44:59 +02:00
Andreas Ziegler
25e52a6786
chg: remove some references to variables
2016-09-15 17:08:58 +02:00
Cristian Bell
90c28602c3
chg: creator e-mail in the event details, fixes #1252 ( #1535 )
...
* chg: creator e-mail in the event details, fixes #1252
2016-09-15 14:38:55 +02:00
Iglocska
3527ae56d2
fix: Fixed an issue where non API users could not download events in JSON/XML format, fixes #1525
2016-09-13 01:34:54 +02:00
Iglocska
01695e326a
new: Added the metadata flag to the event restsearch API
...
- allows fetching metadata only without including attributes/proposals
2016-09-12 12:09:19 +02:00
Iglocska
6eb6bfb10b
fix: removed deprecated path from functions that are allowed for API users
2016-09-12 08:44:56 +02:00
Andreas Ziegler
bee861a4c8
Merge pull request #1510 from rotanid/bugfix
...
fix: typo recurisve/recursive in EventsController
2016-09-06 05:35:20 +02:00
Andreas Ziegler
93614cd165
fix: typo recurisve/recursive in EventsController
2016-09-06 05:34:14 +02:00
Iglocska
62260d4c27
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2016-09-06 01:02:46 +02:00
Iglocska
14b82c9277
fix: revert to the old functionality of the stix export where the data is passed back from the internal stix method, fixes #1509
2016-09-05 23:48:35 +02:00
Andreas Ziegler
1fcefa202c
chg: replace 2 spaces after tab by double tab
2016-09-05 00:51:37 +02:00
Andreas Ziegler
4b8a82098d
chg: replace 4 spaces after tab by double tab
2016-09-05 00:45:51 +02:00
Andras Iklody
619966fa24
Merge pull request #1448 from TheDr1ver/2.4
...
Add support to export an OpenIOC file via API
2016-09-03 23:50:04 +02:00
Andras Iklody
13cb6a5ea3
Merge pull request #1492 from rotanid/small-cleanup
...
chg: remove some obsolete code
2016-09-01 09:30:09 +02:00
iglocska
80ed1cf65d
fix: Removed filename check from the AppController
...
- rerouted all calls to the method to the Model equivalent
2016-09-01 09:18:54 +02:00
Andreas Ziegler
cf2f0dc625
chg: remove some obsolete code
2016-09-01 05:15:36 +02:00
iglocska
9e7d20578f
fix: removed unused lookup in EventsController::index(), fixes #1484
...
- old code became obsolete when the taxonomies were implemented
2016-08-31 10:09:06 +02:00
iglocska
b9cb442172
fix: event index should respect pagination requests for API users
2016-08-30 11:20:53 +02:00
ppanero
131e2f760a
bro export funtionality
2016-08-29 17:26:14 +02:00
iglocska
5a72f84c22
Merge branch '2.4' into 2.4.51
2016-08-28 21:08:02 +02:00
iglocska
873b201eb0
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2016-08-25 11:38:59 +02:00
iglocska
822b0bf8fa
chg: Cleanup of the controllers and models
...
- removed incorrect, useless boiler plate comments
- kept useful comments intact
- added some missing line breaks to make the codebase a bit more uniform
- removed some obviously obsolete TODO comments
2016-08-25 11:38:37 +02:00
Andreas Ziegler
e8599fb16c
chg: new filename regex & separate functions
2016-08-24 15:31:17 +02:00
Andras Iklody
c6bd6efe67
Merge pull request #1469 from rotanid/centralize-cidr-check
...
Centralize CIDR checks
2016-08-24 09:44:22 +02:00
Andreas Ziegler
eb66a80c76
chg: filename regex changes
2016-08-24 02:35:04 +02:00
Andreas Ziegler
bab3061ba3
chg: use central function for CIDR checks
2016-08-24 01:11:09 +02:00
Andreas Ziegler
e5478e4bdf
fix: remove substr() from value in CIDR part of restSearch
2016-08-24 01:07:02 +02:00
iglocska
734df04000
new: New piece by piece stix export allowing large datasets to be exported
2016-08-23 00:24:54 +02:00
Iglocska
c81519b74e
chg: If the quickfilter on the event index only returns a single event, redirect to the event view directly, fixes #1430
...
- the perfect last-minute-saturday-night patch
2016-08-20 21:32:17 +02:00
Andreas Ziegler
f0905dc536
chg: rename FileAccess to FileAccessTool
...
every other tool classes name in the Lib/Tools/ folder also ends with "Tool"
2016-08-19 19:25:32 +02:00
Andreas Ziegler
a2ff5424e1
chg: change FileAccess from static to instantiable class
2016-08-19 19:22:15 +02:00
Nick Driver
7a1f89333a
Extra indent
2016-08-18 12:52:31 -04:00
Nick Driver
c18d344ff3
Spaces to Tabs
2016-08-18 10:11:21 -04:00
Nick Driver
4d32a16da8
Add support to export an OpenIOC file via API
...
(Change spaces to tabs)
2016-08-18 10:04:54 -04:00
iglocska
c0e1bc1c3f
fix: Invalid response by the queryEnrichment() function if the module server is not reachable
2016-08-17 13:38:19 +02:00
iglocska
e5bce5ac3c
fix: Fixed an issue with large samples from modules causing the import process to fail
2016-08-16 11:42:43 +02:00
iglocska
f436ab51fc
fix: Show tag value in event history, fixes #1422
...
- also log removed tags
2016-08-14 23:46:50 +02:00
iglocska
3763f83522
Merge branch '2.4' into feature/import-export-modules
2016-08-10 14:22:32 +02:00
iglocska
b9f5297b3a
fix: Fixed some issues with the misp export importer and added better logging.
2016-08-10 12:06:36 +02:00
Iglocska
1c4215bdc7
fix: Some cleanup
2016-08-06 09:55:11 +02:00
Iglocska
00b013988b
new: Added export module first iteration
2016-08-05 21:54:54 +02:00
Iglocska
4e9d02ac00
fix: removed debug
2016-08-04 18:37:07 +02:00
Iglocska
e1d5c431d8
fix: Further work on the modules
2016-08-04 17:49:37 +02:00
Iglocska
ef6a9593ba
fix: Capitalisation > me
2016-08-04 16:30:36 +02:00
Iglocska
8f1a50f9d0
fix: I suck at capitalisation
2016-08-04 15:31:52 +02:00