assign('table-overview', ' '); * - `prepend-html` * - `table-overview` * - `detailed-summary-full` * - `detailed-summary-mitre-attack` * - `detailed-summary-type` * - `detailed-summary-tags` * - `detailed-summary-events` * - `aggregated-context` * * Additional variables: * - `event-table-include-basescore`: bool */ if (empty($this->__vars)) { $this->__vars = []; } $default_vars = [ 'event_table_include_basescore' => true, 'additional_taxonomy_event_list' => [ 'PAP' => 'PAP:' ], ]; $vars = array_merge($default_vars, $this->__vars); $now = new DateTime(); $start_date = new DateTime('7 days ago'); $event_number = count($events); $attribute_number = 0; $object_number = 0; $event_report_number = 0; $proposal_number = 0; $attribute_types = []; $object_types = []; $all_event_report = []; $all_tag_amount = []; $unique_tag_number = 0; $tag_color_mapping = []; $mitre_attack_techniques = []; $mitre_galaxy_tag_prefix = 'misp-galaxy:mitre-attack-pattern="'; foreach ($events as $event) { $unique_tag_per_event = []; $attribute_number += count($event['Attribute']); $object_number += count($event['Object']); $event_report_number += count($event['EventReport']); $proposal_number += count($event['ShadowAttribute']); foreach ($event['EventTag'] as $event_tag) { $tag = $event_tag['Tag']; if (!empty($unique_tag_per_event[$tag['name']])) { continue; // Only one instance of tag per event } $unique_tag_per_event[$tag['name']] = true; if (empty($all_tag_amount[$tag['name']])) { $all_tag_amount[$tag['name']] = 0; $tag_color_mapping[$tag['name']] = $tag['colour']; } $all_tag_amount[$tag['name']] += 1; if (!empty($tag['is_galaxy']) && substr($tag['name'], 0, strlen($mitre_galaxy_tag_prefix)) === $mitre_galaxy_tag_prefix) { $technique = substr($tag['name'], strlen($mitre_galaxy_tag_prefix), strlen($tag['name']) - strlen($mitre_galaxy_tag_prefix) - 1); $mitre_attack_techniques[$technique] = $event_tag; } } foreach ($event['Attribute'] as $attribute) { if (empty($attribute_types[$attribute['type']])) { $attribute_types[$attribute['type']] = 0; } $attribute_types[$attribute['type']] += 1; foreach ($attribute['AttributeTag'] as $attribute_tag) { $tag = $attribute_tag['Tag']; if (!empty($unique_tag_per_event[$tag['name']])) { continue; // Only one instance of tag per event } $unique_tag_per_event[$tag['name']] = true; if (empty($all_tag_amount[$tag['name']])) { $all_tag_amount[$tag['name']] = 0; $tag_color_mapping[$tag['name']] = $tag['colour']; } $all_tag_amount[$tag['name']] += 1; if (!empty($tag['is_galaxy']) && substr($tag['name'], 0, strlen($mitre_galaxy_tag_prefix)) === $mitre_galaxy_tag_prefix) { $technique = substr($tag['name'], strlen($mitre_galaxy_tag_prefix), strlen($tag['name']) - strlen($mitre_galaxy_tag_prefix) - 1); $mitre_attack_techniques[$technique] = $attribute_tag; } } } foreach ($event['Object'] as $object) { if (empty($object_types[$object['name']])) { $object_types[$object['name']] = 0; } $object_types[$object['name']] += 1; $attribute_number += count($object['Attribute']); foreach ($object['Attribute'] as $attribute) { if (empty($attribute_types[$attribute['type']])) { $attribute_types[$attribute['type']] = 0; } $attribute_types[$attribute['type']] += 1; foreach ($attribute['AttributeTag'] as $attribute_tag) { $tag = $attribute_tag['Tag']; if (!empty($unique_tag_per_event[$tag['name']])) { continue; // Only one instance of tag per event } $unique_tag_per_event[$tag['name']] = true; if (empty($all_tag_amount[$tag['name']])) { $all_tag_amount[$tag['name']] = 0; $tag_color_mapping[$tag['name']] = $tag['colour']; } $all_tag_amount[$tag['name']] += 1; if (!empty($tag['is_galaxy']) && substr($tag['name'], 0, strlen($mitre_galaxy_tag_prefix)) === $mitre_galaxy_tag_prefix) { $technique = substr($tag['name'], strlen($mitre_galaxy_tag_prefix), strlen($tag['name']) - strlen($mitre_galaxy_tag_prefix) - 1); $mitre_attack_techniques[$technique] = $attribute_tag; } } } } foreach ($event['EventReport'] as $event_report) { $all_event_report[] = [ 'uuid' => $event_report['uuid'], 'name' => $event_report['name'], 'event_id' => $event_report['event_id'], 'event_info' => $event['Event']['info'], ]; } } if (!function_exists('findAndBuildTag')) { function findAndBuildTag($tag_list, $tag_prefix, $that) { foreach ($tag_list as $tag) { if (substr($tag['Tag']['name'], 0, strlen($tag_prefix)) == $tag_prefix) { return $that->element('tag', ['tag' => $tag]); } } return ''; } } $unique_tag_number = count(array_keys($all_tag_amount)); arsort($attribute_types); arsort($object_types); arsort($all_tag_amount); array_splice($attribute_types, 10); array_splice($object_types, 10); array_splice($all_tag_amount, 10); ?> fetch('prepend-html')) : ?> = $this->fetch('prepend-html') ?> fetch('table-overview')) : ?> = $this->fetch('table-overview'); ?>
= __('Summary period') ?> | = h($period) ?> |
= __('Summary for dates') ?> | = sprintf('%s (Week %s) ➞ %s (Week %s)', $start_date->format('M d, o'), $start_date->format('W'), $now->format('M d, o'), $now->format('W'), $start_date->format('M d, o') ) ?> |
= __('Generation date') ?> | = date("c"); ?> |
= __('Events #') ?> | = $event_number ?> |
= __('Attributes #') ?> | = $attribute_number ?> |
= __('Objects #') ?> | = $object_number ?> |
= __('Event Report #') ?> | = $event_report_number ?> |
= __('Proposals #') ?> | = $proposal_number ?> |
= __('Unique tags #') ?> | = $unique_tag_number ?> |
= __('Publish date') ?> | = __('Creator Org.') ?> | = __('Distribution') ?> | = __('State') ?> | = __('Threat Level') ?> | $taxonomy_prefix) : ?>= h($taxonomy_name) ?> | = __('Decaying Event Score') ?> | = __('Event Info') ?> | ||
---|---|---|---|---|---|---|---|---|---|
= DateTime::createFromFormat('U', h($event['Event']['publish_timestamp']))->format('Y-m-d') ?> | = h($event['Orgc']['name']) ?> | <= !empty($tlpHtml) ? 'small' : 'span' ?>>= h($distributionLevels[$event['Event']['distribution']]) ?>= !empty($tlpHtml) ? 'small' : 'span' ?>> = $tlpHtml ?> | <= !empty($analysisHtml) ? 'small' : 'span' ?>>= h($analysisLevels[$event['Event']['analysis']]) ?>= !empty($analysisHtml) ? 'small' : 'span' ?>> = $analysisHtml ?> | = h($event['ThreatLevel']['name']); ?> | $taxonomy_prefix) : ?>= findAndBuildTag($event['EventTag'], $taxonomy_prefix, $this) ?> |
|
= h($event['Event']['info']) ?> |
= __('No events.') ?>