Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Display all indicators/observables contained in reports which contain a specific entity #2559

Closed
4 tasks
SamuelHassine opened this issue Nov 14, 2022 · 0 comments
Closed
4 tasks

Display all indicators/observables contained in reports which contain a specific entity #2559

SamuelHassine opened this issue Nov 14, 2022 · 0 comments
Labels
feature use for describing a new feature to develop solved use to identify issue that has been solved (must be linked to the solving PR)
Milestone
Release 5.10.0

Comments

@SamuelHassine
Copy link
Member

SamuelHassine commented Nov 14, 2022
edited by Jipegien

Use case

Display all indicators/observables contained in reports which contain a specific entity

Current Workaround

None.

Proposed Solution

For Threat Actor, Intrusion Set, Campaign, Malware, Tools, Channels, Vulnerability, Attack patterns, Narratives :

  • MVP In Knowledge, add a view “Indicators” in the right just above “Observables”.
    • this view display the list of Indicators related to the Entity (same as the current Indicators tab BUT without the filter panel on the right (Pattern type, Observable type)
    • in the Filters of the new Indicators view, add:
      • a field for Pattern type (containing pattern types possibilities displayed in the Indicator tab)
      • a field for Observable type (containing observables types possibilities displayed in the Indicator tab)
  • MVP In Knowledge/Observables view, add a button at the top right, just after the “relationships view” one.
    • when hover, it display “Contextual view”
    • when click, the list of Observables will contain also Observables that are contained in Reports that contains the Entity
    • in the list’s columns, add a column labeled Report, sortable, that will display for each result the name of the Report that contain the result.
  • MVP In the new Knowledge/Indicators view, add the same button that will display Indicators contained in Reports that contains the Entity
  • MVP Remove the Indicators tab.
@SamuelHassine SamuelHassine added this to the Release 5.7.0 milestone Nov 14, 2022
@SamuelHassine SamuelHassine added feature use for describing a new feature to develop P0 labels Nov 14, 2022
@marieflorescontact marieflorescontact mentioned this issue Jul 25, 2023
Merged
5 tasks
RomuDeuxfois added a commit that referenced this issue Aug 2, 2023
@marieflorescontact @RomuDeuxfois
[backend/frontend] Display all indicators/observables contained in re…
1861183 
…ports which contain a specific entity (#2559)

Co-authored-by: Romuald Lemesle <romuald.lemesle@filigran.io>
@RomuDeuxfois RomuDeuxfois mentioned this issue Aug 2, 2023
Merged
5 tasks
RomuDeuxfois added a commit that referenced this issue Aug 8, 2023
@RomuDeuxfois
[backend/frontend] Display all indicators/observables contained in co…
e1f601e 
…ntainers which contain a specific entity (#2559)
@RomuDeuxfois RomuDeuxfois added the solved use to identify issue that has been solved (must be linked to the solving PR) label Aug 8, 2023
ParamConstructor pushed a commit to fbicyber/opencti__opencti that referenced this issue Aug 8, 2023
@RomuDeuxfois @ParamConstructor
[backend/frontend] Display all indicators/observables contained in co…
637b5b9 
…ntainers which contain a specific entity (OpenCTI-Platform#2559)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature use for describing a new feature to develop solved use to identify issue that has been solved (must be linked to the solving PR)
Projects
None yet
Milestone
Release 5.10.0
Development

No branches or pull requests
3 participants
@SamuelHassine @RomuDeuxfois @Jipegien