Fix test for API again
v4.3.1.stable9
Changes
- Use `forge` to get APM client for components
- Ensure encryption between ingress to services
v4.3.1.stable8
Service Base
- Adding .stream as an FP TLD
Identification
- Adding -uri arg for PowerShell identification
v4.3.1.stable7
Bugfixes
- Scaler: Don't assign AL-probes to non-AL containers
- Services:
- Allow services to override/add OCR terms to look for
- Supplement missing submission params with defaults from service manifest
v4.3.1.stable6
Enhancements
- Improve testing for invalid extraction in some services
- Speedup and cleanup in file identification
Bugfixes
- Fix bug in url download chunk size tracking
v4.3.1.stable5
Fix TLS Error when reconnecting to Elasticsearch
v4.3.1.stable4
Rollback
- ACL for `update_service_account` user back to R/W instead of C (backwards compatibility with older APIs)
v4.3.1.stable3
Bugfixes
- Fix updater User and API Key creation
v4.3.1.stable2
Bugfixes
- Scaler creates the proper change key for checking if service updaters are ready and account for system changes
- De-dup environment variables that Scaler already manages ie. SERVICE_API_HOST
- Changes to Update Sources should be possible regardless of how they're persisted (ie. datastore vs disk)
- Fix bug in synchronizing update sources code in API
- Source/Service deletion will clear caching entries in Redis for running updates. So even if done by accident, it should be possible to update right away
- Local source changes (such as default classification) should trigger updaters to perform a local update
v4.3.1.stable15
Fixes
- UI: AutoProp assignment for `access` is not case-sensitive
- Service Updater: Cleanup zombie processes left behind by Git
- Dispatcher: Fix typo that affects processing Replay bundles
- Updater: Pass logger to interface class
v4.3.1.stable14
Improvements
- Allow submission to be cancelled even when not finished
- Allow modification of the parameters before re-submitting files and submissions in the UI
Bug fixes
- Stop services from ignoring configuration params that are not in the service manifest
v4.3.1.stable13
Service Base
- When extracting IOCs from text blobs, do not tag URI paths if their URI has been safelisted
v4.3.1.stable12
Bugfixes
- Don't close thread if direct download fails, raise an exception and move onto next source
- Stream downloads by default for direct downloads
v4.3.1.stable11
Changes
- Updaters will no longer log intermediary failures involves Git clones that later succeed in Python Requests
v4.3.1.stable10
- Added attribution.category tag type
v4.3.1.stable1
Identification
- Improved PowerShell vs. Batch
Service Base
- When extracting IOCs from text blobs, check for common false-positive domains in URIs extracted before tagging them
v4.3.1.stable0
Improvements
- Added support for TLS encryption of all internal components
- Added support for role based API Keys and On Behalf Of tokens
- Upgrade Frontend base libraries to their latest versions
Documentation
Use the following documentation to turn on encryption on your Kubernetes cluster:
[Turn on Kubernetes internal encryption](https://cybercentrecanada.github.io/assemblyline4_docs/installation/configuration/kubernetes/internal_encryption/)