MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
MISP/app/View/Events/resolved_misp_format.ctp

463 lines
24 KiB
PHP
Raw Permalink Blame History

<div class="index">
<h2><?php echo h($title); ?></h2>
<?php
$event_id = $event['Event']['id'];
$url = $baseurl . '/events/handleModuleResults/' . $event_id;
echo $this->Form->create('Event', array('url' => $url, 'class' => 'mainForm hidden'));
echo $this->Form->input('data', array(
'type' => 'hidden',
'value' => JsonTool::encode($event)
));
echo $this->Form->input('JsonObject', array(
'label' => false,
'type' => 'text',
'value' => ''
));
echo $this->Form->input('default_comment', array(
'label' => false,
'type' => 'text',
'value' => $importComment
));
echo $this->Form->end();
$objects_array = array();
foreach (array('Attribute', 'Object') as $field) {
if (!empty($event[$field])) {
$objects_array[] = strtolower($field) . 's';
}
}
if (empty($objects_array)) {
echo '<p>Results from the enrichment module for this attribute are empty.</p>';
} else {
$scope = implode(' and ', $objects_array);
echo '<p>Below you can see the ' . $scope . ' that are to be created from the results of the enrichment module.</p>';
$table_data = array(array('key' => __('Event ID'), 'value' => $event_id));
$event_metadata = $event['Event'];
if (!empty($event_metadata['uuid'])) {
$table_data[] = array(
'key' => __('Event UUID'),
'html' => '<span class="quickSelect">'. h($event_metadata['uuid']) . '</span>',
);
}
if (!empty($event_metadata['orgc_id']) && !empty($event_metadata['orgc_name'])) {
$table_data[] = array('key' => __('Event creator org'), 'html' => sprintf(
'<a href=%s/organisations/view/%s>%s</a>',
$baseurl,
h($event['Event']['orgc_id']),
h($event['Event']['orgc_name'])
));
}
if (!empty($event_metadata['info'])) {
array('key' => __('Event info'), 'value' => $event['Event']['info']);
}
$attributes_count = isset($event['Attribute']) ? count($event['Attribute']) : 0;
$objects_count = isset($event['Object']) ? count($event['Object']) : 0;
$report_count = isset($event['EventReport']) ? count($event['EventReport']) : 0;
if (!empty($event['Object'])) {
foreach ($event['Object'] as $object) {
if (!empty($object['Attribute'])) {
$attributes_count += count($object['Attribute']);
}
}
}
$count = __n('%s (%s object)', '%s (%s objects)', $objects_count, $attributes_count, $objects_count);
if (!empty($event['Tag'])) {
$table_data[] = array(
'key' => __('Tags'),
'html' => sprintf(
'<span class="eventTagContainer">%s</span>',
$this->element('ajaxTags', array(
'event' => $event,
'tags' => $event['Tag'],
'tagAccess' => false,
'localTagAccess' => false,
'static_tags_only' => 1
))
)
);
}
$table_data[] = array('key' => __('# of resolved Attributes'), 'value' => $count);
$table_data[] = array('key' => __('# of resolved Reports'), 'value' => $report_count);
echo $this->element('genericElements/viewMetaTable', array('table_data' => $table_data));
}
$attributeFields = array('category', 'type', 'value', 'uuid');
$header_present = false;
$typesWithData = array('attachment', 'malware-sample');
?>
<?php if (!empty($event['EventReport'])): ?>
<table class="table table-striped table-condensed">
<thead>
<tr>
<th><?= __('Import') ?></th>
<th><?= __('Name') ?></th>
<th class="hidden"><?php echo __('UUID');?></th>
<th><?= __('Content') ?></th>
<th><?= __('Distribution') ?></th>
</tr>
</thead>
<tbody>
<?php foreach($event['EventReport'] as $report): ?>
<tr class="MISPEventReport">
<td class="short" style="width:40px;text-align:center;">
<input type="checkbox" class="ImportMISPEventReport" checked>
</td>
<td class="EventReportName"><?= h($report['name']); ?></td>
<td class="EventReportUUID hidden"><?= h($report['uuid']); ?></td>
<td class="EventReportContent ellipsis-overflow" style="max-width:800px;">
<?= h($report['content']); ?>
</td>
<td class="short" style="width:40px;text-align:center;">
<select class="EventReportDistribution" style="padding:0;height:20px;margin-bottom:0;">
<?php
foreach ($distributions as $distKey => $distValue) {
echo '<option value="' . h($distKey) . '" ' . ($distKey == $report['distribution'] ? 'selected="selected"' : '') . '>' . h($distValue) . '</option>';
}
?>
</select>
<div style="display:none;">
<select class="EventReportSharingGroup" style="padding:0;height:20px;margin-top:3px;margin-bottom:0;">
<?php
foreach ($sgs as $sgKey => $sgValue) {
echo '<option value="' . h($sgKey) . '" ' . ($sgKey == $report['sharing_group_id'] ? 'selected="selected"' : '') . '>' . h($sgValue) . '</option>';
}
?>
</select>
</div>
</td>
</tr>
<?php endforeach; ?>
</tbody>
<table>
<?php endif; ?>
<?php
if (!empty($event['Object'])) {
?>
<table class="table table-striped table-condensed">
<tbody>
<tr>
<th><?php echo __('Import');?></th>
<th><?php echo __('Category');?></th>
<th><?php echo __('Type');?></th>
<th><?php echo __('Value');?></th>
<th class="hidden"><?php echo __('UUID');?></th>
<th><?php echo __('Tags');?></th>
<th><?php echo __('IDS');?></th>
<th><?php echo __('Disable Correlation');?></th>
<th><?php echo __('Comment');?></th>
<th><?php echo __('Distribution');?></th>
</tr>
<?php
$header_present = true;
foreach ($event['Object'] as $o => $object) {
?>
<tbody class="MISPObject">
<tr class="tableHighlightBorderTop borderBlue blueRow" tabindex="0">
<td class="short" style="width:40px;text-align:center;">
<input type="checkbox" class="ImportMISPObject" checked>
</td>
<td colspan="6">
<?php if(!empty($object['id'])) { ?>
<span class="bold"><?php echo __('ID: ');?></span><span class="ObjectID"><?php echo h($object['id']); ?></span><br>
<?php } ?>
<span class="bold"><?php echo __('Name: ');?></span><span class="ObjectName"><?php echo h($object['name']); ?></span>
<span class="fa fa-expand useCursorPointer" title="<?php echo __('Expand or Collapse');?>" role="button" tabindex="0" aria-label="<?php echo __('Expand or Collapse');?>" data-toggle="collapse" data-target="#Object_<?php echo $o; ?>_collapsible"></span><br>
<div id="Object_<?php echo $o; ?>_collapsible" class="collapse">
<?php
if (!empty($object['description'])) {
echo '<span class="bold">Description: </span><span class="ObjectDescription">' . h($object['description']) . '</span><br>';
}
if (!empty($object['template_uuid'])) {
echo '<span class="bold">Template UUID: </span><span class="TemplateUUID">' . h($object['template_uuid']) . '</span><br>';
}
if (!empty($object['template_version'])) {
echo '<span class="bold">Template version: </span><span class="TemplateVersion">' . h($object['template_version']) . '</span><br>';
}
?>
<span class="bold"><?php echo __('UUID: ');?></span><span class="ObjectUUID"><?php echo h($object['uuid']); ?></span><br>
<span class="bold"><?php echo __('Meta Category: ');?></span><span class="ObjectMetaCategory"><?php echo h($object['meta-category']); ?></span><br>
<?php
if (!empty($object['first_seen'])) {
echo '<span class="bold">First seen: </span><span class="ObjectFirstSeen">' . h($object['first_seen']) . '</span><br>';
}
if (!empty($object['last_seen'])) {
echo '<span class="bold">Last seen: </span><span class="ObjectLastSeen">' . h($object['last_seen']) . '</span><br>';
}
?>
</div>
<span class="bold"><?php echo __('References: ')?></span>
<?php
if (!empty($object['ObjectReference'])) {
echo count($object['ObjectReference']);
?>
<span class="fa fa-expand useCursorPointer" title="<?php echo __('Expand or Collapse');?>" role="button" tabindex="0" aria-label="<?php echo __('Expand or Collapse');?>" data-toggle="collapse" data-target="#Object_<?php echo $o; ?>_references_collapsible"></span>
<div id="Object_<?php echo $o; ?>_references_collapsible" class="collapse">
<?php
foreach ($object['ObjectReference'] as $reference) {
echo '&nbsp;&nbsp;<span class="ObjectReference">';
echo '<span class="Relationship">' . h($reference['relationship_type']) . '</span> ';
$referenced_uuid = $reference['referenced_uuid'];
foreach ($event['Object'] as $object_reference) {
if ($referenced_uuid === $object_reference['uuid']) {
$name = $object_reference['name'];
$category = $object_reference['meta-category'];
$objectType = 'Object';
break;
}
}
if (!isset($name)) {
foreach ($event['Attribute'] as $attribute_reference) {
if ($referenced_uuid === $attribute_reference['uuid']) {
$name = $attribute_reference['type'];
$category = $attribute_reference['category'];
$objectType = 'Attribute';
break;
}
}
if (!isset($name)) {
$name = '';
$category = '';
$objectType = '';
}
}
echo $objectType . ' <span class="ReferencedUUID">' . $referenced_uuid . '</span> (' . $name . ': ' . $category . ')</span><br>';
unset($name);
}
echo '</div>';
} else {
echo 0;
}
?>
</td>
<td class="bitwider">
<textarea class="ObjectComment inline-input" cols="30" rows="6" placeholder="<?php echo h($importComment); ?>" oninput="autoresize(this)"><?php if (!empty($object['comment'])) echo h($object['comment']);?></textarea>
</td>
<td style="width:60px;text-align:center;">
<select class="ObjectDistribution" style="padding:0;height:20px;margin-bottom:0;">
<?php
foreach ($distributions as $distKey => $distValue) {
echo '<option value="' . h($distKey) . '"' . ($distKey == $object['distribution'] ? ' selected' : '') . '>' . h($distValue) . '</option>';
}
?>
</select>
<div style="display:none;">
<select class="ObjectSharingGroup" style="padding:0;height:20px;margin-top:3px;margin-bottom:0;">
<?php
foreach ($sgs as $sgKey => $sgValue) {
echo '<option value="' . h($sgKey) . '"' . ($sgKey == $object['sharing_group_id'] ? ' selected' : '') . '>' . h($sgValue) . '</option>';
}
?>
</select>
</div>
</td>
</tr>
<?php
if (!empty($object['Attribute'])) {
$last_attribute = end($object['Attribute']);
foreach ($object['Attribute'] as $attribute) {
$border_position = ($attribute == $last_attribute ? 'Bottom' : 'Center');
?>
<tr class="ObjectAttribute tableHighlightBorder<?php echo $border_position; ?> borderBlue">
<td class="short" style="width:40px;text-align:center;"><input type="checkbox" class="ImportMISPObjectAttribute" checked></td>
<td class="ObjectCategory"><?php echo (isset($attribute['category']) ? h($attribute['category']) : ''); ?></td>
<td class="short">
<span class="ObjectRelation bold"><?php echo h($attribute['object_relation']); ?></span>
<span class="AttributeType"><?php echo h($attribute['type']); ?></span>
</td>
<td class="AttributeValue limitedWidth" data-value="<?= h($attribute['value']) ?>"><?= $this->element('Events/View/value_field', ['object' => $attribute]); ?></td>
<?php
if (in_array($attribute['type'], $typesWithData, true)) {
if (!empty($attribute['data'])) {
echo "<input class='AttributeData' type='hidden' value='" . h($attribute['data']) . "'>";
}
if (!empty($attribute['encrypt'])) {
echo "<input class='AttributeEncrypt' type='hidden' value='" . h($attribute['encrypt']) . "'>";
}
}
?>
<td class="AttributeUuid short hidden"><?php echo h($attribute['uuid']); ?></td>
<td style="max-width:150px;width:10px;">
<?php if (!empty($attribute['Tag'])) { ?>
<span class="objectAttributeTagContainer">
<?php
foreach ($attribute['Tag'] as $tag) {
$tagText = explode('=', $tag['name']);
$tagText = trim(end($tagText), "\"");
$color = !empty($tag['colour']) ? $tag['colour'] : '#0088cc';
?>
<span style="display:inline-block;">
<span style="padding:1px;display:flex;white-space:nowrap;margin-right:2px;word-wrap:break-word;">
<span class="objectAttributeTag" data-local="<?= !empty($tag['local']) ? 1 : 0 ?>" style="display:inline-block;background-color:<?php echo h($color); ?>;color:white;" title="<?php echo h($tag['name']); ?>">
<?php echo h($tagText); ?>
</span>
</span>
</span>
<?php } ?>
</span>
<?php } ?>
</td>
<td class="short" style="width:40px;text-align:center;">
<input type="checkbox" class="AttributeToIds"<?php if (!empty($attribute['to_ids'])) echo ' checked'; ?>>
</td>
<td class="short" style="width:40px;text-align:center;">
<input type="checkbox" class="AttributeDisableCorrelation"<?php if (!empty($attribute['disable_correlation'])) echo ' checked'; ?>>
</td>
<td class="bitwider">
<textarea class="AttributeComment inline-input" rows="1" oninput="autoresize(this)"><?php if (!empty($attribute['comment'])) echo h($attribute['comment']);?></textarea>
</td>
<td class="short" style="width:40px;text-align:center;">
<select class="AttributeDistribution" style="padding:0;height:20px;margin-bottom:0;">
<?php
foreach ($distributions as $distKey => $distValue) {
echo '<option value="' . h($distKey) . '"' . ($distKey == $attribute['distribution'] ? ' selected' : '') . '>' . h($distValue) . '</option>';
}
?>
</select>
<div style="display:none;">
<select class="AttributeSharingGroup" style="padding:0;height:20px;margin-top:3px;margin-bottom:0;">
<?php
foreach ($sgs as $sgKey => $sgValue) {
echo '<option value="' . h($sgKey) . '"' . ($sgKey == $attribute['sharing_group_id'] ? ' selected' : '') . '>' . h($sgValue) . '</option>';
}
?>
</select>
</div>
</td>
</tr>
<?php
}
}
echo '<tr><td colspan="9"></td></tr>';
?>
</tbody>
<?php
}
}
if (!empty($event['Attribute'])) {
if (!$header_present) {
?>
<table class='table table-striped table-condensed'>
<tbody>
<tr>
<th><?php echo __('Import');?></th>
<th><?php echo __('Category');?></th>
<th><?php echo __('Type');?></th>
<th><?php echo __('Value');?></th>
<th class="hidden"><?php echo __('UUID');?></th>
<th><?php echo __('Tags');?></th>
<th><?php echo __('IDS');?></th>
<th><?php echo __('Disable Correlation');?></th>
<th><?php echo __('Comment');?></th>
<th><?php echo __('Distribution');?></th>
</tr>
<?php
}
foreach ($event['Attribute'] as $attribute) {
?>
<tr class="MISPAttribute">
<td class="short" style="width:40px;text-align:center;"><input type="checkbox" class="ImportMISPAttribute" checked></td>
<?php
foreach (array('category', 'type') as $field) {
$field_header = 'class="Attribute' . ucfirst($field);
if (isset($attribute[$field])) {
if (is_array($attribute[$field])) {
echo '<td class="short" style="width:40px;text-align:center;"><select ' . $field_header . 'Select" style="padding:0px;height:20px;margin-bottom:0px;">';
foreach ($attribute[$field] as $value) {
echo '<option value="' . h($value) . '">' . h($value) . '</option>';
}
echo '</select></td>';
} else {
echo '<td ' . $field_header . '">' . h($attribute[$field]) . '</td>';
}
} else {
echo '<td ' . $field_header . '"></td>';
}
}
?>
<td class="AttributeValue limitedWidth" data-value="<?= h($attribute['value']) ?>"><?= $this->element('Events/View/value_field', ['object' => $attribute]); ?></td>
<?php
if (in_array($attribute['type'], $typesWithData, true)) {
if (!empty($attribute['data'])) {
echo "<input class='AttributeData' type='hidden' value='" . h($attribute['data']) . "'>";
}
if (!empty($attribute['encrypt'])) {
echo "<input class='AttributeEncrypt' type='hidden' value='" . h($attribute['encrypt']) . "'>";
}
}
?>
<td class="AttributeUuid short hidden"><?php echo h($attribute['uuid']); ?></td>
<td style="max-width:150px;width:10px;">
<?php if (!empty($attribute['Tag'])) { ?>
<span class="attributeTagContainer">
<?php
foreach ($attribute['Tag'] as $tag) {
$tagText = explode('=', $tag['name']);
$tagText = trim(end($tagText), "\"");
$color = !empty($tag['colour']) ? $tag['colour'] : '#0088cc';
?>
<span style="display:inline-block;">
<span style="padding:1px;display:flex;white-space:nowrap;margin-right:2px;word-wrap:break-word;">
<span class="attributeTag" data-local="<?= !empty($tag['local']) ? 1 : 0 ?>" style="display:inline-block;background-color:<?php echo h($color); ?>;color:white;" title="<?php echo h($tag['name']); ?>">
<?php echo h($tagText); ?>
</span>
</span>
</span>
<?php } ?>
</span>
<?php } ?>
</td>
<td class="short" style="width:40px;text-align:center;">
<input type="checkbox" class="AttributeToIds"<?php if (isset($attribute['to_ids']) && $attribute['to_ids']) echo ' checked'; ?>>
</td>
<td class="short" style="width:40px;text-align:center;">
<input type="checkbox" class="AttributeDisableCorrelation"<?php if (isset($attribute['disable_correlation']) && $attribute['disable_correlation']) echo ' checked'; ?>>
</td>
<td class="bitwider">
<textarea class="AttributeComment inline-input" rows="1" oninput="autoresize(this)" placeholder="<?php echo h($importComment); ?>"><?php if (!empty($attribute['comment'])) echo h($attribute['comment']);?></textarea>
</td>
<td class="short" style="width:40px;text-align:center;">
<select class="AttributeDistribution" style="padding:0;height:20px;margin-bottom:0;">
<?php
foreach ($distributions as $distKey => $distValue) {
echo '<option value="' . h($distKey) . '"' . ($distKey == $attribute['distribution'] ? ' selected' : '') . '>' . h($distValue) . '</option>';
}
?>
</select>
<div style="display:none;">
<select class="AttributeSharingGroup" style="padding:0;height:20px;margin-top:3px;margin-bottom:0;">
<?php
foreach ($sgs as $sgKey => $sgValue) {
echo '<option value="' . h($sgKey) . '"' . ($sgKey == $attribute['sharing_group_id'] ? ' selected' : '') . '>' . h($sgValue) . '</option>';
}
?>
</select>
</div>
</td>
</tr>
<?php
}
}
?>
</tbody>
</table>
<button class="btn btn-primary" style="float:left;" onclick="moduleResultsSubmit('<?php echo h($event_id); ?>');"><?php echo __('Submit'); ?></button>
<a href="<?php echo $baseurl . '/events/view/' . h($event['Event']['id']); ?>" style="margin-left:10px;" class="btn btn-inverse"><?php echo __('Cancel');?></a>
</div>
<script>
$(function() {
$('.AttributeDistribution, .ObjectDistribution, .EventReportDistribution').change(function() {
if ($(this).val() == 4) {
$(this).next().show();
} else {
$(this).next().hide();
}
}).change();
});
</script>
<?php
if (!isset($menuItem)) {
$menuItem = 'freetextResults';
}
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event', 'menuItem' => $menuItem));
Reference in New Issue View Git Blame Copy Permalink