First release. Support following commands:
* docx-words
* docx-words-batch
* file-type
* file-type-batch
* pptx-words
* pptx-words-batch
Changes
* Supports blacklist object instead of IP group object for IP blacklist synchronization.
* Supports IP block exception configuration to prevent human error.
* Supports also following commands:
* bluemax-ngf-accounts
* bluemax-ngf-blacklist-rules
* bluemax-ngf-add-blacklist-rule
* bluemax-ngf-remove-blacklist-rule
* bluemax-ngf-session-logs
* bluemax-ngf-system-info
* bluemax-ngf-system-status
* bluemax-ngf-system-time
First release. Support following commands:
* ncloud-access-control-group-rules: Get rule list of access control groups from Naver Cloud.
* ncloud-access-control-groups: Get ACG list from Naver Cloud.
* ncloud-activities: Get cloud activity logs from Naver Cloud.
* ncloud-monthly-costs-by-contract: Get monthly costs by contract from Naver Cloud.
* ncloud-monthly-costs-by-product: Get monthly costs by product from Naver Cloud.
* ncloud-network-acls: Get network ACLs from Naver Cloud.
* ncloud-regions: Get regions from Naver Cloud.
* ncloud-servers: Get server instances from Naver Cloud.
* ncloud-sub-accounts: Get sub accounts from Naver Cloud.
* ncloud-subnets: Get subnets from Naver Cloud.
* ncloud-vpcs: Get VPCs from Naver Cloud.
* ncloud-zones: Get zones from Naver Cloud.
Slack app now supports channel, username, and icon_emoji settings for connect profile.
First release. Support following commands:
* mws-file-summary-report
* mws-file-static-report
* mws-ip-summary-report
* mws-domain-summary-report
First release. Support following commands:
* bluemax-ngf-add-host-object
* bluemax-ngf-add-host-to-group
* bluemax-ngf-address-group-members
* bluemax-ngf-address-groups
* bluemax-ngf-firewall-rules
* bluemax-ngf-host-objects
* bluemax-ngf-remove-host-from-group
* bluemax-ngf-remove-host-object
Fixed an error of two commands due to invalid REST API endpoint:
* abuseipdb-check-ip
* abuseipdb-report-ip
Fixed app start failure caused by kotlin dependency.
First release. Support following query commands:
* criminal-ip-asset-asn-stats
* criminal-ip-asset-country-stats
* criminal-ip-asset-favicon-stats
* criminal-ip-asset-port-stats
* criminal-ip-asset-product-stats
* criminal-ip-asset-search
* criminal-ip-asset-service-stats
* criminal-ip-get-ip-summary
* criminal-ip-get-vpn-reports
* criminal-ip-get-vpn-summary
* criminal-ip-status
Added aws-ec2-vpcs commands.
* You must grant `ec2:DescribeVpcs` permission in your IAM policy to use this command.
Tested on RSA NetWitness 11.7 version.
* Added field ordering to netwitness-events command.
* netwitness-files commands returns empty file list instead of raising an exception.
Patch for S2W Quaxar updates:
* quaxar-attack-surface-reports
* quaxar-exposed-services
First release. Tested on Splunk 8.1.2
* splunk-apps
* splunk-indexes
* splunk-info
* splunk-inputs
* splunk-jobs
* splunk-license-messages
* splunk-licenses
* splunk-output-syslogs
* splunk-saved-searches
* splunk-search
* splunk-settings
* splunk-users
First release. Supports CTI feeds for Sonar/Maestro platform and 17 query commands including IoC search playbook command:
* quaxar-attack-surface-reports
* quaxar-domain-indicators
* quaxar-exposed-services
* quaxar-exposure-service-stats
* quaxar-exposure-trends
* quaxar-indicators
* quaxar-ip-indicators
* quaxar-md5-indicators
* quaxar-open-indicators
* quaxar-recent-indicators
* quaxar-search-indicators
* quaxar-security-news
* quaxar-sha1-indicators
* quaxar-sha256-indicators
* quaxar-talon-reports
* quaxar-url-indicators
* quaxar-vulnerability-reports
Minor fix for Tanium Server update
* Build (Windows) 7.5.4.1158
* Console: 3.2.24
* Threat Response 3.7.8
Fixed Issues
* NPE of tanium-browse-files command caused by size property removal for directory entry.
* Infinite waiting for endpoint connection even if connection status is changed to 'error'.
Added dashboard presets and ingestion profiles for:
* CloudTrail
* Console Login
* CloudWatch
* Cost Explorer
* ELB Status
* ELB Error
First release. This version provides web traffic and attack log monitoring.
First release. Support following commands:
* aws-acm-certificates
* aws-auto-scaling-groups
* aws-auto-scaling-set-desired-capacity
* aws-cloudwatch-log-groups
* aws-cloudwatch-metrics
* aws-cloudwatch-stats
* aws-cost
* aws-ec2-account-attributes
* aws-ec2-addresses
* aws-ec2-images
* aws-ec2-instance-statuses
* aws-ec2-instances
* aws-ec2-key-pairs
* aws-ec2-nat-gateways
* aws-ec2-network-acls
* aws-ec2-route-tables
* aws-ec2-security-groups
* aws-ec2-subnets
* aws-ec2-volume-statuses
* aws-ec2-volumes
* aws-ec2-vpn-connections
* aws-elasticbeanstalk-applications
* aws-elasticbeanstalk-environments
* aws-elasticbeanstalk-instances-health
* aws-elb-listener-certificates
* aws-elb-load-balancers
* aws-elb-target-groups
* aws-iam-credential-report
* aws-iam-mfa-devices
* aws-iam-policies
* aws-iam-roles
* aws-iam-server-certificates
* aws-iam-users
* aws-rds-events
* aws-rds-logfiles
* aws-rds-logs
* aws-regions
* aws-route53-hosted-zones
* aws-s3-buckets
* aws-s3-objects
* aws-s3-textfile
First release. Support following query commands:
* netwitness-download-file
* netwitness-events
* netwitness-files
* netwitness-files-batch
* netwitness-meta
* netwitness-packets-batch
First release. Support following query commands:
* slack-send
* slack-send-batch