Changed
- `code42cli` no longer supports python 2.7.
- `code42 profile create` now uses required `--name`, `--server` and `--username` flags instead of positional arguments.
- `code42 high-risk-employee add-risk-tags` now uses required `--username` and `--tag` flags instead of positional arguments.
- `code42 high-risk-employee remove-risk-tags` now uses required `--username` and `--tag` flags instead of positional arguments.
Added
- Extraction subcommands of `code42 security-data`, `print/write-to/send-to` accepts argument `--saved-search` to
return saved search results.
- `code42 security-data saved-search` commands:
- `list` prints out existing saved searches' id and name
- `show` takes a search id
- `code42 high-risk-employee bulk` supports `add-risk-tags` and `remove-risk-tags`.
- `code42 high-risk-employee bulk generate-template <cmd>` options `add-risk-tags` and `remove-risk-tags`.
- `add-risk-tags` that takes a csv file with username and space separated risk tags.
- `remove-risk-tags` that takes a csv file with username and space separated risk tags.
- Display, `Fuzzy suggestions`, valid keywords matching mistyped commands or arguments.
- `code42 alerts`:
- Ability to search/poll for alerts with checkpointing using one of the following commands:
- `print` to output to stdout.
- `write-to` to output to a file.
- `send-to` to output to server via UDP or TCP.
- `code42 alert-rules` commands:
- `add-user` with parameters `--rule-id` and `--username`.
- `remove-user` that takes a rule ID and optionally `--username`.
- `list`.
- `show` takes a rule ID.
- `bulk` with subcommands:
- `add`: that takes a csv file with rule IDs and usernames.
- `generate-template`: that creates the file template. And parameters:
- `cmd`: with options `add` and `remove`.
- `path`
- `remove`: that takes a csv file with rule IDs and usernames.
- `code42 legal-hold` commands:
- `add-user` with parameters `--matter-id/-m` and `--username/-u`.
- `remove-user` with parameters `--matter-id/-m` and `--username/-u`.
- `list` prints out existing active legal hold matters.
- `show` takes a `matter_id` and prints details of the matter.
- optional argument `--include-inactive` additionally prints matter memberships that are no longer active.
- optional argument `--include-policy` additionally prints out the matter's backup preservation policy in json form.
- `bulk` with subcommands:
- `add-user`: that takes a csv file with matter IDs and usernames.
- `remove-user`: that takes a csv file with matter IDs and usernames.
- `generate-template`: that creates the file templates.
- `cmd`: with options `add` and `remove`.
- `path`
- Success messages for `profile delete` and `profile update`.
- Additional information in the error log file:
- The full command path for the command that errored.
- User-facing error messages you see during adhoc sessions.
- A custom error in the error log when you try adding unknown risk tags to user.
- A custom error in the error log when you try adding a user to a detection list who is already added.
- Graceful handling of keyboard interrupts (ctrl-c) so stack traces aren't printed to console.
- Warning message printed when ctrl-c is encountered in the middle of an operation that could cause incorrect checkpoint
state, a second ctrl-c is required to quit while that operation is ongoing.
- A progress bar that displays during bulk commands.
- Short option `-u` added for `code42 high-risk-employee add-risk-tags` and `remove-risk-tags`.
- Tab completion for bash and zsh for Unix based machines.
Fixed
- Fixed bug in bulk commands where value-less fields in csv files were treated as empty strings instead of None.
- Fixed anomaly where the path to the error log on Windows contained mixed slashes.