Bot releases are hidden (Show)
Published by ekneg54 4 months ago
3.12.3
because of the issuenormalizer
processor, as it's functionality was replaced by the grokker
, timestamper
and field_manager
processorselasticsearch_output
connector to reduce maintenance efforttimestamper
on ISO8601
and UNIX
time parsingfield_manager
where extending a non list target leads to a processing failurepseudonymizer
where a missing regex_mapping from an existing config_file causes logprep to crash continuouslytimestamper
processor documentation by @ekneg54 in https://github.com/fkie-cad/Logprep/pull/618
elasticsearch_output
connector by @ekneg54 in https://github.com/fkie-cad/Logprep/pull/620
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v12.0.0...v13.0.0
Published by dtrai2 4 months ago
pseudonymizer
change rule config field pseudonyms
to mapping
clusterer
change rule config field target
to source_fields
generic_resolver
change rule config field append_to_list
to extend_target_list
hyperscan_resolver
change rule config field append_to_list
to extend_target_list
calculator
now adds the error tag _calculator_missing_field_warning
to the events tag field instead of _calculator_failure
in case of missing field in eventsdomain_label_extractor
now writes _domain_label_extractor_missing_field_warning
tag to event tags in case of missing fieldsgeoip_enricher
now writes _geoip_enricher_missing_field_warning
tag to event tags in case of missing fieldsgrokker
now writes _grokker_missing_field_warning
tag to event tags instead of _grokker_failure
in case of missing fieldsrequester
now writes _requester_missing_field_warning
tag to event tags instead of _requester_failure
in case of missing fieldstimestamp_differ
now writes _timestamp_differ_missing_field_warning
tag to event tags instead of _timestamp_differ_failure
in case of missing fieldstimestamper
now writes _timestamper_missing_field_warning
tag to event tags instead of _timestamper_failure
in case of missing fields--thread_count
parameter to --thread-count
in http generator--report
parameter and feature from http generatorextend_target_list
in the field manager
the ordering of the given source fields is now preservedrestart_count
parameter is configurable. If you want the old behavior back, you can set this parameter to a negative numberlogprep pseudo --help
restart_count
parameter to configurationmode
to pseudonymizer
processor and to pseudonymization tools to chose the AES Mode for encryption and decryptionrejected_execution_exception
write_to_target
, add_field_to
and get_dotted_field_value
when reading and writing from and to events
hyperscan_resolver
, generic_resolver
and template_replacer
pseudonymizer
, pre_detector
, selective_extractor
processors and pipeline
to handle extra_data
the same wayclusterer
, pre_detector
and pseudonymizer
processors and change rule_tree
so that the processor do not require process
override
clusterer
_handle_missing_fields
from the field_managerLogprepMPQueueListener
to outsource logging to a separate processQueuehandler
to root logger to ensure all logs were handled by LogprepMPQueueListener
http_generator
to use a logprep http output connectorcached_properties
are populated during setup timeFull Changelog: https://github.com/fkie-cad/Logprep/compare/v11.3.0...v12.0.0
Published by ekneg54 5 months ago
http_input
connectorhostname
available in custom log formatslogprep.event_generator
module to logprep.generator
opensearch
and elasticsearch
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v11.2.1...v11.3.0
Published by ekneg54 6 months ago
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v11.2.0...v11.2.1
Published by djkhl 6 months ago
http_input
connector
nummer_of_http_requests
message_backlog_size
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v11.1.0...v11.2.0
Published by ekneg54 6 months ago
user_manual/security/best_practices.html
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v11.0.1...v11.1.0
Published by djkhl 6 months ago
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v11.0.0...v11.0.1
Published by ekneg54 7 months ago
versioneer
dependency in favor of setuptools-scm
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v10.0.4...v11.0.0
Published by ekneg54 7 months ago
generic_adder
not creating new field from type list
FatalOutputError
caused by serializing KafkaError
by @clumsy9 in https://github.com/fkie-cad/Logprep/pull/536
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v10.0.3...v10.0.4
Published by ekneg54 7 months ago
generic_adder
not creating new field from type list
FatalOutputError
caused by serializing KafkaError
by @clumsy9 in https://github.com/fkie-cad/Logprep/pull/536
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v10.0.3...v10.0.4
Published by djkhl 7 months ago
generic_adder
not creating new field from type list
FatalOutputError
caused by serializing KafkaError
by @clumsy9 in https://github.com/fkie-cad/Logprep/pull/536
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v10.0.3...v10.0.4
Published by ekneg54 8 months ago
AutoRuleCorpusTester
for logprep test integration
test unit
), which was broken after adding support for multiple configuration files and resolving paths in configuration filesFull Changelog: https://github.com/fkie-cad/Logprep/compare/v10.0.2...v10.0.3
Published by djkhl 9 months ago
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v10.0.1...v10.0.2
Published by djkhl 9 months ago
setup.py
that corrupted the installFull Changelog: https://github.com/fkie-cad/Logprep/compare/v10.0.0...v10.0.1
Published by ekneg54 9 months ago
logprep --help
for more information.SIGUSR1
logprep test config
number_of_successful_writes
metric to the s3 connector, which counts how many events were successfully written to s3_write_backlog
method introduced by the confluent_kafka
commit bugfix in v9.0.0logprep print json|yaml <Path to config>
in json or yamlFatalOutputError
instead of warningsbatch_finished_callback
to prevent data loss that could be caused by partially processed eventsschema_and_rule_checker
modulefastapi
and aiohttp
to address CVEsmax_retries
parameterFatalOutputError
on handling CriticalInputError
in pipelineCriticalInputError
exceptions by @clumsy9 in https://github.com/fkie-cad/Logprep/pull/514
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v9.0.3...v10.0.0
Published by ekneg54 10 months ago
thread_count
, queue_size
and chunk_size
configurable for parallel_bulk
in opensearch output connectorparallel_bulk
implementation not delivering messages to opensearchFull Changelog: https://github.com/fkie-cad/Logprep/compare/v9.0.2...v9.0.3
Published by dtrai2 11 months ago
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v9.0.1...v9.0.2
Published by ekneg54 11 months ago
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v9.0.0...v9.0.1
Published by ekneg54 11 months ago
LOGPREP_CONFIG_AUTH_USERNAME=<your_username>
LOGPREP_CONFIG_AUTH_PASSWORD=<your_password>
LOGPREP_CONFIG_AUTH_TOKEN=<your_token>
LOGPREP_CONFIG_AUTH_METHOD=oauth
pseudonymizer
processor
lru_cache
max_caching_days
config optionmax_cached_pseudonymized_urls
config option which defaults to 1000confluent_kafka
commit issue after kafka did some rebalancing, fixes also negative offsetsFull Changelog: https://github.com/fkie-cad/Logprep/compare/v8.0.0...v9.0.0
Published by ekneg54 11 months ago
id
could possibly break configurations if the same rule is used in both rule trees
id
to each rule or delete the possibly redundant rulecalculator
processor with new added function from_hex
quickstart/exampledata/config/grafana/dashboards
id
for all rules to identify rules in metrics and logs
id
is given, the id
will be generated in a stable wayid
uniqueness on processor level over both rule trees to ensure metrics are counted correctly on rule levelDEBUG
Full Changelog: https://github.com/fkie-cad/Logprep/compare/v7.0.0...v8.0.0