From 8a90dffb65876a01f3c9423cbbf7733f0ca2b869 Mon Sep 17 00:00:00 2001 From: mokaddem Date: Tue, 26 Feb 2019 14:14:56 +0100 Subject: [PATCH 1/3] fix: [dispatcher] EventTags were not processed correctly --- zmq_dispatcher.py | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/zmq_dispatcher.py b/zmq_dispatcher.py index f7e73bb..37a3874 100755 --- a/zmq_dispatcher.py +++ b/zmq_dispatcher.py @@ -167,11 +167,8 @@ def handler_event(zmq_name, jsonobj): timestamp = jsonevent['timestamp'] trendings_helper.addTrendingEvent(eventName, timestamp) tags = [] - for tag in jsonobj.get('EventTag', []): - try: - tags.append(tag['Tag']) - except KeyError: - pass + for tag in jsonevent.get('Tag', []): + tags.append(tag) trendings_helper.addTrendingTags(tags, timestamp) #redirect to handler_attribute @@ -208,10 +205,7 @@ def handler_attribute(zmq_name, jsonobj, hasAlreadyBeenContributed=False): trendings_helper.addTrendingCateg(categName, timestamp) tags = [] for tag in jsonattr.get('Tag', []): - try: - tags.append(tag) - except KeyError: - pass + tags.append(tag) trendings_helper.addTrendingTags(tags, timestamp) to_push = [] From e7f05d00ab57e345c8f55305ca156254d0e5eafd Mon Sep 17 00:00:00 2001 From: Sascha Rommelfangen Date: Mon, 4 Mar 2019 15:48:58 +0100 Subject: [PATCH 2/3] back to localhost binding --- config/6250.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/config/6250.conf b/config/6250.conf index 6ab5148..f7e9af8 100644 --- a/config/6250.conf +++ b/config/6250.conf @@ -62,6 +62,7 @@ tcp-backlog 511 # # bind 192.168.1.100 10.0.0.1 # bind 127.0.0.1 +bind 127.0.0.1 ::1 # Specify the path for the Unix socket that will be used to listen for # incoming connections. There is no default, so Redis will not listen From 4f52a80341ab272d60a826878abb84cda438c108 Mon Sep 17 00:00:00 2001 From: mokaddem Date: Thu, 2 May 2019 09:47:06 +0200 Subject: [PATCH 3/3] chg: [users] Added help text if punchcard is empty and updated README --- README.md | 4 ++++ static/js/users.js | 24 +++++++++++++++--------- 2 files changed, 19 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index c4c0f56..34bde55 100644 --- a/README.md +++ b/README.md @@ -135,6 +135,10 @@ optional arguments: a soft method to delete only keys used by MISP-Dashboard. ``` +## Notes about ZMQ +The misp-dashboard being stateless in regards to MISP, it can only process data that it received. Meaning that if your MISP is not publishing all notifications to its ZMQ, the misp-dashboard will not have them. + +The most revelant example could be the user login punchcard. If your MISP doesn't have the option ``Plugin.ZeroMQ_audit_notifications_enable`` set to ``true``, the punchcard will be empty. # zmq_subscriber options ```usage: zmq_subscriber.py [-h] [-n ZMQNAME] [-u ZMQURL] diff --git a/static/js/users.js b/static/js/users.js index 22ff0c3..bc55dbe 100644 --- a/static/js/users.js +++ b/static/js/users.js @@ -79,15 +79,21 @@ function updateDatePunch(ignore1, igonre2, org) { //date picker sets ( String da punchcardWidget.refresh(); highlight_punchDay(); } else { - punchcardWidget = $('#punchcard').punchcard({ - data: data, - singular: 'login', - plural: 'logins', - timezones: ['local'], - timezoneIndex:0 - }); - punchcardWidget = punchcardWidget.data("plugin_" + "punchcard"); - highlight_punchDay(); + var data_max = Math.max.apply(Math, data.flat()); + if (data_max === 0) { // no data, MISP's audit notification could be disabled + $('#punchcard').text('No login or MISP\'s audit notification is disabled.'); + } else { + $('#punchcard').empty(); + punchcardWidget = $('#punchcard').punchcard({ + data: data, + singular: 'login', + plural: 'logins', + timezones: ['local'], + timezoneIndex:0 + }); + punchcardWidget = punchcardWidget.data("plugin_" + "punchcard"); + highlight_punchDay(); + } } }); }