Identify
- Adding a 7-zip file extension to `tag_to_extension`
v4.4.0.stable50
Bugfixes
- Service Updater: Cleanup stale files that aren't currently in use
v4.4.0.stable49
- Add the possibility to skip hashes or fuzzy hashes in Identify's fileinfo to speed up processing.
v4.4.0.stable48
- Make it more clear how date range work in the search help
- Ignore white spaces when submitting sha256 in the Frontend
- Fixed ChipList non-clickable in Error Viewer
- Fixed spacing in report tag table
v4.4.0.stable47
- Added support for External pivot links for hashes, metadata and tag in the frontend
- HOTFIX: Run workflow only when extended scans are completed so the workflows can run on complete Alerts
v4.4.0.stable46
Fixes
- Lockdown version of Pillow in service-base to 10.0.0
- Assorted fixes to Workflow management
Additions
- Signature Source Syncing: Allows Assemblyline to synchronize data from sources instead of just in a contributory manner (optional). Ideal for syncing with a database dump or Git repository
- Services can set their own `min_instances` and override the global configuration that Scaler uses by default
v4.4.0.stable45
HOTFIX
- Allow workflow actions to be performed using partial information
v4.4.0.stable44
HOTFIX: Make sure non-existing alerts updates create alerts instead of dropping them
v4.4.0.stable43
ODM Regexes
- Refactored the URL regex
v4.4.0.stable41
Bugfix
- Service Updater: [Parse service stage value into Enum to be used in logging message](https://github.com/CybercentreCanada/assemblyline-v4-service/pull/644/commits/660c963b8c46e70b6b571df0027ad1a3b79aa54e)
v4.4.0.stable40
HOTFIX: Fix classification loading speed issues on complex classification definitions
v4.4.0.stable39
Hotfix: Make datastore pings crash proof
v4.4.0.stable38
Bugfixes
- Fix connections issues with the datastore (Elasticsearch) when database is too busy
- Fix bug in classification normalization depending on long/short format
- get_dynamic_classification() should skip auto selecting groups
- Use assemblyline_service_utilities in our TestHelper
Features
- AutoProperty supports multiple `value` assignment per `type` (https://github.com/CybercentreCanada/assemblyline/issues/41)
- Add multiget search functionality to datastore library
- Support for custom username field in OAuth (https://github.com/CybercentreCanada/assemblyline/issues/88)
- Add regex for TLSH hashes
- Upgrade Flask (https://github.com/CybercentreCanada/assemblyline/issues/67)
- UTF-8 file downloads
- Add configuration for TLDs
v4.4.0.stable37
Improvement
- Updaters (and services as a result) are more perceptive/responsive of local changes made to update sources/signatures.
- Services that have updaters will have a `signatures_meta` attributes that contains the metadata of the signatures relevant to the system it's deployed on.
- For example: if a user changes the state of the signature from DEPLOYED → NOISY, then the `signatures_meta` attribute should be updated too so the service can account for the state change and apply analysis accordingly (ie. override section scoring to 0)
- The `signatures_meta` attribute contains about the signature: `classification`, `source`, `status`, `signature_id` (key), `name`
- python
signatures_meta = {
"<signature_id>": {
"classfication": "TLP:C",
"source": "my_source",
"status": "DEPLOYED",
"name": "my_name"
}
...
}
v4.4.0.stable36
Bugfix
- bugfix for nodeAffinity settings in scaler
v4.4.0.stable35
Enhancement
- Allow node selection for scaler's resource probe and service node affinity
v4.4.0.stable34
Bugfix
- Remove unused git_config used in clones
v4.4.0.stable33
Identify
- Adding a 7-zip file extension to `tag_to_extension`
v4.4.0.stable32
Bugfix
- move configuration of post process actions to redis storage
- remove buggy feature from scaler
v4.4.0.stable31
Ontology
- Add `signature_id` to Signature model
v4.4.0.stable42
- HOTFIX: Fix small issues with alert processing where alerts can come out of order
- Make sure that default post-processing action allow cached submission to be auto-resubmitted