First release. Support following commands:
* mws-file-summary-report
* mws-file-static-report
* mws-ip-summary-report
* mws-domain-summary-report
First release. Support following commands:
* bluemax-ngf-add-host-object
* bluemax-ngf-add-host-to-group
* bluemax-ngf-address-group-members
* bluemax-ngf-address-groups
* bluemax-ngf-firewall-rules
* bluemax-ngf-host-objects
* bluemax-ngf-remove-host-from-group
* bluemax-ngf-remove-host-object
Fixed an error of two commands due to invalid REST API endpoint:
* abuseipdb-check-ip
* abuseipdb-report-ip
Fixed app start failure caused by kotlin dependency.
First release. Support following query commands:
* criminal-ip-asset-asn-stats
* criminal-ip-asset-country-stats
* criminal-ip-asset-favicon-stats
* criminal-ip-asset-port-stats
* criminal-ip-asset-product-stats
* criminal-ip-asset-search
* criminal-ip-asset-service-stats
* criminal-ip-get-ip-summary
* criminal-ip-get-vpn-reports
* criminal-ip-get-vpn-summary
* criminal-ip-status
Added aws-ec2-vpcs commands.
* You must grant `ec2:DescribeVpcs` permission in your IAM policy to use this command.
Tested on RSA NetWitness 11.7 version.
* Added field ordering to netwitness-events command.
* netwitness-files commands returns empty file list instead of raising an exception.
Patch for S2W Quaxar updates:
* quaxar-attack-surface-reports
* quaxar-exposed-services
First release. Tested on Splunk 8.1.2
* splunk-apps
* splunk-indexes
* splunk-info
* splunk-inputs
* splunk-jobs
* splunk-license-messages
* splunk-licenses
* splunk-output-syslogs
* splunk-saved-searches
* splunk-search
* splunk-settings
* splunk-users
First release. Supports CTI feeds for Sonar/Maestro platform and 17 query commands including IoC search playbook command:
* quaxar-attack-surface-reports
* quaxar-domain-indicators
* quaxar-exposed-services
* quaxar-exposure-service-stats
* quaxar-exposure-trends
* quaxar-indicators
* quaxar-ip-indicators
* quaxar-md5-indicators
* quaxar-open-indicators
* quaxar-recent-indicators
* quaxar-search-indicators
* quaxar-security-news
* quaxar-sha1-indicators
* quaxar-sha256-indicators
* quaxar-talon-reports
* quaxar-url-indicators
* quaxar-vulnerability-reports
Minor fix for Tanium Server update
* Build (Windows) 7.5.4.1158
* Console: 3.2.24
* Threat Response 3.7.8
Fixed Issues
* NPE of tanium-browse-files command caused by size property removal for directory entry.
* Infinite waiting for endpoint connection even if connection status is changed to 'error'.
Added dashboard presets and ingestion profiles for:
* CloudTrail
* Console Login
* CloudWatch
* Cost Explorer
* ELB Status
* ELB Error
First release. This version provides web traffic and attack log monitoring.
First release. Support following commands:
* aws-acm-certificates
* aws-auto-scaling-groups
* aws-auto-scaling-set-desired-capacity
* aws-cloudwatch-log-groups
* aws-cloudwatch-metrics
* aws-cloudwatch-stats
* aws-cost
* aws-ec2-account-attributes
* aws-ec2-addresses
* aws-ec2-images
* aws-ec2-instance-statuses
* aws-ec2-instances
* aws-ec2-key-pairs
* aws-ec2-nat-gateways
* aws-ec2-network-acls
* aws-ec2-route-tables
* aws-ec2-security-groups
* aws-ec2-subnets
* aws-ec2-volume-statuses
* aws-ec2-volumes
* aws-ec2-vpn-connections
* aws-elasticbeanstalk-applications
* aws-elasticbeanstalk-environments
* aws-elasticbeanstalk-instances-health
* aws-elb-listener-certificates
* aws-elb-load-balancers
* aws-elb-target-groups
* aws-iam-credential-report
* aws-iam-mfa-devices
* aws-iam-policies
* aws-iam-roles
* aws-iam-server-certificates
* aws-iam-users
* aws-rds-events
* aws-rds-logfiles
* aws-rds-logs
* aws-regions
* aws-route53-hosted-zones
* aws-s3-buckets
* aws-s3-objects
* aws-s3-textfile
First release. Support following query commands:
* netwitness-download-file
* netwitness-events
* netwitness-files
* netwitness-files-batch
* netwitness-meta
* netwitness-packets-batch
First release. Support following query commands:
* slack-send
* slack-send-batch
First release. Support following query commands:
* secudium-get-cve-score-report
* secudium-get-geo-report
* secudium-get-hash-behavior-report
* secudium-get-hash-dump
* secudium-get-hash-static-report
* secudium-get-hash-summary-report
* secudium-get-ip-report
* secudium-get-social-report
* secudium-get-top-report
* secudium-get-url-dump
* secudium-get-url-report
* secudium-get-whois-report
First release. Following axgate commands are supported:
* axgate-ngfw-add-ip
* axgate-ngfw-add-ip-batch
* axgate-ngfw-dnat-profiles
* axgate-ngfw-ip-groups
* axgate-ngfw-ip-groupsets
* axgate-ngfw-policies
* axgate-ngfw-remove-ip
* axgate-ngfw-remove-ip-batch
* axgate-ngfw-security-parameters
* axgate-ngfw-service-groups
* axgate-ngfw-service-groupsets
* axgate-ngfw-snat-profiles
* axgate-ngfw-time-groups
* axgate-ngfw-time-groupsets
First release. Support following query command:
* webkeeper-logs
First release. Support following query commands:
* insightvm-asset-services
* insightvm-asset-vulns
* insightvm-assets
* insightvm-scan-pause
* insightvm-scan-resume
* insightvm-scan-start
* insightvm-scan-stop
* insightvm-scans