MISP
/
misp-training
mirror of https://github.com/MISP/misp-training
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [b6-automation] Fixed compilation issues and added hint

pull/24/head
Sami Mokaddem 2023-10-02 10:44:18 +02:00
parent 8346017d4b
commit 8e43633b35
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
1 changed files with 34 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
b.6-automation/content.tex
View File

@ -46,9 +46,6 @@
\begin{frame} \begin{frame}
\frametitle{ \frametitle{
\huge \huge
\linebreak
\linebreak
\linebreak
MISP API / PyMISP - Fundamentals MISP API / PyMISP - Fundamentals
\vspace{1em} \vspace{1em}
} }
@ -69,9 +66,6 @@
\begin{frame} \begin{frame}
\frametitle{ \frametitle{
\huge \huge
\linebreak
\linebreak
\linebreak
PubSub channels (ZeroMQ) - Fundamentals PubSub channels (ZeroMQ) - Fundamentals
\vspace{1em} \vspace{1em}
} }
@ -95,9 +89,6 @@
\begin{frame} \begin{frame}
\frametitle{ \frametitle{
\huge \huge
\linebreak
\linebreak
\linebreak
MISP Workflows - Fundamentals MISP Workflows - Fundamentals
\vspace{1em} \vspace{1em}
} }
@ -200,9 +191,6 @@
\begin{frame} \begin{frame}
\frametitle{ \frametitle{
\huge \huge
\linebreak
\linebreak
\linebreak
Workflow - Fundamentals Workflow - Fundamentals
\vspace{1em} \vspace{1em}
} }
@ -461,9 +449,6 @@
\begin{frame} \begin{frame}
\frametitle{ \frametitle{
\huge \huge
\linebreak
\linebreak
\linebreak
Workflow - Getting started Workflow - Getting started
\vspace{1em} \vspace{1em}
} }
@ -555,9 +540,6 @@ jq '.[] | select(.meta."module-type"[] | contains("action")) |
\begin{frame} \begin{frame}
\frametitle{ \frametitle{
\huge \huge
\linebreak
\linebreak
\linebreak
Considerations when working with workflows Considerations when working with workflows
\vspace{1em} \vspace{1em}
} }
@ -621,9 +603,6 @@ jq '.[] | select(.meta."module-type"[] | contains("action")) |
\begin{frame} \begin{frame}
\frametitle{ \frametitle{
\huge \huge
\linebreak
\linebreak
\linebreak
Advanced usage Advanced usage
\vspace{1em} \vspace{1em}
} }
@ -855,6 +834,40 @@ jq '.[] | select(.meta."module-type"[] | contains("action")) |
\end{enumerate} \end{enumerate}
\end{frame} \end{frame}
\begin{frame}[fragile]
\frametitle{Hash path filtering - Exercise (4)}
\begin{lstlisting}[language=javascript,firstnumber=1]
{
"Event": {
"Tag": [
{
"name": "tlp:green", ...
}
], ...
"Attribute": [
{
"value": "8.8.8.8",
"Tag": [
{
"name": "PAP:AMBER", ...
}
], ...
}
],
}
}
\end{lstlisting}
\begin{enumerate}
\setcounter{enumi}{3}
\item Access all Tags attached to Attributes and from the Event
\begin{itemize}
\item Hint: Use \texttt{\bf \_allTags} to access {\bf all} tags
\end{itemize}
\end{enumerate}
\end{frame}
\begin{frame}[fragile] \begin{frame}[fragile]
\frametitle{Hash path filtering - Exercise (4)} \frametitle{Hash path filtering - Exercise (4)}
@ -882,7 +895,6 @@ jq '.[] | select(.meta."module-type"[] | contains("action")) |
\begin{enumerate} \begin{enumerate}
\setcounter{enumi}{3} \setcounter{enumi}{3}
\item Access all Tags attached to Attributes and from the Event \item Access all Tags attached to Attributes and from the Event
\pause
\begin{itemize} \begin{itemize}
\item \texttt{Event.Attribute.\{n\}.\_allTags.\{n\}.name} \item \texttt{Event.Attribute.\{n\}.\_allTags.\{n\}.name}
\end{itemize} \end{itemize}
@ -1051,9 +1063,6 @@ jq '.[] | select(.meta."module-type"[] | contains("action")) |
\begin{frame} \begin{frame}
\frametitle{ \frametitle{
\huge \huge
\linebreak
\linebreak
\linebreak
Extending the system Extending the system
\vspace{1em} \vspace{1em}
} }