MISP
/
misp-dashboard
mirror of https://github.com/MISP/misp-dashboard
2
0
Fork 0
Code Issues Releases Wiki Activity

new: [dispatcher/livelog] Added support of ObjectAttributes

pull/82/head
mokaddem 2019-02-22 15:16:50 +01:00
parent 999e59b5cb
commit b207338501
6 changed files with 104 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
helpers/contributor_helper.py
View File

@ -120,14 +120,14 @@ class Contributor_helper:
if action in ['edit', None]: if action in ['edit', None]:
pass pass
#return #not a contribution? #return #not a contribution?
now = datetime.datetime.now() now = datetime.datetime.now()
nowSec = int(time.time()) nowSec = int(time.time())
pnts_to_add = self.default_pnts_per_contribution pnts_to_add = self.default_pnts_per_contribution
# Do not consider contribution as login anymore # Do not consider contribution as login anymore
#self.users_helper.add_user_login(nowSec, org) #self.users_helper.add_user_login(nowSec, org)
# is a valid contribution # is a valid contribution
if categ is not None: if categ is not None:
try: try:
@ -135,23 +135,23 @@ class Contributor_helper:
except KeyError: except KeyError:
pnts_to_add = self.default_pnts_per_contribution pnts_to_add = self.default_pnts_per_contribution
pnts_to_add *= pntMultiplier pnts_to_add *= pntMultiplier
util.push_to_redis_zset(self.serv_redis_db, self.keyDay, org, count=pnts_to_add) util.push_to_redis_zset(self.serv_redis_db, self.keyDay, org, count=pnts_to_add)
#CONTRIB_CATEG retain the contribution per category, not the point earned in this categ #CONTRIB_CATEG retain the contribution per category, not the point earned in this categ
util.push_to_redis_zset(self.serv_redis_db, self.keyCateg, org, count=1, endSubkey=':'+util.noSpaceLower(categ)) util.push_to_redis_zset(self.serv_redis_db, self.keyCateg, org, count=1, endSubkey=':'+util.noSpaceLower(categ))
self.publish_log(zmq_name, 'CONTRIBUTION', {'org': org, 'categ': categ, 'action': action, 'epoch': nowSec }, channel=self.CHANNEL_LASTCONTRIB) self.publish_log(zmq_name, 'CONTRIBUTION', {'org': org, 'categ': categ, 'action': action, 'epoch': nowSec }, channel=self.CHANNEL_LASTCONTRIB)
else: else:
categ = "" categ = ""
self.serv_redis_db.sadd(self.keyAllOrg, org) self.serv_redis_db.sadd(self.keyAllOrg, org)
keyname = "{}:{}".format(self.keyLastContrib, util.getDateStrFormat(now)) keyname = "{}:{}".format(self.keyLastContrib, util.getDateStrFormat(now))
self.serv_redis_db.zadd(keyname, nowSec, org) self.serv_redis_db.zadd(keyname, nowSec, org)
self.logger.debug('Added to redis: keyname={}, nowSec={}, org={}'.format(keyname, nowSec, org)) self.logger.debug('Added to redis: keyname={}, nowSec={}, org={}'.format(keyname, nowSec, org))
self.serv_redis_db.expire(keyname, util.ONE_DAY*7) #expire after 7 day self.serv_redis_db.expire(keyname, util.ONE_DAY*7) #expire after 7 day
awards_given = self.updateOrgContributionRank(org, pnts_to_add, action, contribType, eventTime=datetime.datetime.now(), isLabeled=isLabeled, categ=util.noSpaceLower(categ)) awards_given = self.updateOrgContributionRank(org, pnts_to_add, action, contribType, eventTime=datetime.datetime.now(), isLabeled=isLabeled, categ=util.noSpaceLower(categ))
for award in awards_given: for award in awards_given:
# update awards given # update awards given
keyname = "{}:{}".format(self.keyLastAward, util.getDateStrFormat(now)) keyname = "{}:{}".format(self.keyLastAward, util.getDateStrFormat(now))
@ -589,4 +589,3 @@ class Contributor_helper:
return { 'remainingPts': i-points, 'stepPts': prev } return { 'remainingPts': i-points, 'stepPts': prev }
prev = i prev = i
return { 'remainingPts': 0, 'stepPts': self.rankMultiplier**self.levelMax } return { 'remainingPts': 0, 'stepPts': self.rankMultiplier**self.levelMax }

1
helpers/live_helper.py
View File

@ -32,6 +32,7 @@ class Live_helper:
self.serv_live.publish(channel, j_to_send) self.serv_live.publish(channel, j_to_send)
self.logger.debug('Published: {}'.format(j_to_send)) self.logger.debug('Published: {}'.format(j_to_send))
if name != 'Keepalive': if name != 'Keepalive':
name = 'Attribute' if 'ObjectAttribute' else name
self.add_to_stream_log_cache(name, j_to_send_keep) self.add_to_stream_log_cache(name, j_to_send_keep)

4
server.py
View File

@ -121,9 +121,13 @@ class EventMessage():
self.name = jsonMsg['name'] self.name = jsonMsg['name']
self.zmqName = jsonMsg['zmqName'] self.zmqName = jsonMsg['zmqName']
if self.name == 'Attribute': if self.name == 'Attribute':
self.feed = jsonMsg['log'] self.feed = jsonMsg['log']
self.feed = LogItem(self.feed, filters).get_row() self.feed = LogItem(self.feed, filters).get_row()
elif self.name == 'ObjectAttribute':
self.feed = jsonMsg['log']
self.feed = LogItem(self.feed, filters).get_row()
else: else:
self.feed = jsonMsg['log'] self.feed = jsonMsg['log']

100
static/js/index/index.js
View File

@ -175,7 +175,7 @@ $(document).ready(function () {
pollingFrequency: 5000, pollingFrequency: 5000,
tableHeader: head, tableHeader: head,
tableMaxEntries: 50, tableMaxEntries: 50,
animate: false, // animate: false,
preDataURL: urlForLogs, preDataURL: urlForLogs,
endpoint: urlForLogs endpoint: urlForLogs
}); });
@ -333,45 +333,44 @@ function createHead(callback) {
{ targets: 0, orderable: false }, { targets: 0, orderable: false },
{ targets: '_all', searchable: false, orderable: false, { targets: '_all', searchable: false, orderable: false,
render: function ( data, type, row ) { render: function ( data, type, row ) {
// return data +' ('+ row[3]+')'; var $toRet;
var $toRet; if (typeof data === 'object') {
if (typeof data === 'object') { $toRet = $('<span></span>');
$toRet = $('<span></span>'); data.data.forEach(function(cur, i) {
data.data.forEach(function(cur, i) { switch (data.name) {
switch (data.name) { case 'Tag':
case 'Tag': var $tag = $('<a></a>');
var $tag = $('<a></a>'); $tag.addClass('tagElem');
$tag.addClass('tagElem'); $tag.css({
$tag.css({ backgroundColor: cur.colour,
backgroundColor: cur.colour, color: getTextColour(cur.colour.substring(1,6))
color: getTextColour(cur.colour.substring(1,6)) });
}); $tag.text(cur.name)
$tag.text(cur.name) $toRet.append($tag);
$toRet.append($tag); break;
break; case 'mispObject':
case 'mispObject': $toRet.append('MISP Object not supported yet')
$toRet.append('MISP Object not supported yet') break;
break; default:
default: break;
break; }
} });
}); $toRet = $toRet[0].outerHTML;
$toRet = $toRet[0].outerHTML; } else if (data === undefined) {
} else if (data === undefined) {
$toRet = '';
} else {
var textToAddArray = data.split(char_separator);
$toRet = ''; $toRet = '';
textToAddArray.forEach(function(e, i) { } else {
if (i > 0) { var textToAddArray = data.split(char_separator);
$toRet += '<br>' + e; $toRet = '';
} else { textToAddArray.forEach(function(e, i) {
$toRet += e; if (i > 0) {
} $toRet += '<br>' + e;
}); } else {
} $toRet += e;
return $toRet; }
}, });
}
return $toRet;
},
} }
], ],
}; };
@ -474,6 +473,9 @@ function createHead(callback) {
case 'Attribute': case 'Attribute':
that.add_entry(entry); that.add_entry(entry);
break; break;
case 'ObjectAttribute':
that.add_entry(entry, true);
break;
default: default:
break; break;
} }
@ -499,6 +501,9 @@ function createHead(callback) {
case 'Attribute': case 'Attribute':
that.add_entry(entry); that.add_entry(entry);
break; break;
case 'ObjectAttribute':
that.add_entry(entry, true);
break;
default: default:
break; break;
} }
@ -577,14 +582,21 @@ function createHead(callback) {
} }
}, },
add_entry: function(entry) { add_entry: function(entry, isObjectAttribute) {
var rowNode = this.dt.row.add(entry).draw().node(); var rowNode = this.dt.row.add(entry).draw().node();
if (this.animate) { if (this._options.animate) {
$( rowNode ) $( rowNode )
.css( 'background-color', '#5cb85c' ) .css( 'background-color', '#5cb85c !important' )
.animate( { 'background-color': '', duration: 600 } ); .animate( { 'background-color': '' }, { duration: 1500 } );
}
if (isObjectAttribute === true) {
console.log(entry);
$( rowNode ).children().last()
.css('position', 'relative')
.append(
$('<it class="fa fa-th rowTableIsObject" title="This attribute belong to an Object"></it>')
);
} }
// this.dt.row.add(entry).draw( false );
// remove entries // remove entries
var numRows = this.dt.rows().count(); var numRows = this.dt.rows().count();
var rowsToRemove = numRows - this._options.tableMaxEntries; var rowsToRemove = numRows - this._options.tableMaxEntries;

9
templates/index.html
View File

@ -189,10 +189,17 @@ div.dataTables_scrollHead table.dataTable {
left: 15px !important; left: 15px !important;
right: 10px !important; right: 10px !important;
z-index: 1001 !important; z-index: 1001 !important;
bottom: 5px !important; bottom: -7px !important;
height: unset !important; height: unset !important;
} }
.rowTableIsObject {
position: absolute;
right: 15px;
top: 0px;
color: #3465a4;
}
</style> </style>
<body> <body>

31
zmq_dispatcher.py
View File

@ -122,7 +122,16 @@ def handler_conversation(zmq_name, jsonevent):
def handler_object(zmq_name, jsondata): def handler_object(zmq_name, jsondata):
logger.info('Handling object') logger.info('Handling object')
return # check if jsonattr is an mispObject object
if 'Object' in jsondata:
jsonobj = jsondata['Object']
soleObject = copy.deepcopy(jsonobj)
del soleObject['Attribute']
for jsonattr in jsonobj['Attribute']:
jsonattrcpy = copy.deepcopy(jsonobj)
jsonattrcpy['Event'] = jsondata['Event']
jsonattrcpy['Attribute'] = jsonattr
handler_attribute(zmq_name, jsonattrcpy, False, parentObject=soleObject)
def handler_sighting(zmq_name, jsondata): def handler_sighting(zmq_name, jsondata):
logger.info('Handling sighting') logger.info('Handling sighting')
@ -168,6 +177,16 @@ def handler_event(zmq_name, jsonobj):
else: else:
handler_attribute(zmq_name, attributes) handler_attribute(zmq_name, attributes)
if 'Object' in jsonevent:
objects = jsonevent['Object']
if type(objects) is list:
for obj in objects:
jsoncopy = copy.deepcopy(jsonobj)
jsoncopy['Object'] = obj
handler_object(zmq_name, jsoncopy)
else:
handler_object(zmq_name, objects)
action = jsonobj.get('action', None) action = jsonobj.get('action', None)
eventLabeled = len(jsonobj.get('EventTag', [])) > 0 eventLabeled = len(jsonobj.get('EventTag', [])) > 0
org = jsonobj.get('Orgc', {}).get('name', None) org = jsonobj.get('Orgc', {}).get('name', None)
@ -179,11 +198,15 @@ def handler_event(zmq_name, jsonobj):
action, action,
isLabeled=eventLabeled) isLabeled=eventLabeled)
def handler_attribute(zmq_name, jsonobj, hasAlreadyBeenContributed=False): def handler_attribute(zmq_name, jsonobj, hasAlreadyBeenContributed=False, parentObject=False):
logger.info('Handling attribute') logger.info('Handling attribute')
# check if jsonattr is an attribute object # check if jsonattr is an attribute object
if 'Attribute' in jsonobj: if 'Attribute' in jsonobj:
jsonattr = jsonobj['Attribute'] jsonattr = jsonobj['Attribute']
else:
jsonattr = jsonobj
attributeType = 'Attribute' if jsonattr['object_id'] == '0' else 'ObjectAttribute'
#Add trending #Add trending
categName = jsonattr['category'] categName = jsonattr['category']
@ -210,12 +233,12 @@ def handler_attribute(zmq_name, jsonobj, hasAlreadyBeenContributed=False):
eventLabeled = len(jsonobj.get('EventTag', [])) > 0 eventLabeled = len(jsonobj.get('EventTag', [])) > 0
action = jsonobj.get('action', None) action = jsonobj.get('action', None)
contributor_helper.handleContribution(zmq_name, jsonobj['Event']['Orgc']['name'], contributor_helper.handleContribution(zmq_name, jsonobj['Event']['Orgc']['name'],
'Attribute', attributeType,
jsonattr['category'], jsonattr['category'],
action, action,
isLabeled=eventLabeled) isLabeled=eventLabeled)
# Push to log # Push to log
live_helper.publish_log(zmq_name, 'Attribute', jsonobj) live_helper.publish_log(zmq_name, attributeType, jsonobj)
############### ###############