-
Notifications
You must be signed in to change notification settings - Fork 187
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature] Mitre Att&ck Intelligence + adapt Framework #3368
[Feature] Mitre Att&ck Intelligence + adapt Framework #3368
Conversation
- Created Intelligence tab in Mitre Att&ck Module - Created left and right panel - Created resource button for the left panel - Created search bar for searhin in all resources - Created list of each resource
improvements - Modify the Search results view - Improve useAsyncAction hook - Add Mitre Att&ck Intelligence to Agent modules component - Improve TableWithSearchBar component to accept filters as props - Refactor Mitre Atta&ck resources - Refator PanelSplit component - Fix filtersToObject helper - Update test
- Create Markdown component - Apply the Markdown component to the resource description in the resouce table
- Added to left panel - Added resource view
…ove Reference resource
…s://github.com/wazuh/wazuh-kibana-app into feature/change-tactis-and-techniques-resources
When selecting a link from the description of any group/technique/tactics ... first a flyout opens and then it redirects you to the official Mitre page, perhaps it could be controlled so that in these cases, the flyout does not appear From what I see, in the Intelligence tab, the agent selector is not used at all, perhaps it could be hidden. And when an agent is pinned the same. |
…ues-resources Feature/change tactis and techniques resources
…ls flyout - Change how to open the resource details flyout - Refactor some componentes properties - Removed not used code
Changes
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
there are several new components without unit test
also, there are names of the files and components too long with the repeated name of theirs parent folder please keep it easy to read, I mean it must be between a descriptive but assertive name
<EuiToolTip | ||
position="top" | ||
content={ | ||
"Open " + tactic.name + " details in a Intelligence section" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
spell
details in the Intelligence section
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed and replaced by template string
...onents/overview/mitre/components/techniques/components/flyout-technique/flyout-technique.tsx
Outdated
Show resolved
Hide resolved
public/components/overview/mitre/components/techniques/techniques.tsx
Outdated
Show resolved
Hide resolved
@@ -0,0 +1,48 @@ | |||
/* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the name of the files are too long
mitre_attack_intelligence
is repeated from the parent folder maybe is not necessary for the name of the file
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reduced the length of file names
...onents/overview/mitre_attack_intelligence/module_mitre_attack_intelligence_all_resources.tsx
Outdated
Show resolved
Hide resolved
public/components/overview/mitre_attack_intelligence/module_mitre_intelligence.test.tsx
Outdated
Show resolved
Hide resolved
I have found this behavior, if we do a search and we see more results and then we change the table, we lose the filter. The same happens if we click on the table we were seeing again. BehaviorStrangeMitre-2021-06-15_15.56.26.mp4 |
Fixed. I changed how to open the resource details flyout to let clicking on the possible links that could contain the
At the moment, we aren't modifing this. But make sense to do it. |
} | ||
|
||
buildObjTechniques(techniques){ | ||
const techniquesObj = [] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
semicolon
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added the semicolon
mitreTechniqueID ? techniquesObj.push({ id : mitreTechniqueID, name: mitreTechniqueName}) : ''; | ||
} | ||
}); | ||
return techniquesObj |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
semicolon
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added the semicolon
@frankeros , do we really want to simplify the name of components? I think they are descriptive, and I am not sure if we simplify them, it could collision with other possible future components or be not very descriptive, doing the searching in code of them harder. If I get an example of a name, I will rename them. |
- Add tests for: - Components: Markdown, PanelSplit - React Hooks: useAsyncAction - Renamed files - Add justification for using dangerouslySetInnerHTML property - Refactor requests to get mitre techniques - Fix tooltips to open tactic/technique details in Framework - Added some missing semicolon - Fix CSS class wz-markdown-wrapper name
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Great work!!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
* refactor in vulnerabilities table component * refactor code in vuls inventory and add new table component with export csv * adapat table * finished refactor table component * delete console logs and fix wrong version * add new fields in suggestions * add changelog * changes in component table and remove status and type columns * fix columns position * feat(mitre): Add Mitre Att&ck intelligence section - Created Intelligence tab in Mitre Att&ck Module - Created left and right panel - Created resource button for the left panel - Created search bar for searhin in all resources - Created list of each resource * feat(mitre_intelligence): Modify the search results view and another improvements - Modify the Search results view - Improve useAsyncAction hook - Add Mitre Att&ck Intelligence to Agent modules component - Improve TableWithSearchBar component to accept filters as props - Refactor Mitre Atta&ck resources - Refator PanelSplit component - Fix filtersToObject helper - Update test * feat(mitre_att&ck_intelligence): Render description as markdown - Create Markdown component - Apply the Markdown component to the resource description in the resouce table * feat(mitre_atta&ck_intelligence): Add like operator to search resource by description * change endpoint and adapt component in mitre * fix flyout * feat(mirte_att&ck_integillence): Add the References resource - Added to left panel - Added resource view * add redirect to intelligence * fix merge * fix merge flyout * fix package version * fix(mitre_att&ck_intelligence): Organize resource suggestions and remove Reference resource * fix PR comments and add intelligence section redirect * Created new Mitre flyout * Changelog * fix comments PR * add redirect values in query params * apply prettier * Resolving comments and upgrading code * Applying comments upgrades to references table * Applying more upgrade comments * fix(mitre_intelligence): Remove the Promise.reject in resource details flyout * clear comments and imports * fix error handler techniques * delete session storage * delete files and fix get techniques data * Created new Mitre flyout (#3344) * Created new Mitre flyout * Changelog * Erasing comments * Erasing console.log * Resolving comments and upgrading code * Applying comments upgrades to references table * Applying more upgrade comments * fix(mitre_intelligence): Remove the Promise.reject in resource details flyout Co-authored-by: Antonio David Gutiérrez <antonio.gutierrez@wazuh.com> * fix redirect flyout to rules * feat(frontend/mitre_att&ck_intelligence): Removed welcome intelligence - Removed welcome intelligence view and adjustments when doing a general search - Set a resource type as selected - Update test * fix comments PR * fix(mitre_att&ck_intelligence): Change how to open the resource details flyout - Change how to open the resource details flyout - Refactor some componentes properties - Removed not used code * changelog: Added PR to chengelog * Update CHANGELOG.md * fix(mitre_att&ck_intelligence): Fix error in table-default.tsx * fix(mitre_att&ck_intelligence): PR request changes: - Add tests for: - Components: Markdown, PanelSplit - React Hooks: useAsyncAction - Renamed files - Add justification for using dangerouslySetInnerHTML property - Refactor requests to get mitre techniques - Fix tooltips to open tactic/technique details in Framework - Added some missing semicolon - Fix CSS class wz-markdown-wrapper name * fix get mitre Techniques from api Co-authored-by: eze9252 <eze9252@gmail.com> Co-authored-by: CPAlejandro <cuellarpeinado@gmail.com> Co-authored-by: Alejandro Cuéllar Peinado <alejandro.cuellar@wazuh.com> Co-authored-by: Ezequiel Airaudo <36004787+eze9252@users.noreply.github.com> Co-authored-by: Franco Charriol <franco.charriol@wazuh.com>
* refactor in vulnerabilities table component * refactor code in vuls inventory and add new table component with export csv * adapat table * finished refactor table component * delete console logs and fix wrong version * add new fields in suggestions * add changelog * changes in component table and remove status and type columns * fix columns position * feat(mitre): Add Mitre Att&ck intelligence section - Created Intelligence tab in Mitre Att&ck Module - Created left and right panel - Created resource button for the left panel - Created search bar for searhin in all resources - Created list of each resource * feat(mitre_intelligence): Modify the search results view and another improvements - Modify the Search results view - Improve useAsyncAction hook - Add Mitre Att&ck Intelligence to Agent modules component - Improve TableWithSearchBar component to accept filters as props - Refactor Mitre Atta&ck resources - Refator PanelSplit component - Fix filtersToObject helper - Update test * feat(mitre_att&ck_intelligence): Render description as markdown - Create Markdown component - Apply the Markdown component to the resource description in the resouce table * feat(mitre_atta&ck_intelligence): Add like operator to search resource by description * change endpoint and adapt component in mitre * fix flyout * feat(mirte_att&ck_integillence): Add the References resource - Added to left panel - Added resource view * add redirect to intelligence * fix merge * fix merge flyout * fix package version * fix(mitre_att&ck_intelligence): Organize resource suggestions and remove Reference resource * fix PR comments and add intelligence section redirect * Created new Mitre flyout * Changelog * fix comments PR * add redirect values in query params * apply prettier * Resolving comments and upgrading code * Applying comments upgrades to references table * Applying more upgrade comments * fix(mitre_intelligence): Remove the Promise.reject in resource details flyout * clear comments and imports * fix error handler techniques * delete session storage * delete files and fix get techniques data * Created new Mitre flyout (#3344) * Created new Mitre flyout * Changelog * Erasing comments * Erasing console.log * Resolving comments and upgrading code * Applying comments upgrades to references table * Applying more upgrade comments * fix(mitre_intelligence): Remove the Promise.reject in resource details flyout Co-authored-by: Antonio David Gutiérrez <antonio.gutierrez@wazuh.com> * fix redirect flyout to rules * feat(frontend/mitre_att&ck_intelligence): Removed welcome intelligence - Removed welcome intelligence view and adjustments when doing a general search - Set a resource type as selected - Update test * fix comments PR * fix(mitre_att&ck_intelligence): Change how to open the resource details flyout - Change how to open the resource details flyout - Refactor some componentes properties - Removed not used code * changelog: Added PR to chengelog * Update CHANGELOG.md * fix(mitre_att&ck_intelligence): Fix error in table-default.tsx * fix(mitre_att&ck_intelligence): PR request changes: - Add tests for: - Components: Markdown, PanelSplit - React Hooks: useAsyncAction - Renamed files - Add justification for using dangerouslySetInnerHTML property - Refactor requests to get mitre techniques - Fix tooltips to open tactic/technique details in Framework - Added some missing semicolon - Fix CSS class wz-markdown-wrapper name * fix get mitre Techniques from api Co-authored-by: eze9252 <eze9252@gmail.com> Co-authored-by: CPAlejandro <cuellarpeinado@gmail.com> Co-authored-by: Alejandro Cuéllar Peinado <alejandro.cuellar@wazuh.com> Co-authored-by: Ezequiel Airaudo <36004787+eze9252@users.noreply.github.com> Co-authored-by: Franco Charriol <franco.charriol@wazuh.com>
* feat(error-orchestrator): Implement try catch strategy on WzLog + Prettier * feat(error-orchestrator): Fixed contexts * feat(error-orchestrator): Improved use of ErrorOrchestratorService * bugfix(error-orchestrator): Fixed error message. * Added lowercase levels in storeError (#3377) * Added lowercase levels in storeError * Updated CHANGELOG Co-authored-by: Ibarra Maximiliano <maximiliano.ibarra@wazuh.com> * [Feature] Mitre Att&ck Intelligence + adapt Framework (#3368) * refactor in vulnerabilities table component * refactor code in vuls inventory and add new table component with export csv * adapat table * finished refactor table component * delete console logs and fix wrong version * add new fields in suggestions * add changelog * changes in component table and remove status and type columns * fix columns position * feat(mitre): Add Mitre Att&ck intelligence section - Created Intelligence tab in Mitre Att&ck Module - Created left and right panel - Created resource button for the left panel - Created search bar for searhin in all resources - Created list of each resource * feat(mitre_intelligence): Modify the search results view and another improvements - Modify the Search results view - Improve useAsyncAction hook - Add Mitre Att&ck Intelligence to Agent modules component - Improve TableWithSearchBar component to accept filters as props - Refactor Mitre Atta&ck resources - Refator PanelSplit component - Fix filtersToObject helper - Update test * feat(mitre_att&ck_intelligence): Render description as markdown - Create Markdown component - Apply the Markdown component to the resource description in the resouce table * feat(mitre_atta&ck_intelligence): Add like operator to search resource by description * change endpoint and adapt component in mitre * fix flyout * feat(mirte_att&ck_integillence): Add the References resource - Added to left panel - Added resource view * add redirect to intelligence * fix merge * fix merge flyout * fix package version * fix(mitre_att&ck_intelligence): Organize resource suggestions and remove Reference resource * fix PR comments and add intelligence section redirect * Created new Mitre flyout * Changelog * fix comments PR * add redirect values in query params * apply prettier * Resolving comments and upgrading code * Applying comments upgrades to references table * Applying more upgrade comments * fix(mitre_intelligence): Remove the Promise.reject in resource details flyout * clear comments and imports * fix error handler techniques * delete session storage * delete files and fix get techniques data * Created new Mitre flyout (#3344) * Created new Mitre flyout * Changelog * Erasing comments * Erasing console.log * Resolving comments and upgrading code * Applying comments upgrades to references table * Applying more upgrade comments * fix(mitre_intelligence): Remove the Promise.reject in resource details flyout Co-authored-by: Antonio David Gutiérrez <antonio.gutierrez@wazuh.com> * fix redirect flyout to rules * feat(frontend/mitre_att&ck_intelligence): Removed welcome intelligence - Removed welcome intelligence view and adjustments when doing a general search - Set a resource type as selected - Update test * fix comments PR * fix(mitre_att&ck_intelligence): Change how to open the resource details flyout - Change how to open the resource details flyout - Refactor some componentes properties - Removed not used code * changelog: Added PR to chengelog * Update CHANGELOG.md * fix(mitre_att&ck_intelligence): Fix error in table-default.tsx * fix(mitre_att&ck_intelligence): PR request changes: - Add tests for: - Components: Markdown, PanelSplit - React Hooks: useAsyncAction - Renamed files - Add justification for using dangerouslySetInnerHTML property - Refactor requests to get mitre techniques - Fix tooltips to open tactic/technique details in Framework - Added some missing semicolon - Fix CSS class wz-markdown-wrapper name * fix get mitre Techniques from api Co-authored-by: eze9252 <eze9252@gmail.com> Co-authored-by: CPAlejandro <cuellarpeinado@gmail.com> Co-authored-by: Alejandro Cuéllar Peinado <alejandro.cuellar@wazuh.com> Co-authored-by: Ezequiel Airaudo <36004787+eze9252@users.noreply.github.com> Co-authored-by: Franco Charriol <franco.charriol@wazuh.com> * feat(error-orchestrator): Improved on createGetterSetter (#3376) * feat(error-orchestrator): Improved on createGetterSetter * bugfix(error-orchestrator): Added default value of disaply and store, remove location of types and fixed toastMessage of addError * feat(error-orchestrator): Added creatorGetterSetter on wazuh-app to avoid dependence on Kibana. * feat(error-orchestrator): Rebase 4.3 and apply new implementation getErrorOrchestrator. PR comments. * feat(error-orchestrator): Removed unnecessary parameter. * Fix creation of json file after a ui log (#3378) * feat(error-orchestrator): Removed unnecessary parameter. * fix(error-orchestrator): Fixed imports. * doc(error-orchestrator): Added README.md * doc(error-orchestrator): Added README.md Co-authored-by: Maximiliano Ibarra <maximilianoaibarra@gmail.com> Co-authored-by: Ibarra Maximiliano <maximiliano.ibarra@wazuh.com> Co-authored-by: Antonio <34042064+Desvelao@users.noreply.github.com> Co-authored-by: eze9252 <eze9252@gmail.com> Co-authored-by: CPAlejandro <cuellarpeinado@gmail.com> Co-authored-by: Alejandro Cuéllar Peinado <alejandro.cuellar@wazuh.com> Co-authored-by: Ezequiel Airaudo <36004787+eze9252@users.noreply.github.com> Co-authored-by: Franco Charriol <franco.charriol@wazuh.com> Co-authored-by: Pablo Martínez <pablo.martinez@wazuh.com>
* Applied new strategy try-catch error handling in ManagementController * Added lowercase levels in storeError (#3377) * Added lowercase levels in storeError * Updated CHANGELOG Co-authored-by: Ibarra Maximiliano <maximiliano.ibarra@wazuh.com> * [Feature] Mitre Att&ck Intelligence + adapt Framework (#3368) * refactor in vulnerabilities table component * refactor code in vuls inventory and add new table component with export csv * adapat table * finished refactor table component * delete console logs and fix wrong version * add new fields in suggestions * add changelog * changes in component table and remove status and type columns * fix columns position * feat(mitre): Add Mitre Att&ck intelligence section - Created Intelligence tab in Mitre Att&ck Module - Created left and right panel - Created resource button for the left panel - Created search bar for searhin in all resources - Created list of each resource * feat(mitre_intelligence): Modify the search results view and another improvements - Modify the Search results view - Improve useAsyncAction hook - Add Mitre Att&ck Intelligence to Agent modules component - Improve TableWithSearchBar component to accept filters as props - Refactor Mitre Atta&ck resources - Refator PanelSplit component - Fix filtersToObject helper - Update test * feat(mitre_att&ck_intelligence): Render description as markdown - Create Markdown component - Apply the Markdown component to the resource description in the resouce table * feat(mitre_atta&ck_intelligence): Add like operator to search resource by description * change endpoint and adapt component in mitre * fix flyout * feat(mirte_att&ck_integillence): Add the References resource - Added to left panel - Added resource view * add redirect to intelligence * fix merge * fix merge flyout * fix package version * fix(mitre_att&ck_intelligence): Organize resource suggestions and remove Reference resource * fix PR comments and add intelligence section redirect * Created new Mitre flyout * Changelog * fix comments PR * add redirect values in query params * apply prettier * Resolving comments and upgrading code * Applying comments upgrades to references table * Applying more upgrade comments * fix(mitre_intelligence): Remove the Promise.reject in resource details flyout * clear comments and imports * fix error handler techniques * delete session storage * delete files and fix get techniques data * Created new Mitre flyout (#3344) * Created new Mitre flyout * Changelog * Erasing comments * Erasing console.log * Resolving comments and upgrading code * Applying comments upgrades to references table * Applying more upgrade comments * fix(mitre_intelligence): Remove the Promise.reject in resource details flyout Co-authored-by: Antonio David Gutiérrez <antonio.gutierrez@wazuh.com> * fix redirect flyout to rules * feat(frontend/mitre_att&ck_intelligence): Removed welcome intelligence - Removed welcome intelligence view and adjustments when doing a general search - Set a resource type as selected - Update test * fix comments PR * fix(mitre_att&ck_intelligence): Change how to open the resource details flyout - Change how to open the resource details flyout - Refactor some componentes properties - Removed not used code * changelog: Added PR to chengelog * Update CHANGELOG.md * fix(mitre_att&ck_intelligence): Fix error in table-default.tsx * fix(mitre_att&ck_intelligence): PR request changes: - Add tests for: - Components: Markdown, PanelSplit - React Hooks: useAsyncAction - Renamed files - Add justification for using dangerouslySetInnerHTML property - Refactor requests to get mitre techniques - Fix tooltips to open tactic/technique details in Framework - Added some missing semicolon - Fix CSS class wz-markdown-wrapper name * fix get mitre Techniques from api Co-authored-by: eze9252 <eze9252@gmail.com> Co-authored-by: CPAlejandro <cuellarpeinado@gmail.com> Co-authored-by: Alejandro Cuéllar Peinado <alejandro.cuellar@wazuh.com> Co-authored-by: Ezequiel Airaudo <36004787+eze9252@users.noreply.github.com> Co-authored-by: Franco Charriol <franco.charriol@wazuh.com> * feat(error-orchestrator): Improved on createGetterSetter (#3376) * feat(error-orchestrator): Improved on createGetterSetter * bugfix(error-orchestrator): Added default value of disaply and store, remove location of types and fixed toastMessage of addError * feat(error-orchestrator): Added creatorGetterSetter on wazuh-app to avoid dependence on Kibana. * Fix creation of json file after a ui log (#3378) * Updated error orchestrator implemetation * Update import errorOchestratorService * Updated imported orchestrator getter * Added context ManagementeController * Updated CHANGELOG Co-authored-by: Ibarra Maximiliano <maximiliano.ibarra@wazuh.com> Co-authored-by: Antonio <34042064+Desvelao@users.noreply.github.com> Co-authored-by: eze9252 <eze9252@gmail.com> Co-authored-by: CPAlejandro <cuellarpeinado@gmail.com> Co-authored-by: Alejandro Cuéllar Peinado <alejandro.cuellar@wazuh.com> Co-authored-by: Ezequiel Airaudo <36004787+eze9252@users.noreply.github.com> Co-authored-by: Franco Charriol <franco.charriol@wazuh.com> Co-authored-by: Gabriel Wassan <gabriel.wassan@wazuh.com> Co-authored-by: Pablo Martínez <pablo.martinez@wazuh.com>
Description
Intelligence
tab to theMitre Att&ck
module with information about the Mitre resources: groups, mitigations, tactics, techniques using the new Wazuh API endpoints.How to test
Intelligence tab:
See more results
label is displayed.See more results
button, navigate to the resource and add a filter (in the search bar) and display a table with the resultsIntelligence detail flyout
Framework
Limitations:
ID
due to a Wazuh API limitation MITRE endpoints can't sort byreferences.external_id
wazuh#8879Closes MITRE Framework section redesign #3202 and Create new section for Mitre Intelligence #3291