Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Splunk Search service #310

Open
wants to merge 693 commits into
base: master
Choose a base branch
from
Open

Add Splunk Search service #310

wants to merge 693 commits into from

Conversation

TheDr1ver
Copy link
Contributor

No description provided.

mgoffin and others added 30 commits February 24, 2016 15:39
@mgoffin
Initial code for ThreatExchange integration.
a6c4548 
Not fully developed and subject to change. Just want to commit this code
and get it pushed so it's not only on my computer.
@mgoffin
Add basic importing for Threat Descriptors.
b636516 
Still needs lots of polish.
@mgoffin
Infinite scrolling.
f78ad81 
If the query has more results in the cursor, query for those results
when you hit the bottom of the visible results on the page.
TAXII: Improve parsing of STIX CybOX objects
d9111fa
TAXII: Improve display of TAXII Agent results
147fd6b
TAXII: Add support for username & password auth
b20d74d
TAXII: Improved error handling
f81c818
STIX CompositeIndicatorExpression support & parser fixes
d7fd527
Bug fixes for description fields and email attachments
6471eea
Make CybOX DomainName and URI of type Domain Name equivalent
fe7d325
TAXII: Optional package encryption & improved help text
f42fc9c
TAXII: Improve feed decryption & TAXII version support
f421634
TAXII: Include Samples with no binary in TAXIISendForm
b36d7bc
TAXII: Allow user to specify begin/end timestamps when polling
82180a1
@mgoffin
Add ability to export to ThreatExchange.
5aa7c8e 
Currently ThreatExchange only allows for Threat Descriptors being
uploaded so that is the only interface built right now.
@mgoffin
Add querying for and importing Malware samples.
7a8a37d
@mgoffin
Add a little more documentation.
42735ad
@mgoffin
Merge pull request crits#198 from crits/tx
66d67fc 
ThreatExchange Service
TAXII: TAXII Poll Import Preview
3f288a8
TAXII: Handle unique polls with identical TAXII Message IDs
eb9e711
@mgoffin
Fix import alert.
5daee09 
Now actually shows if there's not enough data to import.
@mgoffin
Add more options to ThreatExchange service.
314f7f9 
Adds ability to configure headers, proxies, and verify for requests.
@mgoffin
Fix how query errors show and fix requests options.
243dce3 
Properly parse the options to pass into requests.
@mgoffin
I was silly. Use the CRITs globally defined proxy.
44c078d
@mgoffin
Add links to TX developer documentation.
142348c
@mgoffin
Add several little features.
264de9e 
This adds Releasability tracking for exported Indicators. Also converts
the "Type" and "Threat Type" fields on export to be selects. If the
Indicator Type or Threat Type doesn't match one that ThreatExchange will
accept, it will provide a warning letting you know a valid one needs to
be selected and the "Submit" button will be disabled until a valid one
is selected.
TAXII: Fix CybOX\STIX creation functionality
5357e9c
Merge branch 'master' of https://github.com/crits/crits_services into…
3f6482a 
… taxii_updates

Conflicts:
	taxii_service/templates/taxii_agent_results.html
	taxii_service/views.py
@mgoffin
Merge pull request crits#199 from brlogan/taxii_updates
b3e067b 
TAXII Service Updates
@mgoffin
Update requirements file for taxii service.
15c3cd6
mgoffin and others added 30 commits February 8, 2017 13:12
@mgoffin
Include Campaigns in heatmap which don't have a location.
04b25a8 
Instead of ignoring potentially active campaigns from the heatmap,
bundle them all under an Unknown location.
@moshekaplan
Create CONTRIBUTING.md
c41c65f
@mgoffin
Merge pull request crits#299 from moshekaplan/patch-1
b504051 
Create CONTRIBUTING.md
Simplified lsb_release logic
e0fd8e7
@mgoffin
Merge pull request crits#300 from zdiff/master
4ffd354 
Simplified lsb_release logic
@mgoffin
Merge pull request crits#290 from apolkosnik/patch-4
59b910e 
update requirements for pyimpfuzzy
@mgoffin
Remove ThreatType from export.
f9e5b03 
ThreatExchange no longer supports ThreatType or AttackType. Removing
ThreatType from export and instead adding both Threat and Attack types
as tags on export.
@TheDr1ver
Update relationships_service_all_tab.html
97812c0
@TheDr1ver
Update handlers.py
20211e1
@TheDr1ver
Merge pull request #1 from crits/master
e0d7516 
Update from original
@TheDr1ver
Initial commit
9c24137 
Still needs a LOT of clean-up, but it works when tested with the latest
verison of CRITs and MISP 2.4.69.
@TheDr1ver
Removing API References
215a185
@TheDr1ver
Removing API References
c027ec5
@TheDr1ver
Update TLO types
c731656
@TheDr1ver
Fix adding indicators from Campaigns
359b993
@TheDr1ver
Process emails and grab URIs
4422387
@TheDr1ver
Add URL extraction option
0d3eb52
@TheDr1ver
initial commit for crits-master
f613846
@TheDr1ver
Merge branch 'crits-master'
c7f0fc2
@TheDr1ver
Add Splunk Search Service
2ee9cee
@TheDr1ver
Update __init__.py
044d48b
@TheDr1ver
remove misp_service
c86f803
@TheDr1ver
Remove YarGen service
a1f7510
@TheDr1ver
Easier config
c9fa5a8 
Update README, make easier config file, and add testing script.
@TheDr1ver
README
f651c79
@TheDr1ver
fix JSON in README
003d416
@TheDr1ver
fix searches.json
78a9bd3
@TheDr1ver
updates
ea351b7
@TheDr1ver
Update __init__.py
cc30788
@TheDr1ver
Typo
d5cd3bd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
10 participants
@TheDr1ver @mgoffin @apolkosnik-old @thelok @9b @robertsjw @kuminin @wxsBSD @apolkosnik @moshekaplan