Msticpy

New Features/Updates
- Azure Sentinel API Support (122) including:
- Retrieve Security Incidents, Queries
- New authentication options to chain Kqlmagic auth from Azure auth
- Improved vtlookup3 performance improvements (117)
- Add get_object function and some date formatting to vtlookupv3.py
- Adding vtlookupv3 module to API docs.
- Data obfuscation updates (123)
- Adding hash_account as separate item type to data_obfus.py
- Making hash_ip more flexible - ignoring masking of localhost and private IPs
- Updating documentation, tests and mapping file.

Fixes
- 2f2dcc2Updating for new version of Azure monitor (2.0.0) (133)
- 47be893Bump azure-identity from 1.4.0 to 1.5.0 (129)
- efe2618Some miscellaneous fixes to Mordor driver (115)
- 413d289Pinning pip version to 20.2.4 (temporary move to avoid build break due to new dependency behavior)
- fcf5126Adding credscan suppressions and changing a few dummy passwords to prepare for BFG git history re-write (126)
- 0c557d5corrected timeline legend order (119) Authored-by: Noé Pion
- 1a04005Adding html5lib to requirements

Hotfix release

Fixes
- 08b048dIf AzureCLI section is not in msticpconfig.yaml, no longer throws exception
- Updated AzureSentinel API notebook so that it has data (obfuscated).
- 3384c87Updated .pre-commit-config.yaml to exclude tests from pylint and flake8 checks
7b276a3Adding azure-mgmt-core>=1.2.1 to requirements.txt
- Added exceptions to test_pkg_imports.py to skip vt and vt_graph_api (now extras)
- d3ad345 Fixing to mordor_driver for Mitre web site change and making web scraping from Mitre more resilient
- Adding two scripts for testing pre-release msticpy.
- Some additions to VTLookupV3.ipynb text and trapping for import of nest_asyncio without installing
- ReadTheDocs conf.py now retrieves version number from main package build
- d8cc378Updated ReadtheDocs requirements.txt
- db6e6f9Changes to requirements,txt to remove unneeded dependencies (114)*
- Added exclusions to conf.py and setup.py to skip install of some dependencies for ReadTheDocs (e.g. Kqlmagic).
These packages will be mocked in their build - previously they caused dependency conflict errors in pip install
- Bug in azure_auth_core.py - raise from should have been an exception object, not a class
- Bug in secret_settings.py - potential uninitialized variable
- Updated test_mordor_driver.py to remove files on completion, Also marked file download tests as CI-only
- Added pylint and flake8 as pre-commit hooks - should stop fewer errors getting into build
- Some tidying of code (Sourcery) in azure_auth_core and secret_settings.
- Updated version to 0.8.7
- Fixing some typos and linting warnings in the documentation. Clarifying language.
- 3c87222Updated vt-py version in requirements.txt (113)

Hotfix release for compatibility problem with Azure ML notebooks.

This release includes several new features:
- Support for VirusTotal v3 API
- Streamlined authentication for Azure using chained authentication
- Azure Sentinel API support
- Mordor data provider and data browser

New Features
- VirusTotal V3 API support (97 and 106)
The VirusTotal team contributed a new module that gives access to the latest version of their API. This
includes building of relationships between malicious items and viewing the relationship graph.
(thanks to Andres Ramirez/aramirezmartin and Juan Infantes at VirusTotal!).
See the [VirusTotal V3 notebook](https://github.com/microsoft/msticpy/blob/master/docs/notebooks/VTLookupV3.ipynb)
To use this feature you will need to install msticpy with the "vt3" extra

pip install msticpy[vt3]

- Azure Authentication (109)
We previously has several mechanism to authenticate to Azure components - mainly Key Vault and the Azure Data module.
This caused unnecessary authentications. These now use a single mechanism and can also piggy-back on existing AzureCLI
and Managed Service Identity (MSI) credentials. For example, if you have run `az login` from Azure CLI before launching
your notebook the credentials from Azure CLI will be used to fetch the required authentication token for other
Azure modules in MSTICPy. Note: this does not yet include Kqlmagic but we hope to have that in the next release.
To see this working, check out the AzureSentinel API notebook link below.
- Azure Sentinel API Support (109)
This release includes initial support for Azure Sentinel APIs to retrieve Azure Sentinel Workspaces, Alert Rules,
Hunting Queries and Hunting bookmarks (more to follow in a later release).
See the [Azure Sentinel API notebook](https://github.com/microsoft/msticpy/blob/master/docs/notebooks/AzureSentinelAPIs.ipynb)
- Mordor data (108)
[Mordor](https://github.com/OTRF/mordor) is an open source data repository of logs illustrating different kinds
of adversary behavior and referenced to the [Mitre ATT&CK](https://attack.mitre.org/) framework. The MSTICPy
Mordor package includes a notebook browser to search through and display the data sets and a dataprovider
allowing you to download datasets into pandas DataFrames to use in your notebooks.
See the [Mordor Data notebook](https://github.com/microsoft/msticpy/blob/master/docs/notebooks/MordorData.ipynb)

Experimental Features
- Split queries by time period (110)
This allows you to split a very large or long-running query into subsets split along by time interval (e.g. 1day, 1hour, etc.)
The DataProvider data queries now accept a `split_query_by` option to split queries by time period. The time period
follows the pandas Timedelta syntax e.g. "1D", "6H". The query is divided, each piece run sequentially and the results
re-assembled into a single DataFrame.

Fixes
1bce3f3Bug fix and nasty workaround for old test setup removed in pkg_config.py
0a21b59Updating pre-commit version for black
36d2539Updated formatting for new black version
7897cb9Moving VT3 dependencies to extras. (111)

Hot fix for - GetEnvironmentString widget throws exception when variable is already defined

This is a maintenance release to temporarily fix an import conflict with the release of 1.0.0 of azure-mgmt-monitor.

It also includes a pre-release version of the VirusTotal V3 API library