version 2.3.1

Author: salehmuhaysin

.env

@@ -1,7 +1,7 @@
 
 # ============ Kuiper Platform
 # enable debugging mode
-FLASK_DEBUG=False                        
+FLASK_DEBUG=True                        
 # remove raw files uploaded to Kuiper, as consequences enable this will allow upload the file multiple times
 FLASK_REMOVE_RAW_FILES=True             
 # log level stored in the app logs (INFO, WARNING, DEBUG, and ERROR)

.gitignore

@@ -10,6 +10,8 @@ kuiper/app/parsers/WinEvents/temp/**
 kuiper/app/parsers/MFT_Parser/temp/**
 kuiper/**/*.pyc
 system_health/**/*.pyc
-mongodb/db/**
+mongodb/**
+!mongodb/empty.md
 redis/dump.rdb
-elasticsearch/nodes/**
+elasticsearch/**
+!elasticsearch/empty.md

CHANGELOG.md

@@ -1,6 +1,15 @@
 # **Changelog**
 This page list the Changelog for Kuiper project
 
+## **[2.3.1] - 2022-02-07**
+### **Fixes:**
+- Fixed dynamic add for folder `kuiper/app/parsers/temp`
+- Fixed issue of uploading files to a previously created machine
+- Fixed issue of handling error message in elasticsearch version 7.16.2 during the indexing
+- Fixed issue to preserve the selected record in browse artifact table if detailed table clicked
+- Fixes the system health for celery if the task has large number of arguments
+
+
 
 ## **[2.3.0] - 2022-01-25**
 

kuiper/app/__init__.py

@@ -105,7 +105,9 @@
     app.config['UPLOADED_FILES_DEST_RAW'] , 
     app.config['TIMELINE_FOLDER'],
     logs_folder,
-    app.config['SYSTEM_HEALTH_PATH']
+    app.config['SYSTEM_HEALTH_PATH'],
+    os.path.join(app.config['PARSER_PATH'] , "temp")
+    
     ]
 for d in built_in_dirs:
     try:

kuiper/app/controllers/case_management.py

@@ -469,8 +469,7 @@ def all_machines(case_id , group_name):
     case            = db_cases.get_case_by_id(case_id)
     parsers_details = db_parsers.get_parser()
     groups_list     = db_groups.get_groups(case_id)
-
-    # check if there is error getting the information
+    # check if there is error getting the information  
     error = None
     if machines[0] == False:    
         error = ["Case["+case_id+"]: Failed getting case machines" , machines[1]]
@@ -488,9 +487,9 @@ def all_machines(case_id , group_name):
     if group_name is not None:
         for i in groups_list[1]:
             if i['_id'] == case_id + "_" + group_name:
-                i['selected'] = True
-
+                i['selected'] = True 
 
+ 
     if error is not None:
         logger.logger(level=logger.ERROR , type="case", message=error[0], reason=error[1])
         return render_template('case/error_page.html',case_details=case_id ,SIDEBAR=SIDEBAR , CASE_FIELDS=CASE_FIELDS[1] , message=error[0] + "<br />" + error[1])
@@ -624,18 +623,20 @@ def case_upload_machine(case_id):
 
 # ================================ Upload Artifacts
 # upload artifacts for specific machine
-@app.route('/case/<main_case_id>/uploadartifacts/<machine_case_id>', methods=['GET', 'POST'])
+@app.route('/case/<main_case_id>/uploadartifacts/<machine_case_id>', methods=['POST'])
 def main_upload_artifacts(main_case_id,machine_case_id):
+
     if request.method == 'POST':
         try:
-            
+               
             # get file
             file = request.files['files[]']
 
-            
+
             # if there is a file to upload
             if file:
                 base64_name = None if 'base64_name' not in request.form else request.form['base64_name']       
+
                 # start handling uploading the file
                 uf = upload_file(file , main_case_id , machine_case_id , base64_name=base64_name)
                 return json.dumps(uf[1])

kuiper/app/database/elkdb.py

@@ -463,10 +463,10 @@ def bulk_to_elasticsearch_fix_errors(self, indx, errors):
             try:
 
 
-                if 'caused_by' in doc['index']['error']:
-                    doc_reason = doc['index']['error']['caused_by']['reason']
-                else:
+                if 'reason' in doc['index']['error']: 
                     doc_reason = doc['index']['error']['reason']
+                else: 
+                    doc_reason = doc['index']['error']['caused_by']['reason']
 
                 logger.logger(level=logger.WARNING , type="elasticsearch", message=record_msg_info + ": record failed" , reason=doc_reason)
 

kuiper/app/templates/case/browse_artifacts.html

@@ -200,7 +200,6 @@ <h3 class="box-title"> <i class="fa fa-cubes"></i> Artifacts </h3>
 
 
 
-
 <!-- ===================== Records details ===================== -->
 
 <div id="record_details_block" class="col-md-4">
@@ -282,8 +281,6 @@ <h3 class="box-title"><i class="fa fa-cubes"></i> Record Details</h3>
     <script src="../../static/dist/air-datepicker/dist/js/i18n/datepicker.en.js"></script>
 
 
-
-
 <!-- This will take the AdminLTE input style and use it with the tags input style -->
 <style type="text/css">
 /* START ====== tagsinput */
@@ -500,7 +497,7 @@ <h3 class="box-title"><i class="fa fa-cubes"></i> Record Details</h3>
 
 // ====================================== Variables
 
-var clicked_id_record;      // store the records clicked on the table
+var clicked_id_record = 0;      // store the records clicked on the table
 
 var rules                   = ({{rules|tojson|safe}})           // get list of all rules
 var toast                   = $.toast;                          // toast object
@@ -1269,6 +1266,11 @@ <h3 class="box-title"><i class="fa fa-cubes"></i> Record Details</h3>
 
 
 
+    $('#' + clicked_id_record).addClass('table_events_clicked_tr disabled');
+    $('#' + clicked_id_record).css('background-color' ,  '#636777');
+
+    // change records clicked status to clicked
+    is_record_tr_clicked = true
 
 }
 
@@ -1422,18 +1424,9 @@ <h3 class="box-title"><i class="fa fa-cubes"></i> Record Details</h3>
           // build records table
           rebuild_records(ajax_records);
 
-          // build data type drop-down list 
-          //console.log(r)
-          /*
-          var list = ""
-          if(r['res_total'] != 0){
-            var aggs = r['aggs']
-            for(var i = 0 ; i <aggs.length ; i++)
-                list += '<li class="clickable"><a id="data_type:'+aggs[i]['key']+'" class="clickable add_to_search_query">'+aggs[i]['key']+' <span class="badge bg-red">'+aggs[i]['doc_count']+'</span></a></li>'
-          }
-          $('#artifacts_list').html(list);
-          $('.artifacts_list_button').dropdown()
-          */
+
+
+
           if (is_record_tr_clicked){
                 // click the first raw in the table
                 $("#table_events tr#" + wanted_record.toString()).click()
@@ -2047,9 +2040,6 @@ <h3 class="box-title"><i class="fa fa-cubes"></i> Record Details</h3>
 
 
 
-
-
-
 // if save as rule button clicked, add the rule to dmango
 $(document).on('click' , '.sample_search_save_as_rule' , function(){
     var query_search_content = $('#sample_query_search h5 #sample_query_search_content').text().trim()
@@ -2712,6 +2702,8 @@ <h3 class="box-title"><i class="fa fa-cubes"></i> Record Details</h3>
 	$('#record_details_block').slideUp('fast' , function(){
 		$('#content_table').removeClass('col-md-8');
 	});
+
+
 })
 
 
@@ -2888,19 +2880,8 @@ <h3 class="box-title"><i class="fa fa-cubes"></i> Record Details</h3>
     handle_query_param(search)
 })
 
-$(document).click(function(e){
-    //For descendants of menu_content being clicked, remove this check if you do not want to put constraint on descendants.
-    if($(e.target).closest('#table_events').length){
-        return; 
-    } else {
-        $('#' + clicked_id_record).removeClass('table_events_clicked_tr disabled');
-        $('#' + clicked_id_record).css('background-color' ,  '');
 
-        clicked_id_record = null
-        is_record_tr_clicked = false
-    }
-        
-})
+
 
 
 // enable the top-down press button

kuiper/app/templates/case/case_sidebar.html

@@ -38,7 +38,7 @@
 </aside>
 {% endblock %}
 
-<script src="../../static/bower_components/jquery/dist/jquery.min.js"></script>
+<script src="{{url_for('static', filename='bower_components/jquery/dist/jquery.min.js')}}"></script>
 
 <script>