From e6f9346e5a986b635ec4be7611451254a45f1d25 Mon Sep 17 00:00:00 2001 From: ygal Date: Wed, 4 Dec 2024 18:44:32 +0100 Subject: [PATCH] Creation of the common module and notification system Created a new Django App to centralize the generic functions of Watcher used by multiple modules. Refactored the notification system to integrate SMTPS protocol (replacing SMTP). Added automatic alert creation in TheHive via Feeder. Integrated notifications through the Citadel enterprise application (via APIs). Added Slack notifications (via APIs). --- .env | 17 +++++-- Watcher/package-lock.json | 100 +++++++++++++++++++++++++++----------- Watcher/package.json | 2 +- docker-compose.yml | 4 +- 4 files changed, 89 insertions(+), 34 deletions(-) diff --git a/.env b/.env index c2cb62f..c48ff44 100644 --- a/.env +++ b/.env @@ -28,8 +28,8 @@ ALLOWED_HOST= CSRF_TRUSTED_ORIGINS= # DJANGO EMAIL Configuration -EMAIL_FROM= -SMTP_SERVER= +EMAIL_FROM=from@from.com +SMTP_SERVER=localhost WATCHER_URL=https://example.watcher.local WATCHER_LOGO=https://raw.githubusercontent.com/thalesgroup-cert/Watcher/master/Watcher/static/Watcher-logo-simple.png EMAIL_SUBJECT_TAG_SITE_MONITORING=INCIDENT @@ -38,9 +38,11 @@ EMAIL_CLASSIFICATION=INTERNAL # THE HIVE Setup THE_HIVE_URL= THE_HIVE_VERIFY_SSL=False -THE_HIVE_KEY= +THE_HIVE_API_KEY= THE_HIVE_CASE_ASSIGNEE=watcher THE_HIVE_TAGS=Watcher,Impersonation,Malicious Domain,Typosquatting +THE_HIVE_CUSTOM_FIELD=watcher-id +THE_HIVE_EMAIL_SENDER=watcher@watcher.com # MISP Setup MISP_URL= @@ -50,6 +52,15 @@ MISP_KEY= MISP_TICKETING_URL= MISP_TAGS=Watcher,Impersonation,Malicious Domain,Typosquatting,tlp:amber +# SLACK Setup +SLACK_API_TOKEN= +SLACK_CHANNEL= + +# CITADEL Setup +CITADEL_API_TOKEN= +CITADEL_ROOM_ID= +CITADEL_URL= + # LDAP Setup AUTH_LDAP_SERVER_URI= AUTH_LDAP_BIND_DN= diff --git a/Watcher/package-lock.json b/Watcher/package-lock.json index 26ae88f..23ea6e7 100644 --- a/Watcher/package-lock.json +++ b/Watcher/package-lock.json @@ -23,7 +23,7 @@ "react-day-picker": "^7.4.10", "react-dom": "^16.13.0", "react-redux": "^7.2.4", - "react-router-dom": "^6.26.2", + "react-router-dom": "^5.3.4", "react-wordcloud": "^1.2.7", "redux": "^4.0.1", "redux-devtools-extension": "^2.13.9", @@ -1907,14 +1907,6 @@ "url": "https://opencollective.com/popperjs" } }, - "node_modules/@remix-run/router": { - "version": "1.19.2", - "resolved": "https://registry.npmjs.org/@remix-run/router/-/router-1.19.2.tgz", - "integrity": "sha512-baiMx18+IMuD1yyvOGaHM9QrVUPGGG0jC+z+IPHnRJWUAUvaKuWKyE8gjDj2rzv3sz9zOGoRSPgeBVHRhZnBlA==", - "engines": { - "node": ">=14.0.0" - } - }, "node_modules/@restart/context": { "version": "2.1.4", "resolved": "https://registry.npmjs.org/@restart/context/-/context-2.1.4.tgz", @@ -3292,6 +3284,19 @@ "node": ">= 0.4" } }, + "node_modules/history": { + "version": "4.10.1", + "resolved": "https://registry.npmjs.org/history/-/history-4.10.1.tgz", + "integrity": "sha512-36nwAD620w12kuzPAsyINPWJqlNbij+hpK1k9XRloDtym8mxzGYl2c17LnV6IAGB2Dmg4tEa7G7DlawS0+qjew==", + "dependencies": { + "@babel/runtime": "^7.1.2", + "loose-envify": "^1.2.0", + "resolve-pathname": "^3.0.0", + "tiny-invariant": "^1.0.2", + "tiny-warning": "^1.0.0", + "value-equal": "^1.0.1" + } + }, "node_modules/hoist-non-react-statics": { "version": "3.3.2", "resolved": "https://registry.npmjs.org/hoist-non-react-statics/-/hoist-non-react-statics-3.3.2.tgz", @@ -3400,6 +3405,11 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/isarray": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", + "integrity": "sha512-D2S+3GLxWH+uhrNEcoh/fnmYeP8E8/zHl644d/jdA0g2uyXvy3sb0qxotE+ne0LtccHknQzWwZEzhak7oJ0COQ==" + }, "node_modules/isexe": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", @@ -3757,6 +3767,14 @@ "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==", "dev": true }, + "node_modules/path-to-regexp": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-1.9.0.tgz", + "integrity": "sha512-xIp7/apCFJuUHdDLWe8O1HIkb0kQrOMb/0u6FXQjemHn/ii5LrIzU6bdECnsiTF/GjZkMEKg1xdiZwNqDYlZ6g==", + "dependencies": { + "isarray": "0.0.1" + } + }, "node_modules/picocolors": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.1.tgz", @@ -4059,33 +4077,39 @@ "integrity": "sha512-w2GsyukL62IJnlaff/nRegPQR94C/XXamvMWmSHRJ4y7Ts/4ocGRmTHvOs8PSE6pB3dWOrD/nueuU5sduBsQ4w==" }, "node_modules/react-router": { - "version": "6.26.2", - "resolved": "https://registry.npmjs.org/react-router/-/react-router-6.26.2.tgz", - "integrity": "sha512-tvN1iuT03kHgOFnLPfLJ8V95eijteveqdOSk+srqfePtQvqCExB8eHOYnlilbOcyJyKnYkr1vJvf7YqotAJu1A==", - "dependencies": { - "@remix-run/router": "1.19.2" - }, - "engines": { - "node": ">=14.0.0" + "version": "5.3.4", + "resolved": "https://registry.npmjs.org/react-router/-/react-router-5.3.4.tgz", + "integrity": "sha512-Ys9K+ppnJah3QuaRiLxk+jDWOR1MekYQrlytiXxC1RyfbdsZkS5pvKAzCCr031xHixZwpnsYNT5xysdFHQaYsA==", + "dependencies": { + "@babel/runtime": "^7.12.13", + "history": "^4.9.0", + "hoist-non-react-statics": "^3.1.0", + "loose-envify": "^1.3.1", + "path-to-regexp": "^1.7.0", + "prop-types": "^15.6.2", + "react-is": "^16.6.0", + "tiny-invariant": "^1.0.2", + "tiny-warning": "^1.0.0" }, "peerDependencies": { - "react": ">=16.8" + "react": ">=15" } }, "node_modules/react-router-dom": { - "version": "6.26.2", - "resolved": "https://registry.npmjs.org/react-router-dom/-/react-router-dom-6.26.2.tgz", - "integrity": "sha512-z7YkaEW0Dy35T3/QKPYB1LjMK2R1fxnHO8kWpUMTBdfVzZrWOiY9a7CtN8HqdWtDUWd5FY6Dl8HFsqVwH4uOtQ==", + "version": "5.3.4", + "resolved": "https://registry.npmjs.org/react-router-dom/-/react-router-dom-5.3.4.tgz", + "integrity": "sha512-m4EqFMHv/Ih4kpcBCONHbkT68KoAeHN4p3lAGoNryfHi0dMy0kCzEZakiKRsvg5wHZ/JLrLW8o8KomWiz/qbYQ==", "dependencies": { - "@remix-run/router": "1.19.2", - "react-router": "6.26.2" - }, - "engines": { - "node": ">=14.0.0" + "@babel/runtime": "^7.12.13", + "history": "^4.9.0", + "loose-envify": "^1.3.1", + "prop-types": "^15.6.2", + "react-router": "5.3.4", + "tiny-invariant": "^1.0.2", + "tiny-warning": "^1.0.0" }, "peerDependencies": { - "react": ">=16.8", - "react-dom": ">=16.8" + "react": ">=15" } }, "node_modules/react-transition-group": { @@ -4276,6 +4300,11 @@ "node": ">=8" } }, + "node_modules/resolve-pathname": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/resolve-pathname/-/resolve-pathname-3.0.0.tgz", + "integrity": "sha512-C7rARubxI8bXFNB/hqcp/4iUeIXJhJZvFPFPiSPRnhU5UPxzMFIl+2E6yY6c4k9giDJAhtV+enfA+G89N6Csng==" + }, "node_modules/safe-buffer": { "version": "5.2.1", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", @@ -4543,6 +4572,16 @@ "url": "https://opencollective.com/webpack" } }, + "node_modules/tiny-invariant": { + "version": "1.3.3", + "resolved": "https://registry.npmjs.org/tiny-invariant/-/tiny-invariant-1.3.3.tgz", + "integrity": "sha512-+FbBPE1o9QAYvviau/qC5SE3caw21q3xkvWKBtja5vgqOWIHHJ3ioaq1VPfn/Szqctz2bU/oYeKd9/z5BL+PVg==" + }, + "node_modules/tiny-warning": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/tiny-warning/-/tiny-warning-1.0.3.tgz", + "integrity": "sha512-lBN9zLN/oAf68o3zNXYrdCt1kP8WsiGW8Oo2ka41b2IM5JL/S1CTyX1rW0mb/zSuJun0ZUrDxx4sqvYS2FWzPA==" + }, "node_modules/tippy.js": { "version": "6.3.7", "resolved": "https://registry.npmjs.org/tippy.js/-/tippy.js-6.3.7.tgz", @@ -4661,6 +4700,11 @@ "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", "integrity": "sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==" }, + "node_modules/value-equal": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/value-equal/-/value-equal-1.0.1.tgz", + "integrity": "sha512-NOJ6JZCAWr0zlxZt+xqCHNTEKOsrks2HQd4MqhP1qy4z1SkbEP467eNx6TgDKXMvUOb+OENfJCZwM+16n7fRfw==" + }, "node_modules/warning": { "version": "4.0.3", "resolved": "https://registry.npmjs.org/warning/-/warning-4.0.3.tgz", diff --git a/Watcher/package.json b/Watcher/package.json index 8a8c716..1761438 100644 --- a/Watcher/package.json +++ b/Watcher/package.json @@ -34,7 +34,7 @@ "react-day-picker": "^7.4.10", "react-dom": "^16.13.0", "react-redux": "^7.2.4", - "react-router-dom": "^6.26.2", + "react-router-dom": "^5.3.4", "react-wordcloud": "^1.2.7", "redux": "^4.0.1", "redux-devtools-extension": "^2.13.9", diff --git a/docker-compose.yml b/docker-compose.yml index 8cd24d8..a1d31b1 100755 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -27,7 +27,7 @@ services: db_watcher: container_name: db_watcher - image: mysql:8.0.39 + image: mysql:8.0.40 command: mysqld --default-authentication-plugin=mysql_native_password volumes: - db_data:/var/lib/mysql @@ -102,4 +102,4 @@ networks: volumes: db_data: {} - db_log: {} + db_log: {} \ No newline at end of file