mirror of https://github.com/MISP/misp-website
MISP 2.4.83 released
parent
daad32dccc
commit
c2aaef2ae0
|
@ -0,0 +1,38 @@
|
||||||
|
---
|
||||||
|
title: MISP 2.4.83 released (aka attributes-level tag filtering and more)
|
||||||
|
layout: post
|
||||||
|
featured: /assets/images/misp-small.png
|
||||||
|
---
|
||||||
|
|
||||||
|
A new version of MISP [2.4.83](https://github.com/MISP/MISP/tree/v2.4.83) has been released including attribute level tag filter on synchronisation, full audit logging via ZMQ or Syslog, email restriction at org level, many more improvements and bug fixes.
|
||||||
|
|
||||||
|
Tag filters has been enhanced and filtering is on
|
||||||
|
|
||||||
|
- all events containing matching tags on event + attribute level (positive lookup)
|
||||||
|
- all events not containing matching tags (negative lookup)
|
||||||
|
- filter attributes within a matched event for blocked attributes (negative lookup)
|
||||||
|
|
||||||
|
Tag filtering improved performance for large MISP instance actively when using filtering.
|
||||||
|
|
||||||
|
A new functionality has been added to limit the use of certain emails addresses to an organisation. This extends the granularity of filtering
|
||||||
|
for specific organisations to avoid out-of-scope users within a specific organisation.
|
||||||
|
|
||||||
|
Audit logging has been improved to log all the audit logs in ZMQ or/and Syslog. syslog logging now includes all audit log entries and it's separated into proper severity levels. ZMQ logging and syslog logging are both optional features.
|
||||||
|
|
||||||
|
New types were introduced like mac-address and mac-eui-64 in MISP to allow sharing indicators related to EUI-48 and EUI-64.
|
||||||
|
Phone type detection is better especially in the free-text import along with the normalisation of the phone attribute type to ensure correlation.
|
||||||
|
|
||||||
|
The CSV export improved performance and export flexibility like "value" filter or attribute level tagging.
|
||||||
|
|
||||||
|
ZMQ channel has been improved especially to support complex software relying on the ZMQ feed like the recent [misp-dashboard](https://github.com/MISP/misp-dashboard).
|
||||||
|
|
||||||
|
Feed preview enhanced especially in the MISP OSINT feed format to allow anchor to the correlating value of the attribute.
|
||||||
|
|
||||||
|
Many bug fixes and improvement were introduced in this version.
|
||||||
|
|
||||||
|
The full change log is available [here](https://www.misp.software/Changelog.txt). [PyMISP change log](https://www.misp.software/PyMISP-Changelog.txt) is also available.
|
||||||
|
|
||||||
|
MISP [galaxy](/galaxy.pdf), [objects](/objects.pdf) and [taxonomies](/taxonomies.pdf) were notably extended by many contributors. These are also included by default in MISP. Don't forget to do a `git submodule update` and update galaxies, objects and taxonomies via the UI.
|
||||||
|
|
||||||
|
New MISP trainings are foreseen the 17/01 and 18/01 in Luxembourg including a full-day API and extension hands-on. [For more information and registration](https://www.circl.lu/services/misp-training-materials/).
|
||||||
|
|
Loading…
Reference in New Issue