What's Changed
* Bug-Fix analyzers fetching active sessions by jkppr in https://github.com/google/timesketch/pull/3093
**Full Changelog**: https://github.com/google/timesketch/compare/20240508...20240508.1
20240508
What's Changed
* Save searches without results by jkppr in https://github.com/google/timesketch/pull/3060
* Bump nginx version by jkppr in https://github.com/google/timesketch/pull/3077
* tsdev.sh update by rocketeeer in https://github.com/google/timesketch/pull/3081
* Support for observables in Yeti analyzers by tomchop in https://github.com/google/timesketch/pull/3061
* Added check to invalid API endpoints to close issue 3005 by TedmanNguyen in https://github.com/google/timesketch/pull/3058
* Updating the documentation by jkppr in https://github.com/google/timesketch/pull/3057
* Remove sigma_rule_status.csv from Installation Helper Scripts by Aevyz in https://github.com/google/timesketch/pull/3063
* Update api-upload-data.md by berggren in https://github.com/google/timesketch/pull/3068
* Fix tsctl on a prod deployment by jkppr in https://github.com/google/timesketch/pull/3088
* UI build 20240508 by jkppr in https://github.com/google/timesketch/pull/3089
New Contributors
* Aevyz made their first contribution in https://github.com/google/timesketch/pull/3063
* rocketeeer made their first contribution in https://github.com/google/timesketch/pull/3081
* TedmanNguyen made their first contribution in https://github.com/google/timesketch/pull/3058
**Full Changelog**: https://github.com/google/timesketch/compare/20240328...20240508
20240328
> **Note**
Upgrading to this Timesketch version requires a database upgrade!
See https://timesketch.org/guides/admin/upgrade/ for more details.
What's Changed
* DFIQ new UI and navigation by berggren in https://github.com/google/timesketch/pull/3041
* User profile and settings support by berggren in https://github.com/google/timesketch/pull/3048
* Enhancements to Yeti indicators by tomchop in https://github.com/google/timesketch/pull/3038
* More precise field selection when searching by tomchop in https://github.com/google/timesketch/pull/3044
* Use subqueryload to make loading events with comments faster by tomchop in https://github.com/google/timesketch/pull/3049
* Improvements to the sigma handling by tomchop in https://github.com/google/timesketch/pull/3050
* Update run_analyzers in the api client by jkppr in https://github.com/google/timesketch/pull/3037
* Fix a bug in the feature_extraction analyzer by jkppr in https://github.com/google/timesketch/pull/3047
**Full Changelog**: https://github.com/google/timesketch/compare/20240207...20240328
20240207
What's Changed
* Collapsable left panel by berggren in https://github.com/google/timesketch/pull/3008
* Support for Large Language Model (LLM) services by berggren in https://github.com/google/timesketch/pull/3019
* Implement user management (create, list, get) via API by lo-chr in https://github.com/google/timesketch/pull/3024
* Setup frontend unit tests with vitest by Annoraaq in https://github.com/google/timesketch/pull/3013
* Fix failing Plaso uploads after 6 months by jkppr in https://github.com/google/timesketch/pull/3017
* Fix error handling in the API client by jkppr in https://github.com/google/timesketch/pull/3006
* Add optional TLS verification by tomchop in https://github.com/google/timesketch/pull/3016
* Yeti analyzer fix: use session object by tomchop in https://github.com/google/timesketch/pull/3020
* Adjust query for Yeti indicators by tomchop in https://github.com/google/timesketch/pull/3009
* Mark events with indicator's relevant_tags (Yeti) by tomchop in https://github.com/google/timesketch/pull/3022
* Bump cryptography from 41.0.4 to 41.0.6 by dependabot in https://github.com/google/timesketch/pull/2998
* SQLalchemy upgrade - step one by berggren in https://github.com/google/timesketch/pull/2979
* Fix: get and use access token for Yeti by tomchop in https://github.com/google/timesketch/pull/3010
* Adding form validation to prevent names > 255 char. by jkppr in https://github.com/google/timesketch/pull/3026
* Update black formatting by jkppr in https://github.com/google/timesketch/pull/3031
* Timesketch API client: Adding type check to prevent error. by jkppr in https://github.com/google/timesketch/pull/3030
* Fix double escaping in sigma_util causing yaml.parser.ParserError by lo-chr in https://github.com/google/timesketch/pull/3028
* Move "old UI" button by jkppr in https://github.com/google/timesketch/pull/3033
* UI build 20240207 by jkppr in https://github.com/google/timesketch/pull/3035
New Contributors
* lo-chr made their first contribution in https://github.com/google/timesketch/pull/3028
**Full Changelog**: https://github.com/google/timesketch/compare/20231206...20240207
20231206
What's Changed
* Left panel timeline management by Annoraaq in https://github.com/google/timesketch/pull/2999
* Extract Windows event logs messages attributes by roshanmaskey in https://github.com/google/timesketch/pull/2910
* API client: Return all field for analysis sessions by tomchop in https://github.com/google/timesketch/pull/2504
* Highlight DFIQ context card by berggren in https://github.com/google/timesketch/pull/2996
* Introduce (large) CSV import in e2e tests by jaegeral in https://github.com/google/timesketch/pull/2912
* "Add to Threat Intelligence" via context links by jkppr in https://github.com/google/timesketch/pull/2980
* Graph bug and layout fix by berggren in https://github.com/google/timesketch/pull/2994
* Feature extraction config for BITS and Terminal Services by roshanmaskey in https://github.com/google/timesketch/pull/2974
* Adjust default example text for yeti endpoint by tomchop in https://github.com/google/timesketch/pull/2963
* Adding a copy action to filter chips by JohannesLks in https://github.com/google/timesketch/pull/2990
* Update to the windows deployment script by coloradosarge in https://github.com/google/timesketch/pull/3000
* Adding and updating tooltips for icons by jkppr in https://github.com/google/timesketch/pull/2983
* Fix hidden text by jkppr in https://github.com/google/timesketch/pull/2965
* bug-fix for context links by jkppr in https://github.com/google/timesketch/pull/2962
* Update for upgrade documentation by jkppr in https://github.com/google/timesketch/pull/2967
* Removing old feature extractor analyzer by jkppr in https://github.com/google/timesketch/pull/2969
* Update for the context_links documentation by jkppr in https://github.com/google/timesketch/pull/2970
* Updating the feature extraction analyzer documentation by jkppr in https://github.com/google/timesketch/pull/2973
* [tests] Add jsonl e2e tests by jaegeral in https://github.com/google/timesketch/pull/2976
* Fix vue dependency issues with "v-calendar" by jkppr in https://github.com/google/timesketch/pull/2989
* Mute noisy info logging in the feature extraction analyzer by jkppr in https://github.com/google/timesketch/pull/2993
* New empty-state and left panel bugfix by berggren in https://github.com/google/timesketch/pull/2991
* Update the analyzer timeline picker by jkppr in https://github.com/google/timesketch/pull/3001
* UI build 20231206 by jkppr in https://github.com/google/timesketch/pull/3002
New Contributors
* JohannesLks made their first contribution in https://github.com/google/timesketch/pull/2990
* coloradosarge made their first contribution in https://github.com/google/timesketch/pull/3000
**Full Changelog**: https://github.com/google/timesketch/compare/20231025...20231206
20231025
> **Note**
Upgrading to this Timesketch version requires a database upgrade!
See https://timesketch.org/guides/admin/upgrade/ for more details.
What's Changed
* filter chip fixes by jkppr in https://github.com/google/timesketch/pull/2893
* Adding multi analyzer result support by jkppr in https://github.com/google/timesketch/pull/2894
* Fix CSV upload without timestamp_desc by jkppr in https://github.com/google/timesketch/pull/2896
* Bump cryptography from 41.0.3 to 41.0.4 by dependabot in https://github.com/google/timesketch/pull/2904
* Deprecate Sigma status CSV usage from code by jaegeral in https://github.com/google/timesketch/pull/2913
* Add intelligence command to the CLI client by jaegeral in https://github.com/google/timesketch/pull/2864
* UI build 2023-10-05 by jkppr in https://github.com/google/timesketch/pull/2926
* Fix missing plaso_formatters by jkppr in https://github.com/google/timesketch/pull/2933
* Refactor base layout by berggren in https://github.com/google/timesketch/pull/2929
* ui build 20231010 by jkppr in https://github.com/google/timesketch/pull/2934
* Fix 2908 tagger bug by jkppr in https://github.com/google/timesketch/pull/2935
* Update yeti analyzer by tomchop in https://github.com/google/timesketch/pull/2930
* Adjusting regular expressions for features extraction by tomchop in https://github.com/google/timesketch/pull/2932
* [Documentation] timesketch_client.TimesketchApi in api client documentation by jaegeral in https://github.com/google/timesketch/pull/2938
* Improvements to the Yeti analyzer by tomchop in https://github.com/google/timesketch/pull/2942
* Truncate timeline names in analyzer results by jkppr in https://github.com/google/timesketch/pull/2945
* API client method to delete Sigma rule by jaegeral in https://github.com/google/timesketch/pull/2924
* Fix missing sketchId in Search.vue by jkppr in https://github.com/google/timesketch/pull/2955
* Unfurl integration by jkppr in https://github.com/google/timesketch/pull/2897
* Copy saved search ID by jkppr in https://github.com/google/timesketch/pull/2956
* Support emojis in new UI by NightAcrobat777 in https://github.com/google/timesketch/pull/2951
* SSL/TLS support and authentication for SMTP by fazledyn-or in https://github.com/google/timesketch/pull/2940
* Instantiate side panel only once by berggren in https://github.com/google/timesketch/pull/2949
* Unit test to ensure invalid timestamp conversions do not occur by bwhelan212 in https://github.com/google/timesketch/pull/2954
* Add DFIQ context to SearchHistory by berggren in https://github.com/google/timesketch/pull/2957
* Sanitise HTML from Unfurl by berggren in https://github.com/google/timesketch/pull/2959
* Context link backwards compatibility & sanitation by jkppr in https://github.com/google/timesketch/pull/2958
* UI build 2023-10-25 by jkppr in https://github.com/google/timesketch/pull/2960
New Contributors
* NightAcrobat777 made their first contribution in https://github.com/google/timesketch/pull/2951
* fazledyn-or made their first contribution in https://github.com/google/timesketch/pull/2940
* bwhelan212 made their first contribution in https://github.com/google/timesketch/pull/2954
**Full Changelog**: https://github.com/google/timesketch/compare/20230913...20231025
20230913
What's Changed
* [Analyzers] Spelling errors by jaegeral in https://github.com/google/timesketch/pull/2860
* correct paramters in cli attributes method by jaegeral in https://github.com/google/timesketch/pull/2863
* Update troubleshooting.md by jaegeral in https://github.com/google/timesketch/pull/2866
* adding timeline info to the tsctl by jaegeral in https://github.com/google/timesketch/pull/2870
* Feature extraction for TI data in "Windows-Bits-Client" events by jkppr in https://github.com/google/timesketch/pull/2873
* Update Date chip to support milliseconds by sydp in https://github.com/google/timesketch/pull/2867
* Allow API port to listen on localhost by tomchop in https://github.com/google/timesketch/pull/2875
* Loading indicator active analyzers by Annoraaq in https://github.com/google/timesketch/pull/2855
* OpenSearch 2.x support by berggren in https://github.com/google/timesketch/pull/2876
* ui build 20230831 by jkppr in https://github.com/google/timesketch/pull/2878
* Bump cryptography from 41.0.2 to 41.0.3 by dependabot in https://github.com/google/timesketch/pull/2858
* Add TTY check for providing missing config values by ramo-j in https://github.com/google/timesketch/pull/2850
* Don't exit with error if user chooses not to start timesketch by pemontto in https://github.com/google/timesketch/pull/2857
* Export query result to CSV by berggren in https://github.com/google/timesketch/pull/2882
* Run analyzers only once per timeline by jkppr in https://github.com/google/timesketch/pull/2883
* Support overriding/extending Plaso formatter definitions by berggren in https://github.com/google/timesketch/pull/2881
* New UI build (automated) by berggren in https://github.com/google/timesketch/pull/2884
* Tag list refactor & bug fixes by jkppr in https://github.com/google/timesketch/pull/2886
* Event attribute include / exclude filters by jkppr in https://github.com/google/timesketch/pull/2888
* refactor verbose analyzer output by jkppr in https://github.com/google/timesketch/pull/2885
* Analyzer Output UI update by jkppr in https://github.com/google/timesketch/pull/2887
* Adding tag filter chips to sigma rules by jkppr in https://github.com/google/timesketch/pull/2890
* Search History graph cleanup by berggren in https://github.com/google/timesketch/pull/2891
* UI build 20230913 by jkppr in https://github.com/google/timesketch/pull/2892
**Full Changelog**: https://github.com/google/timesketch/compare/20230721...20230913
20230721
What's Changed
* fixes 2809 UI bug by jkppr in https://github.com/google/timesketch/pull/2810
* Timeline and Scenarios fixes + small UI fixes by berggren in https://github.com/google/timesketch/pull/2808
* Show selected event in context view by berggren in https://github.com/google/timesketch/pull/2811
* Consitent forms and cleaned up XML viewer by berggren in https://github.com/google/timesketch/pull/2812
* Remove ports from e2e-tests by berggren in https://github.com/google/timesketch/pull/2816
* Update Account Finder Analyzer by jkppr in https://github.com/google/timesketch/pull/2803
* Delete sketch and list archived sketches by berggren in https://github.com/google/timesketch/pull/2817
* Add json and tab output to CLI client by jaegeral in https://github.com/google/timesketch/pull/2818
* [CLI] Add `output-format` as cli wide argument by jaegeral in https://github.com/google/timesketch/pull/2819
* Update hashR analyzer by jkppr in https://github.com/google/timesketch/pull/2820
* [CLI] refactor to use central output-format by jaegeral in https://github.com/google/timesketch/pull/2821
* Support OpenSearch queries in DFIQ by berggren in https://github.com/google/timesketch/pull/2822
* Add Windows Lateral Movement DFIQ scenario by berggren in https://github.com/google/timesketch/pull/2823
* Adding hashR user documentation by jkppr in https://github.com/google/timesketch/pull/2824
* New UI build by berggren in https://github.com/google/timesketch/pull/2828
* Update tsdev.sh to add creation of api client and cli client by jaegeral in https://github.com/google/timesketch/pull/2830
* fix mkdocs warnings by jkppr in https://github.com/google/timesketch/pull/2832
* fix docs formatting by jkppr in https://github.com/google/timesketch/pull/2833
* Add a test case for conditions with multiple words in a Sigma rule by jaegeral in https://github.com/google/timesketch/pull/2835
* Always set active timelines by berggren in https://github.com/google/timesketch/pull/2838
* Preserve user defined filters by berggren in https://github.com/google/timesketch/pull/2840
* Support event list sorting (asc/desc) by berggren in https://github.com/google/timesketch/pull/2843
* Rework comments by jkppr in https://github.com/google/timesketch/pull/2845
* Upgrade to PyYAML 6.0.1 and NodeJS 18 by berggren in https://github.com/google/timesketch/pull/2853
* Bump cryptography from 41.0.0 to 41.0.2 by dependabot in https://github.com/google/timesketch/pull/2844
* Documentation updates for analyzers by jkppr in https://github.com/google/timesketch/pull/2851
* Add timesketch analyze results to the CLI client by jaegeral in https://github.com/google/timesketch/pull/2846
* Manage sketch attributes in the CLI client by jaegeral in https://github.com/google/timesketch/pull/2841
* New UI build and update version numbers by berggren in https://github.com/google/timesketch/pull/2854
**Full Changelog**: https://github.com/google/timesketch/compare/20230628...20230721
20230628
What's Changed
* Update changelog by berggren in https://github.com/google/timesketch/pull/2768
* Scenarios model refactor by berggren in https://github.com/google/timesketch/pull/2672
* Ssh bruteforce analyzer by roshanmaskey in https://github.com/google/timesketch/pull/2769
* Add missing dependency for e2e container by berggren in https://github.com/google/timesketch/pull/2783
* 🐛 Handle None response from ip2geo by pemontto in https://github.com/google/timesketch/pull/2770
* Fix 2784 - pandas.read_csv arguments by jkppr in https://github.com/google/timesketch/pull/2785
* Add tzdata to all container builds by berggren in https://github.com/google/timesketch/pull/2788
* Fix for 2738 - Analyzer not in AnalyzerList by jkppr in https://github.com/google/timesketch/pull/2786
* Fixing 2393 - analysis of broken timelines by jkppr in https://github.com/google/timesketch/pull/2787
* Helm k8s by wajihyassine in https://github.com/google/timesketch/pull/2661
* Enable settings from environment (needs Flask 2.1+) by bpereto in https://github.com/google/timesketch/pull/2417
* Add 🐀 emoji for remote access tools by pemontto in https://github.com/google/timesketch/pull/2779
* Switch to Compose V2 by koromodako in https://github.com/google/timesketch/pull/2654
* Return user defined aggregation name when using the API client by sydp in https://github.com/google/timesketch/pull/2507
* Bump cryptography from 39.0.1 to 41.0.0 by dependabot in https://github.com/google/timesketch/pull/2778
* Bump pyjwt from 1.7.1 to 2.4.0 by dependabot in https://github.com/google/timesketch/pull/2192
* Update Helm README to refer to OSDFIR Infrastructure by wajihyassine in https://github.com/google/timesketch/pull/2790
* DFIQ support by berggren in https://github.com/google/timesketch/pull/2782
* Fix for importing small JSONL files by berggren in https://github.com/google/timesketch/pull/2793
* Restyle timeline chips by Annoraaq in https://github.com/google/timesketch/pull/2777
* Windows bruteforce analyzer by roshanmaskey in https://github.com/google/timesketch/pull/2792
* Automate verbose analyzer output metadata collection by jkppr in https://github.com/google/timesketch/pull/2798
* Update the event tags UI by jkppr in https://github.com/google/timesketch/pull/2805
* UI support for verbose analyzer output by jkppr in https://github.com/google/timesketch/pull/2797
* New UI build (automated) by berggren in https://github.com/google/timesketch/pull/2806
New Contributors
* bpereto made their first contribution in https://github.com/google/timesketch/pull/2417
* koromodako made their first contribution in https://github.com/google/timesketch/pull/2654
**Full Changelog**: https://github.com/google/timesketch/compare/20230526...20230628
20230526
Version 20230526
What's Changed
* Minor fixes/updates for AggregateDialog by sydp in https://github.com/google/timesketch/pull/2726
* Implicit String Fix by LX5321 in https://github.com/google/timesketch/pull/2650
* 🐛 Fix invalid sigma YAML by pemontto in https://github.com/google/timesketch/pull/2757
* Ensure that upload path is valid by berggren in https://github.com/google/timesketch/pull/2763
* Update to Flask 2.3.x and dependencies by berggren in https://github.com/google/timesketch/pull/2764
* New UI build (auto generated) by berggren in https://github.com/google/timesketch/pull/2767
New Contributors
* LX5321 made their first contribution in https://github.com/google/timesketch/pull/2650
**Full Changelog**: https://github.com/google/timesketch/compare/20230518...20230526
20230518
Timesketch release 20230518
What's Changed
* Added provider/context for uploads in the importer by kiddinn in https://github.com/google/timesketch/pull/1640
* Added provider/context to the CLI importer tool. by kiddinn in https://github.com/google/timesketch/pull/1644
* Added data source DB model by berggren in https://github.com/google/timesketch/pull/1642
* [API] introduce text --> sigma rule by jaegeral in https://github.com/google/timesketch/pull/1511
* Replace use of the csv library by pandas built-ins for data ingestion by rayanht in https://github.com/google/timesketch/pull/1534
* Added a Timesketch CLI client by berggren in https://github.com/google/timesketch/pull/1414
* Fixed couple of bugs in the sigma API and API Client by jaegeral in https://github.com/google/timesketch/pull/1646
* Docker: e2e / dev Sigma directory was not created before by jaegeral in https://github.com/google/timesketch/pull/1650
* Add the ability to use elasticsearch with SSL but without username/password authentication. by alexgoedeke in https://github.com/google/timesketch/pull/1645
* Mention end2end tests in dev guide by jaegeral in https://github.com/google/timesketch/pull/1651
* Another round of minor checks where unittests did not reflect the reality by jaegeral in https://github.com/google/timesketch/pull/1647
* fixing some lint issues in the the e2e Docker readme file by jaegeral in https://github.com/google/timesketch/pull/1653
* Bump sigmatools pypi version up by jaegeral in https://github.com/google/timesketch/pull/1633
* Added search templates to API and API client by kiddinn in https://github.com/google/timesketch/pull/1643
* Forgot to include the `searchtemplate.py` file in the last PR by kiddinn in https://github.com/google/timesketch/pull/1655
* Prometheus metric collection by berggren in https://github.com/google/timesketch/pull/1611
* Update 2021_timesketch_summit.md by jaegeral in https://github.com/google/timesketch/pull/1658
* Add external talk to the agenda by jaegeral in https://github.com/google/timesketch/pull/1660
* Fixed limitations in file size in the data source model. by kiddinn in https://github.com/google/timesketch/pull/1662
* Cleaned up some of the API code. by kiddinn in https://github.com/google/timesketch/pull/1657
* Made slight changes to the API client and REST API. by kiddinn in https://github.com/google/timesketch/pull/1664
* Update marked library by berggren in https://github.com/google/timesketch/pull/1668
* Remove reg form and update agenda by jaegeral in https://github.com/google/timesketch/pull/1672
* Added several enhancements to the importer and importer tasks. by kiddinn in https://github.com/google/timesketch/pull/1667
* Update 2021_timesketch_summit.md by jaegeral in https://github.com/google/timesketch/pull/1675
* Fixed a bug in data ingestion by kiddinn in https://github.com/google/timesketch/pull/1674
* Changed how we fill in NAN values while ingesting CSV files. by kiddinn in https://github.com/google/timesketch/pull/1676
* Update installation/upgrading docs by berggren in https://github.com/google/timesketch/pull/1678
* Added instructions on how to install a notebook container by kiddinn in https://github.com/google/timesketch/pull/1681
* Minor bug fixes to the API client by kiddinn in https://github.com/google/timesketch/pull/1686
* Added a new documentation site by berggren in https://github.com/google/timesketch/pull/1680
* Added a PR template. by kiddinn in https://github.com/google/timesketch/pull/1688
* Moved the PR template to a file instead of a folder. by kiddinn in https://github.com/google/timesketch/pull/1689
* Fixed few bugs in the API and alpha sorted saved searches by kiddinn in https://github.com/google/timesketch/pull/1691
* Fix broken links in README.md by stevengoossensB in https://github.com/google/timesketch/pull/1696
* [Tiny fix] Updated link for Docker installation process by toshiro92 in https://github.com/google/timesketch/pull/1702
* Update sigma.md by jaegeral in https://github.com/google/timesketch/pull/1705
* Changed how import errors are presented as well as ability to change passwords for the current user. by kiddinn in https://github.com/google/timesketch/pull/1700
* Changed how ES object is created to support auth without ssl, as well as minor bug fix in analyzer selection. by kiddinn in https://github.com/google/timesketch/pull/1710
* Changed upload behavior when appending to an already existing timeline by kiddinn in https://github.com/google/timesketch/pull/1712
* Use DataSource error message and UI cleanup by berggren in https://github.com/google/timesketch/pull/1713
* UI: Quick typo fix, and change provider string from the importer library by berggren in https://github.com/google/timesketch/pull/1714
* UI: Remove old error field by berggren in https://github.com/google/timesketch/pull/1719
* Always uniq index lists by berggren in https://github.com/google/timesketch/pull/1718
* Added upper memory limits to psort. by kiddinn in https://github.com/google/timesketch/pull/1722
* Allow other OIDC providers for authentication by asmirazali in https://github.com/google/timesketch/pull/1717
* Update developer-guide.md by jaegeral in https://github.com/google/timesketch/pull/1725
* UI: Fixing a bug in the Interval time filters by binglot in https://github.com/google/timesketch/pull/1598
* Moved the Notebook.md to learn/notebook.md to correspond to where the docs point to it. by kiddinn in https://github.com/google/timesketch/pull/1732
* Removed index analyzers and changed API/import client. by kiddinn in https://github.com/google/timesketch/pull/1723
* introduce tags in the sample rule and add tags from the rule to the s… by jaegeral in https://github.com/google/timesketch/pull/1735
* Add Get Timesketch client object into dev/notebook snippet by jaegeral in https://github.com/google/timesketch/pull/1737
* Set timeline ID in the GCS importer by berggren in https://github.com/google/timesketch/pull/1738
* fix the bug by jaegeral in https://github.com/google/timesketch/pull/1741
* Introduce os filsystem in sigma mapping by jaegeral in https://github.com/google/timesketch/pull/1734
* Sigma api e2e by jaegeral in https://github.com/google/timesketch/pull/1730
* Timeline name is not an optional field, changed text to avoid confusion by itsmvd in https://github.com/google/timesketch/pull/1747
* Added the ability to ingest data ingested by other means than through Timesketch backend by kiddinn in https://github.com/google/timesketch/pull/1383
* Prevent users from uploading unsupported file formats by itsmvd in https://github.com/google/timesketch/pull/1751
* Added generic mappings for CSV/JSON ingestion by lprat in https://github.com/google/timesketch/pull/1753
* Changed how duplicate attributes are displayed when adding manual eve… by warrinot in https://github.com/google/timesketch/pull/1758
* Bugfix: Error messages not showing in the UI by berggren in https://github.com/google/timesketch/pull/1765
* Search history by berggren in https://github.com/google/timesketch/pull/1757
* Refactor frontend by berggren in https://github.com/google/timesketch/pull/1746
* refactor and bugfix by berggren in https://github.com/google/timesketch/pull/1769
* Add metrics to SearchHistory actions by berggren in https://github.com/google/timesketch/pull/1770
* Bugfix: Navigation error by berggren in https://github.com/google/timesketch/pull/1771
* Bugfix: Ensure correct root history node is fetched by berggren in https://github.com/google/timesketch/pull/1773
* Change default search operator by berggren in https://github.com/google/timesketch/pull/1775
* Bugfix: Navigation links by berggren in https://github.com/google/timesketch/pull/1778
* Fixed some links pointing to non-existing docs by warrinot in https://github.com/google/timesketch/pull/1776
* Bugfix: Not able to star events by berggren in https://github.com/google/timesketch/pull/1784
* Changed how sketch attributes are stored and read from datastore. by kiddinn in https://github.com/google/timesketch/pull/1789
* Broken link in getting started by jordanrule in https://github.com/google/timesketch/pull/1788
* Fixed a minor issue in the attribute REST API. by kiddinn in https://github.com/google/timesketch/pull/1790
* Changed how sketch attributes are handled. by kiddinn in https://github.com/google/timesketch/pull/1792
* UI: Expose sketch attributes by tomchop in https://github.com/google/timesketch/pull/1793
* Fix broken attribute count in navbar by tomchop in https://github.com/google/timesketch/pull/1795
* UI: Use prettier formatter consistently by berggren in https://github.com/google/timesketch/pull/1798
* UI: Expose sketch attributes through a dynamic table display component by tomchop in https://github.com/google/timesketch/pull/1796
* Added regular expressions into the tagging analyzer to provide more flexibility. by kiddinn in https://github.com/google/timesketch/pull/1768
* Add Youtube Channel and Twitter account to docs by jaegeral in https://github.com/google/timesketch/pull/1802
* Fix typo: encourage by nagytam in https://github.com/google/timesketch/pull/1799
* Updated Sigma tagging, few improvements by jaegeral in https://github.com/google/timesketch/pull/1766
* Added a data analyzer by kiddinn in https://github.com/google/timesketch/pull/1791
* Sigma verify tool improv by jaegeral in https://github.com/google/timesketch/pull/1804
* Added a small logger statement in the importer client. by kiddinn in https://github.com/google/timesketch/pull/1806
* Add additional regexes to extract IP addresses from sshd messages by itsmvd in https://github.com/google/timesketch/pull/1809
* Update developer guide by tomchop in https://github.com/google/timesketch/pull/1808
* Change default font by berggren in https://github.com/google/timesketch/pull/1823
* Fix bug in tagger analyzer by itsmvd in https://github.com/google/timesketch/pull/1821
* UI: Search autocomplete and dropdown by berggren in https://github.com/google/timesketch/pull/1838
* UI: Interactive histogram by berggren in https://github.com/google/timesketch/pull/1836
* Fix to Time Filter Removal behavior by binglot in https://github.com/google/timesketch/pull/1843
* UI: New build by berggren in https://github.com/google/timesketch/pull/1844
* Check for history node by berggren in https://github.com/google/timesketch/pull/1847
* TsDynamicTable now has links pointing back to searches in sketch. by tomchop in https://github.com/google/timesketch/pull/1831
* Add intel from explore by tomchop in https://github.com/google/timesketch/pull/1857
* Extend SSH regex by itsmvd in https://github.com/google/timesketch/pull/1861
* UX local dev doc updates by jaegeral in https://github.com/google/timesketch/pull/1862
* Remove capitalize from event list by jaegeral in https://github.com/google/timesketch/pull/1864
* Fix formatting error in documentation by jaegeral in https://github.com/google/timesketch/pull/1866
* Copy to clipboard for EventListRow and EvetlistRowDetail by jaegeral in https://github.com/google/timesketch/pull/1845
* Mention WTF_CSRF_TIME_LIMIT in timesketch.conf by jaegeral in https://github.com/google/timesketch/pull/1870
* Add sysadmin guide to the documentation by jaegeral in https://github.com/google/timesketch/pull/1865
* Update timesketch_importer.py by jaegeral in https://github.com/google/timesketch/pull/1873
* Make access to intelligence attributes safer by tomchop in https://github.com/google/timesketch/pull/1882
* Don't convert datetime string in output (datetime picker widget) by berggren in https://github.com/google/timesketch/pull/1889
* Extended tsctl.py to add users to a sketch by binglot in https://github.com/google/timesketch/pull/1886
* Bugfix for label filter by hkhalifa in https://github.com/google/timesketch/pull/1893
* Asynchronous update when adding timeline ID to events in bulk by gaelmuller in https://github.com/google/timesketch/pull/1879
* UI: Vertical 3-dots on Timeline Chips by binglot in https://github.com/google/timesketch/pull/1842
* GeoIP Analyzer by sydp in https://github.com/google/timesketch/pull/1888
* UI consistency by berggren in https://github.com/google/timesketch/pull/1896
* Expose Sigma rules overview and detail pages by jaegeral in https://github.com/google/timesketch/pull/1851
* Sigma: Rule detail inline with table rows by berggren in https://github.com/google/timesketch/pull/1897
* Bugfix: Highlight text shown twice by berggren in https://github.com/google/timesketch/pull/1900
* Geoip updates by sydp in https://github.com/google/timesketch/pull/1899
* 1895 bugfix copy buttons by jaegeral in https://github.com/google/timesketch/pull/1906
* Introduce a Timesketch roadmap doc and Sigma by jaegeral in https://github.com/google/timesketch/pull/1903
* ssh analyzer: Only create saved search if there are any sessions created by berggren in https://github.com/google/timesketch/pull/1909
* Fix: Sigma analyzer creates saved search and story even with 0 results by jaegeral in https://github.com/google/timesketch/pull/1910
* Remove mans from various docs by jaegeral in https://github.com/google/timesketch/pull/1912
* Improve Sigma analyzer exception logging message by jaegeral in https://github.com/google/timesketch/pull/1904
* Search history documentation by jaegeral in https://github.com/google/timesketch/pull/1917
* Buttons for back/forward in search history by berggren in https://github.com/google/timesketch/pull/1914
* New build by berggren in https://github.com/google/timesketch/pull/1918
* fix intel count by jaegeral in https://github.com/google/timesketch/pull/1920
* Bugfix: Tag background in light theme by berggren in https://github.com/google/timesketch/pull/1924
* Add timeline context menu on overview page by berggren in https://github.com/google/timesketch/pull/1923
* Corrected docstring in setup.py by joachimmetz in https://github.com/google/timesketch/pull/1926
* Microseconds since epoch for JSONL input data by berggren in https://github.com/google/timesketch/pull/1939
* Fixes for read_and_validate_csv by sydp in https://github.com/google/timesketch/pull/1905
* Update plaso.mappings by berggren in https://github.com/google/timesketch/pull/1941
* Bugfix for disappearing menubar by tomchop in https://github.com/google/timesketch/pull/1943
* initiatl sizing doc by jaegeral in https://github.com/google/timesketch/pull/1947
* Docs and docstring to list_sketches API by jaegeral in https://github.com/google/timesketch/pull/1945
* add GCP to sigma config file / mapping by jaegeral in https://github.com/google/timesketch/pull/1956
* Ability to modifiy elasticsearch client timeout value by rushattac in https://github.com/google/timesketch/pull/1849
* Multi analyzer workers by jaegeral in https://github.com/google/timesketch/pull/1958
* Multi analyzer - tagger and feature extractor by berggren in https://github.com/google/timesketch/pull/1960
* introduce multi analyzer to docs by jaegeral in https://github.com/google/timesketch/pull/1961
* New UI build by berggren in https://github.com/google/timesketch/pull/1965
* Bugfix: Set counter by berggren in https://github.com/google/timesketch/pull/1966
* Select multiple toggle start bug fix by rushattac in https://github.com/google/timesketch/pull/1964
* Sigma tagger bugfix for empty tags in rule by berggren in https://github.com/google/timesketch/pull/1967
* Added deploy_timesketch.ps1 by JouniMi in https://github.com/google/timesketch/pull/1953
* Fix IP regex by tomchop in https://github.com/google/timesketch/pull/1969
* Modify linux folder for sigma rules by jaegeral in https://github.com/google/timesketch/pull/1970
* Documentation on how to update docs site by berggren in https://github.com/google/timesketch/pull/1971
* Update review process for documentation by berggren in https://github.com/google/timesketch/pull/1972
* fix mkdocs and introduce a documentation howto in docs/ by jaegeral in https://github.com/google/timesketch/pull/1973
* Refactor documentation by jaegeral in https://github.com/google/timesketch/pull/1976
* Update mkdocs.yml and add plugin by berggren in https://github.com/google/timesketch/pull/1977
* Docs (timesketch.org) refactor by berggren in https://github.com/google/timesketch/pull/1980
* Remove nav and toc from main page by berggren in https://github.com/google/timesketch/pull/1982
* Refactor docs by berggren in https://github.com/google/timesketch/pull/1991
* Notebook docs refactor by berggren in https://github.com/google/timesketch/pull/1992
* Better UI dev by tomchop in https://github.com/google/timesketch/pull/1989
* Fix Sigma backslash issue by jaegeral in https://github.com/google/timesketch/pull/1968
* Sigma compose UI by jaegeral in https://github.com/google/timesketch/pull/1937
* Streamline dev server by berggren in https://github.com/google/timesketch/pull/1994
* New UI build by berggren in https://github.com/google/timesketch/pull/1995
* add ParentImage to the sigma mapping by jaegeral in https://github.com/google/timesketch/pull/1996
* Docs fixes by berggren in https://github.com/google/timesketch/pull/1993
* add restarting services to the doc by jaegeral in https://github.com/google/timesketch/pull/2004
* Expose new frontend development server (tcp:5001) by berggren in https://github.com/google/timesketch/pull/2005
* Update timesketch.conf by berggren in https://github.com/google/timesketch/pull/2006
* More API client examples in the dev documentation by jaegeral in https://github.com/google/timesketch/pull/2002
* Issue 1887 timefilters bug by binglot in https://github.com/google/timesketch/pull/2008
* fix csv of Sigma blocklist by jaegeral in https://github.com/google/timesketch/pull/2014
* another missing column in sigma blocklist by jaegeral in https://github.com/google/timesketch/pull/2015
* Fixed broken/outdated documentation URLs by jleaniz in https://github.com/google/timesketch/pull/2017
* add date search examples to search query guide by mark-hallman in https://github.com/google/timesketch/pull/2013
* s/zenmap/zmap by jaegeral in https://github.com/google/timesketch/pull/1997
* Create Intelligence Documentation by jaegeral in https://github.com/google/timesketch/pull/1984
* Unrecognized attributes get the "other" type by tomchop in https://github.com/google/timesketch/pull/2020
* Add unit tests for frontend IOC guessing by tomchop in https://github.com/google/timesketch/pull/2021
* More efficient IOC searching by tomchop in https://github.com/google/timesketch/pull/2026
* Generate graph for a specific timeline by berggren in https://github.com/google/timesketch/pull/2027
* UI build by berggren in https://github.com/google/timesketch/pull/2029
* make it clear to which ID the timeline is uploaded by jaegeral in https://github.com/google/timesketch/pull/2030
* Update sketch.py by itsmvd in https://github.com/google/timesketch/pull/2036
* Troubleshooting doc by jaegeral in https://github.com/google/timesketch/pull/2042
* how to scale ES by jaegeral in https://github.com/google/timesketch/pull/2040
* mention celery job checking by jaegeral in https://github.com/google/timesketch/pull/2046
* Delete and edit comments by hkhalifa in https://github.com/google/timesketch/pull/1885
* UI: Change the behavior of the "Star Toggle" button by binglot in https://github.com/google/timesketch/pull/2049
* Issue 1978: Fix limited list of Data Types by binglot in https://github.com/google/timesketch/pull/2055
* Update import-from-json-csv.md by jaegeral in https://github.com/google/timesketch/pull/2063
* Change how memory dedicated to ES's JVM is calculated by rgayon in https://github.com/google/timesketch/pull/2066
* Expose Analyzer Logs in the Analyzers tab by binglot in https://github.com/google/timesketch/pull/2057
* Add incompatible Sigma rules to the blocklist by jaegeral in https://github.com/google/timesketch/pull/2038
* Add search examples to the documentation by jaegeral in https://github.com/google/timesketch/pull/2067
* Typo by tomchop in https://github.com/google/timesketch/pull/2070
* Migrate to OpenSearch for dev environment by berggren in https://github.com/google/timesketch/pull/2083
* fix Timeksketch typo by garanews in https://github.com/google/timesketch/pull/2080
* Switch to OpenSearch for e2e tests by berggren in https://github.com/google/timesketch/pull/2085
* Switch to OpenSearch for release docker by berggren in https://github.com/google/timesketch/pull/2086
* Remove Elasticsearch from release docker config by berggren in https://github.com/google/timesketch/pull/2089
* Migrate to OpenSearch python client by berggren in https://github.com/google/timesketch/pull/2091
* Better intelligence view by tomchop in https://github.com/google/timesketch/pull/2045
* Introduce delete user to tsctl.py by LeoAndTheTree in https://github.com/google/timesketch/pull/2069
* 2033 sigma date unittest by jaegeral in https://github.com/google/timesketch/pull/2100
* bugfix 2097 by pydvlpr in https://github.com/google/timesketch/pull/2099
* Fix 2051 Sketch attributes deleted via the API cannot be re-added by an analyzer by jonathan-greig in https://github.com/google/timesketch/pull/2101
* GCP Logging Analyzer by jonathan-greig in https://github.com/google/timesketch/pull/2079
* Add intelligence page to user guide by tomchop in https://github.com/google/timesketch/pull/2106
* Added permissions change to opensearch data directory by ramo-j in https://github.com/google/timesketch/pull/2110
* Mention two blog post as reading recommendation by jaegeral in https://github.com/google/timesketch/pull/2107
* New UI build by berggren in https://github.com/google/timesketch/pull/2114
* Remove duplicates from sigma_config.yaml by ZloeSabo in https://github.com/google/timesketch/pull/2113
* Mention Common Windows EventLog question in Docu by jaegeral in https://github.com/google/timesketch/pull/2108
* Small typo in deployment script by jaegeral in https://github.com/google/timesketch/pull/2102
* Update TsIOCMenu.vue by itsmvd in https://github.com/google/timesketch/pull/2118
* Fix broken link to notebooks by jaegeral in https://github.com/google/timesketch/pull/2105
* Minor changes to intelligence navigation by tomchop in https://github.com/google/timesketch/pull/2116
* Issue2097 2 by pydvlpr in https://github.com/google/timesketch/pull/2104
* Dynamic tags in tagger analyzer by tomchop in https://github.com/google/timesketch/pull/2111
* Whitespace in Sigma Keywords by jaegeral in https://github.com/google/timesketch/pull/2071
* Fix for broken Pip package (upstream) by berggren in https://github.com/google/timesketch/pull/2133
* Support more datetime formats for time filters by sydp in https://github.com/google/timesketch/pull/2075
* Fix formating for nanosecond timestamps by sydp in https://github.com/google/timesketch/pull/2132
* Next generation UI framework by berggren in https://github.com/google/timesketch/pull/2119
* Add deprecated to sigma blocklist by jaegeral in https://github.com/google/timesketch/pull/2136
* typos new attempt by jaegeral in https://github.com/google/timesketch/pull/2138
* Better tag rendering in intelligence view by tomchop in https://github.com/google/timesketch/pull/2123
* Add contrib directory for analyzers by berggren in https://github.com/google/timesketch/pull/2141
* Serve Intelligence tag metadata via the API by tomchop in https://github.com/google/timesketch/pull/2140
* Scenarios: Datamodel and API by berggren in https://github.com/google/timesketch/pull/1936
* new UI build by berggren in https://github.com/google/timesketch/pull/2148
* Support subpath for serving frontend by berggren in https://github.com/google/timesketch/pull/2149
* Migrate to Flask 2.x by berggren in https://github.com/google/timesketch/pull/2154
* Fix: typo for documents. by digitalisx in https://github.com/google/timesketch/pull/2156
* Fix: typo for docs by digitalisx in https://github.com/google/timesketch/pull/2162
* Add CLI client documentation by berggren in https://github.com/google/timesketch/pull/2163
* Consistent formatting by berggren in https://github.com/google/timesketch/pull/2153
* CLI client bugfixes by berggren in https://github.com/google/timesketch/pull/2164
* Update install.md by shannaniggans in https://github.com/google/timesketch/pull/2160
* Make session sticky for API clients by berggren in https://github.com/google/timesketch/pull/2167
* Use of "Conditional Field Mappings" in Sigma by binglot in https://github.com/google/timesketch/pull/2169
* [Documentation] update tsctl command create-user by jaegeral in https://github.com/google/timesketch/pull/2172
* [Documentation] introduce debugging of test instructions by jaegeral in https://github.com/google/timesketch/pull/2174
* Add pylint to the dev docs by jaegeral in https://github.com/google/timesketch/pull/2178
* Sigma use in analyzer by jaegeral in https://github.com/google/timesketch/pull/2166
* fix path to ts config in UI dev guide by jaegeral in https://github.com/google/timesketch/pull/2175
* UI build by berggren in https://github.com/google/timesketch/pull/2179
* Update sigma_config.yaml by binglot in https://github.com/google/timesketch/pull/2180
* timesketch_cli_client.commands.search bug in timestamp handling by jonathan-greig in https://github.com/google/timesketch/pull/2186
* Fixed marked library import by anttitikkanen in https://github.com/google/timesketch/pull/2190
* adjust the Sigma documentation by jaegeral in https://github.com/google/timesketch/pull/2184
* add mutex to Sigma mapping by jaegeral in https://github.com/google/timesketch/pull/2181
* BigQuery Matcher Analyzer plugin by anttitikkanen in https://github.com/google/timesketch/pull/2131
* deprecate the word blocklist in sigma context and use status instead by jaegeral in https://github.com/google/timesketch/pull/2198
* Escape backslashes and spaces in generated OpenSearch queries by tomchop in https://github.com/google/timesketch/pull/2207
* CSV with wrong extension stopped on UI side by rishav-karanjit in https://github.com/google/timesketch/pull/2147
* Use all rules in the analyzer by jaegeral in https://github.com/google/timesketch/pull/2202
* s/add-user/create-user by jaegeral in https://github.com/google/timesketch/pull/2212
* Comment support in updated UI by berggren in https://github.com/google/timesketch/pull/2194
* Preview search results directly from intelligence tab by tomchop in https://github.com/google/timesketch/pull/2205
* [Sigma] Adding fs:bodyfile:entry to keep up with plaso output by jaegeral in https://github.com/google/timesketch/pull/2214
* Documentation refactor by berggren in https://github.com/google/timesketch/pull/2216
* Pinning the opensearch container to version 1.3.2. to fix 2195 by jkppr in https://github.com/google/timesketch/pull/2217
* [Sigma] Adding Syslog to mapping by jaegeral in https://github.com/google/timesketch/pull/2215
* Adjusted client.py to throw an error if no usable tty is found by ramo-j in https://github.com/google/timesketch/pull/2221
* Update Spelling Across docs by wcrum in https://github.com/google/timesketch/pull/2226
* [API client] Add get_event method to Sketch resource by sydp in https://github.com/google/timesketch/pull/2219
* Allow OIDC API clients to consume OAuth tokens from several clients by sa3eed3ed in https://github.com/google/timesketch/pull/2209
* add network/zeek/zeek_rdp_public_listener.yml to Sigma status csv by jaegeral in https://github.com/google/timesketch/pull/2227
* New UI build by berggren in https://github.com/google/timesketch/pull/2230
* Fixed a bug in the stories by kiddinn in https://github.com/google/timesketch/pull/2225
* OIDC: Handle multiple client ids by berggren in https://github.com/google/timesketch/pull/2232
* Add missing login_required decorators by jonathan-greig in https://github.com/google/timesketch/pull/2236
* Unit test test_invalid_algorithm_raises_jwt_validation_error failing in PPA tests by jonathan-greig in https://github.com/google/timesketch/pull/2239
* Read "requester" from the correct location in plaso metadata by anttitikkanen in https://github.com/google/timesketch/pull/2243
* Add a button in the intelligence view to to search for all IOCs by tomchop in https://github.com/google/timesketch/pull/2245
* Update sigma.md by jaegeral in https://github.com/google/timesketch/pull/2249
* Change link to upload timeline documentation in UI by jaegeral in https://github.com/google/timesketch/pull/2247
* fix handling of PLASO_UPPER_MEMORY_LIMIT by hur in https://github.com/google/timesketch/pull/2244
* UI 2255 by marcobrotto in https://github.com/google/timesketch/pull/2257
* timesketch/api/v1/resources/timeline.py s/GET/POST typo by jaegeral in https://github.com/google/timesketch/pull/2258
* Several bugfixes in intelligence view by tomchop in https://github.com/google/timesketch/pull/2254
* Tag colorization improvements by tomchop in https://github.com/google/timesketch/pull/2240
* Feature: Add new IOCs from the UI by tomchop in https://github.com/google/timesketch/pull/2256
* Bring back disappearing codebase by tomchop in https://github.com/google/timesketch/pull/2260
* Update dev README by Nexidian in https://github.com/google/timesketch/pull/2267
* Minor upload form refactor to prevent upload of empty files by Nexidian in https://github.com/google/timesketch/pull/2269
* fix missing mock in sigma_tagger_test.py by rushattac in https://github.com/google/timesketch/pull/2265
* Add script options and flag for starting container during deployment by harshalchaudhari35 in https://github.com/google/timesketch/pull/2220
* Fixes OpenSearch version reterival logic by rushattac in https://github.com/google/timesketch/pull/2189
* Add feature to allow a user to map missing CSV headers by marcobrotto in https://github.com/google/timesketch/pull/2261
* Fix broken e2e test - update psort args for Plaso 20220724 by jonathan-greig in https://github.com/google/timesketch/pull/2280
* 2276 feature extract doc by jaegeral in https://github.com/google/timesketch/pull/2277
* UI: Sketch list, overview, new side panel layout, pagination by berggren in https://github.com/google/timesketch/pull/2282
* improve Sigma documentation by jaegeral in https://github.com/google/timesketch/pull/2283
* Pylint doc by jaegeral in https://github.com/google/timesketch/pull/2285
* UI: Filter menu and save search dialog by berggren in https://github.com/google/timesketch/pull/2281
* Update getting-started.md by marcobrotto in https://github.com/google/timesketch/pull/2287
* Checkbox for multiple fields selection by marcobrotto in https://github.com/google/timesketch/pull/2278
* Fix redirect for OIDC logins by berggren in https://github.com/google/timesketch/pull/2290
* Build UI bundle by berggren in https://github.com/google/timesketch/pull/2291
* Change default value of use rule in Sigma analyzer by jaegeral in https://github.com/google/timesketch/pull/2292
* Enable UI v2 by berggren in https://github.com/google/timesketch/pull/2294
* Add build files for UI v2 by berggren in https://github.com/google/timesketch/pull/2295
* Allow complex tags in the Intelligence attribute by tomchop in https://github.com/google/timesketch/pull/2262
* Tsdev.sh: a script for fast frontend/frontend-ng development by marcobrotto in https://github.com/google/timesketch/pull/2298
* Sigma rule database model + tests by jaegeral in https://github.com/google/timesketch/pull/2296
* Exists search guide by jaegeral in https://github.com/google/timesketch/pull/2308
* s/sigma_blacklist.csv/sigma_rule_status.csv in contrib by jaegeral in https://github.com/google/timesketch/pull/2309
* .gitignore - Ignore Python build artifacts for api and cli clients by jonathan-greig in https://github.com/google/timesketch/pull/2311
* Proposed fix for Export Sketch feature which was not working. by hkhalifa in https://github.com/google/timesketch/pull/2316
* Add manual event to timelines by marcobrotto in https://github.com/google/timesketch/pull/2304
* hashR analyzer by jkppr in https://github.com/google/timesketch/pull/2266
* Search history tree generation by berggren in https://github.com/google/timesketch/pull/2320
* Add manual event by marcobrotto in https://github.com/google/timesketch/pull/2321
* Upload json/jsonl/plaso/csv button in frontend-ng by marcobrotto in https://github.com/google/timesketch/pull/2313
* Add Sigma Database to the API by jaegeral in https://github.com/google/timesketch/pull/2302
* docs: Fix a few typos by timgates42 in https://github.com/google/timesketch/pull/2330
* add vsvode and notebook checkpoints to .gitignore by jaegeral in https://github.com/google/timesketch/pull/2332
* Update plaso args by clowe-r7 in https://github.com/google/timesketch/pull/2300
* Wrap XML attributes in <pre> by marcobrotto in https://github.com/google/timesketch/pull/2327
* Left panel layout by berggren in https://github.com/google/timesketch/pull/2324
* UI: Selectable columns, star, tags by berggren in https://github.com/google/timesketch/pull/2286
* Bump numpy from 1.19.0 to 1.21.0 by dependabot in https://github.com/google/timesketch/pull/2135
* Upload UI with indexing progress information by marcobrotto in https://github.com/google/timesketch/pull/2326
* Extend datasource model schema by berggren in https://github.com/google/timesketch/pull/2342
* Updated Sigma support in the API client by jaegeral in https://github.com/google/timesketch/pull/2333
* Python Notebook to debug the most common Timesketch API by marcobrotto in https://github.com/google/timesketch/pull/2348
* DataSource error handling for Plaso files and upload bugfix with extension handling by marcobrotto in https://github.com/google/timesketch/pull/2343
* Extend Search Templates model to support user defined parameters by berggren in https://github.com/google/timesketch/pull/2349
* Remove doc_type from opensearch client code by berggren in https://github.com/google/timesketch/pull/2350
* Changelog 2022-09 by jaegeral in https://github.com/google/timesketch/pull/2358
* Modify Sigma analyzer / API Client / UX to use Database by jaegeral in https://github.com/google/timesketch/pull/2347
* Search template UI by berggren in https://github.com/google/timesketch/pull/2355
* UI: Scale to many timelines in the picker grid by berggren in https://github.com/google/timesketch/pull/2365
* Sigma UI and import command with tsctl by berggren in https://github.com/google/timesketch/pull/2366
* additions to tscl interacting with Sigma by jaegeral in https://github.com/google/timesketch/pull/2369
* Update frontend-development.md by jaegeral in https://github.com/google/timesketch/pull/2367
* Update docker images and CI tests to Ubuntu 22.04 by berggren in https://github.com/google/timesketch/pull/2372
* Python code formatter GH action by berggren in https://github.com/google/timesketch/pull/2374
* re-adding console.error(error.response.data) by jaegeral in https://github.com/google/timesketch/pull/2375
* New UIv2 build by berggren in https://github.com/google/timesketch/pull/2380
* Auto build: include all build files by berggren in https://github.com/google/timesketch/pull/2381
* UI: Handle legacy datasources by berggren in https://github.com/google/timesketch/pull/2382
* New build of old UI by berggren in https://github.com/google/timesketch/pull/2383
* Add flush interval parameter by Zawadidone in https://github.com/google/timesketch/pull/2319
* Refactor changelog by berggren in https://github.com/google/timesketch/pull/2385
* Add investigative scenario to sketch by berggren in https://github.com/google/timesketch/pull/2386
* Update tasks.py by Zawadidone in https://github.com/google/timesketch/pull/2391
* Check if root_node in search history is none by jaegeral in https://github.com/google/timesketch/pull/2389
* [API client] Add get_intelligence_attribute to sketch resource by itsmvd in https://github.com/google/timesketch/pull/2384
* New UI build by berggren in https://github.com/google/timesketch/pull/2392
* Optimize Yeti analyzer logic + some more changes by tomchop in https://github.com/google/timesketch/pull/2398
* Adding maxmind attribution for the geoip analyzer by jkppr in https://github.com/google/timesketch/pull/2406
* geoip attribution by jkppr in https://github.com/google/timesketch/pull/2407
* Migrate OOB flow to localhost flow for OAuth2 auth by jleaniz in https://github.com/google/timesketch/pull/2379
* Remove oob by berggren in https://github.com/google/timesketch/pull/2409
* Support for adding event attributes via the API by jonathan-greig in https://github.com/google/timesketch/pull/2229
* [Sigma] Update OriginalFileName mapping by jaegeral in https://github.com/google/timesketch/pull/2412
* Snackbar by berggren in https://github.com/google/timesketch/pull/2405
* use capitalize in currentUser in App.vue by jaegeral in https://github.com/google/timesketch/pull/2418
* Update SearchTemplates.vue to check if no searchTemplates are on a system by jaegeral in https://github.com/google/timesketch/pull/2419
* update Sigma doc to match the new Web UI by jaegeral in https://github.com/google/timesketch/pull/2427
* Remove unused service by berggren in https://github.com/google/timesketch/pull/2433
* Add e2e clarification for contributions by tomchop in https://github.com/google/timesketch/pull/2435
* [Sigma] ship some basic but broad rules with Timesketch by jaegeral in https://github.com/google/timesketch/pull/2430
* Scenarios and DFIQ functionality by berggren in https://github.com/google/timesketch/pull/2437
* Fix typo in cli.py by jaegeral in https://github.com/google/timesketch/pull/2438
* Ignore type errors running under Python 3.10 by berggren in https://github.com/google/timesketch/pull/2441
* Context lookup API endpoint part 1 by jkppr in https://github.com/google/timesketch/pull/2440
* Context lookup part 2 - front-end API client by jkppr in https://github.com/google/timesketch/pull/2445
* Add sketch info to tsctl by jaegeral in https://github.com/google/timesketch/pull/2442
* [tsctl] new command: tsctl info by jaegeral in https://github.com/google/timesketch/pull/2443
* Add warning if plaso is not installed to tsctl by jaegeral in https://github.com/google/timesketch/pull/2446
* refresh admin-cli documentation by jaegeral in https://github.com/google/timesketch/pull/2447
* Context lookup part 3 - front-end UI by jkppr in https://github.com/google/timesketch/pull/2448
* Context lookup part 4 - Documentation by jkppr in https://github.com/google/timesketch/pull/2450
* [Sigma] try catch block if crypto.randomUUID is not supported by jaegeral in https://github.com/google/timesketch/pull/2456
* Allow additional OIDC domains to access APIs when OAuth is used by sa3eed3ed in https://github.com/google/timesketch/pull/2421
* Docs update - new landing page by berggren in https://github.com/google/timesketch/pull/2460
* Scenarios conclusion by berggren in https://github.com/google/timesketch/pull/2451
* UI: Tweaks for consistent colors by berggren in https://github.com/google/timesketch/pull/2464
* Add proxy_read_timeout in gninx conf by lprat in https://github.com/google/timesketch/pull/2466
* remove prettytable from tsctl to reduce dependencies by jaegeral in https://github.com/google/timesketch/pull/2461
* Adding a trailing / to nginx.conf by jaegeral in https://github.com/google/timesketch/pull/2455
* MISP and Hashlookup analyzers by DavidCruciani in https://github.com/google/timesketch/pull/2429
* make black happy misp module by jaegeral in https://github.com/google/timesketch/pull/2470
* Frontend dev doc update by jaegeral in https://github.com/google/timesketch/pull/2469
* Update test plaso file by berggren in https://github.com/google/timesketch/pull/2473
* Add colorpicker and rename timeline by berggren in https://github.com/google/timesketch/pull/2472
* Add logout link by berggren in https://github.com/google/timesketch/pull/2496
* Rename sketch by berggren in https://github.com/google/timesketch/pull/2495
* Sigma add syslog:line to ssh data_types by jaegeral in https://github.com/google/timesketch/pull/2508
* Fixed Issue 2505 - interface BaseAnalyzer class name by roshanmaskey in https://github.com/google/timesketch/pull/2506
* Enable bulk edit by berggren in https://github.com/google/timesketch/pull/2497
* Add share dialog by berggren in https://github.com/google/timesketch/pull/2471
* Empty state by berggren in https://github.com/google/timesketch/pull/2501
* Make the web console a bit less verbose by rgayon in https://github.com/google/timesketch/pull/2513
* New UI build by berggren in https://github.com/google/timesketch/pull/2516
* Add LinkedIn search queries by tomchop in https://github.com/google/timesketch/pull/2514
* Indicator when sketch is loading by berggren in https://github.com/google/timesketch/pull/2517
* Edit timefilter by berggren in https://github.com/google/timesketch/pull/2510
* Removable chips by berggren in https://github.com/google/timesketch/pull/2519
* New UI build by berggren in https://github.com/google/timesketch/pull/2520
* SigmaStudio by jaegeral in https://github.com/google/timesketch/pull/2444
* Updates to the timesketch.org docs by jkppr in https://github.com/google/timesketch/pull/2529
* Frontend-ng a fixed id if crypto.randomUUID is not available by jaegeral in https://github.com/google/timesketch/pull/2537
* black format fixing by jaegeral in https://github.com/google/timesketch/pull/2538
* make Sigma util tests into dedicated test cases by jaegeral in https://github.com/google/timesketch/pull/2539
* Deprecate File based Sigma rules by jaegeral in https://github.com/google/timesketch/pull/2509
* [SigmaStudio]don't mutate the prop by jaegeral in https://github.com/google/timesketch/pull/2542
* 2023 02 08 new sigma doc and update Sigma notebook by jaegeral in https://github.com/google/timesketch/pull/2543
* [Docs] update Sigma create rule gif by jaegeral in https://github.com/google/timesketch/pull/2544
* 2022 02 09 changelog jan by jaegeral in https://github.com/google/timesketch/pull/2547
* sigma doc update, add screenshots by jaegeral in https://github.com/google/timesketch/pull/2548
* [tsctl] add option column to tsctl list-sigma-rules by jaegeral in https://github.com/google/timesketch/pull/2549
* Serve icons from local bundle by berggren in https://github.com/google/timesketch/pull/2546
* UI consistency and API resource naming by berggren in https://github.com/google/timesketch/pull/2532
* explorer view event action icon improvements by jkppr in https://github.com/google/timesketch/pull/2553
* Copy field name/value icons for the EventDetail component by jkppr in https://github.com/google/timesketch/pull/2556
* Add Context card for scenarios by berggren in https://github.com/google/timesketch/pull/2566
* New UI build by berggren in https://github.com/google/timesketch/pull/2570
* how to install dependencies for frontend-ng by jaegeral in https://github.com/google/timesketch/pull/2572
* Threat intel in new UI by berggren in https://github.com/google/timesketch/pull/2545
* Update features.yaml by itsmvd in https://github.com/google/timesketch/pull/2523
* admin-cli analyzer-stats function by jaegeral in https://github.com/google/timesketch/pull/2502
* Add retry logic to fetch_resource_data by tomchop in https://github.com/google/timesketch/pull/2552
* Link back to explore session by jkppr in https://github.com/google/timesketch/pull/2582
* UI update for the Left Panel by jkppr in https://github.com/google/timesketch/pull/2585
* Reusable EventList component by berggren in https://github.com/google/timesketch/pull/2592
* Port Graph to new UI by berggren in https://github.com/google/timesketch/pull/2587
* Graph eventlist by berggren in https://github.com/google/timesketch/pull/2595
* CLI: Add Tag to single event by jaegeral in https://github.com/google/timesketch/pull/2600
* Update sigmastudio snackbars by jkppr in https://github.com/google/timesketch/pull/2603
* Sigma rules to be deployed by default by jaegeral in https://github.com/google/timesketch/pull/2377
* Stories by berggren in https://github.com/google/timesketch/pull/2610
* Make tags reactive by berggren in https://github.com/google/timesketch/pull/2613
* Bugfix: Stories not loading saved search by berggren in https://github.com/google/timesketch/pull/2615
* Loading indicator for sigma rules by berggren in https://github.com/google/timesketch/pull/2616
* Add Plaso staging e2e tests by berggren in https://github.com/google/timesketch/pull/2618
* Bugfix: timeline url param support by berggren in https://github.com/google/timesketch/pull/2619
* [CLI] add a show_internal_columns and json output to the explore method… by jaegeral in https://github.com/google/timesketch/pull/2607
* [CLI] events group to add comments and tags to an event by jaegeral in https://github.com/google/timesketch/pull/2604
* Making timestamp leading value when importing a csv by jaegeral in https://github.com/google/timesketch/pull/2586
* Fix SSL verify behavior in API client by FabFaeb in https://github.com/google/timesketch/pull/2602
* Consistent UI interactions by berggren in https://github.com/google/timesketch/pull/2621
* Add docker configs to default paths of files and HTTP(S) ports by lprat in https://github.com/google/timesketch/pull/2011
* Add default arg to PLASO_PPA_TRACK by tomchop in https://github.com/google/timesketch/pull/2625
* Bugfix: Support new views, and don't edit on dblclick when in edit mode by berggren in https://github.com/google/timesketch/pull/2629
* Add plaso version to version endpoint by berggren in https://github.com/google/timesketch/pull/2631
* Sigma list speedup by jaegeral in https://github.com/google/timesketch/pull/2632
* [Docs] CLI client dev guide + 2023-03 changelog by jaegeral in https://github.com/google/timesketch/pull/2637
* Fix 2636 - expand the clickable area of EventList rows by jkppr in https://github.com/google/timesketch/pull/2639
* Sigma UI refactor by berggren in https://github.com/google/timesketch/pull/2642
* [Sigma API] remove enrich_sigma_rule_object from API and just use the util method by jaegeral in https://github.com/google/timesketch/pull/2634
* Left menu UI polish by berggren in https://github.com/google/timesketch/pull/2645
* Add Event Data Analytics/Aggregation Dialog by sydp in https://github.com/google/timesketch/pull/2622
* Corrected grammatical error in the install.md file by FazlOmar9 in https://github.com/google/timesketch/pull/2647
* [P17] Analyzer v2 UI by jkppr in https://github.com/google/timesketch/pull/2657
* Empty state for Scenarios tab by berggren in https://github.com/google/timesketch/pull/2656
* Make new UI the default by berggren in https://github.com/google/timesketch/pull/2662
* Remove hover for story eventlist by berggren in https://github.com/google/timesketch/pull/2664
* New UI build by berggren in https://github.com/google/timesketch/pull/2665
* unittsts, new test csv and update to utils.py by jaegeral in https://github.com/google/timesketch/pull/2668
* Handle CSV imports that's missing timestamp field by berggren in https://github.com/google/timesketch/pull/2669
* Remove timestamp check by berggren in https://github.com/google/timesketch/pull/2671
* Ignore invalid timelines by Annoraaq in https://github.com/google/timesketch/pull/2678
* Filter analyzer results by display_name by Annoraaq in https://github.com/google/timesketch/pull/2679
* Fix 2680 - tagging of events without a tag attribute by jkppr in https://github.com/google/timesketch/pull/2688
* Fix for the pagination problems by jkppr in https://github.com/google/timesketch/pull/2691
* new UI build by jkppr in https://github.com/google/timesketch/pull/2692
* filter analyzers by timeline by Annoraaq in https://github.com/google/timesketch/pull/2699
* Show active analyzers loading by Annoraaq in https://github.com/google/timesketch/pull/2700
* make it easier to use the --sketch flag by jaegeral in https://github.com/google/timesketch/pull/2711
* fixing failing tests by jkppr in https://github.com/google/timesketch/pull/2719
* Delete timeline by jkppr in https://github.com/google/timesketch/pull/2696
* Context Search by berggren in https://github.com/google/timesketch/pull/2715
* Search with no timeline selected by berggren in https://github.com/google/timesketch/pull/2707
* Fix alignment for left panel menu by berggren in https://github.com/google/timesketch/pull/2704
* Exit early if there is no cytoscape instance by berggren in https://github.com/google/timesketch/pull/2708
* [Analyzer] Sigma: NoneType error by jaegeral in https://github.com/google/timesketch/pull/2716
* Enable sketch archiving by berggren in https://github.com/google/timesketch/pull/2701
* Add context to timeline datasources by berggren in https://github.com/google/timesketch/pull/2702
* Fix count error for failed timelines by berggren in https://github.com/google/timesketch/pull/2712
* [CLI] adding event to a sketch by jaegeral in https://github.com/google/timesketch/pull/2599
* Fix active analyzer status check bug by jkppr in https://github.com/google/timesketch/pull/2722
* Untag event API resource by jaegeral in https://github.com/google/timesketch/pull/2724
* Updated Tagging UI by jkppr in https://github.com/google/timesketch/pull/2694
* Update to AnalyzerSessionActiveListResource API endpoint by jkppr in https://github.com/google/timesketch/pull/2725
* Saved View left panel fixes by berggren in https://github.com/google/timesketch/pull/2713
* API Client Typos and formatting by jaegeral in https://github.com/google/timesketch/pull/2731
* add untag_event and untag_events to API client by jaegeral in https://github.com/google/timesketch/pull/2729
* Update analyzer status sync UI by jkppr in https://github.com/google/timesketch/pull/2734
* Add remove_tag to CLI client by jaegeral in https://github.com/google/timesketch/pull/2732
* [Doc] add changelog for may, improve some other docs by jaegeral in https://github.com/google/timesketch/pull/2735
* update markdown index by jaegeral in https://github.com/google/timesketch/pull/2736
* [CLI] bugfix: respect --limit when using a saved_search by jaegeral in https://github.com/google/timesketch/pull/2737
* New Cytoscape component (remove vue-cytoscape wrapper dependency) by berggren in https://github.com/google/timesketch/pull/2733
* Don't use editable installs in github actions by jaegeral in https://github.com/google/timesketch/pull/2748
* SSH feature extractions by roshanmaskey in https://github.com/google/timesketch/pull/2744
* Windows login feature extraction by roshanmaskey in https://github.com/google/timesketch/pull/2745
* [CLI] Add Sigma list / describe to timesketch cli by jaegeral in https://github.com/google/timesketch/pull/2620
* Save SearchTemplates via YAML only by berggren in https://github.com/google/timesketch/pull/2750
* add more details to the timelines CLI command by jaegeral in https://github.com/google/timesketch/pull/2751
* Update troubleshooting.md by jaegeral in https://github.com/google/timesketch/pull/2756
* AnalyzerOutput and supporting classes by roshanmaskey in https://github.com/google/timesketch/pull/2706
* New ui build by berggren in https://github.com/google/timesketch/pull/2759
* Docker build with release tag by berggren in https://github.com/google/timesketch/pull/2760
New Contributors
* alexgoedeke made their first contribution in https://github.com/google/timesketch/pull/1645
* stevengoossensB made their first contribution in https://github.com/google/timesketch/pull/1696
* toshiro92 made their first contribution in https://github.com/google/timesketch/pull/1702
* asmirazali made their first contribution in https://github.com/google/timesketch/pull/1717
* warrinot made their first contribution in https://github.com/google/timesketch/pull/1758
* jordanrule made their first contribution in https://github.com/google/timesketch/pull/1788
* nagytam made their first contribution in https://github.com/google/timesketch/pull/1799
* hkhalifa made their first contribution in https://github.com/google/timesketch/pull/1893
* rushattac made their first contribution in https://github.com/google/timesketch/pull/1849
* JouniMi made their first contribution in https://github.com/google/timesketch/pull/1953
* jleaniz made their first contribution in https://github.com/google/timesketch/pull/2017
* mark-hallman made their first contribution in https://github.com/google/timesketch/pull/2013
* LeoAndTheTree made their first contribution in https://github.com/google/timesketch/pull/2069
* pydvlpr made their first contribution in https://github.com/google/timesketch/pull/2099
* jonathan-greig made their first contribution in https://github.com/google/timesketch/pull/2101
* ramo-j made their first contribution in https://github.com/google/timesketch/pull/2110
* ZloeSabo made their first contribution in https://github.com/google/timesketch/pull/2113
* digitalisx made their first contribution in https://github.com/google/timesketch/pull/2156
* shannaniggans made their first contribution in https://github.com/google/timesketch/pull/2160
* anttitikkanen made their first contribution in https://github.com/google/timesketch/pull/2190
* rishav-karanjit made their first contribution in https://github.com/google/timesketch/pull/2147
* wcrum made their first contribution in https://github.com/google/timesketch/pull/2226
* sa3eed3ed made their first contribution in https://github.com/google/timesketch/pull/2209
* hur made their first contribution in https://github.com/google/timesketch/pull/2244
* marcobrotto made their first contribution in https://github.com/google/timesketch/pull/2257
* Nexidian made their first contribution in https://github.com/google/timesketch/pull/2267
* harshalchaudhari35 made their first contribution in https://github.com/google/timesketch/pull/2220
* timgates42 made their first contribution in https://github.com/google/timesketch/pull/2330
* clowe-r7 made their first contribution in https://github.com/google/timesketch/pull/2300
* Zawadidone made their first contribution in https://github.com/google/timesketch/pull/2319
* DavidCruciani made their first contribution in https://github.com/google/timesketch/pull/2429
* FabFaeb made their first contribution in https://github.com/google/timesketch/pull/2602
* FazlOmar9 made their first contribution in https://github.com/google/timesketch/pull/2647
**Full Changelog**: https://github.com/google/timesketch/compare/20210224...20230518
20210224
Release 20210224
What's Changed
* Various updates to the API Client by kiddinn in https://github.com/google/timesketch/pull/1542
* Update SearchQueryGuide views by jaegeral in https://github.com/google/timesketch/pull/1550
* Fix remove_timeline_label() permission check by rgayon in https://github.com/google/timesketch/pull/1544
* Changes to dpkg configuration for release by joachimmetz in https://github.com/google/timesketch/pull/1546
* Adding additional sleep to e2e tests. by kiddinn in https://github.com/google/timesketch/pull/1551
* Move stories to metadata by berggren in https://github.com/google/timesketch/pull/1552
* Bugfix: Handle system generated stories by berggren in https://github.com/google/timesketch/pull/1553
* Update Axios package by berggren in https://github.com/google/timesketch/pull/1554
* Misc UI fixes by berggren in https://github.com/google/timesketch/pull/1555
* Timesketch summit 2021 by jaegeral in https://github.com/google/timesketch/pull/1557
* Changes to API and API client by kiddinn in https://github.com/google/timesketch/pull/1562
* Added new IP address related feature extractors by itsmvd in https://github.com/google/timesketch/pull/1563
* Minor API client changes by kiddinn in https://github.com/google/timesketch/pull/1566
* First phase of new way of storing data in TS. by kiddinn in https://github.com/google/timesketch/pull/1565
* corrects README doc link to Sigma by ghchinoy in https://github.com/google/timesketch/pull/1571
* hyphen error in readme by neilgoyal in https://github.com/google/timesketch/pull/1572
* New storage - UI fix [phase one] by berggren in https://github.com/google/timesketch/pull/1573
* Adding datetime limits on the aggregation bucket. by kiddinn in https://github.com/google/timesketch/pull/1568
* Changing __timeline_id to __ts_timeline_id and fixing build_query by kiddinn in https://github.com/google/timesketch/pull/1574
* Adding the ability to check whether a given index has __timeline_id in it. by kiddinn in https://github.com/google/timesketch/pull/1569
* New build and DSL bugfix by berggren in https://github.com/google/timesketch/pull/1575
* New storage - UI fix for counting documents by berggren in https://github.com/google/timesketch/pull/1576
* UI: Dedicated analysis tab by berggren in https://github.com/google/timesketch/pull/1577
* Simplified regex for IPv4 features by itsmvd in https://github.com/google/timesketch/pull/1581
* Small bugfix in SSH features regex by itsmvd in https://github.com/google/timesketch/pull/1582
* UI: Timeline tab and removing ability to add old indices to sketches by berggren in https://github.com/google/timesketch/pull/1583
* UI: Move aggregations to its own tab by berggren in https://github.com/google/timesketch/pull/1584
* Bugfix: Wrong query count for new style timelines by berggren in https://github.com/google/timesketch/pull/1585
* Index Change: Changed plaso file ingestion, added query_dsl support and analyzer support by kiddinn in https://github.com/google/timesketch/pull/1578
* UI: Set status on timeline by berggren in https://github.com/google/timesketch/pull/1587
* UI: Add loading spinner while searching by berggren in https://github.com/google/timesketch/pull/1589
* Adding timeline supports into aggregations. by kiddinn in https://github.com/google/timesketch/pull/1588
* Updated e2e tests after plaso change and the run_plaso task to match and added timeline_id support to graphs by kiddinn in https://github.com/google/timesketch/pull/1590
* UI: Support index and time range filters in aggregations by berggren in https://github.com/google/timesketch/pull/1592
* Moved docker configs to the dev GIFT PPA by kiddinn in https://github.com/google/timesketch/pull/1595
* Deprecated the option to import timelines in tsctl. by kiddinn in https://github.com/google/timesketch/pull/1594
* Fixed a minor issue with Docker files by kiddinn in https://github.com/google/timesketch/pull/1599
* UI: Shifted filter buttons & added button titles by binglot in https://github.com/google/timesketch/pull/1597
* Fixed 1600 by adding mappings to deployment script. by kiddinn in https://github.com/google/timesketch/pull/1601
* Bump cryptography from 3.3.1 to 3.3.2 by dependabot in https://github.com/google/timesketch/pull/1604
* Extract IP address from RdpCoreTS event logs by itsmvd in https://github.com/google/timesketch/pull/1605
* Upgraded the importer version by kiddinn in https://github.com/google/timesketch/pull/1606
* Add .venv to .gitignore by jaegeral in https://github.com/google/timesketch/pull/1608
* Set correct timeline for analysis pipeline by berggren in https://github.com/google/timesketch/pull/1613
* UI: Fix missing timeline color by berggren in https://github.com/google/timesketch/pull/1612
* UI: Cleanup formatting by berggren in https://github.com/google/timesketch/pull/1614
* Fixed few issues: large text file imports, aggregations failing and upgrading PPA in docker files by kiddinn in https://github.com/google/timesketch/pull/1610
* Add ESLint GH action by berggren in https://github.com/google/timesketch/pull/1616
* Fixed issues with running analyzers in API client. by kiddinn in https://github.com/google/timesketch/pull/1623
* Minor bug fixes. by kiddinn in https://github.com/google/timesketch/pull/1625
* UI: Fix wrong timeline id in aggregations by berggren in https://github.com/google/timesketch/pull/1624
* Issue when removing timeline with a shared index by kiddinn in https://github.com/google/timesketch/pull/1626
* Added more error handling into the API, as well as retry to flushing events queue. by kiddinn in https://github.com/google/timesketch/pull/1627
* adding concepts and API dev guide by jaegeral in https://github.com/google/timesketch/pull/1618
* Increased timeout value for bulk inserts by default, also made it configurable. by kiddinn in https://github.com/google/timesketch/pull/1628
* Update docker-compose.yml by berggren in https://github.com/google/timesketch/pull/1631
* Update ES version for release docker by berggren in https://github.com/google/timesketch/pull/1632
* Update pylint by berggren in https://github.com/google/timesketch/pull/1635
* Pinned pylint version by kiddinn in https://github.com/google/timesketch/pull/1636
* Pinned astroid to version 2.4.0 in linter action by kiddinn in https://github.com/google/timesketch/pull/1637
* Spelling in some files comments by jaegeral in https://github.com/google/timesketch/pull/1634
* Release 20210224 by berggren in https://github.com/google/timesketch/pull/1638
New Contributors
* ghchinoy made their first contribution in https://github.com/google/timesketch/pull/1571
* neilgoyal made their first contribution in https://github.com/google/timesketch/pull/1572
**Full Changelog**: https://github.com/google/timesketch/compare/20201229...20210224
20201229
Release 20201229
What's Changed
* Minor change to fix error reporting in the API client. by kiddinn in https://github.com/google/timesketch/pull/1188
* Adding a config and a crypto module to the API client. by kiddinn in https://github.com/google/timesketch/pull/1189
* Adding a helper function into the config assistant to fill in missing details by kiddinn in https://github.com/google/timesketch/pull/1192
* Changed the `get_client` helper function inside the config library (API client) by kiddinn in https://github.com/google/timesketch/pull/1193
* Remove $ from the README.md by jaegeral in https://github.com/google/timesketch/pull/1196
* Splitting credentials out of crypto storage module in API client. by kiddinn in https://github.com/google/timesketch/pull/1194
* Refactor Docker for Development and e2e tests by berggren in https://github.com/google/timesketch/pull/1207
* add support for FireEye HX .mans files by garanews in https://github.com/google/timesketch/pull/1205
* Added missing tabulate dependency to dpkg files by joachimmetz in https://github.com/google/timesketch/pull/1212
* Updated installation instructions by joachimmetz in https://github.com/google/timesketch/pull/1209
* Adding HTML export to stories by kiddinn in https://github.com/google/timesketch/pull/1208
* Remove old UI code by berggren in https://github.com/google/timesketch/pull/1216
* Changed setup.py to not use pip internal-only API by joachimmetz in https://github.com/google/timesketch/pull/1224
* Additional changes to setup.py to support older versions of setuptools by joachimmetz in https://github.com/google/timesketch/pull/1225
* Added Ubuntu 20.04 Python 3.8 Travis CI tests by joachimmetz in https://github.com/google/timesketch/pull/1220
* Adding an analyzer result object to API client. by kiddinn in https://github.com/google/timesketch/pull/1215
* Updated dependencies and test scripts by joachimmetz in https://github.com/google/timesketch/pull/1222
* Deprecate old UI part 2 - cleanup views and templates by berggren in https://github.com/google/timesketch/pull/1230
* Disable mans import task by berggren in https://github.com/google/timesketch/pull/1227
* Update Docker-dev Readme by jaegeral in https://github.com/google/timesketch/pull/1228
* Added an import helper for reading configs. by kiddinn in https://github.com/google/timesketch/pull/1229
* Added CI test for building Dockerfile-prod by joachimmetz in https://github.com/google/timesketch/pull/1232
* Adding the ability to create a view through the API client. by kiddinn in https://github.com/google/timesketch/pull/1235
* Update docker dev README with right image by garanews in https://github.com/google/timesketch/pull/1236
* Added CI tests for Ubuntu 20.04 with GIFT PPA by joachimmetz in https://github.com/google/timesketch/pull/1237
* Minor bug fixes in the sketch API client library. by kiddinn in https://github.com/google/timesketch/pull/1240
* Updated Linux installation script by joachimmetz in https://github.com/google/timesketch/pull/1241
* Update Dockerfile-prod to install Timesketch from GIFT PPA by joachimmetz in https://github.com/google/timesketch/pull/1233
* Adding the ability to add tags to events. by kiddinn in https://github.com/google/timesketch/pull/1242
* Change the behavior of the Yeti analyzer by tomchop in https://github.com/google/timesketch/pull/1177
* Archive sketch functionality by kiddinn in https://github.com/google/timesketch/pull/1181
* Adding the ability to export sketches in the API client by kiddinn in https://github.com/google/timesketch/pull/1246
* Fix Docker Readme link (fixes 1247) by jaegeral in https://github.com/google/timesketch/pull/1249
* Refactor, adding version info and minor bug fixes by kiddinn in https://github.com/google/timesketch/pull/1248
* Splitting the Archive API calls to a separate file. by kiddinn in https://github.com/google/timesketch/pull/1250
* Hot patching the timesketch __init__ file until a new plaso release comes out by kiddinn in https://github.com/google/timesketch/pull/1255
* UI: Enable archive and export by berggren in https://github.com/google/timesketch/pull/1256
* Refactor archive API as well as expanding export support by kiddinn in https://github.com/google/timesketch/pull/1251
* Fixing an issue in the event tagging API call. by kiddinn in https://github.com/google/timesketch/pull/1257
* Refactor API by berggren in https://github.com/google/timesketch/pull/1264
* Improving error messages in the API client. by kiddinn in https://github.com/google/timesketch/pull/1261
* Pinned pylint to version 2.4.x and addressed linter issues by joachimmetz in https://github.com/google/timesketch/pull/1252
* Added pylint support to tox configuration by joachimmetz in https://github.com/google/timesketch/pull/1258
* Updated pytlint configuration file to version 2.4.x by joachimmetz in https://github.com/google/timesketch/pull/1253
* Adding more granular ACL granting. by kiddinn in https://github.com/google/timesketch/pull/1265
* Changing the behavior of the API calls for event tagging by kiddinn in https://github.com/google/timesketch/pull/1267
* Various changes to tsctl and the API by kiddinn in https://github.com/google/timesketch/pull/1272
* Fix method docstring (copy paste error) by jaegeral in https://github.com/google/timesketch/pull/1276
* Document location of frontend code on docker by jaegeral in https://github.com/google/timesketch/pull/1275
* Changed how manual events are added to a sketch. by kiddinn in https://github.com/google/timesketch/pull/1277
* Replace term whitelist with allowlist by jaegeral in https://github.com/google/timesketch/pull/1245
* Add support for Sigma rules by jaegeral in https://github.com/google/timesketch/pull/1231
* Bugfix: Set status on added timelines by berggren in https://github.com/google/timesketch/pull/1279
* Bugfix: Correct doc count for indices with >1 shard by berggren in https://github.com/google/timesketch/pull/1281
* Bugfix: Hide controls if permission is missing by berggren in https://github.com/google/timesketch/pull/1282
* Bugfix: Bug in auth for OIDC and new user allow list by berggren in https://github.com/google/timesketch/pull/1285
* Update screenshots by jaegeral in https://github.com/google/timesketch/pull/1284
* Safe Browsing API url analyzer by dov-csis in https://github.com/google/timesketch/pull/1171
* Importer: moving version information to a separate file, adding an init file to fix packaging. by kiddinn in https://github.com/google/timesketch/pull/1288
* Changed logger configuration by kiddinn in https://github.com/google/timesketch/pull/1290
* [Docker-doc] How to run tests by jaegeral in https://github.com/google/timesketch/pull/1289
* Tag GCS events in Cloud logs by Fryyyyy in https://github.com/google/timesketch/pull/1291
* Moved pylint CI checks to run in tox by joachimmetz in https://github.com/google/timesketch/pull/1266
* Added update release script and updated versions by joachimmetz in https://github.com/google/timesketch/pull/1293
* Changing the test_tool mocks to reflect recent changes in the analyzer interface by kiddinn in https://github.com/google/timesketch/pull/1296
* Update update_release.sh by berggren in https://github.com/google/timesketch/pull/1297
* Sigma cleanup by jaegeral in https://github.com/google/timesketch/pull/1286
* Update dependencies.ini by berggren in https://github.com/google/timesketch/pull/1301
* Updated dpkg files by joachimmetz in https://github.com/google/timesketch/pull/1302
* Minor changes to test tools by kiddinn in https://github.com/google/timesketch/pull/1304
* Fix an issue with unicode chars in sigma rules by jaegeral in https://github.com/google/timesketch/pull/1308
* Adding analyzer_run.py documentation by jaegeral in https://github.com/google/timesketch/pull/1306
* Added scrolling support into export API call by kiddinn in https://github.com/google/timesketch/pull/1316
* Sketch overview More Dialog Documentation by jaegeral in https://github.com/google/timesketch/pull/1315
* Mention 8 GB as recommended RAM by jaegeral in https://github.com/google/timesketch/pull/1325
* Initial stab at API client documentation by kiddinn in https://github.com/google/timesketch/pull/1318
* Adding the `admin` function to the User model by kiddinn in https://github.com/google/timesketch/pull/1298
* Added the ability to export events (not yet in the UI) by kiddinn in https://github.com/google/timesketch/pull/1317
* remove heatmap and manual events from userdoc by jaegeral in https://github.com/google/timesketch/pull/1329
* Fix a missing space by jaegeral in https://github.com/google/timesketch/pull/1333
* Added an EVTX Gap analyzer and fixed logging (filter out ES logs) by kiddinn in https://github.com/google/timesketch/pull/1321
* Add tabbed view of sketch list by berggren in https://github.com/google/timesketch/pull/1330
* Minor change to the EVTX Gap analyzer by kiddinn in https://github.com/google/timesketch/pull/1337
* UI: Display Data Sources per Timeline & Make them Clickable by binglot in https://github.com/google/timesketch/pull/1331
* Pagination bugfix by berggren in https://github.com/google/timesketch/pull/1340
* Changing exports to export all events and include all columns by kiddinn in https://github.com/google/timesketch/pull/1342
* UI: Add export button for search results by berggren in https://github.com/google/timesketch/pull/1343
* Fixing an issue with the export functionality. by kiddinn in https://github.com/google/timesketch/pull/1344
* Only aggregate stats if sketch have timelines by berggren in https://github.com/google/timesketch/pull/1345
* Refactor Documentation / Introduce admin guide by jaegeral in https://github.com/google/timesketch/pull/1336
* Display datetime based on timestamp by berggren in https://github.com/google/timesketch/pull/1347
* Optimize UI for quicker archive by berggren in https://github.com/google/timesketch/pull/1349
* Filter for events that have comments by berggren in https://github.com/google/timesketch/pull/1350
* Various Changes With Analyzers by kiddinn in https://github.com/google/timesketch/pull/1348
* Fix width on main screenshot by obsidianforensics in https://github.com/google/timesketch/pull/1356
* Small update to the 'Show data types' button by binglot in https://github.com/google/timesketch/pull/1357
* Minor changes to the way date is parsed when a custom event is added by kiddinn in https://github.com/google/timesketch/pull/1358
* Bump marked from 0.6.3 to 1.1.1 in /timesketch/frontend by dependabot in https://github.com/google/timesketch/pull/1360
* Adding `set_data_type` into the importer. by kiddinn in https://github.com/google/timesketch/pull/1361
* New end-to-end testing framework by berggren in https://github.com/google/timesketch/pull/1359
* Unarchive a sketch: User does not have sufficient access rights to delete a sketch. by jaegeral in https://github.com/google/timesketch/pull/1364
* Adding the ability to define return fields in the search_by_label function. by kiddinn in https://github.com/google/timesketch/pull/1363
* Several fixes: workflow changed, size in query_filter is honored in API client, special types are stripped in uploads and bulk insert errors are surfaced by kiddinn in https://github.com/google/timesketch/pull/1366
* Analyzer run description by jaegeral in https://github.com/google/timesketch/pull/1355
* UI build by berggren in https://github.com/google/timesketch/pull/1369
* Developer docs update by ash0x0 in https://github.com/google/timesketch/pull/1367
* Add button to remove story by Henkan in https://github.com/google/timesketch/pull/1372
* UI: Updating time filters by binglot in https://github.com/google/timesketch/pull/1365
* Dark Mode by berggren in https://github.com/google/timesketch/pull/1374
* Minor bug fixes by kiddinn in https://github.com/google/timesketch/pull/1375
* Update api doc by jaegeral in https://github.com/google/timesketch/pull/1378
* Adding the ability to add labels to sketches. by kiddinn in https://github.com/google/timesketch/pull/1381
* fix typo by garanews in https://github.com/google/timesketch/pull/1380
* Allow users to toggle time filters. by binglot in https://github.com/google/timesketch/pull/1384
* New Saved Search UI by berggren in https://github.com/google/timesketch/pull/1379
* new build by berggren in https://github.com/google/timesketch/pull/1385
* Handle missing chips in filter by berggren in https://github.com/google/timesketch/pull/1387
* Use supported opacity format by berggren in https://github.com/google/timesketch/pull/1388
* Adding the ability to check your own permission to a sketch. by kiddinn in https://github.com/google/timesketch/pull/1389
* Bugfix: Display chip as active by berggren in https://github.com/google/timesketch/pull/1390
* Bugfix: Set active chip by berggren in https://github.com/google/timesketch/pull/1391
* fixed URL for Google Python Style Guide by garanews in https://github.com/google/timesketch/pull/1394
* Adding in a manual vega spec aggregator by kiddinn in https://github.com/google/timesketch/pull/1396
* Update test for sketch model by berggren in https://github.com/google/timesketch/pull/1400
* Added support for optional keyword rdomain by itsmvd in https://github.com/google/timesketch/pull/1403
* Requirement.txt changed and added httmock==1.3.0 to test_requirements.txt by Surya6032 in https://github.com/google/timesketch/pull/1401
* Manually add/filter labels by berggren in https://github.com/google/timesketch/pull/1404
* Minor bug fixes here and there. by kiddinn in https://github.com/google/timesketch/pull/1405
* Bugfix for label aggregation by berggren in https://github.com/google/timesketch/pull/1407
* Add example to API client usage doc by jaegeral in https://github.com/google/timesketch/pull/1409
* API client: Adding a check for scroll ID in the explore function by kiddinn in https://github.com/google/timesketch/pull/1413
* Updating the colab notebook for the demo server. by kiddinn in https://github.com/google/timesketch/pull/1416
* Verify Sigma Rules test tool by jaegeral in https://github.com/google/timesketch/pull/1307
* Fixes to the API and API client by kiddinn in https://github.com/google/timesketch/pull/1426
* Added sketch attributes. by kiddinn in https://github.com/google/timesketch/pull/1429
* Adding the ability for analyzers to add sketch attributes by kiddinn in https://github.com/google/timesketch/pull/1430
* Fix a bug in the API client by kiddinn in https://github.com/google/timesketch/pull/1431
* Stripping pagination from saved views. by kiddinn in https://github.com/google/timesketch/pull/1433
* Fix api docstring typo by jaegeral in https://github.com/google/timesketch/pull/1437
* Adding notebooks for solving the case of the stolen Szechuan sauce by kiddinn in https://github.com/google/timesketch/pull/1425
* Improve error handling in the get_client function of the config API client module by kiddinn in https://github.com/google/timesketch/pull/1436
* Fixed notebook badges by kiddinn in https://github.com/google/timesketch/pull/1440
* Notebook update by jaegeral in https://github.com/google/timesketch/pull/1443
* APIClient doc link to Colab notebooks by jaegeral in https://github.com/google/timesketch/pull/1445
* Remove sudo from the docker dev guide by jaegeral in https://github.com/google/timesketch/pull/1446
* Single event notebook by jaegeral in https://github.com/google/timesketch/pull/1444
* Few updates to the MUS2019 CTF Colab notebook by kiddinn in https://github.com/google/timesketch/pull/1447
* Bump cryptography from 2.3 to 3.2 by dependabot in https://github.com/google/timesketch/pull/1432
* Updating the notebook for Szechuan sauce to use picatrix magics (and a minor bug fix in the API client) by kiddinn in https://github.com/google/timesketch/pull/1455
* Minor updates to the szechuan sauce analysis notebook by kiddinn in https://github.com/google/timesketch/pull/1457
* Docker refactor by berggren in https://github.com/google/timesketch/pull/1458
* Update issue templates by kiddinn in https://github.com/google/timesketch/pull/1459
* Update deploy_timesketch.sh by lxndrblz in https://github.com/google/timesketch/pull/1460
* Graph support v2 by berggren in https://github.com/google/timesketch/pull/1451
* Don't use scrolling for nested queries by berggren in https://github.com/google/timesketch/pull/1461
* Graph fixes by berggren in https://github.com/google/timesketch/pull/1462
* fix https://github.com/google/timesketch/issues/1450 by jaegeral in https://github.com/google/timesketch/pull/1464
* Analyzer feature extract by lprat in https://github.com/google/timesketch/pull/1452
* API client changes: click removed from cli_input and adding aggregation into stories fixed. by kiddinn in https://github.com/google/timesketch/pull/1463
* Providing a long description to the API client package. by kiddinn in https://github.com/google/timesketch/pull/1466
* Update docker images to use Ubuntu 20.04 by berggren in https://github.com/google/timesketch/pull/1467
* Fix a bug in the save function of the aggregation API object by kiddinn in https://github.com/google/timesketch/pull/1469
* Fix issue 1465 by removing hacky string replace .keyword by jaegeral in https://github.com/google/timesketch/pull/1468
* Save and cache graphs by berggren in https://github.com/google/timesketch/pull/1471
* Removed typing from story.py, which does not work on py3.6 by kiddinn in https://github.com/google/timesketch/pull/1474
* Bug fix for winservices graph plugin by berggren in https://github.com/google/timesketch/pull/1475
* Adding a GH workflow for unit tests by kiddinn in https://github.com/google/timesketch/pull/1476
* Remove Travis in favour of GH actions by berggren in https://github.com/google/timesketch/pull/1478
* Graph: Use ID from attributes by berggren in https://github.com/google/timesketch/pull/1480
* Improve the UX of Time Filters by binglot in https://github.com/google/timesketch/pull/1454
* Update GH actions by berggren in https://github.com/google/timesketch/pull/1483
* Cleanup old travis related files by berggren in https://github.com/google/timesketch/pull/1484
* New UI build by berggren in https://github.com/google/timesketch/pull/1485
* Updated dpkg configuration files by joachimmetz in https://github.com/google/timesketch/pull/1487
* Adding a linter GH workflow and adding a bit more resiliency into the error logging in the ES datastore by kiddinn in https://github.com/google/timesketch/pull/1488
* Fix saved views in stories by berggren in https://github.com/google/timesketch/pull/1493
* Pagination fixes by berggren in https://github.com/google/timesketch/pull/1492
* Graph: Choose layout type and edge style by berggren in https://github.com/google/timesketch/pull/1494
* Responsive graph and link support by berggren in https://github.com/google/timesketch/pull/1495
* Adding the ability to define multiple TS instances in the RC file. by kiddinn in https://github.com/google/timesketch/pull/1497
* Added API client search object by kiddinn in https://github.com/google/timesketch/pull/1490
* Minor changes to the search API object. by kiddinn in https://github.com/google/timesketch/pull/1498
* Sigma API / api_client by jaegeral in https://github.com/google/timesketch/pull/1456
* Making minor changes to the search API client. by kiddinn in https://github.com/google/timesketch/pull/1500
* Making changes to example notebooks after an API update by kiddinn in https://github.com/google/timesketch/pull/1501
* Modification to enable connection to production Elastic instance by joshfrogers in https://github.com/google/timesketch/pull/1503
* Sigma Rule maintain improvement by jaegeral in https://github.com/google/timesketch/pull/1502
* Adding picatrix docker container to the development docker config by kiddinn in https://github.com/google/timesketch/pull/1504
* Added support for config sections in importer and updated snippets in dev docker. by kiddinn in https://github.com/google/timesketch/pull/1505
* Added a new snippet to display a button and a form to create a search query for TS. by kiddinn in https://github.com/google/timesketch/pull/1506
* Use docker network for picatrix notebook by berggren in https://github.com/google/timesketch/pull/1507
* Small fix for a bug in the search API client by kiddinn in https://github.com/google/timesketch/pull/1510
* Added missing credentials to documentation by abitrolly in https://github.com/google/timesketch/pull/1508
* Moving the run_analyzer from the sketch API Client to the timeline object. by kiddinn in https://github.com/google/timesketch/pull/1513
* Tiny change to the API client by kiddinn in https://github.com/google/timesketch/pull/1516
* introcude troubleshooting guide by jaegeral in https://github.com/google/timesketch/pull/1499
* [docs] How to run a single test file by jaegeral in https://github.com/google/timesketch/pull/1517
* Customizing the notebook container by kiddinn in https://github.com/google/timesketch/pull/1519
* Home overview and graph fixes by berggren in https://github.com/google/timesketch/pull/1520
* Return full NX generated CY graph by berggren in https://github.com/google/timesketch/pull/1521
* Require view name by berggren in https://github.com/google/timesketch/pull/1523
* Format graph elements suitable for networkx python lib by berggren in https://github.com/google/timesketch/pull/1524
* Adding API client support for graphs. by kiddinn in https://github.com/google/timesketch/pull/1522
* [Sigma] improve evtx mapping by jaegeral in https://github.com/google/timesketch/pull/1529
* Update Developers-Guide.md by kiddinn in https://github.com/google/timesketch/pull/1528
* Sort dates correctly in the analyzer history view by rayanht in https://github.com/google/timesketch/pull/1525
* Sketch list pagination support for the API client by berggren in https://github.com/google/timesketch/pull/1531
* Bugfix: Set default per_page for pagination by berggren in https://github.com/google/timesketch/pull/1536
* Added last_activity of a sketch to the sketch meta section and into the API client by kiddinn in https://github.com/google/timesketch/pull/1538
* Bugfix: Dropdown hidden by berggren in https://github.com/google/timesketch/pull/1540
* Bugfix: Wrong count number in timeline list by berggren in https://github.com/google/timesketch/pull/1539
* Added details to the current_user call in the API client and improving e2e tests by kiddinn in https://github.com/google/timesketch/pull/1541
* Changes to dpkg configuration for Ubuntu 20.04 by joachimmetz in https://github.com/google/timesketch/pull/1545
New Contributors
* Fryyyyy made their first contribution in https://github.com/google/timesketch/pull/1291
* ash0x0 made their first contribution in https://github.com/google/timesketch/pull/1367
* Surya6032 made their first contribution in https://github.com/google/timesketch/pull/1401
* lxndrblz made their first contribution in https://github.com/google/timesketch/pull/1460
* joshfrogers made their first contribution in https://github.com/google/timesketch/pull/1503
* abitrolly made their first contribution in https://github.com/google/timesketch/pull/1508
**Full Changelog**: https://github.com/google/timesketch/compare/20200507...20201229
20201120
Release 20201120
What's Changed
* Minor change to fix error reporting in the API client. by kiddinn in https://github.com/google/timesketch/pull/1188
* Adding a config and a crypto module to the API client. by kiddinn in https://github.com/google/timesketch/pull/1189
* Adding a helper function into the config assistant to fill in missing details by kiddinn in https://github.com/google/timesketch/pull/1192
* Changed the `get_client` helper function inside the config library (API client) by kiddinn in https://github.com/google/timesketch/pull/1193
* Remove $ from the README.md by jaegeral in https://github.com/google/timesketch/pull/1196
* Splitting credentials out of crypto storage module in API client. by kiddinn in https://github.com/google/timesketch/pull/1194
* Refactor Docker for Development and e2e tests by berggren in https://github.com/google/timesketch/pull/1207
* add support for FireEye HX .mans files by garanews in https://github.com/google/timesketch/pull/1205
* Added missing tabulate dependency to dpkg files by joachimmetz in https://github.com/google/timesketch/pull/1212
* Updated installation instructions by joachimmetz in https://github.com/google/timesketch/pull/1209
* Adding HTML export to stories by kiddinn in https://github.com/google/timesketch/pull/1208
* Remove old UI code by berggren in https://github.com/google/timesketch/pull/1216
* Changed setup.py to not use pip internal-only API by joachimmetz in https://github.com/google/timesketch/pull/1224
* Additional changes to setup.py to support older versions of setuptools by joachimmetz in https://github.com/google/timesketch/pull/1225
* Added Ubuntu 20.04 Python 3.8 Travis CI tests by joachimmetz in https://github.com/google/timesketch/pull/1220
* Adding an analyzer result object to API client. by kiddinn in https://github.com/google/timesketch/pull/1215
* Updated dependencies and test scripts by joachimmetz in https://github.com/google/timesketch/pull/1222
* Deprecate old UI part 2 - cleanup views and templates by berggren in https://github.com/google/timesketch/pull/1230
* Disable mans import task by berggren in https://github.com/google/timesketch/pull/1227
* Update Docker-dev Readme by jaegeral in https://github.com/google/timesketch/pull/1228
* Added an import helper for reading configs. by kiddinn in https://github.com/google/timesketch/pull/1229
* Added CI test for building Dockerfile-prod by joachimmetz in https://github.com/google/timesketch/pull/1232
* Adding the ability to create a view through the API client. by kiddinn in https://github.com/google/timesketch/pull/1235
* Update docker dev README with right image by garanews in https://github.com/google/timesketch/pull/1236
* Added CI tests for Ubuntu 20.04 with GIFT PPA by joachimmetz in https://github.com/google/timesketch/pull/1237
* Minor bug fixes in the sketch API client library. by kiddinn in https://github.com/google/timesketch/pull/1240
* Updated Linux installation script by joachimmetz in https://github.com/google/timesketch/pull/1241
* Update Dockerfile-prod to install Timesketch from GIFT PPA by joachimmetz in https://github.com/google/timesketch/pull/1233
* Adding the ability to add tags to events. by kiddinn in https://github.com/google/timesketch/pull/1242
* Change the behavior of the Yeti analyzer by tomchop in https://github.com/google/timesketch/pull/1177
* Archive sketch functionality by kiddinn in https://github.com/google/timesketch/pull/1181
* Adding the ability to export sketches in the API client by kiddinn in https://github.com/google/timesketch/pull/1246
* Fix Docker Readme link (fixes 1247) by jaegeral in https://github.com/google/timesketch/pull/1249
* Refactor, adding version info and minor bug fixes by kiddinn in https://github.com/google/timesketch/pull/1248
* Splitting the Archive API calls to a separate file. by kiddinn in https://github.com/google/timesketch/pull/1250
* Hot patching the timesketch __init__ file until a new plaso release comes out by kiddinn in https://github.com/google/timesketch/pull/1255
* UI: Enable archive and export by berggren in https://github.com/google/timesketch/pull/1256
* Refactor archive API as well as expanding export support by kiddinn in https://github.com/google/timesketch/pull/1251
* Fixing an issue in the event tagging API call. by kiddinn in https://github.com/google/timesketch/pull/1257
* Refactor API by berggren in https://github.com/google/timesketch/pull/1264
* Improving error messages in the API client. by kiddinn in https://github.com/google/timesketch/pull/1261
* Pinned pylint to version 2.4.x and addressed linter issues by joachimmetz in https://github.com/google/timesketch/pull/1252
* Added pylint support to tox configuration by joachimmetz in https://github.com/google/timesketch/pull/1258
* Updated pytlint configuration file to version 2.4.x by joachimmetz in https://github.com/google/timesketch/pull/1253
* Adding more granular ACL granting. by kiddinn in https://github.com/google/timesketch/pull/1265
* Changing the behavior of the API calls for event tagging by kiddinn in https://github.com/google/timesketch/pull/1267
* Various changes to tsctl and the API by kiddinn in https://github.com/google/timesketch/pull/1272
* Fix method docstring (copy paste error) by jaegeral in https://github.com/google/timesketch/pull/1276
* Document location of frontend code on docker by jaegeral in https://github.com/google/timesketch/pull/1275
* Changed how manual events are added to a sketch. by kiddinn in https://github.com/google/timesketch/pull/1277
* Replace term whitelist with allowlist by jaegeral in https://github.com/google/timesketch/pull/1245
* Add support for Sigma rules by jaegeral in https://github.com/google/timesketch/pull/1231
* Bugfix: Set status on added timelines by berggren in https://github.com/google/timesketch/pull/1279
* Bugfix: Correct doc count for indices with >1 shard by berggren in https://github.com/google/timesketch/pull/1281
* Bugfix: Hide controls if permission is missing by berggren in https://github.com/google/timesketch/pull/1282
* Bugfix: Bug in auth for OIDC and new user allow list by berggren in https://github.com/google/timesketch/pull/1285
* Update screenshots by jaegeral in https://github.com/google/timesketch/pull/1284
* Safe Browsing API url analyzer by dov-csis in https://github.com/google/timesketch/pull/1171
* Importer: moving version information to a separate file, adding an init file to fix packaging. by kiddinn in https://github.com/google/timesketch/pull/1288
* Changed logger configuration by kiddinn in https://github.com/google/timesketch/pull/1290
* [Docker-doc] How to run tests by jaegeral in https://github.com/google/timesketch/pull/1289
* Tag GCS events in Cloud logs by Fryyyyy in https://github.com/google/timesketch/pull/1291
* Moved pylint CI checks to run in tox by joachimmetz in https://github.com/google/timesketch/pull/1266
* Added update release script and updated versions by joachimmetz in https://github.com/google/timesketch/pull/1293
* Changing the test_tool mocks to reflect recent changes in the analyzer interface by kiddinn in https://github.com/google/timesketch/pull/1296
* Update update_release.sh by berggren in https://github.com/google/timesketch/pull/1297
* Sigma cleanup by jaegeral in https://github.com/google/timesketch/pull/1286
* Update dependencies.ini by berggren in https://github.com/google/timesketch/pull/1301
* Updated dpkg files by joachimmetz in https://github.com/google/timesketch/pull/1302
* Minor changes to test tools by kiddinn in https://github.com/google/timesketch/pull/1304
* Fix an issue with unicode chars in sigma rules by jaegeral in https://github.com/google/timesketch/pull/1308
* Adding analyzer_run.py documentation by jaegeral in https://github.com/google/timesketch/pull/1306
* Added scrolling support into export API call by kiddinn in https://github.com/google/timesketch/pull/1316
* Sketch overview More Dialog Documentation by jaegeral in https://github.com/google/timesketch/pull/1315
* Mention 8 GB as recommended RAM by jaegeral in https://github.com/google/timesketch/pull/1325
* Initial stab at API client documentation by kiddinn in https://github.com/google/timesketch/pull/1318
* Adding the `admin` function to the User model by kiddinn in https://github.com/google/timesketch/pull/1298
* Added the ability to export events (not yet in the UI) by kiddinn in https://github.com/google/timesketch/pull/1317
* remove heatmap and manual events from userdoc by jaegeral in https://github.com/google/timesketch/pull/1329
* Fix a missing space by jaegeral in https://github.com/google/timesketch/pull/1333
* Added an EVTX Gap analyzer and fixed logging (filter out ES logs) by kiddinn in https://github.com/google/timesketch/pull/1321
* Add tabbed view of sketch list by berggren in https://github.com/google/timesketch/pull/1330
* Minor change to the EVTX Gap analyzer by kiddinn in https://github.com/google/timesketch/pull/1337
* UI: Display Data Sources per Timeline & Make them Clickable by binglot in https://github.com/google/timesketch/pull/1331
* Pagination bugfix by berggren in https://github.com/google/timesketch/pull/1340
* Changing exports to export all events and include all columns by kiddinn in https://github.com/google/timesketch/pull/1342
* UI: Add export button for search results by berggren in https://github.com/google/timesketch/pull/1343
* Fixing an issue with the export functionality. by kiddinn in https://github.com/google/timesketch/pull/1344
* Only aggregate stats if sketch have timelines by berggren in https://github.com/google/timesketch/pull/1345
* Refactor Documentation / Introduce admin guide by jaegeral in https://github.com/google/timesketch/pull/1336
* Display datetime based on timestamp by berggren in https://github.com/google/timesketch/pull/1347
* Optimize UI for quicker archive by berggren in https://github.com/google/timesketch/pull/1349
* Filter for events that have comments by berggren in https://github.com/google/timesketch/pull/1350
* Various Changes With Analyzers by kiddinn in https://github.com/google/timesketch/pull/1348
* Fix width on main screenshot by obsidianforensics in https://github.com/google/timesketch/pull/1356
* Small update to the 'Show data types' button by binglot in https://github.com/google/timesketch/pull/1357
* Minor changes to the way date is parsed when a custom event is added by kiddinn in https://github.com/google/timesketch/pull/1358
* Bump marked from 0.6.3 to 1.1.1 in /timesketch/frontend by dependabot in https://github.com/google/timesketch/pull/1360
* Adding `set_data_type` into the importer. by kiddinn in https://github.com/google/timesketch/pull/1361
* New end-to-end testing framework by berggren in https://github.com/google/timesketch/pull/1359
* Unarchive a sketch: User does not have sufficient access rights to delete a sketch. by jaegeral in https://github.com/google/timesketch/pull/1364
* Adding the ability to define return fields in the search_by_label function. by kiddinn in https://github.com/google/timesketch/pull/1363
* Several fixes: workflow changed, size in query_filter is honored in API client, special types are stripped in uploads and bulk insert errors are surfaced by kiddinn in https://github.com/google/timesketch/pull/1366
* Analyzer run description by jaegeral in https://github.com/google/timesketch/pull/1355
* UI build by berggren in https://github.com/google/timesketch/pull/1369
* Developer docs update by ash0x0 in https://github.com/google/timesketch/pull/1367
* Add button to remove story by Henkan in https://github.com/google/timesketch/pull/1372
* UI: Updating time filters by binglot in https://github.com/google/timesketch/pull/1365
* Dark Mode by berggren in https://github.com/google/timesketch/pull/1374
* Minor bug fixes by kiddinn in https://github.com/google/timesketch/pull/1375
* Update api doc by jaegeral in https://github.com/google/timesketch/pull/1378
* Adding the ability to add labels to sketches. by kiddinn in https://github.com/google/timesketch/pull/1381
* fix typo by garanews in https://github.com/google/timesketch/pull/1380
* Allow users to toggle time filters. by binglot in https://github.com/google/timesketch/pull/1384
* New Saved Search UI by berggren in https://github.com/google/timesketch/pull/1379
* new build by berggren in https://github.com/google/timesketch/pull/1385
* Handle missing chips in filter by berggren in https://github.com/google/timesketch/pull/1387
* Use supported opacity format by berggren in https://github.com/google/timesketch/pull/1388
* Adding the ability to check your own permission to a sketch. by kiddinn in https://github.com/google/timesketch/pull/1389
* Bugfix: Display chip as active by berggren in https://github.com/google/timesketch/pull/1390
* Bugfix: Set active chip by berggren in https://github.com/google/timesketch/pull/1391
* fixed URL for Google Python Style Guide by garanews in https://github.com/google/timesketch/pull/1394
* Adding in a manual vega spec aggregator by kiddinn in https://github.com/google/timesketch/pull/1396
* Update test for sketch model by berggren in https://github.com/google/timesketch/pull/1400
* Added support for optional keyword rdomain by itsmvd in https://github.com/google/timesketch/pull/1403
* Requirement.txt changed and added httmock==1.3.0 to test_requirements.txt by Surya6032 in https://github.com/google/timesketch/pull/1401
* Manually add/filter labels by berggren in https://github.com/google/timesketch/pull/1404
* Minor bug fixes here and there. by kiddinn in https://github.com/google/timesketch/pull/1405
* Bugfix for label aggregation by berggren in https://github.com/google/timesketch/pull/1407
* Add example to API client usage doc by jaegeral in https://github.com/google/timesketch/pull/1409
* API client: Adding a check for scroll ID in the explore function by kiddinn in https://github.com/google/timesketch/pull/1413
* Updating the colab notebook for the demo server. by kiddinn in https://github.com/google/timesketch/pull/1416
* Verify Sigma Rules test tool by jaegeral in https://github.com/google/timesketch/pull/1307
* Fixes to the API and API client by kiddinn in https://github.com/google/timesketch/pull/1426
* Added sketch attributes. by kiddinn in https://github.com/google/timesketch/pull/1429
* Adding the ability for analyzers to add sketch attributes by kiddinn in https://github.com/google/timesketch/pull/1430
* Fix a bug in the API client by kiddinn in https://github.com/google/timesketch/pull/1431
* Stripping pagination from saved views. by kiddinn in https://github.com/google/timesketch/pull/1433
* Fix api docstring typo by jaegeral in https://github.com/google/timesketch/pull/1437
* Adding notebooks for solving the case of the stolen Szechuan sauce by kiddinn in https://github.com/google/timesketch/pull/1425
* Improve error handling in the get_client function of the config API client module by kiddinn in https://github.com/google/timesketch/pull/1436
* Fixed notebook badges by kiddinn in https://github.com/google/timesketch/pull/1440
* Notebook update by jaegeral in https://github.com/google/timesketch/pull/1443
* APIClient doc link to Colab notebooks by jaegeral in https://github.com/google/timesketch/pull/1445
* Remove sudo from the docker dev guide by jaegeral in https://github.com/google/timesketch/pull/1446
* Single event notebook by jaegeral in https://github.com/google/timesketch/pull/1444
* Few updates to the MUS2019 CTF Colab notebook by kiddinn in https://github.com/google/timesketch/pull/1447
* Bump cryptography from 2.3 to 3.2 by dependabot in https://github.com/google/timesketch/pull/1432
* Updating the notebook for Szechuan sauce to use picatrix magics (and a minor bug fix in the API client) by kiddinn in https://github.com/google/timesketch/pull/1455
* Minor updates to the szechuan sauce analysis notebook by kiddinn in https://github.com/google/timesketch/pull/1457
* Docker refactor by berggren in https://github.com/google/timesketch/pull/1458
* Update issue templates by kiddinn in https://github.com/google/timesketch/pull/1459
* Update deploy_timesketch.sh by lxndrblz in https://github.com/google/timesketch/pull/1460
* Graph support v2 by berggren in https://github.com/google/timesketch/pull/1451
* Don't use scrolling for nested queries by berggren in https://github.com/google/timesketch/pull/1461
* Graph fixes by berggren in https://github.com/google/timesketch/pull/1462
* fix https://github.com/google/timesketch/issues/1450 by jaegeral in https://github.com/google/timesketch/pull/1464
* Analyzer feature extract by lprat in https://github.com/google/timesketch/pull/1452
* API client changes: click removed from cli_input and adding aggregation into stories fixed. by kiddinn in https://github.com/google/timesketch/pull/1463
* Providing a long description to the API client package. by kiddinn in https://github.com/google/timesketch/pull/1466
* Update docker images to use Ubuntu 20.04 by berggren in https://github.com/google/timesketch/pull/1467
* Fix a bug in the save function of the aggregation API object by kiddinn in https://github.com/google/timesketch/pull/1469
* Fix issue 1465 by removing hacky string replace .keyword by jaegeral in https://github.com/google/timesketch/pull/1468
* Save and cache graphs by berggren in https://github.com/google/timesketch/pull/1471
* Removed typing from story.py, which does not work on py3.6 by kiddinn in https://github.com/google/timesketch/pull/1474
* Bug fix for winservices graph plugin by berggren in https://github.com/google/timesketch/pull/1475
* Adding a GH workflow for unit tests by kiddinn in https://github.com/google/timesketch/pull/1476
* Remove Travis in favour of GH actions by berggren in https://github.com/google/timesketch/pull/1478
* Graph: Use ID from attributes by berggren in https://github.com/google/timesketch/pull/1480
* Improve the UX of Time Filters by binglot in https://github.com/google/timesketch/pull/1454
* Update GH actions by berggren in https://github.com/google/timesketch/pull/1483
* Cleanup old travis related files by berggren in https://github.com/google/timesketch/pull/1484
* New UI build by berggren in https://github.com/google/timesketch/pull/1485
* Updated dpkg configuration files by joachimmetz in https://github.com/google/timesketch/pull/1487
New Contributors
* Fryyyyy made their first contribution in https://github.com/google/timesketch/pull/1291
* ash0x0 made their first contribution in https://github.com/google/timesketch/pull/1367
* Surya6032 made their first contribution in https://github.com/google/timesketch/pull/1401
* lxndrblz made their first contribution in https://github.com/google/timesketch/pull/1460
**Full Changelog**: https://github.com/google/timesketch/compare/20200507...20201120
20200507
Release 20200507
What's Changed
* Adding labels to aggregations, adding ability to filter based on labels. by kiddinn in https://github.com/google/timesketch/pull/1176
* Bugfix: Collaborator list and failed timelines by berggren in https://github.com/google/timesketch/pull/1178
* Moving the importer into a separate directory and a library. by kiddinn in https://github.com/google/timesketch/pull/1182
* Bugfix: Reset on new search when pagination by berggren in https://github.com/google/timesketch/pull/1187
* Changed the importer, adding support for config files, etc by kiddinn in https://github.com/google/timesketch/pull/1183
**Full Changelog**: https://github.com/google/timesketch/compare/20200422...20200507
20200422
Release 20200422
What's Changed
* Fix a bug if there are no stories in a sketch and add properties to View by kiddinn in https://github.com/google/timesketch/pull/1144
* Save aggregations and add to Stories by berggren in https://github.com/google/timesketch/pull/1145
* Support non-text fields in aggregations by berggren in https://github.com/google/timesketch/pull/1147
* Add ability to render table from an aggregation by berggren in https://github.com/google/timesketch/pull/1148
* Sort analyzer list and add button to overview page by berggren in https://github.com/google/timesketch/pull/1149
* Fix docker installation documentation link. by hacktobeer in https://github.com/google/timesketch/pull/1158
* Several changes in the API, API client and analyzer for further story support by kiddinn in https://github.com/google/timesketch/pull/1146
* More Chart support - added linechart and href by kiddinn in https://github.com/google/timesketch/pull/1160
* Add listing of groups and users by berggren in https://github.com/google/timesketch/pull/1167
* Update installation and plaso documentation by Henkan in https://github.com/google/timesketch/pull/1169
* Fixing typo Installation re. libffi by dov-csis in https://github.com/google/timesketch/pull/1168
* debian package manager tweaks by Rajpratik71 in https://github.com/google/timesketch/pull/1122
* UI: New sketch list by berggren in https://github.com/google/timesketch/pull/1170
* Adding aggregation groups by kiddinn in https://github.com/google/timesketch/pull/1166
* UI: Support group aggregations in stories by berggren in https://github.com/google/timesketch/pull/1173
* Added ability to modify aggregations and aggregation groups by kiddinn in https://github.com/google/timesketch/pull/1172
New Contributors
* hacktobeer made their first contribution in https://github.com/google/timesketch/pull/1158
* Rajpratik71 made their first contribution in https://github.com/google/timesketch/pull/1122
**Full Changelog**: https://github.com/google/timesketch/compare/20200319...20200422
20200319
Release 20200319
What's Changed
* Adding a check to see whether index has completed before running an analyzer by kiddinn in https://github.com/google/timesketch/pull/1130
* Minor change to cache, caching client by kiddinn in https://github.com/google/timesketch/pull/1131
* Create stories from analyzers by berggren in https://github.com/google/timesketch/pull/1132
* Opening test files with codecs instead of default open. by kiddinn in https://github.com/google/timesketch/pull/1133
* Sketch Analyzer for Windows artefacts of application crashes by binglot in https://github.com/google/timesketch/pull/1111
* Fix for a flaky test with the win crash analyzer. by kiddinn in https://github.com/google/timesketch/pull/1135
* Adding support for working with stories from the API client, as well as adding aggregation support in the backend by kiddinn in https://github.com/google/timesketch/pull/1134
* Upgrading the fake analyzer interface with latest interface changes. by kiddinn in https://github.com/google/timesketch/pull/1136
* bump requests version to 2.22.0 by jaegeral in https://github.com/google/timesketch/pull/1137
* Adding the ability to add users or groups to the sketch ACL. by kiddinn in https://github.com/google/timesketch/pull/1138
* Always show share button and collaborator list by berggren in https://github.com/google/timesketch/pull/1140
* New analyzer that adds tag/emojis to events based on config. by berggren in https://github.com/google/timesketch/pull/1141
* Adding the ability to export stories. by kiddinn in https://github.com/google/timesketch/pull/1142
* Add an analyzer status check into the sketch API client. by kiddinn in https://github.com/google/timesketch/pull/1143
**Full Changelog**: https://github.com/google/timesketch/compare/20200310...20200319
20200310
Release 20200310
What's Changed
* Fix start of Elasticsearch by wincentbalin in https://github.com/google/timesketch/pull/1118
* Group share UI and spacing in timeline picker by berggren in https://github.com/google/timesketch/pull/1120
* Minor bug fix in the importer code and a change in the way return fields are handled in the API by kiddinn in https://github.com/google/timesketch/pull/1121
* Adding a logger to sketch.explore as well as a cleanup of "filter" in sketch API by kiddinn in https://github.com/google/timesketch/pull/1123
* Changed how message string is constructed by kiddinn in https://github.com/google/timesketch/pull/1124
* Replaces PASSWORD with PASSWORD_FILE (fixes 1126) by einfallstoll in https://github.com/google/timesketch/pull/1127
* Stats on indices by berggren in https://github.com/google/timesketch/pull/1129
New Contributors
* wincentbalin made their first contribution in https://github.com/google/timesketch/pull/1118
* einfallstoll made their first contribution in https://github.com/google/timesketch/pull/1127
**Full Changelog**: https://github.com/google/timesketch/compare/20200227...20200310
20200227
Release 20200227
What's Changed
* Autocomplete filter array by berggren in https://github.com/google/timesketch/pull/1116
* Minor changes to importer and api by kiddinn in https://github.com/google/timesketch/pull/1117
**Full Changelog**: https://github.com/google/timesketch/compare/20200226...20200227
20200226
Release 20200226
What's Changed
* Psexec sessionizer by nnyx7 in https://github.com/google/timesketch/pull/981
* Replace get event in tests by nnyx7 in https://github.com/google/timesketch/pull/980
* Fixing a minor issue if context is empty and some linter fixes by kiddinn in https://github.com/google/timesketch/pull/1096
* Evtx sessionizer by katemacleod in https://github.com/google/timesketch/pull/976
* SSH bruteforce session analyzer by katemacleod in https://github.com/google/timesketch/pull/972
* Bug fixes for tsctl by kiddinn in https://github.com/google/timesketch/pull/1097
* Google Cloud Storage importer by berggren in https://github.com/google/timesketch/pull/1098
* Possibility to specify index when uploading data for the timesketch_api_client by benua74 in https://github.com/google/timesketch/pull/1095
* Changes to use pybuild debhelper by joachimmetz in https://github.com/google/timesketch/pull/1101
* Changed setup.py to support bdist by joachimmetz in https://github.com/google/timesketch/pull/1103
* Updated l2tdevtools configuration and dpkg files by joachimmetz in https://github.com/google/timesketch/pull/1104
* Provide example commands docker mac shares by jaegeral in https://github.com/google/timesketch/pull/1068
* Elasticsearch 7.x support by berggren in https://github.com/google/timesketch/pull/1108
* Changed the upload API to support chunks and direct entries, added functionality into the importer by kiddinn in https://github.com/google/timesketch/pull/1099
* Added an importer tool as well as changing how jsonl files are imported using the importer by kiddinn in https://github.com/google/timesketch/pull/1105
* Bugfix: Pagination and event count by berggren in https://github.com/google/timesketch/pull/1114
* Fix an issue with the importer by kiddinn in https://github.com/google/timesketch/pull/1113
* Better error UI by berggren in https://github.com/google/timesketch/pull/1115
New Contributors
* benua74 made their first contribution in https://github.com/google/timesketch/pull/1095
**Full Changelog**: https://github.com/google/timesketch/compare/20200131...20200226
20200131
Release 20200131
What's Changed
* Bug fix: Trailing slash in API urls by berggren in https://github.com/google/timesketch/pull/1064
* New build for release 201912120-2 by berggren in https://github.com/google/timesketch/pull/1065
* New favicon by berggren in https://github.com/google/timesketch/pull/1066
* Docker install: run from /tmp directory by gaelmuller in https://github.com/google/timesketch/pull/1067
* Mention the correct slack channel by jaegeral in https://github.com/google/timesketch/pull/1069
* Small update to dev docker readme by jaegeral in https://github.com/google/timesketch/pull/1070
* Round favicon by berggren in https://github.com/google/timesketch/pull/1073
* Fix context query bug by berggren in https://github.com/google/timesketch/pull/1074
* Cleanup dependencies and tests by berggren in https://github.com/google/timesketch/pull/1075
* Remove Python2 support by berggren in https://github.com/google/timesketch/pull/1080
* Initial Sigma support by Onager in https://github.com/google/timesketch/pull/1028
* Bump cryptography from 2.1.4 to 2.3 by dependabot in https://github.com/google/timesketch/pull/1078
* Adding a tool to run analyzers without requiring TS to be installed (for dev/testing purposes) by kiddinn in https://github.com/google/timesketch/pull/1085
* Use new frontend and remove Neo4j by berggren in https://github.com/google/timesketch/pull/1090
* Add pagination controls at the end of the page by berggren in https://github.com/google/timesketch/pull/1091
* Upload and Analyzer UI fixes by berggren in https://github.com/google/timesketch/pull/1092
**Full Changelog**: https://github.com/google/timesketch/compare/20191220...20200131
20191220
New UI, more analyzers and an updated API client
What's Changed
* Analyzer update by kiddinn in https://github.com/google/timesketch/pull/828
* Multiple changes for code flagged by pylint 2.1.1 by joachimmetz in https://github.com/google/timesketch/pull/833
* Remove u' from docker scripts by berggren in https://github.com/google/timesketch/pull/835
* Fixes for python3 compatibility by kiddinn in https://github.com/google/timesketch/pull/829
* Support RE flags by berggren in https://github.com/google/timesketch/pull/837
* Check if user exist by berggren in https://github.com/google/timesketch/pull/838
* New aggregation framework by berggren in https://github.com/google/timesketch/pull/842
* Allow comma separated list of usernames to share to by berggren in https://github.com/google/timesketch/pull/844
* Linkedin account extraction by kovakina in https://github.com/google/timesketch/pull/839
* New frontend by berggren in https://github.com/google/timesketch/pull/848
* Update Installation.md by joachimmetz in https://github.com/google/timesketch/pull/853
* Moved pylint to stand-alone CI test target by joachimmetz in https://github.com/google/timesketch/pull/831
* Updated CI test to use pylint 2.2.2 by joachimmetz in https://github.com/google/timesketch/pull/852
* Added Bionic Docker-based tests that use dependencies from GIFT PPA by joachimmetz in https://github.com/google/timesketch/pull/832
* Changed domain analyzer, removing human readable manipulation, issue 847 by kiddinn in https://github.com/google/timesketch/pull/858
* Update dockerfile to copy config recursively by Onager in https://github.com/google/timesketch/pull/859
* Updated .pylintrc and changes for linter 855 by joachimmetz in https://github.com/google/timesketch/pull/856
* Added l2tdevtools configuration files and generated dependency files by joachimmetz in https://github.com/google/timesketch/pull/790
* Adding a term aggregator. by kiddinn in https://github.com/google/timesketch/pull/857
* Added API calls for aggregations as well as enabling client access to aggregations (step 1) by kiddinn in https://github.com/google/timesketch/pull/860
* Markdown stories by berggren in https://github.com/google/timesketch/pull/866
* Delete sketch functionality by berggren in https://github.com/google/timesketch/pull/868
* MUS2019-CTF Colab by obsidianforensics in https://github.com/google/timesketch/pull/872
* Update CreateTimelineFromJSONorCSV.md by obsidianforensics in https://github.com/google/timesketch/pull/877
* Timeline management by berggren in https://github.com/google/timesketch/pull/875
* Aggregation SQL model by berggren in https://github.com/google/timesketch/pull/876
* Removed elasticsearch5-py as a dependency by joachimmetz in https://github.com/google/timesketch/pull/879
* Update dependencies by berggren in https://github.com/google/timesketch/pull/878
* Update dependencies by joachimmetz in https://github.com/google/timesketch/pull/881
* Fixed problem that the celery does not start automatically. by piwikjapan in https://github.com/google/timesketch/pull/807
* Changed phishy domain analyzer to return early if no results. by kiddinn in https://github.com/google/timesketch/pull/893
* Minor bug fixes in CSV file import for python3 compatability by kiddinn in https://github.com/google/timesketch/pull/894
* Updated Dockerfile to use Python 3 timesketch by joachimmetz in https://github.com/google/timesketch/pull/887
* Add example nginx and systemd config files by berggren in https://github.com/google/timesketch/pull/895
* Commit Sketch object to DB before setting ACL by berggren in https://github.com/google/timesketch/pull/897
* Exit early if there are no domains to analyze by berggren in https://github.com/google/timesketch/pull/898
* Use legacy aggregators in old UI by berggren in https://github.com/google/timesketch/pull/899
* Adding more aggregation APIs and upgrading API client to make use of them. by kiddinn in https://github.com/google/timesketch/pull/889
* Docker refactor by berggren in https://github.com/google/timesketch/pull/903
* Adding starred event lookups to colab example by kiddinn in https://github.com/google/timesketch/pull/907
* Added Debian packaging files by joachimmetz in https://github.com/google/timesketch/pull/882
* New timeline picker component by berggren in https://github.com/google/timesketch/pull/911
* Fixing wrong file locations in docker configs by kiddinn in https://github.com/google/timesketch/pull/915
* Logo Files by althealabre in https://github.com/google/timesketch/pull/917
* Fix a Python3 error by encoding before hashing by taishi8117 in https://github.com/google/timesketch/pull/914
* Yeti indicator analyzer by tomchop in https://github.com/google/timesketch/pull/900
* Editable sketch summary by berggren in https://github.com/google/timesketch/pull/910
* Dynamic analyzers by berggren in https://github.com/google/timesketch/pull/909
* Time bubbles by berggren in https://github.com/google/timesketch/pull/919
* GCP servicekey analyzer for stackdriver logs by pstirparo in https://github.com/google/timesketch/pull/918
* Fix for issue 927 by jadams in https://github.com/google/timesketch/pull/928
* Fixed typo in Users-guide.md. by katemacleod in https://github.com/google/timesketch/pull/929
* Remove file no longer used by nnyx7 in https://github.com/google/timesketch/pull/931
* Added tsctl import command to Users-Guide.md by katemacleod in https://github.com/google/timesketch/pull/932
* Add missing line in the docker-compose files by nnyx7 in https://github.com/google/timesketch/pull/936
* Add missing code quotes by Liamdoult in https://github.com/google/timesketch/pull/940
* Added basic sessionizer plugin. by nnyx7 in https://github.com/google/timesketch/pull/939
* Format error as string by tomchop in https://github.com/google/timesketch/pull/944
* Fix 934 by tomchop in https://github.com/google/timesketch/pull/949
* Move dependency install to Dockerfile by berggren in https://github.com/google/timesketch/pull/958
* Better explanation of the purge command by jaegeral in https://github.com/google/timesketch/pull/959
* Mention SearchQueryGuide and SketchOverview in the userguide by jaegeral in https://github.com/google/timesketch/pull/947
* Fix for error when adding a view with query_dsl by katemacleod in https://github.com/google/timesketch/pull/948
* Fixing an issue with domain analyzer. by kiddinn in https://github.com/google/timesketch/pull/961
* New UI: Time filters by berggren in https://github.com/google/timesketch/pull/925
* Remove Xenial from Travis tests by berggren in https://github.com/google/timesketch/pull/963
* Dynamic aggregators by berggren in https://github.com/google/timesketch/pull/920
* Delete view by berggren in https://github.com/google/timesketch/pull/962
* New login page by berggren in https://github.com/google/timesketch/pull/966
* New logo header by berggren in https://github.com/google/timesketch/pull/968
* Expert sessionizer by katemacleod in https://github.com/google/timesketch/pull/941
* Fix MockDataStore storing events by nnyx7 in https://github.com/google/timesketch/pull/970
* Add sequence sessionizer. by nnyx7 in https://github.com/google/timesketch/pull/960
* SSH sessionizing sketch analyser by nnyx7 in https://github.com/google/timesketch/pull/973
* New UI build by berggren in https://github.com/google/timesketch/pull/978
* Remove Vagrant by berggren in https://github.com/google/timesketch/pull/979
* Doc fixes for sessionizers by katemacleod in https://github.com/google/timesketch/pull/975
* Session chart by katemacleod in https://github.com/google/timesketch/pull/974
* Session resource by katemacleod in https://github.com/google/timesketch/pull/971
* Remove multiple inheritance in test classes by nnyx7 in https://github.com/google/timesketch/pull/977
* Fixing aggregations in the API client by kiddinn in https://github.com/google/timesketch/pull/982
* Making changes to how aggregations are done in API client by kiddinn in https://github.com/google/timesketch/pull/983
* Minor bug in client. by kiddinn in https://github.com/google/timesketch/pull/984
* Adding aggregation into the jupyter notebook demo by kiddinn in https://github.com/google/timesketch/pull/985
* Empty states by berggren in https://github.com/google/timesketch/pull/986
* Only run linter on changed files by berggren in https://github.com/google/timesketch/pull/987
* Add tags to event list by berggren in https://github.com/google/timesketch/pull/988
* Update docker-compose to correct elasticsearch volume by exFill in https://github.com/google/timesketch/pull/990
* Minor client changes by kiddinn in https://github.com/google/timesketch/pull/992
* Adding the OSDFCon demo notebook to our sample notebooks. by kiddinn in https://github.com/google/timesketch/pull/993
* New filter system by berggren in https://github.com/google/timesketch/pull/991
* Add Buefy UI framework by berggren in https://github.com/google/timesketch/pull/995
* Fixed the TypeError: delimiter must be string, not unicode error. by wajihyassine in https://github.com/google/timesketch/pull/999
* Improving error handling in the API by kiddinn in https://github.com/google/timesketch/pull/1001
* Adding list sketches to the tsctl command by kiddinn in https://github.com/google/timesketch/pull/1002
* Refactor UI by berggren in https://github.com/google/timesketch/pull/1003
* Adding the ability to manually run an analyzer in the API by kiddinn in https://github.com/google/timesketch/pull/998
* New UI: Star events by berggren in https://github.com/google/timesketch/pull/1005
* New UI: Result limit and sort order by berggren in https://github.com/google/timesketch/pull/1006
* New UI: Comment support by berggren in https://github.com/google/timesketch/pull/1007
* Install documentation from plaso changed location by jaegeral in https://github.com/google/timesketch/pull/1008
* New UI: Context query by berggren in https://github.com/google/timesketch/pull/1011
* Introduce .dockerignore by au-phiware in https://github.com/google/timesketch/pull/1010
* API client methods for comment and label by jaegeral in https://github.com/google/timesketch/pull/693
* Introduce documentation how to import arbitrary data to ts by jaegeral in https://github.com/google/timesketch/pull/1009
* New UI: Pagination support by berggren in https://github.com/google/timesketch/pull/1012
* New UI: Sharing controls by berggren in https://github.com/google/timesketch/pull/1015
* Added import stream object for more flexible data upload by kiddinn in https://github.com/google/timesketch/pull/1004
* Fixing 1017 and one other minor issue. by kiddinn in https://github.com/google/timesketch/pull/1018
* New UI: Upload progress bar by berggren in https://github.com/google/timesketch/pull/1020
* Adding a chain analyzer. by kiddinn in https://github.com/google/timesketch/pull/994
* New UI: Run analyzers from the UI by berggren in https://github.com/google/timesketch/pull/1019
* Fixing bug in listing stored aggregators by kiddinn in https://github.com/google/timesketch/pull/1021
* New UI: Loading state for uploaded timelines by berggren in https://github.com/google/timesketch/pull/1022
* New UI: Just show delete menu if user has permission by berggren in https://github.com/google/timesketch/pull/1023
* New UI: Error toast and analyzer run permissions by berggren in https://github.com/google/timesketch/pull/1025
* Fixing a minor py2 vs py3 compatibility issue in OAUTH by kiddinn in https://github.com/google/timesketch/pull/1026
* Adding OAUTH support to API client. by kiddinn in https://github.com/google/timesketch/pull/1027
* Timestomp by fooris in https://github.com/google/timesketch/pull/942
* Changes to the OAUTH support for the client API by kiddinn in https://github.com/google/timesketch/pull/1030
* Changing the OAUTH flow in the client to add a web server to catch response by kiddinn in https://github.com/google/timesketch/pull/1031
* New UI: Selectable columns by berggren in https://github.com/google/timesketch/pull/1029
* Fix views in story mode by berggren in https://github.com/google/timesketch/pull/1032
* Bugfix for views without fields by berggren in https://github.com/google/timesketch/pull/1033
* Small bugfix for word wraps by berggren in https://github.com/google/timesketch/pull/1034
* Adding description and chart titles for aggregation. by kiddinn in https://github.com/google/timesketch/pull/1036
* Add description to aggregation dropdown by berggren in https://github.com/google/timesketch/pull/1037
* Adding aggregation information to the API and API client. by kiddinn in https://github.com/google/timesketch/pull/1038
* CSRF refresh snackbar by berggren in https://github.com/google/timesketch/pull/1040
* Cleaning up analyzer tags by berggren in https://github.com/google/timesketch/pull/1039
* New UI: Bugfix for sharing form by berggren in https://github.com/google/timesketch/pull/1041
* Bugfix: Do not strip domain when changing ACL by berggren in https://github.com/google/timesketch/pull/1042
* Splitting up parsing of large CSV files with the importer by kiddinn in https://github.com/google/timesketch/pull/1044
* Set correct value in option dropdown by berggren in https://github.com/google/timesketch/pull/1048
* Separating client classes into their own files. by kiddinn in https://github.com/google/timesketch/pull/1049
* New base dev image build by berggren in https://github.com/google/timesketch/pull/1050
* Adding the ability to store aggregation into analyzer interface by kiddinn in https://github.com/google/timesketch/pull/1051
* Fix duplicate sorting order in sketch explore sort order dropdown by vikahl in https://github.com/google/timesketch/pull/1054
* Enable new UI by berggren in https://github.com/google/timesketch/pull/1057
* Remove vagrant from the readme by jaegeral in https://github.com/google/timesketch/pull/1058
* Use development_timesketch instead of docker_timesketch by jaegeral in https://github.com/google/timesketch/pull/1059
* Change default location for config file by berggren in https://github.com/google/timesketch/pull/1061
* Added dynamic form definition for the feature extraction analyzer. by kiddinn in https://github.com/google/timesketch/pull/1055
* Always use HTTPS for OIDC redirects by berggren in https://github.com/google/timesketch/pull/1062
* New release 20191220 by berggren in https://github.com/google/timesketch/pull/1063
New Contributors
* piwikjapan made their first contribution in https://github.com/google/timesketch/pull/807
* althealabre made their first contribution in https://github.com/google/timesketch/pull/917
* taishi8117 made their first contribution in https://github.com/google/timesketch/pull/914
* pstirparo made their first contribution in https://github.com/google/timesketch/pull/918
* jadams made their first contribution in https://github.com/google/timesketch/pull/928
* Liamdoult made their first contribution in https://github.com/google/timesketch/pull/940
* exFill made their first contribution in https://github.com/google/timesketch/pull/990
* wajihyassine made their first contribution in https://github.com/google/timesketch/pull/999
* au-phiware made their first contribution in https://github.com/google/timesketch/pull/1010
* fooris made their first contribution in https://github.com/google/timesketch/pull/942
* vikahl made their first contribution in https://github.com/google/timesketch/pull/1054
**Full Changelog**: https://github.com/google/timesketch/compare/20190207...20191220
20190207
New release with updated analyzers, py3 support and bugfixes.
What's Changed
* Graph refactor by berggren in https://github.com/google/timesketch/pull/714
* The former wiki link no longer exists by jaegeral in https://github.com/google/timesketch/pull/703
* minor fixes for docker files by aguilajesus in https://github.com/google/timesketch/pull/698
* Update dependencies by berggren in https://github.com/google/timesketch/pull/715
* Bug fixes for the analyzers by berggren in https://github.com/google/timesketch/pull/717
* Development environment with Docker by berggren in https://github.com/google/timesketch/pull/718
* Update README.md by kovakina in https://github.com/google/timesketch/pull/719
* Human readable in the UI by berggren in https://github.com/google/timesketch/pull/721
* Enable debug and analyzers for development by berggren in https://github.com/google/timesketch/pull/722
* Update Vagrant script by Onager in https://github.com/google/timesketch/pull/726
* Overwrite size value for exported events. by aguilajesus in https://github.com/google/timesketch/pull/723
* Add Event_to_sketch in api by jaegeral in https://github.com/google/timesketch/pull/692
* Add emoji support in the UI and in analyzers by berggren in https://github.com/google/timesketch/pull/729
* Move emojis to the left by berggren in https://github.com/google/timesketch/pull/730
* Don't remove session when engine is created by berggren in https://github.com/google/timesketch/pull/731
* Set human readable strings by berggren in https://github.com/google/timesketch/pull/732
* Added a browser search sketch analyzer by kiddinn in https://github.com/google/timesketch/pull/733
* Add definitions for emojis by berggren in https://github.com/google/timesketch/pull/742
* Changed set_human_readable so that it does not overwrite previous data by kiddinn in https://github.com/google/timesketch/pull/744
* Moving parts of the similarity scorer to a separate library. by kiddinn in https://github.com/google/timesketch/pull/746
* Sketch analyzers chained and human_readable set to a list. by kiddinn in https://github.com/google/timesketch/pull/749
* Update Installation.md by weichea in https://github.com/google/timesketch/pull/759
* Only create saved view if there are hits by berggren in https://github.com/google/timesketch/pull/756
* Upgrade urllib3 due to security fix by berggren in https://github.com/google/timesketch/pull/752
* Run index analyzers in a chain by berggren in https://github.com/google/timesketch/pull/751
* Verbose View with new human_readable UI by kiddinn in https://github.com/google/timesketch/pull/754
* New DB engine per celery worker by berggren in https://github.com/google/timesketch/pull/755
* Added a phishy domain analyzer by kiddinn in https://github.com/google/timesketch/pull/761
* Changed the emoji library to include helper text by kiddinn in https://github.com/google/timesketch/pull/762
* Emoji tooltips by berggren in https://github.com/google/timesketch/pull/764
* Only create one view by berggren in https://github.com/google/timesketch/pull/765
* Added dependencies into analyzers to affect ordering they are run in. by kiddinn in https://github.com/google/timesketch/pull/767
* Simple domain analyzer by berggren in https://github.com/google/timesketch/pull/766
* UI polish for the new year by berggren in https://github.com/google/timesketch/pull/768
* Fix links in user guide by obsidianforensics in https://github.com/google/timesketch/pull/769
* New importer in tsctl by berggren in https://github.com/google/timesketch/pull/770
* Adding the ability to request return fields in the API. by kiddinn in https://github.com/google/timesketch/pull/771
* Small refactor of tsctl by berggren in https://github.com/google/timesketch/pull/772
* Email notification for imports by berggren in https://github.com/google/timesketch/pull/773
* Email send bugfix by berggren in https://github.com/google/timesketch/pull/775
* Do not require SERVER_NAME to be set for URL construction by berggren in https://github.com/google/timesketch/pull/776
* Updating search filter limit to match new ES filters. by kiddinn in https://github.com/google/timesketch/pull/777
* ES py client 6x support and pyyaml update by berggren in https://github.com/google/timesketch/pull/778
* Added few more domains into known whitelist and added another view in phishy domains by kiddinn in https://github.com/google/timesketch/pull/779
* Fixed a bug in the jsonl importer. by kiddinn in https://github.com/google/timesketch/pull/780
* Tag known CDN domains by berggren in https://github.com/google/timesketch/pull/781
* Adding a login analyzer. by kiddinn in https://github.com/google/timesketch/pull/783
* Added a feature extraction analyzer by kiddinn in https://github.com/google/timesketch/pull/785
* Added pandas support into the API and analyzers interface. by kiddinn in https://github.com/google/timesketch/pull/787
* Added scrolling support to API calls by kiddinn in https://github.com/google/timesketch/pull/791
* New API client release by berggren in https://github.com/google/timesketch/pull/792
* Changed the login analyzer's logon event parsing. by kiddinn in https://github.com/google/timesketch/pull/794
* Minor bugs in the client library as well as adding timeline name + proper datetime by kiddinn in https://github.com/google/timesketch/pull/796
* Removing BeautifulSoup as a dependency in favor of bs4 by kiddinn in https://github.com/google/timesketch/pull/799
* Added a colab notebook that demos TS/colab connections, also added a badge to the README by kiddinn in https://github.com/google/timesketch/pull/793
* Added a jupyter demo notebook. by kiddinn in https://github.com/google/timesketch/pull/797
* Upgrading colab notebook to python3 by kiddinn in https://github.com/google/timesketch/pull/800
* Removed BeautifulSoup from requirements by kiddinn in https://github.com/google/timesketch/pull/801
* Added mybinder config to TS, making it possible to run jupyterlab notebooks. by kiddinn in https://github.com/google/timesketch/pull/802
* Analyzer index performance fix by berggren in https://github.com/google/timesketch/pull/803
* Fix missing volume for docker-compose by berggren in https://github.com/google/timesketch/pull/804
* Minor change in import. by kiddinn in https://github.com/google/timesketch/pull/808
* Pagination bug fix by berggren in https://github.com/google/timesketch/pull/810
* Fix for docker-compose bug by berggren in https://github.com/google/timesketch/pull/809
* Extract Usernames or Account Email Addresses (745) by obsidianforensics in https://github.com/google/timesketch/pull/795
* Added a browser timeframe analyzer plugin by kiddinn in https://github.com/google/timesketch/pull/811
* Bug fixes by kiddinn in https://github.com/google/timesketch/pull/812
* Add pandas to setup.py by tomchop in https://github.com/google/timesketch/pull/815
* Update docker-entrypoint.sh by Tango43 in https://github.com/google/timesketch/pull/817
* Changes for Python 3 compatibility by Onager in https://github.com/google/timesketch/pull/813
* Remove unused dep (pycypher) and small bugfix for heatmap by berggren in https://github.com/google/timesketch/pull/824
* tests(travis): remove deprecated option by RDIL in https://github.com/google/timesketch/pull/784
* Cleanup the last remaining u'' by berggren in https://github.com/google/timesketch/pull/827
* Update to Ubuntu 18.04 for both Docker and Vagrant by berggren in https://github.com/google/timesketch/pull/825
* New release version - 20190207 by berggren in https://github.com/google/timesketch/pull/826
New Contributors
* weichea made their first contribution in https://github.com/google/timesketch/pull/759
* Tango43 made their first contribution in https://github.com/google/timesketch/pull/817
* RDIL made their first contribution in https://github.com/google/timesketch/pull/784
**Full Changelog**: https://github.com/google/timesketch/compare/20181116...20190207
20181116
Timesketch release 20181116
What's Changed
* Introduce add events manually in documentation by jaegeral in https://github.com/google/timesketch/pull/634
* Redline Import in tsctl by jaegeral in https://github.com/google/timesketch/pull/603
* Mention how to change a users password by jaegeral in https://github.com/google/timesketch/pull/639
* Make fields reqiured in add event form by berggren in https://github.com/google/timesketch/pull/636
* Add pyyaml dependency by ecapuano in https://github.com/google/timesketch/pull/650
* Google OpenID Connect authentication support by berggren in https://github.com/google/timesketch/pull/629
* Add PyYAML dependency by berggren in https://github.com/google/timesketch/pull/656
* Elasticsearch 6.x support by berggren in https://github.com/google/timesketch/pull/659
* Update bundle by berggren in https://github.com/google/timesketch/pull/660
* normalize datetime and timestamp from csv file import. by aguilajesus in https://github.com/google/timesketch/pull/661
* Close DB session by berggren in https://github.com/google/timesketch/pull/667
* docs(readme): update readme.md by bhavya9107 in https://github.com/google/timesketch/pull/680
* Fix: Overflow bug in the list of timelines UI by berggren in https://github.com/google/timesketch/pull/681
* Graph cleanup - preparation for new UI and auto analysis by berggren in https://github.com/google/timesketch/pull/689
* Automatic analysis tasks by berggren in https://github.com/google/timesketch/pull/663
* Max CSV field size by berggren in https://github.com/google/timesketch/pull/679
* add microseconds if present in datetime field by aguilajesus in https://github.com/google/timesketch/pull/670
* export all fields on export 657 by aguilajesus in https://github.com/google/timesketch/pull/678
* add _index to csv export by aguilajesus in https://github.com/google/timesketch/pull/699
* Adding search query guide and screenshots by kovakina in https://github.com/google/timesketch/pull/651
* Make sure sketch analyzers are run after indexing. by berggren in https://github.com/google/timesketch/pull/704
* Enable similarity UI element by berggren in https://github.com/google/timesketch/pull/709
* Restore ability to specify other delimiter character in csv imports. by jaegeral in https://github.com/google/timesketch/pull/708
* New release 20181116 by berggren in https://github.com/google/timesketch/pull/712
New Contributors
* ecapuano made their first contribution in https://github.com/google/timesketch/pull/650
* bhavya9107 made their first contribution in https://github.com/google/timesketch/pull/680
**Full Changelog**: https://github.com/google/timesketch/compare/20180613...20181116
20180613
Timesketch release 20180613
**Full Changelog**: https://github.com/google/timesketch/compare/20180612...20180613
20180612
Version 20180612 of Timesketch
What's Changed
* Update Docker README and move from wiki to repo by witoff in https://github.com/google/timesketch/pull/375
* SearchIndex in API client by berggren in https://github.com/google/timesketch/pull/376
* Make vagrant bootstrap script more idempotent. by franekp in https://github.com/google/timesketch/pull/378
* Move docs to repo. by franekp in https://github.com/google/timesketch/pull/379
* Custom error message for HTTP bad (400) requests by berggren in https://github.com/google/timesketch/pull/381
* Format Python code with yapf by berggren in https://github.com/google/timesketch/pull/387
* Collapse apt-get and pip invocations in bootstrap.sh by franekp in https://github.com/google/timesketch/pull/389
* Add frontend build pipeline by franekp in https://github.com/google/timesketch/pull/390
* Create search indices and timelines by berggren in https://github.com/google/timesketch/pull/380
* Fix IndexError in ResourceMixin.to_json by franekp in https://github.com/google/timesketch/pull/404
* Add support for HTTP basic authentication to the API client by csash in https://github.com/google/timesketch/pull/403
* Pin python dependencies by franekp in https://github.com/google/timesketch/pull/406
* Deduplicate information about contributing. by franekp in https://github.com/google/timesketch/pull/407
* Clean up misplaced executable permissions. by franekp in https://github.com/google/timesketch/pull/408
* Workaround a bug that sometimes causes pip-sync to delete pkg_resources. by franekp in https://github.com/google/timesketch/pull/411
* fix Upload docs by pettai in https://github.com/google/timesketch/pull/412
* Rewrite test script to python. Invoke it from .travis.yml. Add some docs. by franekp in https://github.com/google/timesketch/pull/413
* Refactor + align project structure with Angular 2 conventions. by franekp in https://github.com/google/timesketch/pull/415
* Add simple navigation component in Angular 2 by franekp in https://github.com/google/timesketch/pull/416
* Add TSLint by franekp in https://github.com/google/timesketch/pull/417
* Use more Angular 2 style guide. by franekp in https://github.com/google/timesketch/pull/422
* Fix non-determinism in SketchListResourceTest. by franekp in https://github.com/google/timesketch/pull/424
* Add frontend unit tests with Karma and PhantomJS. by franekp in https://github.com/google/timesketch/pull/423
* Just decode strings by berggren in https://github.com/google/timesketch/pull/418
* Add angular-specific linter. by franekp in https://github.com/google/timesketch/pull/426
* Fix navigation bar broken in 422 by franekp in https://github.com/google/timesketch/pull/429
* Add info about running tests to developers guide. by franekp in https://github.com/google/timesketch/pull/430
* Fix Angular bootstrap broken in 423 by franekp in https://github.com/google/timesketch/pull/439
* align navigation menu by berggren in https://github.com/google/timesketch/pull/440
* Wrap text when too long by berggren in https://github.com/google/timesketch/pull/443
* Remove container block by berggren in https://github.com/google/timesketch/pull/445
* Support new Plaso (20170930 aka Heimdall) by berggren in https://github.com/google/timesketch/pull/449
* Graph entities and registry by berggren in https://github.com/google/timesketch/pull/453
* Nested aggregations by berggren in https://github.com/google/timesketch/pull/447
* Graph visualization - initial code by franekp in https://github.com/google/timesketch/pull/451
* Graph generation - initial version without celery job. by franekp in https://github.com/google/timesketch/pull/463
* Adjust graph metadata. by franekp in https://github.com/google/timesketch/pull/464
* Few unrelated small fixes. by franekp in https://github.com/google/timesketch/pull/466
* Add ES queries and ES index to all edges by berggren in https://github.com/google/timesketch/pull/465
* Graphs: use label templates in frontend. by franekp in https://github.com/google/timesketch/pull/467
* Update unit tests after graph labels change. by franekp in https://github.com/google/timesketch/pull/469
* Change default zoom levels by berggren in https://github.com/google/timesketch/pull/473
* UI for graph creation. by franekp in https://github.com/google/timesketch/pull/474
* Add timestamps to edges by berggren in https://github.com/google/timesketch/pull/471
* Fix memory leak - destroy Cytoscape instances when not used. by franekp in https://github.com/google/timesketch/pull/477
* Minor ui changes by berggren in https://github.com/google/timesketch/pull/478
* Predefined queries by berggren in https://github.com/google/timesketch/pull/479
* Move hard-coded values from graph-view.component to graph-view.data by franekp in https://github.com/google/timesketch/pull/480
* Move predefined queries from cypher-query.component to cypher-query.data by franekp in https://github.com/google/timesketch/pull/481
* [WIP] Add sidebar. by franekp in https://github.com/google/timesketch/pull/482
* Show event list next to graph. by franekp in https://github.com/google/timesketch/pull/483
* Graph styling by berggren in https://github.com/google/timesketch/pull/485
* Closest neighbours by berggren in https://github.com/google/timesketch/pull/486
* Fix stale data being rendered in Cytoscape. by franekp in https://github.com/google/timesketch/pull/488
* Change sidebar background. by franekp in https://github.com/google/timesketch/pull/489
* Transpile cypher queries. by franekp in https://github.com/google/timesketch/pull/487
* Load jquery before angular by berggren in https://github.com/google/timesketch/pull/492
* Include graph .cql script by berggren in https://github.com/google/timesketch/pull/493
* less whitespace by berggren in https://github.com/google/timesketch/pull/494
* e2e test script by berggren in https://github.com/google/timesketch/pull/495
* Add plaso test by berggren in https://github.com/google/timesketch/pull/496
* Similarity experiment by berggren in https://github.com/google/timesketch/pull/500
* Update install instructions for ES 5.x by csash in https://github.com/google/timesketch/pull/501
* Add direct link to specific event (414) by csash in https://github.com/google/timesketch/pull/503
* Ingestion progress indication by berggren in https://github.com/google/timesketch/pull/504
* Update link to Daemonizing Celery workers by adamjnichols in https://github.com/google/timesketch/pull/506
* Update Installation.md by adamjnichols in https://github.com/google/timesketch/pull/509
* Typo on 85 by kant in https://github.com/google/timesketch/pull/510
* Addition of JSONL upload capability by adamjnichols in https://github.com/google/timesketch/pull/511
* Vagrant tweaks by adamjnichols in https://github.com/google/timesketch/pull/515
* Add Python API functions for annotating events and searching a timeline by annotation 🤘🏻 by tomchop in https://github.com/google/timesketch/pull/517
* Apply config file host+port by adamjnichols in https://github.com/google/timesketch/pull/519
* Vagrant permission fixes by adamjnichols in https://github.com/google/timesketch/pull/523
* New color theme by berggren in https://github.com/google/timesketch/pull/524
* Fix navigation bug by berggren in https://github.com/google/timesketch/pull/525
* Use UgliFyJS to minimize bundle by berggren in https://github.com/google/timesketch/pull/526
* Add SVG logo by berggren in https://github.com/google/timesketch/pull/527
* Mention the disksize plugin by jaegeral in https://github.com/google/timesketch/pull/529
* Surface celery task errors by berggren in https://github.com/google/timesketch/pull/530
* Docker overhaul/update by adamjnichols in https://github.com/google/timesketch/pull/520
* Upgrade to jquery 3.0.0 by berggren in https://github.com/google/timesketch/pull/532
* Don't delete index on error by berggren in https://github.com/google/timesketch/pull/533
* CSV jsonl error handling - git bananza by berggren in https://github.com/google/timesketch/pull/535
* Show labels for labeled events by tomchop in https://github.com/google/timesketch/pull/538
* Changed test file format to sqlite; included derivative csv file by adamjnichols in https://github.com/google/timesketch/pull/537
* Add support for CSV files using non-standard delimiters by adamjnichols in https://github.com/google/timesketch/pull/539
* Ignore node_modules via .pylintrc by Androbin in https://github.com/google/timesketch/pull/540
* Event pagination by adamjnichols in https://github.com/google/timesketch/pull/541
* Refactor models views by berggren in https://github.com/google/timesketch/pull/542
* Refactor api routes by berggren in https://github.com/google/timesketch/pull/543
* Fix for CSV issue 548 by adamjnichols in https://github.com/google/timesketch/pull/549
* set task arguments based on file extension 555 by aguilajesus in https://github.com/google/timesketch/pull/556
* e2e tests fix by berggren in https://github.com/google/timesketch/pull/553
* Update momentjs by berggren in https://github.com/google/timesketch/pull/561
* Strip domain from username if present by berggren in https://github.com/google/timesketch/pull/551
* Pagination UI fix by berggren in https://github.com/google/timesketch/pull/562
* Show labels for labeled events by tomchop in https://github.com/google/timesketch/pull/572
* Don't build pager when there are no results by berggren in https://github.com/google/timesketch/pull/573
* Remove unused abstraction base class by berggren in https://github.com/google/timesketch/pull/574
* Enable file import/export support for search templates. by aguilajesus in https://github.com/google/timesketch/pull/576
* add label support to search templates by aguilajesus in https://github.com/google/timesketch/pull/577
* Update setup.py by adamjnichols in https://github.com/google/timesketch/pull/583
* Don't trample local OS PIP by adamjnichols in https://github.com/google/timesketch/pull/588
* Enable upload by default when using Vagrant by berggren in https://github.com/google/timesketch/pull/593
* Consistent null state by berggren in https://github.com/google/timesketch/pull/594
* Show all active timelines by berggren in https://github.com/google/timesketch/pull/595
* Fixed a typo by jaegeral in https://github.com/google/timesketch/pull/597
* Parameterize Timesketch authentication with docker-compose by Onager in https://github.com/google/timesketch/pull/598
* User guide first version by jaegeral in https://github.com/google/timesketch/pull/599
* little modification in installation howto by jaegeral in https://github.com/google/timesketch/pull/604
* Add MICROSECONDS_PER_SECOND to definitions by berggren in https://github.com/google/timesketch/pull/606
* Adding the users guide to README.md by jaegeral in https://github.com/google/timesketch/pull/611
* check status from elastic by jaegeral in https://github.com/google/timesketch/pull/608
* clean code. delete unused comma by OhBonsai in https://github.com/google/timesketch/pull/610
* Add events manually by adamjnichols in https://github.com/google/timesketch/pull/587
* Fix broken context query by berggren in https://github.com/google/timesketch/pull/619
* Google IAP/OIDC authentication support by berggren in https://github.com/google/timesketch/pull/617
* Close DB session in tasks by berggren in https://github.com/google/timesketch/pull/612
* Rename cypher lib dir by berggren in https://github.com/google/timesketch/pull/613
* Version 20180612 by berggren in https://github.com/google/timesketch/pull/630
New Contributors
* franekp made their first contribution in https://github.com/google/timesketch/pull/378
* pettai made their first contribution in https://github.com/google/timesketch/pull/412
* adamjnichols made their first contribution in https://github.com/google/timesketch/pull/506
* kant made their first contribution in https://github.com/google/timesketch/pull/510
* Androbin made their first contribution in https://github.com/google/timesketch/pull/540
* OhBonsai made their first contribution in https://github.com/google/timesketch/pull/610
**Full Changelog**: https://github.com/google/timesketch/compare/20170721...20180612
20170721
Version 20170721 of Timesketch
What's Changed
* Update to make compatible with Plaso 1.5 RC1 by Onager in https://github.com/google/timesketch/pull/198
* 199 task bug by berggren in https://github.com/google/timesketch/pull/200
* Don't show closed sketches in the overview by berggren in https://github.com/google/timesketch/pull/205
* Better url query and UI fix by berggren in https://github.com/google/timesketch/pull/224
* Better charts by berggren in https://github.com/google/timesketch/pull/225
* View from selected events and editable views by berggren in https://github.com/google/timesketch/pull/204
* Save view when created from URL parameters by berggren in https://github.com/google/timesketch/pull/227
* Validate filters by berggren in https://github.com/google/timesketch/pull/229
* D3 by vlejd in https://github.com/google/timesketch/pull/231
* Minor UI tweak - display a "no results" message (instead of "Welcome … by csash in https://github.com/google/timesketch/pull/240
* Fix for 243 (update current_app imports) / update one FlaskWTF import in forms by csash in https://github.com/google/timesketch/pull/244
* Bring back context queries by berggren in https://github.com/google/timesketch/pull/251
* 217 search templates by berggren in https://github.com/google/timesketch/pull/233
* CSV upload by berggren in https://github.com/google/timesketch/pull/265
* UI dashboard polish by berggren in https://github.com/google/timesketch/pull/266
* Fix bug with using the wrong app context by berggren in https://github.com/google/timesketch/pull/268
* Remove depricated search feature when adding timelines by berggren in https://github.com/google/timesketch/pull/270
* Roll back task fix. Not needed anymore. by berggren in https://github.com/google/timesketch/pull/271
* Add app context to db operations in CSV task by berggren in https://github.com/google/timesketch/pull/272
* Consistent UI by berggren in https://github.com/google/timesketch/pull/275
* Sketch upload by berggren in https://github.com/google/timesketch/pull/277
* Vagrant support by berggren in https://github.com/google/timesketch/pull/279
* Timesketch org site by berggren in https://github.com/google/timesketch/pull/280
* Generate new site by berggren in https://github.com/google/timesketch/pull/281
* Better navigation by berggren in https://github.com/google/timesketch/pull/283
* Sort view dropdown alphabetically by berggren in https://github.com/google/timesketch/pull/285
* Read only stories by berggren in https://github.com/google/timesketch/pull/287
* Export up to 10k events by berggren in https://github.com/google/timesketch/pull/284
* Remove data_type filter picker by berggren in https://github.com/google/timesketch/pull/291
* Delete timelines by berggren in https://github.com/google/timesketch/pull/288
* Upload enhancements by berggren in https://github.com/google/timesketch/pull/289
* Small UI changes by berggren in https://github.com/google/timesketch/pull/305
* Add requirements file by berggren in https://github.com/google/timesketch/pull/309
* Streaming query results by berggren in https://github.com/google/timesketch/pull/307
* Create timestamp from datetime string when importing CSV by tomchop in https://github.com/google/timesketch/pull/300
* Bugfix by tomchop in https://github.com/google/timesketch/pull/313
* Delete timeline permanently by berggren in https://github.com/google/timesketch/pull/312
* Add Docker Support by witoff in https://github.com/google/timesketch/pull/324
* Dynamic timefilter by rbdebeer-zz in https://github.com/google/timesketch/pull/314
* Update __init__.py by berggren in https://github.com/google/timesketch/pull/326
* Add Docker Support by witoff in https://github.com/google/timesketch/pull/328
* Move the upload form to the timelines pane by berggren in https://github.com/google/timesketch/pull/332
* Show supported Plaso version if upload is enabled by berggren in https://github.com/google/timesketch/pull/335
* Move docker files by berggren in https://github.com/google/timesketch/pull/343
* Change to Text column type by berggren in https://github.com/google/timesketch/pull/345
* Ts dynamic timefilter patches by rbdebeer-zz in https://github.com/google/timesketch/pull/352
* upgrade to docker-compose v3 and fix docker support by witoff in https://github.com/google/timesketch/pull/354
* Graph backend support by berggren in https://github.com/google/timesketch/pull/349
* Python API client library by berggren in https://github.com/google/timesketch/pull/348
* Celery support in Vagrant by berggren in https://github.com/google/timesketch/pull/356
* Elasticsearch 5.x support by berggren in https://github.com/google/timesketch/pull/350
* es5 in vagrant by berggren in https://github.com/google/timesketch/pull/358
* Neo4j in Vagrant by berggren in https://github.com/google/timesketch/pull/360
* Remove depricated search_type by berggren in https://github.com/google/timesketch/pull/363
* Only show share button if owner by berggren in https://github.com/google/timesketch/pull/365
* ACL should be RO when public by berggren in https://github.com/google/timesketch/pull/367
New Contributors
* vlejd made their first contribution in https://github.com/google/timesketch/pull/231
* rbdebeer-zz made their first contribution in https://github.com/google/timesketch/pull/314
**Full Changelog**: https://github.com/google/timesketch/compare/2016.7...20170721