Update 2017-12-06-MISP.2.4.83.released.md

pull/3/head
Andras Iklody 2017-12-06 01:27:35 +01:00 committed by GitHub
parent c2aaef2ae0
commit afd6517cf2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 10 deletions

View File

@ -4,29 +4,29 @@ layout: post
featured: /assets/images/misp-small.png featured: /assets/images/misp-small.png
--- ---
A new version of MISP [2.4.83](https://github.com/MISP/MISP/tree/v2.4.83) has been released including attribute level tag filter on synchronisation, full audit logging via ZMQ or Syslog, email restriction at org level, many more improvements and bug fixes. A new version of MISP [2.4.83](https://github.com/MISP/MISP/tree/v2.4.83) has been released including attribute level tag filtering on synchronisation, full audit logging via ZMQ or Syslog, user email domain restriction at the org level, many more improvements and bug fixes.
Tag filters has been enhanced and filtering is on Tag filters have been enhanced and filtering is on
- all events containing matching tags on event + attribute level (positive lookup) - all events containing matching tags on event + attribute level (positive lookup)
- all events not containing matching tags (negative lookup) - all events not containing matching tags (negative lookup)
- filter attributes within a matched event for blocked attributes (negative lookup) - filter attributes within a matched event for blocked attributes (negative lookup)
Tag filtering improved performance for large MISP instance actively when using filtering. Tag filtering improved performance for large MISP instances actively when using filtering.
A new functionality has been added to limit the use of certain emails addresses to an organisation. This extends the granularity of filtering A new functionality has been added to limit the use of certain email domains to an organisation. This extends the granularity of filtering
for specific organisations to avoid out-of-scope users within a specific organisation. for specific organisations to avoid out-of-scope users within a specific organisation.
Audit logging has been improved to log all the audit logs in ZMQ or/and Syslog. syslog logging now includes all audit log entries and it's separated into proper severity levels. ZMQ logging and syslog logging are both optional features. Audit logging has been improved to log all the audit logs in ZMQ and/or Syslog. syslog logging now includes all audit log entries and it's separated into proper severity levels. ZMQ logging and syslog logging are both optional features.
New types were introduced like mac-address and mac-eui-64 in MISP to allow sharing indicators related to EUI-48 and EUI-64. New types were introduced such as mac-address and mac-eui-64 in MISP to allow sharing indicators related to EUI-48 and EUI-64.
Phone type detection is better especially in the free-text import along with the normalisation of the phone attribute type to ensure correlation. Phone type detection is better especially in the free-text import along with the normalisation of the phone attribute type to ensure consistent correlations.
The CSV export improved performance and export flexibility like "value" filter or attribute level tagging. The CSV export has received an overhaul, improving performance and extending the export's flexibility by new filters such as a "value" filter or the inclusion of attribute level tagging.
ZMQ channel has been improved especially to support complex software relying on the ZMQ feed like the recent [misp-dashboard](https://github.com/MISP/misp-dashboard). ZMQ channel has been improved to support complex software relying on the ZMQ feed such as the recently released [misp-dashboard](https://github.com/MISP/misp-dashboard).
Feed preview enhanced especially in the MISP OSINT feed format to allow anchor to the correlating value of the attribute. Feed preview enhanced especially for the MISP feed format to allow quick pivoting to the correlating events in a feed from individual attributes.
Many bug fixes and improvement were introduced in this version. Many bug fixes and improvement were introduced in this version.