search

Sotera / newman

Quickly analyze and explore email with advanced analytics and visualization.
http://sotera.github.io/newman/
Apache License 2.0
55 stars 14 forks source link

Link for ID not working #106

Closed smahoney58 closed 7 years ago

smahoney58 commented 8 years ago

When you try to follow the link for ID (located in left-panel email view), you get an error message in the main browser window.

Steps to Reproduce

  1. Search for any term like "subpoena"
  2. Select the search term in the Dashboard view
  3. Select any email that is listed
  4. Select link for ID

Results: A tab created with the following error information. <!doctype html>

501 Error in Python Service

There was an error executing service /email/0732a020-22f6-11e6-afc5-080027542fa4/0732a020-22f6-11e6-afc5-080027542fa4.txt:

Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/tangelo/server.py", line 207, in invoke_service
    result = restfunc(_pargs, *_kwargs)
  File "/srv/software/newman/demail/email.py", line 292, in get
    return get_actions.get(action, unknown)( _args, *_kwargs)
TypeError: unknown() got an unexpected keyword argument 'data_set_id'

Powered by Tangelo This error was found by Kevin English who needs to be able to follow the email ID to retrievethe metadata for the email.

smahoney58 commented 8 years ago

This error was found on Newman v2.1.1

smahoney58 commented 8 years ago

Kevin did find a workaround where he enters something like the following directly into the browser bar: http://localhost:9200/newman-shiavo/emails/28411a44-22f6-11e6-afc5-080027542fa4

This doesn’t show the content, but gives all the metadata from the Elasticsearch index which is what he was trying to get to.

smahoney58 commented 8 years ago

The latest v2.1.1 Newman does not have an ID field anymore; now includes an Email ID and Case ID. Need to discuss this issue with Kevin English and potentially Charles Ramsay. The Email ID and Case ID request came from ? ( I believe it was the FBI via Charles Ramsay but maybe it was from some other source). Current implementation does not meet the goals that Charles/Kevin were looking for.

smahoney58 commented 7 years ago

In Newman v2.1.3 Email ID is correctly populated with a GUID. It is no longer a link. Will let Kevin and/or Charles create a more detailed issue if this is not the behavior they desire. Kevin can still use his workaround. I'm guessing most analysts don't need the ElasticSearch metadata.