MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

new: [blog] MISP 2.4.127 release

pull/21/head
Alexandre Dulaunoy 2020-06-19 08:34:59 +02:00
parent 30d1d56957
commit bb121dc075
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 53 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
_posts/2020-06-19-MISP.2.4.127.released.md Normal file
View File

@ -0,0 +1,53 @@
---
title: MISP 2.4.127 released (decay updates release edition)
layout: post
featured: /assets/images/misp/blog/decay.png
---
# MISP 2.4.127 released
A new version of MISP ([2.4.127](https://github.com/MISP/MISP/tree/v2.4.127)) has been released with an improved version of attributes decaying, new set of widgets, many improvements and bugs fixed.
# Improved decaying of attributes (version 2)
In MISP 2.4.116, a decaying functionality was added to allow users and organisations to easily expire information depending on their personalised objectives and targets.
Based on the feedback of the organisations relying on the decaying feature, the following improvements were included:
- New setting `default_restsearch_parameters` allowing users to supply restSearch parameters that will be automatically be passed during API fetch. The main purpose of this new setting is to enable users to inject filters when integrating with third-party tools not offering the possibility to control the query performed against MISP. This for example allow to add default decaying parameters to all restSearch query done.
- New setting `tag_numerical_value_override` allowing users to override the `numerical_value` if tags. The main purpose of this new setting is to let users have their own numerical values for tags. It does not constrain site-admin to diverge from the official misp-taxonomy repository, and let them define new values for entries not having one.
## Major changes in decay computation
Attribute's `last_seen` will now takes precedences over the attribute's `timestamp` if the former is set. In the decaying implementation prior to this version, if no sightings were recorded, the simulated last sighting was set on the `timestamp` value. However, in this new version, the `last_seen` value will be used instead. Users will be able to alter attributes (attach tags, modify `last_seen`, ...) without refreshing the decaying score to its maximum value.
# New widgets added to MISP
Additional widgets (contributed by Koen Van Impe) were added in MISP with the following features:
- Widget to display system resources (df, cpu, mem)
- Widget to display the latest sightings
- Widget to display the false positive sightings above certain threshold
Don't hesitate to contribute your own widgets and take a look at the existing ones.
# Various improvements
- [cli] Command for pulling from all remote servers.
- [UI] Add event ID to page table.
- [events:distributionGraph] Added close button in popover.
- [correlations] Refactored correlation saving.
- Always show other correlating value (useful for CIDR correlations)
- Make correlation saving faster (move more work to database, do not fetch not necessary fields)
- Fix some small bugs
Many other improvements are documented in the [complete changelog is available](https://www.misp-project.org/Changelog.txt).
# Acknowledgement
We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html).
As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements.