Skip to content

Commit

Permalink
Merge pull request #7 from cs-tan-kucukoglu/patch-1
Browse files Browse the repository at this point in the history 
Ability to filter with alerts and incident fields
  • Loading branch information
@cs-suyog-jinturkar
cs-suyog-jinturkar authored Feb 17, 2023
2 parents ecfca89 + 9aa5041 commit 9e10ade
Show file tree
Hide file tree
Showing 5 changed files with 72 additions and 10 deletions.
19 changes: 17 additions & 2 deletions widget/edit.controller.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@
.module('cybersponse')
.controller('editMitreAttackSpread100Ctrl', editMitreAttackSpread100Ctrl);

editMitreAttackSpread100Ctrl.$inject = ['$scope', '$uibModalInstance', 'config', 'ALL_RECORDS_SIZE', '$state', '$resource', 'API'];
editMitreAttackSpread100Ctrl.$inject = ['$scope', '$uibModalInstance', 'config', 'ALL_RECORDS_SIZE', '$state', '$resource', 'API', 'Entity'];

function editMitreAttackSpread100Ctrl($scope, $uibModalInstance, config, ALL_RECORDS_SIZE, $state, $resource, API) {
function editMitreAttackSpread100Ctrl($scope, $uibModalInstance, config, ALL_RECORDS_SIZE, $state, $resource, API, Entity) {
$scope.cancel = cancel;
$scope.save = save;
$scope.config = config;
Expand All @@ -27,6 +27,8 @@

$scope.enableCoverage = enableCoverage;

$scope.populateCondition = populateCondition;

$scope.groups = {
"module": "mitre_groups", "query": {
"__selectFields": ["name", "mitreId", "techniques"],
Expand Down Expand Up @@ -78,6 +80,8 @@
if ($state.params.page.includes('detail')) {
$scope.toggleDisabled = true;
}

$scope.populateCondition();
}

function toggleTechniques() {
Expand Down Expand Up @@ -139,6 +143,17 @@
}
}

function populateCondition() {
var alerts_entity = new Entity('alerts');
alerts_entity.loadFields().then(function () {
$scope.alerts_fields = alerts_entity.fields;
});
var incidents_entity = new Entity('incidents');
incidents_entity.loadFields().then(function () {
$scope.incidents_fields = incidents_entity.fields;
});
}

function cancel() {
$uibModalInstance.dismiss('cancel');
}
Expand Down
22 changes: 20 additions & 2 deletions widget/edit.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ <h3 class="modal-title col-md-9">MITRE ATT&CK Alert/Incident Spread - Settings</
</div>
<div class="modal-body">
<div class="form-group">
<label for="title" class="control-label">Widget Title</label>
<label for="title" class="control-label font-size-12">Widget Title</label>
<input id="title" name="title" type="text" class="form-control" placeholder="MITRE ATT&CK Alert/Incident Spread"
data-ng-model="config.title">
</div>
Expand All @@ -18,7 +18,7 @@ <h3 class="modal-title col-md-9">MITRE ATT&CK Alert/Incident Spread - Settings</
<span class="custom-toggle-btn-status margin-top-md font-size-12 text-left">Show Alert and Incident
Coverage</span>
<span data-ng-hide="toggleDisabled"
data-uib-tooltip="Enabling this filter will highlight and expand all Techniques and Subtechniques with linked Alerts/Incidents"
data-uib-tooltip="Enabling this filter highlights and expand all Techniques and Subtechniques with linked Alerts/Incidents"
data-tooltip-append-to-body="true"><i class="icon icon-information font-size-12"></i></span>
<span class="custom-toggle-btn-wrapper edit-toggles pull-right">
<span class="custom-toggle-switch-base"
Expand Down Expand Up @@ -135,6 +135,24 @@ <h3 class="modal-title col-md-9">MITRE ATT&CK Alert/Incident Spread - Settings</
</select>
</div>
</div>
<div class="form-group">
<label for="alertFilter" class="control-label font-size-12">Alerts Filter Criteria</label>
<span data-uib-tooltip="Filter criteria applied with this setting results in certain Alerts to be hidden in the widget table"
data-tooltip-append-to-body="true"><i class="icon icon-information font-size-12"></i></span>
<div data-cs-conditional data-fields="alerts_fields" data-reset-field="alerts_fields"
data-mode="'queryFilters'" data-enable-expression="true" data-show-uuid="true" data-ng-model="config.alertsQuery"
data-form-name="'editWidgetForm'" data-parent-form="editWidgetForm"></div>
<div data-cs-messages="editWidgetForm.alertFilter"></div>
</div>
<div class="form-group">
<label for="incidentFilter" class="control-label font-size-12">Incidents Filter Criteria</label>
<span data-uib-tooltip="Filter criteria applied with this setting results in certain Incidents to be hidden in the widget table"
data-tooltip-append-to-body="true"><i class="icon icon-information font-size-12"></i></span>
<div data-cs-conditional data-fields="incidents_fields" data-reset-field="incidents_fields"
data-mode="'queryFilters'" data-enable-expression="true" data-show-uuid="true" data-ng-model="config.incidentsQuery"
data-form-name="'editWidgetForm'" data-parent-form="editWidgetForm"></div>
<div data-cs-messages="editWidgetForm.incidentFilter"></div>
</div>
</div>
<div class="modal-footer">
<button id="edit-widget-save" type="submit" class="btn btn-sm btn-primary"><i
Expand Down
23 changes: 23 additions & 0 deletions widget/view.controller.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,13 @@
]
}
};

if ($scope.config.alertsQuery != undefined && $scope.config.alertsQuery.filters.length != 0 ) {
var old_alerts_filter = {"logic" : $scope.alerts.query.logic, "filters" : $scope.alerts.query.filters};
$scope.alerts.query.logic = "AND";
$scope.alerts.query.filters = [old_alerts_filter, $scope.config.alertsQuery];
}

$scope.incidents = {
"module": "incidents",
"query": {
Expand All @@ -74,6 +81,13 @@
}
};


if ($scope.config.incidentsQuery != undefined && $scope.config.incidentsQuery.filters.length != 0) {
var old_incidents_filter = {"logic": $scope.incidents.query.logic, "filters": $scope.incidents.query.filters};
$scope.incidents.query.logic = "AND";
$scope.incidents.query.filters = [old_incidents_filter, $scope.config.incidentsQuery];
}

// the query is changed for the details page
if ($state.params.page.includes('detail') && $state.params.module === $scope.incidents.module) {
$scope.incidents = {
Expand Down Expand Up @@ -109,6 +123,11 @@
]
}
};

if ($scope.config.incidentsQuery != undefined && $scope.config.incidentsQuery.filters.length != 0) {
$scope.incidents.query.filters.push($scope.config.incidentsQuery);
}

$scope.alerts = {
"module": "alerts",
"query": {
Expand Down Expand Up @@ -142,6 +161,10 @@
]
}
};

if ($scope.config.alertsQuery != undefined && $scope.config.alertsQuery.filters.length != 0) {
$scope.alerts.query.filters.push($scope.config.alertsQuery);
}
}

$scope.getTactics = getTactics;
Expand Down
13 changes: 7 additions & 6 deletions widget/view.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,9 @@ <h5 class="margin-top-0 margin-bottom-0 text-overflow ng-binding">{{ config.titl
<table class="inner-mitre-table" width="100%">
<tr data-ng-repeat="technique in tactic.techniques">
<td
data-ng-class="(technique._show_subtechniques_coverage && config.enableCoverage) || (technique._show_alerts && config.enableCoverage) || (technique._show_incidents && config.enableCoverage) ? 'heatmap mitre-techniques-cells padding-sm' : 'mitre-techniques-cells padding-sm'"
data-ng-class="[(technique._show_subtechniques_coverage && config.enableCoverage) || (technique._show_alerts && config.enableCoverage) || (technique._show_incidents && config.enableCoverage) ? 'heatmap' : '',
currentTheme == 'light' ? 'mitre-techniques-cells-light padding-sm' : 'mitre-techniques-cells padding-sm']"
data-ng-style="(technique._show_subtechniques_coverage && config.enableCoverage) || (technique._show_alerts && config.enableCoverage) || (technique._show_incidents && config.enableCoverage) && currentTheme == 'light' ? {'color': 'white'} : {}"
data-ng-hide="technique._hide || technique._hide_in_detail_view || technique._hide_by_group"
data-ng-click="openRecord(techniques.module, technique['@id'])">
<div class="bold">{{ technique.name }}</div>
Expand Down Expand Up @@ -75,7 +77,7 @@ <h5 class="margin-top-0 margin-bottom-0 text-overflow ng-binding">{{ config.titl
subtechnique.mitreId }}</div>
<br>
<div class="counter-font padding-right-sm padding-left-sm">
<a data-ng-class="currentTheme == 'light' ? {'disable-light': subtechnique._alertCount == 0} : {'disable': subtechnique._alertCount == 0}"
<a data-ng-class="currentTheme == 'light' && !((technique._show_subtechniques_coverage && config.enableCoverage) || (technique._show_alerts && config.enableCoverage) || (technique._show_incidents && config.enableCoverage)) ? {'disable-light': subtechnique._alertCount == 0} : {'disable': subtechnique._alertCount == 0}"
href=""
data-ng-click="toggleShowSubtechniqueRelationships(subtechnique, 'alerts', true); $event.stopPropagation();">
Alerts: {{ subtechnique._alertCount }}</a>
Expand All @@ -99,8 +101,7 @@ <h5 class="margin-top-0 margin-bottom-0 text-overflow ng-binding">{{ config.titl
</div>
<br data-ng-show="subtechnique._show_alerts">
<div class="counter-font padding-right-sm padding-left-sm">
<a data-ng-class="currentTheme == 'light' ? {'disable-light': subtechnique._incidentCount == 0} : {'disable': subtechnique._incidentCount == 0}"
href=""
<a data-ng-class="currentTheme == 'light' && !((technique._show_subtechniques_coverage && config.enableCoverage) || (technique._show_alerts && config.enableCoverage) || (technique._show_incidents && config.enableCoverage)) ? {'disable-light': subtechnique._incidentCount == 0} : {'disable': subtechnique._incidentCount == 0}"
data-ng-click="toggleShowSubtechniqueRelationships(subtechnique, 'incidents', true); $event.stopPropagation();">
Incidents: {{ subtechnique._incidentCount }}</a>
</div>
Expand All @@ -127,7 +128,7 @@ <h5 class="margin-top-0 margin-bottom-0 text-overflow ng-binding">{{ config.titl
</div>
<br data-ng-show="technique._show_subtechniques || technique._show_subtechniques_coverage">
<div class="counter-font">
<a data-ng-class="currentTheme == 'light' ? {'disable-light': technique._alertCount == 0} : {'disable': technique._alertCount == 0}"
<a data-ng-class="currentTheme == 'light' && !((technique._show_subtechniques_coverage && config.enableCoverage) || (technique._show_alerts && config.enableCoverage) || (technique._show_incidents && config.enableCoverage)) ? {'disable-light': technique._alertCount == 0} : {'disable': technique._alertCount == 0}"
href=""
data-ng-click="toggleShowRelationships(technique, 'alerts', true); $event.stopPropagation();">
Alerts: {{ technique._alertCount }}</a>
Expand All @@ -150,7 +151,7 @@ <h5 class="margin-top-0 margin-bottom-0 text-overflow ng-binding">{{ config.titl
</div>
<br data-ng-show="technique._show_alerts">
<div class="counter-font">
<a data-ng-class="currentTheme == 'light' ? {'disable-light': technique._incidentCount == 0} : {'disable': technique._incidentCount == 0}"
<a data-ng-class="currentTheme == 'light' && !((technique._show_subtechniques_coverage && config.enableCoverage) || (technique._show_alerts && config.enableCoverage) || (technique._show_incidents && config.enableCoverage)) ? {'disable-light': technique._incidentCount == 0} : {'disable': technique._incidentCount == 0}"
href=""
data-ng-click="toggleShowRelationships(technique, 'incidents', true); $event.stopPropagation();">
Incidents: {{ technique._incidentCount }}</a>
Expand Down
5 changes: 5 additions & 0 deletions widget/widgetAssets/css/mitreAttackSpread.css
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,11 @@ thead tr:last-of-type {
background-color: #0D1218;
}

.mitre-techniques-cells-light {
border: 1.5px solid #808080;
background-color: white;
}

/* font styling for counters on techniques */
.counter-font {
font-size: 9px;
Expand Down

0 comments on commit 9e10ade

Please sign in to comment.