From f2e36e480d92a316cfd996278135e05a858713ae Mon Sep 17 00:00:00 2001 From: Samuel Hassine Date: Wed, 29 Jan 2020 21:11:00 +0100 Subject: [PATCH] [api/frontend/doc] Enhance the doc and fix bugs (#442, #452, #413) * Sanitize * [documentation] Enhance the documentation * Fix some bugs --- .../docs/development/installation.md | 15 +- .../docs/installation/docker.md | 4 +- .../docs/installation/maintenance.md | 11 ++ opencti-documentation/website/sidebars.json | 1 + opencti-documentation/website/siteConfig.js | 3 + .../version-2.1.3/development/installation.md | 143 ++++++++++++++++++ .../getting-started/achitecture.md | 31 ++++ .../version-2.1.3/installation/docker.md | 133 ++++++++++++++++ .../version-2.1.3/installation/maintenance.md | 12 ++ .../version-2.1.3/installation/manual.md | 98 ++++++++++++ .../version-2.1.3-sidebars.json | 42 +++++ opencti-documentation/website/versions.json | 1 + opencti-platform/opencti-front/package.json | 2 +- ...tixObservableRelationCreationFromEntity.js | 1 + .../stix_relations/StixRelationCreation.js | 9 +- .../StixObservableEntityLine.js | 1 + .../threats/campaigns/CampaignIndicators.js | 4 +- .../threats/malwares/MalwareIndicators.js | 4 +- .../threat_actors/ThreatActorIndicators.js | 4 +- .../opencti-front/src/utils/Relation.js | 13 +- opencti-platform/opencti-graphql/package.json | 2 +- .../1580327794476-clear_cve_tools.js | 40 +++++ opencti-worker/.gitignore | 5 +- 23 files changed, 556 insertions(+), 23 deletions(-) create mode 100644 opencti-documentation/docs/installation/maintenance.md create mode 100644 opencti-documentation/website/versioned_docs/version-2.1.3/development/installation.md create mode 100644 opencti-documentation/website/versioned_docs/version-2.1.3/getting-started/achitecture.md create mode 100644 opencti-documentation/website/versioned_docs/version-2.1.3/installation/docker.md create mode 100644 opencti-documentation/website/versioned_docs/version-2.1.3/installation/maintenance.md create mode 100644 opencti-documentation/website/versioned_docs/version-2.1.3/installation/manual.md create mode 100644 opencti-documentation/website/versioned_sidebars/version-2.1.3-sidebars.json create mode 100644 opencti-platform/opencti-graphql/src/migrations/1580327794476-clear_cve_tools.js diff --git a/opencti-documentation/docs/development/installation.md b/opencti-documentation/docs/development/installation.md index 4161d02026d6..8fb27d09b3ac 100644 --- a/opencti-documentation/docs/development/installation.md +++ b/opencti-documentation/docs/development/installation.md @@ -6,12 +6,17 @@ sidebar_label: Development environment ## Prerequisites -- Docker -- Node.JS (>= 12.* < 13.0.0) -- Python (>= 3) -- Yarn (>= 1.16) +| Component | Version | Link | +| ------------- |-----------------------| ----------------------------------------------------------| +| Docker | `>= 19.*` | https://docs.docker.com/install | +| NodeJS | `>= 12.* && < 13.0.0` | https://nodejs.org/en/download | +| Yarn | `>= 1.16` | https://yarnpkg.com/getting-started/install | +| Python | `>= 3.6` | https://www.python.org/downloads | -### Installation of dependencies (Ubuntu 18.04) + +### Installation of dependencies (Ubuntu 19.10) + +If you are on a version of Debian/Ubuntu prior to 19.04, please refer to this [GIthub issue](https://github.com/OpenCTI-Platform/opencti/issues/413). ```bash $ sudo apt-get install nodejs python3 python3-pip diff --git a/opencti-documentation/docs/installation/docker.md b/opencti-documentation/docs/installation/docker.md index a1cbfbcc840e..6b586b705a21 100644 --- a/opencti-documentation/docs/installation/docker.md +++ b/opencti-documentation/docs/installation/docker.md @@ -29,10 +29,10 @@ And change the variable `OPENCTI_TOKEN` (for the `worker` and all connectors) ac - OPENCTI_TOKEN=ChangeMe ``` -As OpenCTI has a dependency to ElasticSearch, you have to set the `vm.max_map_count` before running the containers, as mentioned in the [ElasticSearch documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html#docker-cli-run-prod-mode). +As OpenCTI has a dependency to ElasticSearch and Grakn, you have to set the `vm.max_map_count` before running the containers, as mentioned in the [ElasticSearch documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html#docker-cli-run-prod-mode). ```bash -$ sysctl -w vm.max_map_count=262144 +$ sysctl -w vm.max_map_count=1048575 ``` ## Run diff --git a/opencti-documentation/docs/installation/maintenance.md b/opencti-documentation/docs/installation/maintenance.md new file mode 100644 index 000000000000..93acab81559f --- /dev/null +++ b/opencti-documentation/docs/installation/maintenance.md @@ -0,0 +1,11 @@ +--- +id: maintenance +title: Maintenance +sidebar_label: Maintenance +--- + +## Reindexing ElasticSearch from Grakn + +```bash +$ yarn index +``` \ No newline at end of file diff --git a/opencti-documentation/website/sidebars.json b/opencti-documentation/website/sidebars.json index d5bf06713f3a..301d012149ab 100644 --- a/opencti-documentation/website/sidebars.json +++ b/opencti-documentation/website/sidebars.json @@ -9,6 +9,7 @@ "installation/docker", "installation/manual", "installation/connectors", + "installation/maintenance", "development/installation" ], "Usage": [ diff --git a/opencti-documentation/website/siteConfig.js b/opencti-documentation/website/siteConfig.js index 80f9b8013085..2b853345a4c3 100644 --- a/opencti-documentation/website/siteConfig.js +++ b/opencti-documentation/website/siteConfig.js @@ -104,6 +104,9 @@ const siteConfig = { // Sidebars docsSideNavCollapsible: true, + + // Edit URL + editURL: 'https://github.com/OpenCTI-Platform/opencti/tree/master/opencti-documentation/docs/' }; module.exports = siteConfig; diff --git a/opencti-documentation/website/versioned_docs/version-2.1.3/development/installation.md b/opencti-documentation/website/versioned_docs/version-2.1.3/development/installation.md new file mode 100644 index 000000000000..7ddbb4ce4346 --- /dev/null +++ b/opencti-documentation/website/versioned_docs/version-2.1.3/development/installation.md @@ -0,0 +1,143 @@ +--- +id: version-2.1.3-installation +title: Development environment installation +sidebar_label: Development environment +original_id: installation +--- + +## Prerequisites + +| Component | Version | Link | +| ------------- |-----------------------| ----------------------------------------------------------| +| Docker | `>= 19.*` | https://docs.docker.com/install | +| NodeJS | `>= 12.* && < 13.0.0` | https://nodejs.org/en/download | +| Yarn | `>= 1.16` | https://yarnpkg.com/getting-started/install | +| Python | `>= 3.6` | https://www.python.org/downloads | + + +### Installation of dependencies (Ubuntu 19.10) + +If you are on a version of Debian/Ubuntu prior to 19.04, please refer to this [GIthub issue](https://github.com/OpenCTI-Platform/opencti/issues/413). + +```bash +$ sudo apt-get install nodejs python3 python3-pip +$ sudo curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add - +$ sudo echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list +$ sudo apt-get update && sudo apt-get install yarn +``` + +### Docker stack + +As OpenCTI has a dependency to ElasticSearch, you have to set the *vm.max_map_count* before running the containers, as mentioned in the [ElasticSearch documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html#docker-cli-run-prod-mode). + +```bash +$ sysctl -w vm.max_map_count=262144 +``` + +Clone the latest version of the dev docker compose and start + +```bash +$ git clone https://github.com/OpenCTI-Platform/docker.git +$ cd docker +$ docker-compose -f ./docker-compose-dev.yml up -d +``` + +## Clone the project + +```bash +$ git clone https://github.com/OpenCTI-Platform/opencti.git +$ cd opencti +``` + +## Application dependencies + +### Install the API dependencies + +```bash +$ cd opencti-platform/opencti-graphql +$ yarn install +``` + +### Install the frontend dependencies +```bash +$ cd ../opencti-front +$ yarn install +``` + +### Install the worker dependencies + +```bash +$ cd ../../opencti-worker/src +$ pip3 install -r requirements.txt +``` + +## Config and run + +### GraphQL API + +#### Configure + +```bash +$ cd ../../opencti-platform/opencti-graphql +$ cp config/default.json config/development.json +``` +By default the configuration match the docker stack configuration. +You just need to change the user part: +```bash +"admin": { + "email": "admin@opencti.io", + "password": "ChangeMe", + "token": "ChangeMe" +} +``` + +#### Start + +```bash +$ cd opencti-graphql +$ yarn start +``` + +The first execution will create and migrate the schema. + +### Worker + +#### Configure + +```bash +$ cd opencti-worker +$ cp config.yml.sample config.yml +``` +Change the *config.yml* file according to your + +#### Start + +```bash +$ python3 worker.py & +``` + +### Frontend + +#### Start + +```bash +$ cd opencti-frontend +$ yarn start +``` + +## Build for production use + +### Build the application + +```bash +$ cd opencti-frontend +$ yarn build +$ cd ../opencti-graphql +$ yarn build +``` + +### Start the production package + +```bash +$ yarn serv +``` diff --git a/opencti-documentation/website/versioned_docs/version-2.1.3/getting-started/achitecture.md b/opencti-documentation/website/versioned_docs/version-2.1.3/getting-started/achitecture.md new file mode 100644 index 000000000000..1c2e8a9915ef --- /dev/null +++ b/opencti-documentation/website/versioned_docs/version-2.1.3/getting-started/achitecture.md @@ -0,0 +1,31 @@ +--- +id: version-2.1.3-architecture +title: Architecture of the application +sidebar_label: Architecture +original_id: architecture +--- + +The OpenCTI platform relies on several external databases and services in order to work. + +![Architecture](assets/getting-started/architecture.png "Architecture") + +## The GraphQL API + +The API is the central part of the OpenCTI platorm, allowing the *clients* (including the *frontend*) to interact with the *databases* and the *brokers*. Built in NodeJS, it implements the [GraphQL](https://graphql.org/) query language. As the API has not a full documentation for the moment, you can explore the available methods and parameters through a GraphQL playground. An example is available on the [demonstration instance](https://demo.opencti.io/graphql). + +## The write workers + +The workers are standalone Python processes that just consume messages from the RabbitMQ broker in order to do asynchroneous write queries. You can launch as many workers as you need to increase the write performances. + +> Since `Grakn 1.6.1`, there is no more race conditions on duplicate keys, so we strongly advise you to launch more than one worker. + +## The connectors + +The connectors are third-party softwares (Python processes) that can play 4 different roles on the platform: + +| Type | Description | Examples | +| ----------------------- |----------------------------------------------------------------------------------------------| ------------------------------------------------------------------------------| +| `EXTERNAL_IMPORT` | Pull data from remote sources, convert it to STIX2 and insert it on the OpenCTI platform. | MITRE, MISP, CVE, AlienVault, FireEye, etc. | +| `INTERNAL_IMPORT_FILE` | Extract data from files uploaded on OpenCTI trough the UI or the API. | Extract indicators from PDFs, STIX2 import, etc. | +| `INTERNAL_ENRICHMENT` | Listen for new OpenCTI entities or users requests, pull data from remote sources to enrich. | Enrichment of observables though external servies, entities updates, etc. | +| `INTERNAL_EXPORT_FILE` | Generate export from OpenCTI data, based on listing entities or one entity and its relations.| STIX2 export, PDF export, CSV list generation, etc. | \ No newline at end of file diff --git a/opencti-documentation/website/versioned_docs/version-2.1.3/installation/docker.md b/opencti-documentation/website/versioned_docs/version-2.1.3/installation/docker.md new file mode 100644 index 000000000000..28dc04ca26ce --- /dev/null +++ b/opencti-documentation/website/versioned_docs/version-2.1.3/installation/docker.md @@ -0,0 +1,133 @@ +--- +id: version-2.1.3-docker +title: Docker installation +sidebar_label: Using Docker +original_id: docker +--- + +OpenCTI could be deployed using the *docker-compose* command. + +## Clone the repository + +```bash +$ mkdir /path/to/your/app && cd /path/to/your/app +$ git clone https://github.com/OpenCTI-Platform/docker.git +$ cd docker +``` + +### Configure the environment + +Before running the docker-compose command, please change the admin token (this token must be a [valid UUID](https://www.uuidgenerator.net/)) and password of the application in the file `docker-compose.yml`: + +```yaml +- APP__ADMIN__PASSWORD=ChangeMe +- APP__ADMIN__TOKEN=ChangeMe +``` + +And change the variable `OPENCTI_TOKEN` (for the `worker` and all connectors) according to the value of `APP__ADMIN__TOKEN` + +```yaml +- OPENCTI_TOKEN=ChangeMe +``` + +As OpenCTI has a dependency to ElasticSearch and Grakn, you have to set the `vm.max_map_count` before running the containers, as mentioned in the [ElasticSearch documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html#docker-cli-run-prod-mode). + +```bash +$ sysctl -w vm.max_map_count=1048575 +``` + +## Run + +In order to have the best experience with Docker, we recommend to use the Docker stack feature. In this mode we will have the capacity to easily scale your deployment. + +### In Swarm or Kubernetes + +```bash +$ docker stack deploy -c docker-compose.yml opencti +``` + +### In standard Docker +```bash +$ docker-compose --compatibility up +``` + +You can now go to http://localhost:8080 and log in with the credentials configured in your environment variables. + +### Behind a reverse proxy + +If you want to use OpenCTI behind a reverse proxy with a context path, like `https://myproxy.com/opencti`, please change the base_path configuration. + +```yaml +- APP__BASE_PATH=/opencti +``` +By default OpenCTI use Websockets so dont forget to configure your proxy for this usage. + + +## Data persistence + +If you wish your OpenCTI data to be persistent in production, you should be aware of the `volumes` section for `Grakn`, `ElasticSearch` and `MinIO` services in the `docker-compose.yml`. + +Here is an example of volumes configuration: + +```yaml +volumes: + grakndata: + driver: local + driver_opts: + o: bind + type: none + esdata: + driver: local + driver_opts: + o: bind + type: none + s3data: + driver: local + driver_opts: + o: bind + type: none +``` + +## Memory configuration + +OpenCTI default `docker-compose.yml` file does not provide any specific memory configuration. But if you want to adapt some dependencies configuration, you can find some links below. + +### OpenCTI - Platform + +OpenCTI platform is based on a NodeJS runtime, with a memory limit of **512MB by default**. We do not provide any option to change this limit today. If you encounter any `OutOfMemory` exception, please open a [Github issue](https://github.com/OpenCTI-Platform/opencti/issues/new?assignees=&labels=&template=bug_report.md&title=). + +### OpenCTI - Workers and connectors + +OpenCTI workers and connectors are Python processes. If you want to limit the memory of the process we recommend to directly use Docker to do that. You can find more information in the [official Docker documentation](https://docs.docker.com/compose/compose-file/). + +> If you do not use Docker stack, think about `--compatibility` option. + +### Grakn + +Grakn is a JAVA process that rely on Cassandra (also a JAVA process). In order to setup the JAVA memory allocation, you can use the environment variable `SERVER_JAVAOPTS` and `STORAGE_JAVAOPTS`. + +> The current recommendation is `-Xms4G` for both options. + +You can find more information in the [official Grakn documentation](https://dev.grakn.ai/docs). + +### ElasticSearch + +ElasticSearch is also a JAVA process. In order to setup the JAVA memory allocation, you can use the environment variable `ES_JAVA_OPTS`. + +> The minimal recommended option today is `-Xms512M -Xmx512M`. + +You can find more information in the [official ElasticSearch documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html). + +### Redis + +Redis has a very small footprint and only provides an option to limit the maximum amount of memory that can be used by the process. You can use the option `--maxmemory` to limit the usage. + +You can find more information in the [Redis docker hub](https://hub.docker.com/r/bitnami/redis/). + +### MinIO + +MinIO is a small process and does not require a high amount of memory. More information are available for Linux here on the [Kernel tuning guide](https://github.com/minio/minio/tree/master/docs/deployment/kernel-tuning). + +### RabbitMQ + +The RabbitMQ memory configuration can be find in the [RabbitMQ official documentation](https://www.rabbitmq.com/memory.html). Basically RabbitMQ will consumed memory until a specific threshold. So it should be configure along with the Docker memory limitation. diff --git a/opencti-documentation/website/versioned_docs/version-2.1.3/installation/maintenance.md b/opencti-documentation/website/versioned_docs/version-2.1.3/installation/maintenance.md new file mode 100644 index 000000000000..3e70aa47e42a --- /dev/null +++ b/opencti-documentation/website/versioned_docs/version-2.1.3/installation/maintenance.md @@ -0,0 +1,12 @@ +--- +id: version-2.1.3-maintenance +title: Maintenance +sidebar_label: Maintenance +original_id: maintenance +--- + +## Reindexing ElasticSearch from Grakn + +```bash +$ yarn index +``` \ No newline at end of file diff --git a/opencti-documentation/website/versioned_docs/version-2.1.3/installation/manual.md b/opencti-documentation/website/versioned_docs/version-2.1.3/installation/manual.md new file mode 100644 index 000000000000..19147176e034 --- /dev/null +++ b/opencti-documentation/website/versioned_docs/version-2.1.3/installation/manual.md @@ -0,0 +1,98 @@ +--- +id: version-2.1.3-manual +title: Manual installation +sidebar_label: Manual deployment +original_id: manual +--- + +## Prerequisites + +| Component | Version | Link | +| ------------- |-----------------------| ----------------------------------------------------------| +| NodeJS | `>= 12.* && < 13.0.0` | https://nodejs.org/en/download | +| Python | `>= 3.6` | https://www.python.org/downloads | +| Grakn Core | `=== 1.6.1` | https://grakn.ai/download#core | +| ElasticSearch | `>= 7.5` | https://www.elastic.co/downloads/elasticsearch | +| MinIO | `>= 20191012` | https://min.io/download | +| Redis | `>= 3.0` | https://redis.io/download | +| RabbitMQ | `>= 3.7` | https://www.rabbitmq.com/download.html | + +## Prepare the installation + +### Installation of dependencies + +You have to install all the needed dependencies for the main application and the workers. The example below if for Ubuntu: + +```bash +$ sudo apt-get install nodejs npm python3 python3-pip +``` + +### Download the application files + +Download and extract the latest release file. + +```bash +$ mkdir /path/to/your/app && cd /path/to/your/app +$ wget https://github.com/OpenCTI-Platform/opencti/releases/download/{RELEASE_VERSION}/opencti-release-{RELEASE_VERSION}.tar.gz +$ tar xvfz opencti-release-{RELEASE_VERSION}.tar.gz +``` + +## Install the main platform + +### Configure the application + +The main application has just one JSON configuration file to change and a few Python modules to install + +```bash +$ cd opencti +$ cp config/default.json config/production.json +``` + +Change the *config/production.json* file according to your configuration of Grakn, Redis, ElasticSearch, RabbitMQ and default credentials (the `ADMIN_TOKEN` must be a [valid UUID](https://www.uuidgenerator.net/)). + +### Install the Python modules +```bash +$ cd src/utils/stix2 +$ pip3 install -r requirements.txt +$ cd ../../.. +``` + +### Start the application + +The application is just a NodeJS process, the creation of the database schema and the migration will be done at starting. + +```bash +$ yarn serv +``` + +The default username and password are those you put in the `config/production.json` file. + +## Install the worker + +The OpenCTI worker is used to write the data coming from the RabbitMQ messages broker. + +#### Configure the worker + +```bash +$ cd worker +$ pip3 install -r requirements.txt +$ cp config.yml.sample config.yml +``` + +Change the *config.yml* file according to your OpenCTI token. + +#### Start as many workers as you need +```bash +$ python3 worker.py & +$ python3 worker.py & +``` + +## Upgrade the platform + +> If you are upgrading from Grakn 1.5.9 to Grakn 1.6.1, you need to be aware of the manual migration procedure for keep your old data, as documented in the [Grakn documentation](https://dev.grakn.ai/docs/running-grakn/install-and-run). + +When upgrading the platform, you have to replace all files and restart the platform, the schema migrations will be done automatically: + +```bash +$ yarn serv +``` \ No newline at end of file diff --git a/opencti-documentation/website/versioned_sidebars/version-2.1.3-sidebars.json b/opencti-documentation/website/versioned_sidebars/version-2.1.3-sidebars.json new file mode 100644 index 000000000000..07670ef0b3ec --- /dev/null +++ b/opencti-documentation/website/versioned_sidebars/version-2.1.3-sidebars.json @@ -0,0 +1,42 @@ +{ + "version-2.1.3-docs": { + "Getting Started": [ + "version-2.1.3-getting-started/introduction", + "version-2.1.3-getting-started/architecture", + "version-2.1.3-getting-started/requirements" + ], + "Installation": [ + "version-2.1.3-installation/docker", + "version-2.1.3-installation/manual", + "version-2.1.3-installation/connectors", + "version-2.1.3-installation/maintenance", + "version-2.1.3-development/installation" + ], + "Usage": [ + "version-2.1.3-usage/overview", + "version-2.1.3-usage/model", + "version-2.1.3-usage/knowledge-create", + "version-2.1.3-usage/reports-create", + "version-2.1.3-usage/report-knowledge" + ], + "Reference": [ + "version-2.1.3-reference/relations", + "version-2.1.3-reference/inferences" + ], + "Development": [ + "version-2.1.3-development/connectors" + ], + "Client libraries": [ + "version-2.1.3-python", + { + "type": "subcategory", + "label": "Python", + "ids": [ + "version-2.1.3-clients/python/overview", + "version-2.1.3-clients/python/guide", + "version-2.1.3-clients/python/reference" + ] + } + ] + } +} diff --git a/opencti-documentation/website/versions.json b/opencti-documentation/website/versions.json index 2a8620fca21f..5e5bf06863bf 100644 --- a/opencti-documentation/website/versions.json +++ b/opencti-documentation/website/versions.json @@ -1,4 +1,5 @@ [ + "2.1.3", "2.1.2", "2.1.1", "2.1.0", diff --git a/opencti-platform/opencti-front/package.json b/opencti-platform/opencti-front/package.json index 9670b378e62b..14a5e39f8f68 100644 --- a/opencti-platform/opencti-front/package.json +++ b/opencti-platform/opencti-front/package.json @@ -1,6 +1,6 @@ { "name": "opencti-front", - "version": "2.1.3", + "version": "2.1.4", "author": "Luatix", "license": "Apache-2.0", "dependencies": { diff --git a/opencti-platform/opencti-front/src/private/components/common/stix_observable_relations/StixObservableRelationCreationFromEntity.js b/opencti-platform/opencti-front/src/private/components/common/stix_observable_relations/StixObservableRelationCreationFromEntity.js index a96103ace762..2106e4411994 100644 --- a/opencti-platform/opencti-front/src/private/components/common/stix_observable_relations/StixObservableRelationCreationFromEntity.js +++ b/opencti-platform/opencti-front/src/private/components/common/stix_observable_relations/StixObservableRelationCreationFromEntity.js @@ -372,6 +372,7 @@ class StixObservableRelationCreationFromEntity extends Component { const relationshipTypes = resolveRelationsTypes( fromEntity.entity_type, toEntity.entity_type, + false, ); const defaultRelationshipType = head(relationshipTypes) ? head(relationshipTypes) diff --git a/opencti-platform/opencti-front/src/private/components/common/stix_relations/StixRelationCreation.js b/opencti-platform/opencti-front/src/private/components/common/stix_relations/StixRelationCreation.js index 14e0e5b3bdbb..d2cf36c5c5cf 100644 --- a/opencti-platform/opencti-front/src/private/components/common/stix_relations/StixRelationCreation.js +++ b/opencti-platform/opencti-front/src/private/components/common/stix_relations/StixRelationCreation.js @@ -40,6 +40,7 @@ import Autocomplete from '../../../../components/Autocomplete'; import DatePickerField from '../../../../components/DatePickerField'; import { markingDefinitionsLinesSearchQuery } from '../../settings/marking_definitions/MarkingDefinitionsLines'; import { killChainPhasesSearchQuery } from '../../settings/KillChainPhases'; +import { truncate } from '../../../../utils/String'; const styles = (theme) => ({ drawerPaper: { @@ -370,7 +371,9 @@ class StixRelationCreation extends Component {
- {from.name} + + {truncate(from.name, 20)} +
@@ -400,7 +403,9 @@ class StixRelationCreation extends Component {
{t(`entity_${to.type}`)}
- {to.name} + + {truncate(to.name, 20)} +
diff --git a/opencti-platform/opencti-front/src/private/components/signatures/stix_observables/StixObservableEntityLine.js b/opencti-platform/opencti-front/src/private/components/signatures/stix_observables/StixObservableEntityLine.js index 70c73c806c4d..bd00b640d3fd 100644 --- a/opencti-platform/opencti-front/src/private/components/signatures/stix_observables/StixObservableEntityLine.js +++ b/opencti-platform/opencti-front/src/private/components/signatures/stix_observables/StixObservableEntityLine.js @@ -54,6 +54,7 @@ class StixObservableEntityLineComponent extends Component { displayRelation, entityId, } = this.props; + console.log(node); const link = node.to.parent_types.includes('stix_relation') ? `/dashboard/observables/all/${entityId}/knowledge/relations/${node.id}` : `${resolveLink(node.to.entity_type)}/${ diff --git a/opencti-platform/opencti-front/src/private/components/threats/campaigns/CampaignIndicators.js b/opencti-platform/opencti-front/src/private/components/threats/campaigns/CampaignIndicators.js index e2b0dac42e92..63a335b44fc4 100644 --- a/opencti-platform/opencti-front/src/private/components/threats/campaigns/CampaignIndicators.js +++ b/opencti-platform/opencti-front/src/private/components/threats/campaigns/CampaignIndicators.js @@ -23,8 +23,8 @@ const styles = () => ({ paper: { height: '100%', minHeight: '100%', - margin: '5px 0 40px 0', - padding: '15px', + margin: '5px 0 0 0', + padding: '25px 15px 15px 15px', borderRadius: 6, }, }); diff --git a/opencti-platform/opencti-front/src/private/components/threats/malwares/MalwareIndicators.js b/opencti-platform/opencti-front/src/private/components/threats/malwares/MalwareIndicators.js index 51faef22ce36..1e6738988ae0 100644 --- a/opencti-platform/opencti-front/src/private/components/threats/malwares/MalwareIndicators.js +++ b/opencti-platform/opencti-front/src/private/components/threats/malwares/MalwareIndicators.js @@ -23,8 +23,8 @@ const styles = () => ({ paper: { height: '100%', minHeight: '100%', - margin: '5px 0 40px 0', - padding: '15px', + margin: '5px 0 0 0', + padding: '25px 15px 15px 15px', borderRadius: 6, }, }); diff --git a/opencti-platform/opencti-front/src/private/components/threats/threat_actors/ThreatActorIndicators.js b/opencti-platform/opencti-front/src/private/components/threats/threat_actors/ThreatActorIndicators.js index 73fcc16add55..144a2a787191 100644 --- a/opencti-platform/opencti-front/src/private/components/threats/threat_actors/ThreatActorIndicators.js +++ b/opencti-platform/opencti-front/src/private/components/threats/threat_actors/ThreatActorIndicators.js @@ -23,8 +23,8 @@ const styles = () => ({ paper: { height: '100%', minHeight: '100%', - margin: '5px 0 40px 0', - padding: '15px', + margin: '5px 0 0 0', + padding: '25px 15px 15px 15px', borderRadius: 6, }, }); diff --git a/opencti-platform/opencti-front/src/utils/Relation.js b/opencti-platform/opencti-front/src/utils/Relation.js index 6cf3daaf7536..6238fab016aa 100644 --- a/opencti-platform/opencti-front/src/utils/Relation.js +++ b/opencti-platform/opencti-front/src/utils/Relation.js @@ -110,9 +110,16 @@ const relationsTypesMapping = { 'file-sha256_file-sha1': ['corresponds'], }; -export const resolveRelationsTypes = (fromType, toType) => (relationsTypesMapping[`${fromType}_${toType}`] - ? append('related-to', relationsTypesMapping[`${fromType}_${toType}`]) - : ['related-to']); +export const resolveRelationsTypes = (fromType, toType, relatedTo = true) => { + if (relatedTo) { + return relationsTypesMapping[`${fromType}_${toType}`] + ? append('related-to', relationsTypesMapping[`${fromType}_${toType}`]) + : ['related-to']; + } + return relationsTypesMapping[`${fromType}_${toType}`] + ? relationsTypesMapping[`${fromType}_${toType}`] + : []; +}; export const resolveRoles = (type) => { switch (type) { diff --git a/opencti-platform/opencti-graphql/package.json b/opencti-platform/opencti-graphql/package.json index 67aa33a6fd90..da30f29801c3 100644 --- a/opencti-platform/opencti-graphql/package.json +++ b/opencti-platform/opencti-graphql/package.json @@ -1,6 +1,6 @@ { "name": "opencti-graphql", - "version": "2.1.3", + "version": "2.1.4", "main": "src/server.js", "author": "Luatix", "license": "Apache-2.0", diff --git a/opencti-platform/opencti-graphql/src/migrations/1580327794476-clear_cve_tools.js b/opencti-platform/opencti-graphql/src/migrations/1580327794476-clear_cve_tools.js new file mode 100644 index 000000000000..b4e684e29d2b --- /dev/null +++ b/opencti-platform/opencti-graphql/src/migrations/1580327794476-clear_cve_tools.js @@ -0,0 +1,40 @@ +import { Promise } from 'bluebird'; +import { last } from 'ramda'; +import { findAll as findAllTools } from '../domain/tool'; +import { stixDomainEntityDelete } from '../domain/stixDomainEntity'; +import { logger } from '../config/conf'; + +export const up = async next => { + logger.info(`[MIGRATION] clean_cve_tool > Starting cleaning...`); + logger.info(`[MIGRATION] clean_cve_tool > Cleaning tools in batchs of 100`); + let hasMore = true; + let currentCursor = null; + while (hasMore) { + logger.info(`[MIGRATION] clean_cve_tool > Cleaning tools at cursor ${currentCursor}`); + const tools = await findAllTools({ + filters: [{ key: 'name', values: ['CVE-*'], operator: 'match' }], + first: 500, + after: currentCursor, + orderAsc: true, + orderBy: 'name' + }); + await Promise.all( + tools.edges.map(toolEdge => { + const tool = toolEdge.node; + return stixDomainEntityDelete(tool.id); + }) + ); + if (last(tools.edges)) { + currentCursor = last(tools.edges).cursor; + hasMore = tools.pageInfo.hasNextPage; + } else { + hasMore = false; + } + } + logger.info(`[MIGRATION] clean_cve_tool > Migration complete`); + next(); +}; + +export const down = async next => { + next(); +}; diff --git a/opencti-worker/.gitignore b/opencti-worker/.gitignore index 9317bd74368e..e8abed8692d3 100644 --- a/opencti-worker/.gitignore +++ b/opencti-worker/.gitignore @@ -1,4 +1,3 @@ -config.yml +.idea __pycache__ -logs -*.gql \ No newline at end of file +config.yml