iglocska
e24d3bf2d3
fix: [correlations] save the distribution state of the event before/after saving it, fixes #8528
...
- only trigger a correlation update with the new distribution if it actually changed
- should remove a massive additional load on the table
- thanks to @github-germ for noticing this!
2022-08-12 16:06:08 +02:00
iglocska
d923fe23aa
new: [taxii integration] wip
...
- all MISP side code implemented for being able to have filtered pushes
- still missing proper result handling as we need a working test implementation of the python scripts first
- some assumptions made that need to be revisited
2022-08-12 15:10:06 +02:00
iglocska
0f15344cff
Merge branch 'value1' into develop
2022-08-11 14:22:34 +02:00
iglocska
54821e6297
Merge branch 'develop' of github.com:MISP/MISP into develop
2022-08-11 14:00:03 +02:00
iglocska
7dbb0a6669
fix: [emailing] speculative fix for #8523
2022-08-11 13:59:01 +02:00
Jakub Onderka
48c8a7eab3
chg: [internal] Code cleanup
2022-08-11 12:55:23 +02:00
Jakub Onderka
14501e8a78
chg: [internal] Use less SQL queries for event fetching
2022-08-11 12:55:23 +02:00
Luciano Righetti
057a9883a0
chg: allow to restsearch attributes by value1 and value2
2022-08-10 16:07:43 +02:00
iglocska
f9c76acc90
fix: [pubsub] gracefully handle events with attribute-less objects
2022-08-10 11:05:45 +02:00
iglocska
b5596f687f
chg: [publishing] reverted the speculative fix
2022-08-05 14:47:03 +02:00
iglocska
a3f0347a45
fix: [speculative] fix for the event publishing timing issues
2022-08-05 14:44:37 +02:00
iglocska
2516c25eae
Merge branch 'develop' of github.com:MISP/MISP into develop
2022-08-05 14:41:44 +02:00
iglocska
77eaa86225
fix: [speculative fix] for event publishing timing issues
2022-08-05 14:41:00 +02:00
Sami Mokaddem
f478841401
chg: [Tag] Helper function to attach/detach tags and bump timestamps
2022-08-05 14:33:15 +02:00
Sami Mokaddem
33d3eebd9c
chg: [event:publish] Only fetch full event if needed + added site_admin perms for the user
2022-08-05 13:16:38 +02:00
Sami Mokaddem
49575533ad
Merge remote-tracking branch 'origin/develop' into feature-workflows-2
2022-08-04 10:08:56 +02:00
iglocska
a04f3964e7
new: [correlation rework] round 2
...
- long list of fixes
- update scripts
- correlation engine management interface
- recorrelation/truncation tools
- various performance tunings and bug fixes
2022-08-03 15:44:27 +02:00
Sami Mokaddem
151d23a8c2
Merge branch 'develop' of github.com:MISP/MISP into feature-workflows-2
2022-08-01 09:59:44 +02:00
iglocska
3ce754d595
Merge branch 'develop' into new_correlations
2022-07-31 23:58:40 +02:00
iglocska
3a4289d631
new: [correlation] engine rewrite
...
- allow for multiple concurrent engines
- default: similar behaviour as before, ACL enforced
- No ACL: for endpoint misps, disable the enforcement of ACL for correlations altogether
- rework:
- correlation entries are fully indexed reference tables
- values are now stored separately
- built in protection against overcorrelating values (defaults to 20 max)
- 1 way correlations to cut the size in half
- unsigned IDs to double the ID space
- loads of performance improvements
- fix to the broken event index with correlation counts enabled
- UI improvements
- search for values from the correlation column directly (in case there are non-correlating versions of the same value)
- added correlations to the attribute search/index
- TODO:
- upgrade scripts
2022-07-31 23:48:38 +02:00
Sami Mokaddem
b146902a01
fix: [event:publish] Call correct trigger
2022-07-29 10:58:39 +02:00
Sami Mokaddem
7f5ce84288
new: [workflow:trigger_event_after_save] New trigger Event.afterSave
2022-07-27 10:45:05 +02:00
Sami Mokaddem
79e6d2bf54
chg: [workflow] Usage of format converter tool to convert passed data into MISP core format
2022-07-21 11:18:59 +02:00
Sami Mokaddem
354594f5ca
chg: [workflow] Made sure data is correctly converted before calling the trigger
2022-07-20 16:51:53 +02:00
Sami Mokaddem
508424aa37
chg: [workflow] Convert to MISP Core format before passing data to the workflow
2022-07-18 13:42:10 +02:00
Sami Mokaddem
6f15d18e62
chg: [workflow:tag_if] Added support of `event_attribute` scope and improved integration with queryModuleServer
2022-07-15 14:49:16 +02:00
Sami Mokaddem
74ff67d564
Merge branch 'develop' of github.com:MISP/MISP into feature-workflows-2
2022-07-12 14:14:47 +02:00
Jakub Onderka
26cc86fde2
Merge pull request #8205 from JakubOnderka/pull-optim
...
Pull optim
2022-07-09 09:01:54 +02:00
Sami Mokaddem
99a76812bc
Merge remote-tracking branch 'origin/develop' into feature-workflows-2
2022-07-07 09:09:39 +02:00
Sami Mokaddem
dbcedbc505
chg: [workflow] Various improvement and added support of `enrichment_before_query` trigger
2022-07-05 11:19:18 +02:00
Jakub Onderka
83190f31c2
Merge pull request #8452 from JakubOnderka/restSearchExport-description
...
chg: [UI] Event export description
2022-06-30 10:10:06 +02:00
Jakub Onderka
640a732c29
Merge pull request #8358 from JakubOnderka/memory-leak-fix
...
fix: [internal] PHP memory leak
2022-06-29 13:32:26 +02:00
Sami Mokaddem
a13c1a39e9
chg: [workflow] Improved logging capabilities and stop aborting execution if non-blocking module return false
2022-06-24 11:22:26 +02:00
Sami Mokaddem
1461f06638
chg: [workflow] Added WorkflowBaseTriggerModule class to be extended by triggers
2022-06-24 09:25:02 +02:00
Jakub Onderka
1885e972d9
fix: [internal] RestSearchExport: fetch published and unpublished events
2022-06-16 16:38:25 +02:00
Sami Mokaddem
5a7da21f04
chg: [workflow] Small improvements and refactored behavior of if blocks
2022-06-09 14:08:43 +02:00
Jakub Onderka
21f5f52988
chg: [internal] Unsubscribe code
2022-06-07 15:07:28 +02:00
Jakub Onderka
c46fd203a9
new: [email] Unsubscribe
2022-06-06 18:09:46 +02:00
Sami Mokaddem
99f0c39dba
chg: [Event:enrichment] Allow specifying alist of attribute UUIDs to be enriched
2022-06-01 10:40:06 +02:00
Sami Mokaddem
ec896fe1cd
chg: [workflow] Improved login and `walkGraph` execution logic
2022-05-31 11:58:18 +02:00
Sami Mokaddem
e75bc1b0b0
chg: [event:publish] Publishing execute `publish` trigger
2022-05-30 15:09:25 +02:00
Sami Mokaddem
d8f8225b9e
Merge branch 'develop' of github.com:MISP/MISP into feature-workflows
2022-05-30 14:37:36 +02:00
Jakub Onderka
0326d35387
chg: [sync] Reuse ServerSyncTool for pushing sightings
2022-05-30 08:28:22 +02:00
Jakub Onderka
46037748a2
chg: [sync] Use ServerSyncTool for pushing events
2022-05-30 08:28:22 +02:00
Jakub Onderka
d4deca9330
chg: [sync] Optimise event filtering for push
2022-05-30 08:28:22 +02:00
Jakub Onderka
b50daa886f
chg: [sync] Remove duplicate blocklist checking
2022-05-30 08:28:17 +02:00
Jakub Onderka
b8fb127a35
chg: [sync] Optimise checking block rule
2022-05-30 08:27:38 +02:00
Jakub Onderka
f7af3c4e4e
chg: [sync] Optimise removing old evens when pulling
2022-05-30 08:27:38 +02:00
Jakub Onderka
d68d3d48a9
Merge pull request #8415 from JakubOnderka/faster-search
...
Faster search
2022-05-30 08:08:33 +02:00
Jakub Onderka
9675c93cd4
fix: [internal] Search attribute by multiple values
2022-05-29 20:15:57 +02:00
Jakub Onderka
21afe562ef
fix: [internal] Faster RegexpBehavior
2022-05-29 17:39:10 +02:00
Jakub Onderka
5c4a126aaa
fix: [internal] Checking if event exists typo
2022-05-29 16:21:25 +02:00
Jakub Onderka
7ea7b16113
chg: [internal] Faster check if org is blocked
2022-05-29 16:21:25 +02:00
Jakub Onderka
bb9567f671
new: [UI] Allow to upload MISP event by pasting data to textarea
2022-05-29 16:21:25 +02:00
Jakub Onderka
c4a85b4998
chg: [internal] Escape table and column name
2022-05-24 14:57:19 +02:00
Jakub Onderka
2f644a2a33
chg: [internal] Use SORT_REGULAR for array_unique
2022-05-22 18:20:12 +02:00
Jakub Onderka
d086f22284
new: [internal] New method SharingGroup::authorizedIds
2022-05-22 18:03:16 +02:00
Jakub Onderka
4998ed672e
chg: [internal] Delete event in transaction
2022-05-21 12:46:12 +02:00
Jakub Onderka
e293da740f
chg: [internal] Remove QueryTool
2022-05-21 11:40:18 +02:00
Sami Mokaddem
c5af331bc5
Merge branch 'develop' of github.com:MISP/MISP into feature-workflows
2022-05-16 10:50:47 +02:00
Jakub Onderka
2f7c671adb
new: [internal] Simplify checking if connection is MySQL/MariaDB
2022-05-14 10:17:06 +02:00
Sami Mokaddem
140b771989
Merge branch 'webhook' of github.com:MISP/MISP into feature-workflows
2022-05-11 13:05:15 +02:00
iglocska
a4cba3fdc6
new: [modules] action module type added
...
- hooking function type
- add a hooking point via `$this->Module->executeActions($hook_name, $user, $input, $logging_options, $error)`
- will execute the enabled modules for the hook name and depending on the module's type (blocking/not blocking) allow for breaking the execution when false is returned.
- For a sample skeleton, see the misp-modules project
2022-05-04 01:23:13 +02:00
Jakub Onderka
d7bdc32c1f
new: [UI] Filtering attributes by correlated event ID
2022-04-30 18:12:04 +02:00
Tom King
d3f2dc07c8
fix: Enable sharing group filter for Event controller not just attribute
2022-04-21 11:16:26 +01:00
Luciano Righetti
5fd52252e7
fix: revert ec2cb29fe0
2022-04-20 12:33:26 +02:00
Tom King
5de04ecffa
chg: Merge from develop
2022-04-20 08:07:36 +01:00
Jakub Onderka
eb86544b72
Merge pull request #8281 from JakubOnderka/freetext-import-simplify
...
chg: [internal] Simplify and speedup code for freetext importing
2022-04-18 20:11:19 +02:00
Jakub Onderka
104ea79afc
chg: [internal] Simplify and speedup code for freetext importing
2022-04-15 14:31:17 +02:00
Luciano Righetti
204ec386b2
Merge pull request #8277 from tomking2/feature/restSearch_SharingGroup
...
Add in new RestAPI parameter to filter by sharing group on Event or Attribute search
2022-04-14 17:25:59 +02:00
Tom King
37ea0ddee1
chg: Add in new RestAPI parameter to filter by sharing group on Event or Attribute search
2022-04-13 16:27:20 +01:00
Jakub Onderka
ff150b8834
chg: [internal] Do not generate export array when initializing Event class
2022-04-10 09:49:21 +02:00
iglocska
08ccdf23e2
chg: [server sync] update to the previous fix to include the recursive condition
...
- instead of just replacing the condition with the contain list, include both to get the performance gains back
2022-03-24 16:11:29 +01:00
iglocska
b1f1b4d2cd
Merge branch '2.4' into develop
2022-03-24 15:37:21 +01:00
iglocska
15820bb5af
fix: [sync] publishing sharing group events fail to sync - fixed
...
- code cleanup removed related models, including remote org which is needed to check if the remote is to receive an event
- as reported by @treyka
2022-03-24 15:36:11 +01:00
Jakub Onderka
ec0fae0c94
fix: [internal] Code style
2022-03-20 14:21:31 +01:00
Jakub Onderka
f208c656ea
chg: [cryptograhicKey] Simplified code for event pushing
2022-03-17 13:58:25 +01:00
iglocska
e8dcb31623
Merge branch 'feature/protected_mode' into develop
2022-03-17 01:43:44 +01:00
iglocska
8ea0b2cb56
chg: [unused endpoint] removed
2022-03-17 00:57:41 +01:00
iglocska
259a19a374
fix: [sync] removed newly added locked field as a sanitized sync field
...
- ends up creating unlocked events on the remote, preventing future edits
2022-03-16 15:36:58 +01:00
iglocska
d60e8a39a1
Merge branch 'feature/protected_mode' of github.com:MISP/MISP into feature/protected_mode
2022-03-15 23:11:19 +01:00
iglocska
f592053f5a
fix: [event] include the protected field in the saving to allow syncing of protected events
2022-03-15 23:10:09 +01:00
iglocska
e5c7e50fcf
fix: [internal] event rearranging before push fixed
...
- some elements were at a misaligned level in the array
2022-03-15 07:16:19 +01:00
iglocska
0774086ad2
fix: [event model] fixes
...
- fixed class name typo
- removed placeholder exception / breakpoint
2022-03-14 00:33:41 +01:00
iglocska
8e96e2fd00
chg: [cryptographic key] move capture function to a bulk delta function
2022-03-13 17:02:50 +01:00
iglocska
4c381157a6
chg: [cryptographickey] execute key update on add()
2022-03-13 15:13:32 +01:00
iglocska
d165b092f3
new: [event signing] sign events function added
2022-03-13 12:37:02 +01:00
Jakub Onderka
cac0e81001
Merge pull request #8154 from JakubOnderka/server-sync-push
...
chg: [sync] Use ServerSyncTool for pushing events
2022-03-12 13:19:54 +01:00
Jakub Onderka
b00ef27fb5
Merge pull request #8179 from JakubOnderka/upload-event-cleanup
...
chg: [internal] Simplify code for pushing events
2022-03-12 13:18:33 +01:00
Jakub Onderka
2e87d6b7b4
Merge pull request #8197 from JakubOnderka/push-sightings-refactor
...
chg: [sync] Simplify code for sighting pushing
2022-03-12 13:17:38 +01:00
Sami Mokaddem
b6c730f8f4
chg: [events:restSearch] Added `context-markdown` export format
2022-03-09 17:49:34 +01:00
Sami Mokaddem
f08d29f1e7
Merge branch 'develop' of github.com:MISP/MISP into develop
2022-03-08 13:40:37 +01:00
Sami Mokaddem
155bf23776
new: [events:restSearch] Added `context` export format
...
The `context` export format includes:
- List of used taxonomies
- List of used galaxy cluster
- List of custom tags
- Mitre Att&ck matrix
2022-03-08 13:40:15 +01:00
Jakub Onderka
90cd99685f
chg: [sync] Simplify code for sighting pushing
2022-03-07 17:45:06 +01:00
Jakub Onderka
1c97d4de2a
chg: [internal] Simplify code for pushing events
2022-02-28 14:54:18 +01:00
Jakub Onderka
1950ca6ab8
Merge pull request #8155 from JakubOnderka/bg-jobs-read-timeout
...
new: [bgjobs] Allow to set Redis read timeout
2022-02-27 09:00:43 +01:00
Jakub Onderka
29e0695df7
Merge pull request #8173 from JakubOnderka/fix-id-translator
...
fix: [internal] Event ID translator
2022-02-26 11:16:12 +01:00
Jakub Onderka
5ec36f8d4b
fix: [internal] Event ID translator
2022-02-26 09:37:27 +01:00
Jakub Onderka
341687cb61
chg: [internal] Simplify logging when pulling events
2022-02-23 16:05:42 +01:00
Jakub Onderka
9bc899e3a4
fix: [internal] Append variable just when not null
2022-02-23 16:05:41 +01:00