new: [events/geekweek23] Added presentaion

events/20230707-GeekWeek-Workflows/clean.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+rm *.aux *.listing *.log *.nav *.out *.snm *.toc *.vrb *.upa

events/20230707-GeekWeek-Workflows/content.aux

@@ -0,0 +1,90 @@
+\relax 
+\providecommand\hyper@newdestlabel[2]{}
+\providecommand\zref@newlabel[2]{}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{1}{1/1}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {1}{1}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{2}{2/2}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {2}{2}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{3}{3/3}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {3}{3}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{4}{4/4}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {4}{4}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{5}{5/5}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {5}{5}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{6}{6/6}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {6}{6}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{7}{7/7}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {7}{7}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{8}{8/8}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {8}{8}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{9}{9/9}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {9}{9}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{10}{10/10}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {10}{10}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{11}{11/11}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {11}{11}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{12}{12/12}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {12}{12}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{13}{13/13}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {13}{13}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{14}{14/14}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {14}{14}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{15}{15/15}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {15}{15}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{16}{16/16}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {16}{16}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{17}{17/17}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {17}{17}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{18}{18/18}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {18}{18}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{19}{19/19}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {19}{19}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{20}{20/20}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {20}{20}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{21}{21/21}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {21}{21}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{22}{22/22}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {22}{22}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{23}{23/23}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {23}{23}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{24}{24/24}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {24}{24}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{25}{25/25}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {25}{25}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{26}{26/26}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {26}{26}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{27}{27/27}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {27}{27}}}
+\@writefile{nav}{\headcommand {\slideentry {0}{0}{28}{28/28}{}{0}}}
+\@writefile{nav}{\headcommand {\beamer@framepages {28}{28}}}
+\@setckpt{content}{
+\setcounter{page}{29}
+\setcounter{equation}{0}
+\setcounter{enumi}{2}
+\setcounter{enumii}{0}
+\setcounter{enumiii}{0}
+\setcounter{enumiv}{0}
+\setcounter{footnote}{1}
+\setcounter{mpfootnote}{0}
+\setcounter{beamerpauses}{1}
+\setcounter{bookmark@seq@number}{0}
+\setcounter{lecture}{0}
+\setcounter{part}{0}
+\setcounter{section}{0}
+\setcounter{subsection}{0}
+\setcounter{subsubsection}{0}
+\setcounter{subsectionslide}{28}
+\setcounter{framenumber}{27}
+\setcounter{figure}{0}
+\setcounter{table}{0}
+\setcounter{parentequation}{0}
+\setcounter{theorem}{0}
+\setcounter{pc@count@i}{0}
+\setcounter{pc@count@ii}{0}
+\setcounter{pc@count@iii}{0}
+\setcounter{pc@count@iv}{0}
+\setcounter{mn@abspage}{29}
+\setcounter{lstnumber}{1}
+\setcounter{section@level}{0}
+\setcounter{lstlisting}{0}
+}

events/20230707-GeekWeek-Workflows/content.tex

@@ -0,0 +1,425 @@
+% DO NOT COMPILE THIS FILE DIRECTLY!
+% This is included by the other .tex files.
+
+\begin{frame}[t,plain]
+\titlepage
+\end{frame}
+
+\begin{frame}
+    \frametitle{\texttt{\$ whoami}}
+    \begin{center}
+        \includegraphics[width=0.3\linewidth]{pictures/whoami.png}
+        \hspace{1em}
+        \frame{\includegraphics[width=0.5\linewidth]{pictures/belgian-joke}}
+    \end{center}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Automation in MISP: What already exists?}
+    \includegraphics[valign=m,width=16px]{pictures/python-logo.png}\hspace*{0.5em} \textbf{MISP API / PyMISP}
+    \hspace*{0.25em}
+    \begin{itemize}
+        \item Needs CRON Jobs in place
+        \item Not realtime
+    \end{itemize}
+    \vspace*{1em}
+    \includegraphics[valign=m,width=16px]{pictures/zeromq.png}\hspace*{0.5em} \textbf{PubSub channels}
+    \hspace*{0.25em}
+    \begin{itemize}
+        \item After the actions happen: No feedback to MISP
+        \item Tougher to put in place \& to share
+    \end{itemize}
+    \vspace*{0.5em}
+    $\rightarrow$ No way to \textbf{prevent} behavior\\
+    $\rightarrow$ Difficult to setup \textbf{hooks} to execute callbacks
+\end{frame}
+
+\begin{frame}
+    \frametitle{What type of use-cases are we trying to support?}
+    \vspace{-1em}
+    \begin{center}
+        \includegraphics[width=0.5\linewidth]{pictures/geekweek75.jpg}
+    \end{center}
+    \begin{itemize}
+        \item \textbf{Prevent} default MISP behaviors to happen
+        \begin{itemize}
+            \item Prevent \textbf{publication of events} not passing sanity checks
+            \item Prevent \textbf{querying} thrid-party \textbf{services} with sensitive information
+            \item $\cdots$
+        \end{itemize}
+        \vspace*{1.0em}
+        \item \textbf{Hook} specific actions to run callbacks
+        \begin{itemize}
+            \item \textbf{Automatically run} enrichment services
+            \item Modify data on-the-fly: False positives, enable CTI-Pipeline
+            \item Send notifications in a chat rooms
+            \item $\cdots$
+        \end{itemize}
+    \end{itemize}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Simple automation in MISP made easy}
+    \begin{center}
+        \includegraphics[width=0.3\linewidth]{pictures/automation.png}
+    \end{center}
+    \begin{itemize}
+        \item How?
+        \begin{itemize}
+            \item \textbf{Drag \& Drop} editor
+            \item Prevent actions \textbf{before they happen}
+            \item Flexible \textbf{Plug \& Play} system
+            \item \textbf{Share} workflows, \textbf{debug} and \textbf{replay}
+        \end{itemize}
+    \end{itemize}
+\end{frame}
+
+% \section{Workflow - Fundamentals}
+\begin{frame}
+    \frametitle{
+        \huge
+        \linebreak
+        \linebreak
+        \linebreak
+        Workflow - Fundamentals
+        \vspace{1em}
+    }
+    \textbf{Objective:} Start with the foundation to understand the basics
+    \begin{center}
+        \includegraphics[width=0.07\linewidth]{pictures/fundation}
+    \end{center}
+\end{frame}
+
+
+\begin{frame}
+    \frametitle{How does it work}
+    \begin{center}
+        \frame{\includegraphics[width=0.6\linewidth]{pictures/event-condition-action.png}}
+    \end{center}
+    \begin{enumerate}
+        \item An \textbf{event} happens in MISP
+        \item Check if all \textbf{conditions} are satisfied
+        \item Execute all \textbf{actions}
+    \end{enumerate}
+\end{frame}
+
+\begin{frame}
+    \frametitle{What kind of events?}
+    \includegraphics[width=60px]{pictures/sc-event.png}
+    \vspace*{0.5em}
+    \begin{itemize}
+        \item New MISP Event
+        \item Attribute has been saved
+        \item New discussion post
+        \item New user created
+        \item Query against third-party services
+        \item ...
+    \end{itemize}
+    \vspace*{1em}
+    {\Large \faIcon{question-circle}} Supported events in MISP are called \textbf{Triggers}\\
+    {\Large \faIcon{question-circle}} A \textbf{Trigger} is associated with \textbf{1-and-only-1 Workflow}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Triggers currently available}
+    Currently 11 triggers can be hooked. 3 being \includegraphics[width=36px]{pictures/blocking-workflow.png}.
+    \begin{center}
+        \includegraphics[width=1.0\linewidth]{pictures/triggers.png}
+    \end{center}
+\end{frame}
+
+\begin{frame}
+    \frametitle{What kind of conditions?}
+    \vspace*{0.25em}
+    \includegraphics[width=70px]{pictures/sc-condition.png}
+    \vspace*{0.25em}
+    \begin{itemize}
+        \item A MISP Event is tagged with \texttt{tlp:red}
+        \item The distribution of an Attribute is a sharing group
+        \item The creator organisation is \texttt{circl.lu}
+        \item Or any other \textbf{generic} conditions
+    \end{itemize}
+
+    \vspace*{0.5em}
+    {\Large \faIcon{question-circle}} These are also called \textbf{Logic modules}
+    \begin{center}
+        \includegraphics[width=0.43\textwidth]{pictures/logic-module.png}
+    \end{center}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Workflow - Logic modules}
+    \begin{itemize}
+        \item \includegraphics[width=12px]{pictures/sc-condition-icon.png} \textbf{logic} modules: Allow to redirect the execution flow.
+        \begin{itemize}
+            \item IF conditions
+            \item Delay execution
+        \end{itemize}
+    \end{itemize}
+    \begin{center}
+        \includegraphics[width=1.0\linewidth]{pictures/logic-module-index.png}
+    \end{center}
+\end{frame}
+
+\begin{frame}
+    \frametitle{What kind of actions?}
+    \vspace*{0.25em}
+    \includegraphics[width=60px]{pictures/sc-action.png}
+    \vspace*{0.25em}
+    \begin{itemize}
+        \item Send an email notification
+        \item Perform enrichments
+        \item Send a chat message on MS Teams
+        \item Attach a local tag
+        \item ...
+    \end{itemize}
+
+    \vspace*{0.5em}
+    {\Large \faIcon{question-circle}} These are also called \textbf{Action modules}
+    \begin{center}
+        \includegraphics[width=0.43\textwidth]{pictures/action-module.png}
+    \end{center}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Workflow - Action modules}
+    \begin{itemize}
+        \item \includegraphics[width=12px]{pictures/sc-action-icon.png} \textbf{action} modules: Allow to executes operations
+        \begin{itemize}
+            \item Tag operations
+            \item Send notifications
+            \item Webhooks \& Custom scripts
+        \end{itemize}
+    \end{itemize}
+    \begin{center}
+        \includegraphics[width=0.95\linewidth]{pictures/action-module-index.png}
+    \end{center}
+\end{frame}
+
+\begin{frame}
+    \frametitle{What is a MISP Workflow?}
+    \begin{itemize}
+        \item Sequence of all nodes to be executed in a specific order
+    \end{itemize}
+    \vspace*{0.5em}
+    \begin{center}
+        \frame{\includegraphics[width=1.0\linewidth]{pictures/simple-workflow.png}}
+    \end{center}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Workflow execution for Event publish}
+    \begin{itemize}
+        \setlength\itemsep{1em}
+        \item[] \hspace*{-2em}\includegraphics[width=16px]{pictures/sc-event-icon.png} \hspace*{0.25em} An Event is about to be published
+        \begin{itemize}
+            \item The workflow for the \texttt{event-publish} trigger starts
+        \end{itemize}
+        \item[] \hspace*{-2em}\includegraphics[width=16px]{pictures/sc-condition-icon.png} \hspace*{0.25em} Conditions are evaluated
+        \begin{itemize}
+            \item They might change the path taken during the execution
+        \end{itemize}
+        \item[] \hspace*{-2em}\includegraphics[width=16px]{pictures/sc-action-icon.png} \hspace*{0.25em} Actions are executed
+        \begin{itemize}
+            \setlength\itemsep{0.75em}
+            \item {\bf\color{green!50!black}success}: Continue the publishing action
+            \hspace*{-4em}\includegraphics[width=1.0\textwidth]{pictures/log-entry-publish-success.png}
+            \item {\bf\color{red}failure} | \texttt{\color{red}blocked}: Stop publishing and log the reason
+            \hspace*{-4em}\includegraphics[width=1.0\textwidth]{pictures/log-entry-publish-blocked.png}
+        \end{itemize}
+    \end{itemize}
+\end{frame}
+
+
+\begin{frame}
+    \frametitle{Sources of Workflow modules (0)}
+    Currently 36 built-in modules.
+    \vspace{1em}
+    \begin{itemize}
+        \item \textbf{Trigger} module (11): built-in \textbf{only}
+        \begin{itemize}
+            \item Get in touch if you want more
+        \end{itemize}
+        \item \textbf{Logic} module (10): built-in \& \textbf{custom}
+        \item \textbf{Action} module (15): built-in \& \textbf{custom}
+    \end{itemize}
+    \vspace*{2.0em}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Sources of Workflow modules (1)}
+    \begin{itemize}
+        \item Built-in \textbf{default} modules
+        \begin{itemize}
+            \item Part of the MISP codebase
+            \item Get in touch if you want us to increase the selection (or merge PR!)
+        \end{itemize}
+    \end{itemize}
+    \vspace*{0.5em}
+    \begin{center}
+        \includegraphics[width=0.8\linewidth]{pictures/module-buffet.png}
+    \end{center}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Sources of Workflow modules (2)}
+    User-defined \textbf{custom} modules
+    \vspace*{0.5em}
+    \begin{columns}
+        \begin{column}{0.5\textwidth}
+            \begin{itemize}
+                \item Written in PHP
+                \item Extend existing modules
+                \item MISP code reuse
+            \end{itemize}
+        \end{column}
+        \begin{column}{0.5\textwidth}
+            \includegraphics[width=1.0\linewidth]{pictures/php-joke.jpg}
+        \end{column}
+    \end{columns}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Sources of Workflow modules (3)}
+    Modules from the \includegraphics[width=0.20\linewidth]{pictures/misp-module-icon.png} \textbf{enrichment service}
+    \vspace*{0.5em}
+    \begin{columns}
+        \begin{column}{0.50\textwidth}
+            \begin{itemize}
+                \item Written in Python
+                \item Can use any python libraries
+                \item Plug \& Play
+            \end{itemize}
+        \end{column}
+        \begin{column}{0.50\textwidth}
+            \includegraphics[width=1.0\linewidth]{pictures/python-joke.png}
+        \end{column}
+    \end{columns}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Getting started with workflows (5)}
+    \centering
+    \vspace*{3em}
+    {\LARGE Let's build a workflow!}
+    \begin{center}
+        \includegraphics[width=24px]{pictures/build-icon.png}
+    \end{center}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Creating a workflow with the editor}
+    \begin{enumerate}
+        \item Prevent event publication if \textbf{tlp:red} tag
+        \item Send a mail to \texttt{admin@admin.test} about potential data leak
+        \item Otherwise, send a notification on \textbf{Mattermost}, \textbf{MS Teams}, \textbf{Telegram}, ...
+    \end{enumerate}
+\end{frame}
+
+% \section{Considerations when working with workflows}
+\begin{frame}
+    \frametitle{
+        \huge
+        \linebreak
+        \linebreak
+        \linebreak
+        Considerations when working with workflows
+        \vspace{1em}
+    }
+    \textbf{Objective:} Overview of some common pitfalls
+    \begin{center}
+        \includegraphics[width=24px]{pictures/radar.png}
+    \end{center}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Working with the editor - Operations not allowed}
+    Execution loop are not authorized
+    \vspace*{1em}
+    \begin{columns}
+        \begin{column}{0.7\textwidth}
+            \frame{\includegraphics[width=1.0\linewidth]{pictures/editor-not-allowed-1.png}}
+        \end{column}
+        \begin{column}{0.3\textwidth}
+            \frame{\includegraphics[width=1.0\linewidth]{pictures/infinite-loop.jpg}}
+        \end{column}
+    \end{columns}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Recursive workflows}
+    \frame{\includegraphics[width=1.0\linewidth]{pictures/recursive-workflow.png}}
+    \danger Recursion: If an action re-run the workflow
+\end{frame}
+
+\begin{frame}
+    \frametitle{Workflow blueprints}
+    \hspace*{0.9\textwidth}\includegraphics[width=32px]{pictures/blueprint-32.png}
+    \vspace*{-2em}
+    \begin{enumerate}
+        \item Blueprints allow to \textbf{re-use parts} of a workflow in another one
+        \item Blueprints can be saved, exported and \textbf{shared}
+    \end{enumerate}
+    \begin{center}
+        \includegraphics[width=0.5\linewidth]{pictures/blueprint-debugging.png}
+    \end{center}
+    Blueprints sources:
+    \begin{enumerate}
+        \item Created or imported by users
+        \item From the \texttt{MISP/misp-workflow-blueprints} repository\footnote{\scriptsize https://github.com/MISP/misp-workflow-blueprints}
+    \end{enumerate}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Workflow blueprints}
+    Currently, 4 blueprints available:
+    \vspace*{1em}
+    \begin{itemize}
+        \item Attach the \texttt{tlp:clear} tag on elements having the \texttt{tlp:white} tag
+        \item Block actions if any attributes have the \texttt{PAP:RED} or \texttt{tlp:red} tag
+        \item Disable \texttt{to\_ids} flag for existing hash in \textit{hashlookup}
+        \item Set tag based on \textit{BGP Ranking} maliciousness level
+    \end{itemize}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Future works}
+    \begin{columns}
+        \begin{column}{0.55\textwidth}
+            \begin{itemize}
+                \item More \includegraphics[width=12px]{pictures/sc-action-icon.png} modules
+                \item More \includegraphics[width=12px]{pictures/sc-condition-icon.png} modules
+                \item More \includegraphics[width=12px]{pictures/sc-event-icon.png} triggers
+                \item More documentation
+                \item Recursion prevention system
+                \item On-the-fly data override?
+            \end{itemize}
+        \end{column}
+        \begin{column}{0.45\textwidth}
+            \includegraphics[width=1.0\linewidth]{pictures/future-works.jpeg}
+        \end{column}
+    \end{columns}
+\end{frame}
+
+\begin{frame}
+    \frametitle{Final words}
+    \begin{columns}
+        \begin{column}{0.6\textwidth}
+            \begin{itemize}
+                \item Designed to \textbf{quickly} and \textbf{cheaply} integrate MISP in CTI pipelines
+                \item \underline{\textbf{Beta}} Feature unlikely to change. But still..
+                \item Waiting for feedback!
+                \begin{itemize}
+                    \item New triggers?
+                    \item New modules?
+                    \item What's acheivable
+                \end{itemize}
+            \end{itemize}
+        \end{column}
+        \begin{column}{0.4\textwidth}
+            \includegraphics[width=1.0\linewidth]{pictures/feeling-of-power.jpg}
+        \end{column}
+    \end{columns}
+    \vspace*{0.5em}
+\end{frame}
+

events/20230707-GeekWeek-Workflows/slide.aux

@@ -0,0 +1,28 @@
+\relax 
+\providecommand\hyper@newdestlabel[2]{}
+\providecommand\BKM@entry[2]{}
+\providecommand\zref@newlabel[2]{}
+\providecommand\HyperFirstAtBeginDocument{\AtBeginDocument}
+\HyperFirstAtBeginDocument{\ifx\hyper@anchor\@undefined
+\global\let\oldcontentsline\contentsline
+\gdef\contentsline#1#2#3#4{\oldcontentsline{#1}{#2}{#3}}
+\global\let\oldnewlabel\newlabel
+\gdef\newlabel#1#2{\newlabelxx{#1}#2}
+\gdef\newlabelxx#1#2#3#4#5#6{\oldnewlabel{#1}{{#2}{#3}}}
+\AtEndDocument{\ifx\hyper@anchor\@undefined
+\let\contentsline\oldcontentsline
+\let\newlabel\oldnewlabel
+\fi}
+\fi}
+\global\let\hyper@last\relax 
+\gdef\HyperFirstAtBeginDocument#1{#1}
+\providecommand\HyField@AuxAddToFields[1]{}
+\providecommand\HyField@AuxAddToCoFields[2]{}
+\@input{content.aux}
+\providecommand \oddpage@label [2]{}
+\pgfsyspdfmark {pgfid1}{1398509}{16636717}
+\@writefile{nav}{\headcommand {\beamer@partpages {1}{28}}}
+\@writefile{nav}{\headcommand {\beamer@subsectionpages {1}{28}}}
+\@writefile{nav}{\headcommand {\beamer@sectionpages {1}{28}}}
+\@writefile{nav}{\headcommand {\beamer@documentpages {28}}}
+\@writefile{nav}{\headcommand {\gdef \inserttotalframenumber {27}}}

events/20230707-GeekWeek-Workflows/slide.nav

@@ -0,0 +1,61 @@
+\headcommand {\slideentry {0}{0}{1}{1/1}{}{0}}
+\headcommand {\beamer@framepages {1}{1}}
+\headcommand {\slideentry {0}{0}{2}{2/2}{}{0}}
+\headcommand {\beamer@framepages {2}{2}}
+\headcommand {\slideentry {0}{0}{3}{3/3}{}{0}}
+\headcommand {\beamer@framepages {3}{3}}
+\headcommand {\slideentry {0}{0}{4}{4/4}{}{0}}
+\headcommand {\beamer@framepages {4}{4}}
+\headcommand {\slideentry {0}{0}{5}{5/5}{}{0}}
+\headcommand {\beamer@framepages {5}{5}}
+\headcommand {\slideentry {0}{0}{6}{6/6}{}{0}}
+\headcommand {\beamer@framepages {6}{6}}
+\headcommand {\slideentry {0}{0}{7}{7/7}{}{0}}
+\headcommand {\beamer@framepages {7}{7}}
+\headcommand {\slideentry {0}{0}{8}{8/8}{}{0}}
+\headcommand {\beamer@framepages {8}{8}}
+\headcommand {\slideentry {0}{0}{9}{9/9}{}{0}}
+\headcommand {\beamer@framepages {9}{9}}
+\headcommand {\slideentry {0}{0}{10}{10/10}{}{0}}
+\headcommand {\beamer@framepages {10}{10}}
+\headcommand {\slideentry {0}{0}{11}{11/11}{}{0}}
+\headcommand {\beamer@framepages {11}{11}}
+\headcommand {\slideentry {0}{0}{12}{12/12}{}{0}}
+\headcommand {\beamer@framepages {12}{12}}
+\headcommand {\slideentry {0}{0}{13}{13/13}{}{0}}
+\headcommand {\beamer@framepages {13}{13}}
+\headcommand {\slideentry {0}{0}{14}{14/14}{}{0}}
+\headcommand {\beamer@framepages {14}{14}}
+\headcommand {\slideentry {0}{0}{15}{15/15}{}{0}}
+\headcommand {\beamer@framepages {15}{15}}
+\headcommand {\slideentry {0}{0}{16}{16/16}{}{0}}
+\headcommand {\beamer@framepages {16}{16}}
+\headcommand {\slideentry {0}{0}{17}{17/17}{}{0}}
+\headcommand {\beamer@framepages {17}{17}}
+\headcommand {\slideentry {0}{0}{18}{18/18}{}{0}}
+\headcommand {\beamer@framepages {18}{18}}
+\headcommand {\slideentry {0}{0}{19}{19/19}{}{0}}
+\headcommand {\beamer@framepages {19}{19}}
+\headcommand {\slideentry {0}{0}{20}{20/20}{}{0}}
+\headcommand {\beamer@framepages {20}{20}}
+\headcommand {\slideentry {0}{0}{21}{21/21}{}{0}}
+\headcommand {\beamer@framepages {21}{21}}
+\headcommand {\slideentry {0}{0}{22}{22/22}{}{0}}
+\headcommand {\beamer@framepages {22}{22}}
+\headcommand {\slideentry {0}{0}{23}{23/23}{}{0}}
+\headcommand {\beamer@framepages {23}{23}}
+\headcommand {\slideentry {0}{0}{24}{24/24}{}{0}}
+\headcommand {\beamer@framepages {24}{24}}
+\headcommand {\slideentry {0}{0}{25}{25/25}{}{0}}
+\headcommand {\beamer@framepages {25}{25}}
+\headcommand {\slideentry {0}{0}{26}{26/26}{}{0}}
+\headcommand {\beamer@framepages {26}{26}}
+\headcommand {\slideentry {0}{0}{27}{27/27}{}{0}}
+\headcommand {\beamer@framepages {27}{27}}
+\headcommand {\slideentry {0}{0}{28}{28/28}{}{0}}
+\headcommand {\beamer@framepages {28}{28}}
+\headcommand {\beamer@partpages {1}{28}}
+\headcommand {\beamer@subsectionpages {1}{28}}
+\headcommand {\beamer@sectionpages {1}{28}}
+\headcommand {\beamer@documentpages {28}}
+\headcommand {\gdef \inserttotalframenumber {27}}

events/20230707-GeekWeek-Workflows/slide.tex

@@ -0,0 +1,65 @@
+\documentclass{beamer}
+\usetheme[numbering=progressbar]{focus}
+\definecolor{main}{RGB}{47, 161, 219}
+\definecolor{textcolor}{RGB}{128, 128, 128}
+\definecolor{background}{RGB}{240, 247, 255}
+
+% \usepackage{pgfpages}
+% \setbeameroption{show notes on second screen=right}
+\usepackage[draft]{pdfcomment}
+\newcommand{\pdfnote}[1]{\marginnote{\pdfcomment[icon=note]{#1}}}
+
+\usepackage[utf8]{inputenc}
+\usepackage[normalem]{ulem}
+\usepackage{tikz}
+\usepackage{listings}
+\usepackage{fontawesome5}
+\usepackage[export]{adjustbox}
+\usepackage{fourier}
+\usetikzlibrary{positioning}
+\usetikzlibrary{shapes,arrows}
+
+\lstdefinelanguage{javascript}{
+    basicstyle=\scriptsize,
+    numbers=left,
+    numberstyle=\scriptsize,
+    stepnumber=1,
+    numbersep=5pt,
+    showstringspaces=false,
+    breaklines=true,
+    frame=lines,
+    keywords={typeof, new, true, false, catch, function, return, null, catch, switch, var, if, in, while, do, else, case, break},
+    %keywordstyle=\color{blue}\bfseries,
+    ndkeywords={class, export, boolean, throw, implements, import, this},
+    ndkeywordstyle=\color{darkgray}\bfseries,
+    identifierstyle=\color{black},
+    sensitive=false,
+    comment=[l]{//},
+    morecomment=[s]{/*}{*/},
+    commentstyle=\color{purple}\ttfamily,
+    stringstyle=\color{purple}\ttfamily,
+    morestring=[b]',
+    morestring=[b]"
+}
+\lstdefinelanguage{text}{
+    basicstyle=\scriptsize,
+    numbers=left,
+    numberstyle=\scriptsize,
+    stepnumber=1,
+    numbersep=5pt,
+    showstringspaces=false,
+    breaklines=true,
+    frame=lines
+}
+
+\title{Building Your Own Workflows in MISP}
+\subtitle{Overview of the feature}
+\author{Sami Mokaddem \& Alexandre Dulaunoy}
+\titlegraphic{\vspace*{1em}\includegraphics[scale=0.3]{misp.pdf}\\}
+\institute{MISP Project \\ \url{https://www.misp-project.org/}}
+
+
+\begin{document}
+\include{content}
+\end{document}
+