MISP
/
misp-dashboard
mirror of https://github.com/MISP/misp-dashboard
2
0
Fork 0
Code Issues Releases Wiki Activity

new: [dispatcher/livelog] Added support of ObjectAttributes

pull/82/head
mokaddem 2019-02-22 15:16:50 +01:00
parent 999e59b5cb
commit b207338501
6 changed files with 104 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
helpers/contributor_helper.py
View File

@ -589,4 +589,3 @@ class Contributor_helper:
return { 'remainingPts': i-points, 'stepPts': prev } return { 'remainingPts': i-points, 'stepPts': prev }
prev = i prev = i
return { 'remainingPts': 0, 'stepPts': self.rankMultiplier**self.levelMax } return { 'remainingPts': 0, 'stepPts': self.rankMultiplier**self.levelMax }

1
helpers/live_helper.py
View File

@ -32,6 +32,7 @@ class Live_helper:
self.serv_live.publish(channel, j_to_send) self.serv_live.publish(channel, j_to_send)
self.logger.debug('Published: {}'.format(j_to_send)) self.logger.debug('Published: {}'.format(j_to_send))
if name != 'Keepalive': if name != 'Keepalive':
name = 'Attribute' if 'ObjectAttribute' else name
self.add_to_stream_log_cache(name, j_to_send_keep) self.add_to_stream_log_cache(name, j_to_send_keep)

4
server.py
View File

@ -121,9 +121,13 @@ class EventMessage():
self.name = jsonMsg['name'] self.name = jsonMsg['name']
self.zmqName = jsonMsg['zmqName'] self.zmqName = jsonMsg['zmqName']
if self.name == 'Attribute': if self.name == 'Attribute':
self.feed = jsonMsg['log'] self.feed = jsonMsg['log']
self.feed = LogItem(self.feed, filters).get_row() self.feed = LogItem(self.feed, filters).get_row()
elif self.name == 'ObjectAttribute':
self.feed = jsonMsg['log']
self.feed = LogItem(self.feed, filters).get_row()
else: else:
self.feed = jsonMsg['log'] self.feed = jsonMsg['log']

26
static/js/index/index.js
View File

@ -175,7 +175,7 @@ $(document).ready(function () {
pollingFrequency: 5000, pollingFrequency: 5000,
tableHeader: head, tableHeader: head,
tableMaxEntries: 50, tableMaxEntries: 50,
animate: false, // animate: false,
preDataURL: urlForLogs, preDataURL: urlForLogs,
endpoint: urlForLogs endpoint: urlForLogs
}); });
@ -333,7 +333,6 @@ function createHead(callback) {
{ targets: 0, orderable: false }, { targets: 0, orderable: false },
{ targets: '_all', searchable: false, orderable: false, { targets: '_all', searchable: false, orderable: false,
render: function ( data, type, row ) { render: function ( data, type, row ) {
// return data +' ('+ row[3]+')';
var $toRet; var $toRet;
if (typeof data === 'object') { if (typeof data === 'object') {
$toRet = $('<span></span>'); $toRet = $('<span></span>');
@ -474,6 +473,9 @@ function createHead(callback) {
case 'Attribute': case 'Attribute':
that.add_entry(entry); that.add_entry(entry);
break; break;
case 'ObjectAttribute':
that.add_entry(entry, true);
break;
default: default:
break; break;
} }
@ -499,6 +501,9 @@ function createHead(callback) {
case 'Attribute': case 'Attribute':
that.add_entry(entry); that.add_entry(entry);
break; break;
case 'ObjectAttribute':
that.add_entry(entry, true);
break;
default: default:
break; break;
} }
@ -577,14 +582,21 @@ function createHead(callback) {
} }
}, },
add_entry: function(entry) { add_entry: function(entry, isObjectAttribute) {
var rowNode = this.dt.row.add(entry).draw().node(); var rowNode = this.dt.row.add(entry).draw().node();
if (this.animate) { if (this._options.animate) {
$( rowNode ) $( rowNode )
.css( 'background-color', '#5cb85c' ) .css( 'background-color', '#5cb85c !important' )
.animate( { 'background-color': '', duration: 600 } ); .animate( { 'background-color': '' }, { duration: 1500 } );
}
if (isObjectAttribute === true) {
console.log(entry);
$( rowNode ).children().last()
.css('position', 'relative')
.append(
$('<it class="fa fa-th rowTableIsObject" title="This attribute belong to an Object"></it>')
);
} }
// this.dt.row.add(entry).draw( false );
// remove entries // remove entries
var numRows = this.dt.rows().count(); var numRows = this.dt.rows().count();
var rowsToRemove = numRows - this._options.tableMaxEntries; var rowsToRemove = numRows - this._options.tableMaxEntries;

9
templates/index.html
View File

@ -189,10 +189,17 @@ div.dataTables_scrollHead table.dataTable {
left: 15px !important; left: 15px !important;
right: 10px !important; right: 10px !important;
z-index: 1001 !important; z-index: 1001 !important;
bottom: 5px !important; bottom: -7px !important;
height: unset !important; height: unset !important;
} }
.rowTableIsObject {
position: absolute;
right: 15px;
top: 0px;
color: #3465a4;
}
</style> </style>
<body> <body>

31
zmq_dispatcher.py
View File

@ -122,7 +122,16 @@ def handler_conversation(zmq_name, jsonevent):
def handler_object(zmq_name, jsondata): def handler_object(zmq_name, jsondata):
logger.info('Handling object') logger.info('Handling object')
return # check if jsonattr is an mispObject object
if 'Object' in jsondata:
jsonobj = jsondata['Object']
soleObject = copy.deepcopy(jsonobj)
del soleObject['Attribute']
for jsonattr in jsonobj['Attribute']:
jsonattrcpy = copy.deepcopy(jsonobj)
jsonattrcpy['Event'] = jsondata['Event']
jsonattrcpy['Attribute'] = jsonattr
handler_attribute(zmq_name, jsonattrcpy, False, parentObject=soleObject)
def handler_sighting(zmq_name, jsondata): def handler_sighting(zmq_name, jsondata):
logger.info('Handling sighting') logger.info('Handling sighting')
@ -168,6 +177,16 @@ def handler_event(zmq_name, jsonobj):
else: else:
handler_attribute(zmq_name, attributes) handler_attribute(zmq_name, attributes)
if 'Object' in jsonevent:
objects = jsonevent['Object']
if type(objects) is list:
for obj in objects:
jsoncopy = copy.deepcopy(jsonobj)
jsoncopy['Object'] = obj
handler_object(zmq_name, jsoncopy)
else:
handler_object(zmq_name, objects)
action = jsonobj.get('action', None) action = jsonobj.get('action', None)
eventLabeled = len(jsonobj.get('EventTag', [])) > 0 eventLabeled = len(jsonobj.get('EventTag', [])) > 0
org = jsonobj.get('Orgc', {}).get('name', None) org = jsonobj.get('Orgc', {}).get('name', None)
@ -179,11 +198,15 @@ def handler_event(zmq_name, jsonobj):
action, action,
isLabeled=eventLabeled) isLabeled=eventLabeled)
def handler_attribute(zmq_name, jsonobj, hasAlreadyBeenContributed=False): def handler_attribute(zmq_name, jsonobj, hasAlreadyBeenContributed=False, parentObject=False):
logger.info('Handling attribute') logger.info('Handling attribute')
# check if jsonattr is an attribute object # check if jsonattr is an attribute object
if 'Attribute' in jsonobj: if 'Attribute' in jsonobj:
jsonattr = jsonobj['Attribute'] jsonattr = jsonobj['Attribute']
else:
jsonattr = jsonobj
attributeType = 'Attribute' if jsonattr['object_id'] == '0' else 'ObjectAttribute'
#Add trending #Add trending
categName = jsonattr['category'] categName = jsonattr['category']
@ -210,12 +233,12 @@ def handler_attribute(zmq_name, jsonobj, hasAlreadyBeenContributed=False):
eventLabeled = len(jsonobj.get('EventTag', [])) > 0 eventLabeled = len(jsonobj.get('EventTag', [])) > 0
action = jsonobj.get('action', None) action = jsonobj.get('action', None)
contributor_helper.handleContribution(zmq_name, jsonobj['Event']['Orgc']['name'], contributor_helper.handleContribution(zmq_name, jsonobj['Event']['Orgc']['name'],
'Attribute', attributeType,
jsonattr['category'], jsonattr['category'],
action, action,
isLabeled=eventLabeled) isLabeled=eventLabeled)
# Push to log # Push to log
live_helper.publish_log(zmq_name, 'Attribute', jsonobj) live_helper.publish_log(zmq_name, attributeType, jsonobj)
############### ###############