mirror of https://github.com/MISP/misp-book
Merge pull request #209 from Wachizungu/fix-404s-found-by-old-linkchecker-run
chg: fix #141 - 404s found by old linkchecker runpull/210/head
commit
83f2c2e41d
|
@ -687,7 +687,7 @@ Error: [PDOException] SQLSTATE[42S22]: Column not found: 1054 Unknown column 'Ta
|
|||
|
||||
The Jobs tab gives you an overview on any currently running jobs or jobs that were previously completed and their status.
|
||||
|
||||
![Running Jobs](figures/jobs-running.png)
|
||||
![Running Jobs](figures/jobs.png)
|
||||
|
||||
Typically this is one of the places you would turn to even some background process might not complete as expected to get an indication on any issues related to user initiated Jobs.
|
||||
|
||||
|
|
Binary file not shown.
Before Width: | Height: | Size: 60 KiB After Width: | Height: | Size: 45 KiB |
|
@ -115,7 +115,7 @@ It is quite easy. Create a JSON file describing your taxonomy as triple tags.
|
|||
|
||||
The following taxonomy namespaces are reserved and used internally to MISP.
|
||||
|
||||
- [galaxy](./galaxy/) mapping taxonomy with cluster:element:"value".
|
||||
- [galaxy](../galaxy/) mapping taxonomy with cluster:element:"value".
|
||||
|
||||
## Adding Taxonomy in MISP
|
||||
|
||||
|
|
|
@ -257,8 +257,8 @@ The currently selected event is coloured blue in the graph. If you would like to
|
|||
**Attributes and Proposals**
|
||||
A list of all attributes and proposals attached to the event. The fields for each of them only differ in the available actions and the fact that for proposals to attributes all fields are blank that would stay unchanged if the proposal was accepted (for example, proposing a change to an attribute to turn the IDS flag on will have all fields apart from the IDS flag blank in the proposal. Here is a list of what each of the fields represents:
|
||||
* **Date**: The date of the last modification to the attribute. Proposals don't have a date of last edit.
|
||||
* **Category**: The category of the attribute or proposal. For a list of possible categories visit the section on [categories and types](categories-and-types).
|
||||
* **Type**: The type of the attribute or proposal. For a list of possible categories visit the section on [categories and types](categories-and-types).
|
||||
* **Category**: The category of the attribute or proposal. For a list of possible categories visit the section on [categories and types](../categories-and-types).
|
||||
* **Type**: The type of the attribute or proposal. For a list of possible categories visit the section on [categories and types](../categories-and-types).
|
||||
* **Value**: The value or value-pair of the attribute. This is the main payload of the attribute, which is described by the category and type columns. For certain types of attributes that are made up of value-pairs the two parts will be split by a pipe (|), such as for filename|md5. The value field(s) are used by the correlation engine to find relations between events. In value-pair attributes both values are correlated individually.
|
||||
* **Comment**: Attributes can have a contextual comment to further describe the attribute. These comments are not used for correlation and are purely informative.
|
||||
* **Related Events**: A list of the event IDs that also contain an attribute with the same value.
|
||||
|
@ -319,7 +319,7 @@ Apart from being able to list all events, it is also possible to search for data
|
|||
![You can search for attributes by searching for a phrase contained in its value. Narrow your search down by selecting a type and/or a category which the event has to belong to.](figures/search_attribute.png)
|
||||
|
||||
This will bring up a form that lets you enter one or several search strings (separate search strings with line breaks) that will be compared to the values of all attributes, along with options to narrow down the search based on category and type. The entered search string has to be an exact match with (the sub-string of) a value. A second text field makes it possible to enter event IDs for events that should be excluded from the search (again, each line represents an event ID to be excluded). The third text field allows the user to restrict the results to attributes from certain organisations or to attributes not created by certain other organisations, using the above described syntax.
|
||||
The list generated by the search will look exactly the same as listing all attributes, except that only the attributes that matched the search criteria will be listed (to find out more about the list attributes view, [click here](categories-and-types)). The search parameters will be shown above the produced list and the search terms will be highlighted.
|
||||
The list generated by the search will look exactly the same as listing all attributes, except that only the attributes that matched the search criteria will be listed (to find out more about the list attributes view, [click here](../categories-and-types)). The search parameters will be shown above the produced list and the search terms will be highlighted.
|
||||
The last option is a checkbox that restricts all of the results to attributes that are marked as IDS signatures.
|
||||
|
||||
!["You can view the event that an attribute belongs to with the view button, or you can edit/delete the attribute via the buttons on the right."](figures/search_attribute_result.png)
|
||||
|
|
Binary file not shown.
After Width: | Height: | Size: 9.9 KiB |
Binary file not shown.
After Width: | Height: | Size: 52 KiB |
Loading…
Reference in New Issue