Stix Shifter Versions Save

This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.

7.0.7

1 week ago

7.0.7 (2024-05-07)

Breaking changes:

Deprecations:

Changes:

  • CrowdStrike Logscale UDI Connector #1631
  • Nozomi UDI connector #1656
  • add feature to disable pagination and simplify API #1676
  • remove non-standard powershell fields for ECS #1684
  • Update code-coverage with new version of Codecov CLI and token#1682

Fixes:

  • Reaqta various mapping fixes #1683

Dependency update:

7.0.6

1 month ago

Breaking changes:

Deprecations:

Changes:

  • adding support for LIKE operator in SumoLogic Module #1670
  • Infoblox connector source changes #1660
  • sumologic: use milliseconds since epoch for timestamps #1668
  • sumologic: add support for != #1658
  • map validator: additional checks for single quotes and extensions properties #1667

Fixes:

  • Amazon athena resolve column not found exception #1673
  • Updated requirements and changed SSL purpose #1664

Dependency update:

  • Bump json-fix from 0.5.2 to 1.0.0 in /stix_shifter #1672
  • Bump colorlog from 6.8.0 to 6.8.2 in /stix_shifter #1671
  • Bump regex from 2023.10.3 to 2023.12.25 in /stix_shifter #1663

7.0.4

2 months ago

7.0.4 (2024-03-14)

Changes:

  • Aligning config and lang en values to match a standard. #1653
  • Update to events mapping after content pack CEP changes #1651
  • Update README.md #1652
  • Sysdig exception handling updated #1648
  • Aligning the Amazon and Microsoft display names. #1646
  • Added sysdig bundle #1647

Fixes:

  • Remove default value from cert_verify parameters #1654

Dependency update:

  • Bump aioboto3 from 12.0.0 to 12.1.0 in /stix_shifter #1628
  • update pyOpenSSL dependency to 24.1.0 #1661

7.0.2

3 months ago

7.0.2 (2024-01-25)

Changes:

  • Graph Security: Add login_host for national cloud authentication endpoint #1641
  • AWS Athena: Make access ids optional and remove verify false from boto client #1629
  • Add query batchsize(length) in common config.json #1637
  • QRadar: change START / STOP regex to include <= year 2000 #1640
  • Update machine ID field in QRadar module #1634
  • New Sysdig connector #1630
  • second half of email.* mapping for elastic_ecs #1632

Fixes:

  • GCP: remove delete in result connector for chronicle #1638

7.0.1

5 months ago

7.0.1 (2023-12-11)

Changes:

  • Replace docker with podman since it is still free to use #1625
  • Update group_ref keyword documenation #1622
  • add email-message translation to ecs #1621

Fixes:

  • Add missing group param to connector configs, fix CrowdStrike spelling #1626

Dependency update:

  • Bump colorlog from 6.7.0 to 6.8.0 in /stix_shifter #1624

7.0.0

5 months ago

7.0.0 (2023-11-27)

Deprecations:

  • Make sure certificate is verified when required by RestApiClientAsync and deprecate selfSignedCert:false by-pass #1620

Changes:

  • Cisco secure email added readme detailed file. #1615

Fixes:

  • Remove future timestamp qualifier conditions #1619
  • Fix parameter assignment in error handling function #1616

6.2.2

7 months ago

6.2.2 (2023-10-03)

Changes:

  • include connector type in logger error #1585
  • Add new screen shots to CLI Lab #1576

Fixes:

  • Update Azure Log Analytics stix transmission to use BaseJsonSyncConnector #1584
  • Fixing authentication token handling #1583
  • allow host address input in MS Graph configuration #1582
  • fix coding lab #1578
  • Fix and update coding lab #1577

Dependency update:

  • Bump aioboto3 from 11.2.0 to 11.3.0 in /stix_shifter #1575

6.2.1

8 months ago

6.2.1 (2023-09-07)

Changes:

  • Update coding lab #1566
  • Vectra UDI connector #1530
  • add operator mapping example in CLI lab #1564
  • Lab landing page #1563
  • Update overview doc #1561

Fixes:

  • resolve case insensitive regex in elastic ECS connector #1569 #1573
  • Fix readthedocs reference links #1574
  • Temporary fix for dialect not found map file #1572
  • Fix: skip empty list and string in stix objects #1568
  • Performance improvement of regex validation #1565
  • Fix ECS range queries with x-oca-event:start/end #1559

Dependency update:

  • Bump jsonmerge from 1.9.0 to 1.9.2 in /stix_shifter #1570
  • Bump flask from 2.3.2 to 2.3.3 in /stix_shifter #1567
  • Bump aioboto3 from 11.1.0 to 11.2.0 in /stix_shifter #1562

6.1.1

9 months ago

6.1.1 (2023-08-15)

Deprecations:

  • CLI lab updates and STIX validator removal #1555

Changes:

  • Add readthedocs configurations #1547
  • Update connector coding lab #1557
  • Add docs folder #1551

Fixes:

  • cli lab instruction fixes #1558
  • Fix variable assignment error with ECS event.start/end #1556
  • Mysql connector timeout fix #1552
  • fix cursor call in mysql API client #1550
  • Mapping Fixes for AWS GuardDuty #1543

6.0.3

9 months ago

6.0.3 (2023-07-27)

Fixes:

  • Fix stix_bundle connector results translation #1545
  • map_validator: make sure 'object' name is a str #1540

Dependency update:

  • update stix2-validator library to 3.1.4 #1542