Update 2018-10-30-MISP.2.4.97.released.md

pull/6/head
Andras Iklody 2018-10-30 08:17:04 +01:00 committed by GitHub
parent 9cbc19c7ff
commit 664881df72
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 9 deletions

View File

@ -4,26 +4,26 @@ layout: post
featured: /assets/images/misp-small.png featured: /assets/images/misp-small.png
--- ---
A new version of MISP ([2.4.97](https://github.com/MISP/MISP/tree/v2.4.97)) has been released with new features such as related tags, sighting restSearch API, a new French localisation and many many improvements in the API or import/export capabilities such as an improved support for [DHS AIS](https://www.us-cert.gov/ais) STIX 1 files. A new version of MISP ([2.4.97](https://github.com/MISP/MISP/tree/v2.4.97)) has been released with new features such as related tags, the sighting restSearch API, a new French localisation along with many improvements to the API and he import/export capabilities, such as improved support for [DHS AIS](https://www.us-cert.gov/ais) STIX 1 files.
![MISP event graph to display an overview of the relationships for a malware infection](https://www.misp-project.org/assets/images/misp/blog/eventgraph.png){:class="img-responsive"} ![MISP event graph to display an overview of the relationships for a malware infection](https://www.misp-project.org/assets/images/misp/blog/eventgraph.png){:class="img-responsive"}
The new functionality related tags has been introduced allowing user to view what's the most commonly used tags on a specific attributes. This can help analyst to decide to use specific classification based on previous analysis to gain time in contextualisation of information. The new related tags functionality has been introduced to allow users to view the most commonly used tags for a specific attribute across all events. This can help analysts when deciding to use a specific classification based on previous analyses to reduce the time it takes to contextualise the new information.
![MISP event graph to display an overview of the relationships for a malware infection](https://www.misp-project.org/assets/images/misp/blog/related-tags.png){:class="img-responsive"} ![MISP event graph to display an overview of the relationships for a malware infection](https://www.misp-project.org/assets/images/misp/blog/related-tags.png){:class="img-responsive"}
A new API has been introduced to search [MISP sightings](https://www.misp.software/2017/02/16/Sighting-The-Next-Level.html) using a list of filter parameters and return the data in the JSON, CSV or XML format. The search is available on an event, attribute or instance level. You can easily search by time ranges (from, to or last) using the standard restSearch API. A new API has been introduced, allowing users to search [MISP sightings](https://www.misp.software/2017/02/16/Sighting-The-Next-Level.html) using a set of filter parameters along with a list of data formats (JSON, CSV or XML). The search is available on an event, attribute or instance level. You can easily search by time ranges (from, to or last) using the standard restSearch API syntax.
At API level, many changes were introduced such as: At the API level, many changes were introduced such as:
- [Galaxy](https://www.misp-project.org/galaxy.html) API is now exposed and can be browsed via API. - [Galaxy](https://www.misp-project.org/galaxy.html) API is now exposed and can be browsed via the API.
- Event index API can now be exported in CSV format in addition to standard JSON format. - Event index API can now be exported in CSV format in addition to standard JSON format.
- Logs entries are now exposed via the API. The API is completed documented via template page/REST client. - Log entries are now exposed via the API. The API is documented via the template system/REST client.
- Warning-list lookup is now exposed to the API. A value can be quickly tested against the warning-lists enabled on a MISP instance. - The Warning-list lookups are now exposed to the API. A value can be quickly tested against the warning-lists enabled on a MISP instance without the need to create any persistent data.
Many fixes were done in the STIX 1 and 2 at import and export including a better support of AIS marking and specific MISP objects. Many fixes were introduced to the STIX 1 and 2 import and export including a better support of AIS markings and specific MISP objects.
The French localisation of the user-interface is now complete (thanks to all the contributors). French is now the second localisation after Japanese of the MISP user-interface. If you want to contribute and help for the translation project, don't hesitate to [join us on crowdin](https://crowdin.com/project/misp). The French localisation of the user-interface is now complete (thanks to all the contributors). French is now the second localisation after Japanese to reach full coverage. If you want to contribute and help with the translation project, don't hesitate to [join us on crowdin](https://crowdin.com/project/misp).
MISP [galaxy](/galaxy.pdf), [objects](/objects.pdf) and [taxonomies](/taxonomies.pdf) were notably extended by many contributors. New object templates were introduced to better support the description of forensic analysis cases and improve their sharing. These are also included by default in MISP. Don't forget to do a `git submodule update` and update galaxies, objects and taxonomies via the UI. MISP [galaxy](/galaxy.pdf), [objects](/objects.pdf) and [taxonomies](/taxonomies.pdf) were notably extended by many contributors. New object templates were introduced to better support the description of forensic analysis cases and improve their sharing. These are also included by default in MISP. Don't forget to do a `git submodule update` and update galaxies, objects and taxonomies via the UI.