7.0.0

7.0.0 (2023-11-27)

Deprecations:

• Make sure certificate is verified when required by RestApiClientAsync and deprecate selfSignedCert:false by-pass #1620

Changes:

• Cisco secure email added readme detailed file. #1615

Fixes:

• Remove future timestamp qualifier conditions #1619
• Fix parameter assignment in error handling function #1616

6.2.2

6.2.2 (2023-10-03)

Changes:

• include connector type in logger error #1585
• Add new screen shots to CLI Lab #1576

Fixes:

• Update Azure Log Analytics stix transmission to use BaseJsonSyncConnector #1584
• Fixing authentication token handling #1583
• allow host address input in MS Graph configuration #1582
• fix coding lab #1578
• Fix and update coding lab #1577

Dependency update:

• Bump aioboto3 from 11.2.0 to 11.3.0 in /stix_shifter #1575

6.2.1

6.2.1 (2023-09-07)

Changes:

• Update coding lab #1566
• Vectra UDI connector #1530
• add operator mapping example in CLI lab #1564
• Lab landing page #1563
• Update overview doc #1561

Fixes:

• resolve case insensitive regex in elastic ECS connector #1569 #1573
• Fix readthedocs reference links #1574
• Temporary fix for dialect not found map file #1572
• Fix: skip empty list and string in stix objects #1568
• Performance improvement of regex validation #1565
• Fix ECS range queries with x-oca-event:start/end #1559

Dependency update:

• Bump jsonmerge from 1.9.0 to 1.9.2 in /stix_shifter #1570
• Bump flask from 2.3.2 to 2.3.3 in /stix_shifter #1567
• Bump aioboto3 from 11.1.0 to 11.2.0 in /stix_shifter #1562

6.1.1

6.1.1 (2023-08-15)

Deprecations:

• CLI lab updates and STIX validator removal #1555

Changes:

• Add readthedocs configurations #1547
• Update connector coding lab #1557
• Add docs folder #1551

Fixes:

• cli lab instruction fixes #1558
• Fix variable assignment error with ECS event.start/end #1556
• Mysql connector timeout fix #1552
• fix cursor call in mysql API client #1550
• Mapping Fixes for AWS GuardDuty #1543

6.0.3

6.0.3 (2023-07-27)

Fixes:

• Fix stix_bundle connector results translation #1545
• map_validator: make sure 'object' name is a str #1540

Dependency update:

• update stix2-validator library to 3.1.4 #1542

6.0.1

6.0.1 (2023-07-24)

Breaking changes:

• Adding to stix dialect feature #1231

Deprecations:

• Removed various unfinished and abandoned connectors #1537

Changes:

• To-STIX mapping keyword documentation #1529
• AWS GuardDuty UDI Connector #1525
• Framework Changes for Handling Nested List of Dictionaries #1516
• Move results processing to transmission results #1519
• to-STIX dialects documentation added #1515
• Splunk UDI Connector -Upgrade #1479
• Azure log analytics mapping improvements #1496
• Update CLA link in CONTRIBUTING.md #1517
• Reaqta name change #1514

Fixes:

• Setup fix for installing libraries from commit hash #1539
• ibm_security_verify: fixes #1522
• LIKE operator only added for events queries #1521

Dependency update:

• Attrs dependency fix and connector cleanup #1537
• fix #1533 with type import update #1534
• Remove ancient 'uuid==1.30' from requirements.txt #1524

5.3.1

5.3.1 (2023-06-15)

Deprecations:

• remove SNI from authentication options #1498

Changes:

• Error messaging update #1503

• Remove cybox checks from map validator #1504

• remove cybox false flag for observed-data properties #1502

• Async support in Datadog connector #1492

• ReaQta Use TTP Custom Object #1473

• default translator support #1491

• Add description to stix-bundle connector README #1497

• minor code cleanup #1494

• Better error reporting for bad certificate #1490

• timeout max -> 1 hour; result limit -> 10 million #1487

Fixes:

• Patch elastic mappings #1501
• elastic_ecs: fix email-addr:value mappings in 'from' maps #1508
• x-oca-event.code switch from int to str #1499
• fix mapping references in elastic-ecs connector #1471

5.3.0

5.3.0 (2023-05-15)

Changes:

• SDO connector cleanup and table of mappings #1484
• error_test 2queries #1483
• DShield connector #1443
• RecordedFuture connector #1462
• Cisco Secure Malware Analytics (formerly Threat Grid) Connector #1460
• Virus total connector #1458
• ThreatQ connector #1461
• Add Intezer connector #1457
• to_stix_map validator #1469
• Alienvault OpenThreatExchange connector #1442
• Adding new graph alert resource support in Graph security module #1439
  /pull/1448)
• Add AbuseIPDB Connector #1441

Fixes:

• set alert options default value to false #1481
• Updated Config changes for GCP Chronicle for develop branch #1476
• QRadar - Remove Zero Values from IP and Mac Results #1468
• Update stix2.1 mapping files in azure sentinel module #1472
• Elastic-ecs: update dialect attributes with .keyword #1474
• fix error_test transform_query #1470
• mapping fixes for Microsoft Graph Security #1420
• Added timeout for API client calls #1459
• Elastic-ecs mapping: consolidate x-ecs-container attributes into the x-oca-asset object [#1448](https://github.com/
• Elastic-ecs: Patch observer mapping to x-oca-asset object #1464
• enable observer data in transmit #1453
• Fix proxy create_results_connection method #1463
• Elastic-ecs: consolidate asset identifier #1477

Dependency update:

• Added urllib3 1.26.15 to connector requirements #1482
• Bump flask from 2.3.1 to 2.3.2 in /stix_shifter #1454

5.2.1

5.2.1 (2023-05-01)

Breaking changes:

• Change QRadar domain name mapping #1342. IBM QRadar Custom Properties Dictionary version 1.3.1 or later is now required to be installed.

Changes:

• update table of mappings for MS Graph, Elastic ECS, Microsoft Defender #1445
• Elastic-ecs mapping improvements for network traffic attributes #1410
• Update Reversinglabs connector #1436
• Documentation updates #1435
• Correct network-traffic mappings for elastic_ecs #1430
• Msatp with alerts refactor #1404
• MSATP async token, removed ADAL lib #1428
• Cleaning up from requests lib #1429
• IBM Verify Privilege Vault api path changes #1424
• Added async to Azure sentinal #1419
• Change config labels to sentence case #1417
• Update README for IBM Verify Privilege Vault (Secret Server) connector #1402
• hard coded base uri in microsoft graph security connector #1406
• Add metadata CLI and documenations #1396
• Pagination handled for azure_log_analytics #1398
• Elastic ecs module readme #1400

Fixes:

• fix url value property in azure mapping #1444
• Okta Error Code Mapping Changes for develop Branch #1434
• Fix: Graph API fails if used without lamda operators on collection type properties #1421
• Fix for Athena error handling, error log printing in tranlsation #1415
• Fixed error handling for darktrace on raw html response #1416

Dependency update:

• set urllib3 library requirement #1449
• Bump flask from 2.2.3 to 2.3.1 in /stix_shifter #1440
• Bump json-fix from 0.5.1 to 0.5.2 in /stix_shifter #1426
• Bump aioboto3 from 11.0.1 to 11.1.0 in /stix_shifter #1411
• Bump pyopenssl from 23.1.0 to 23.1.1 in /stix_shifter #1405
• Bump pyopenssl from 23.0.0 to 23.1.0 in /stix_shifter #1401

5.1.1

5.1.1 (2023-03-21)

Breaking changes:

Deprecations:

Changes:

• Added process:x_unique_id property to Splunk #1389
• get configs #1392
• GitHub action update #1385

Fixes:

• Added metadata changes for GCP Chronicle #1393
• Splunk: Fix MAC address to display in proper STIX format #1386
• Updated custom properties mapping in Okta with 'x_' prefix #1387
• Await async fixes #1391
• fix json loads of data arg in stix-shifter CLI #1394
• Consolidate network-traffic, user-account, file objects in the elastic_ecs connector mapping #1378
• Fix #1375, optimize get_pagesize() function call, and add testcases #1384
• Async changes for Okta UDI connector #1383

Dependency update:

• Bump aiohttp-retry from 2.4.0 to 2.8.3 in /stix_shifter #1374