Merge remote-tracking branch 'origin/master' into HEAD

diagnosticTool
mokaddem 2019-06-14 09:25:35 +02:00
commit ca75838896
4 changed files with 23 additions and 18 deletions

View File

@ -135,6 +135,10 @@ optional arguments:
a soft method to delete only keys used by MISP-Dashboard.
```
## Notes about ZMQ
The misp-dashboard being stateless in regards to MISP, it can only process data that it received. Meaning that if your MISP is not publishing all notifications to its ZMQ, the misp-dashboard will not have them.
The most revelant example could be the user login punchcard. If your MISP doesn't have the option ``Plugin.ZeroMQ_audit_notifications_enable`` set to ``true``, the punchcard will be empty.
# zmq_subscriber options
```usage: zmq_subscriber.py [-h] [-n ZMQNAME] [-u ZMQURL]

View File

@ -62,6 +62,7 @@ tcp-backlog 511
#
# bind 192.168.1.100 10.0.0.1
# bind 127.0.0.1
bind 127.0.0.1 ::1
# Specify the path for the Unix socket that will be used to listen for
# incoming connections. There is no default, so Redis will not listen

View File

@ -79,15 +79,21 @@ function updateDatePunch(ignore1, igonre2, org) { //date picker sets ( String da
punchcardWidget.refresh();
highlight_punchDay();
} else {
punchcardWidget = $('#punchcard').punchcard({
data: data,
singular: 'login',
plural: 'logins',
timezones: ['local'],
timezoneIndex:0
});
punchcardWidget = punchcardWidget.data("plugin_" + "punchcard");
highlight_punchDay();
var data_max = Math.max.apply(Math, data.flat());
if (data_max === 0) { // no data, MISP's audit notification could be disabled
$('#punchcard').text('No login or MISP\'s audit notification is disabled.');
} else {
$('#punchcard').empty();
punchcardWidget = $('#punchcard').punchcard({
data: data,
singular: 'login',
plural: 'logins',
timezones: ['local'],
timezoneIndex:0
});
punchcardWidget = punchcardWidget.data("plugin_" + "punchcard");
highlight_punchDay();
}
}
});
}

View File

@ -159,11 +159,8 @@ def handler_event(zmq_name, jsonobj):
timestamp = jsonevent['timestamp']
trendings_helper.addTrendingEvent(eventName, timestamp)
tags = []
for tag in jsonobj.get('EventTag', []):
try:
tags.append(tag['Tag'])
except KeyError:
pass
for tag in jsonevent.get('Tag', []):
tags.append(tag)
trendings_helper.addTrendingTags(tags, timestamp)
#redirect to handler_attribute
@ -214,10 +211,7 @@ def handler_attribute(zmq_name, jsonobj, hasAlreadyBeenContributed=False, parent
trendings_helper.addTrendingCateg(categName, timestamp)
tags = []
for tag in jsonattr.get('Tag', []):
try:
tags.append(tag)
except KeyError:
pass
tags.append(tag)
trendings_helper.addTrendingTags(tags, timestamp)