SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for analysis-pipeline-5.7-1.fc23.x86_64.rpm :

* Thu Dec 21 2017 Lawrence R. Rogers 5.7-1
* Release 5.7-1 EVALUATIONS can be forced to wait a minimum amount of time before alerting STATISTICS can now have a minimum number of records before updating. Other bug fixes.
* Thu Nov 09 2017 Lawrence R. Rogers 5.6-4
* Release 5.6-4 Rebuilt with libfixbuf-1.8.0-1
* Fri Jun 30 2017 Lawrence R. Rogers 5.6-3
* Release 5.6-3 Rebuilt with silk-common-3.16.0.
* Tue Mar 28 2017 Lawrence R. Rogers 5.6-2
* Release 5.6-2 Rebuilt with silk-common-3.15.0.
* Sat Jan 07 2017 Lawrence R. Rogers 5.6-1
* Release 5.6-1 All fields can use a SEED file of any type More than one EXTRA ALERT FIELDs is now allowed. EXTRA ALERT FIELDs can now be derived fields Added EXTRA AUX ALERT FIELD to add fields to auxilliary alerts STATISTICs can now updated EVERY HOUR, or EVERY DAY STATISTICs will send one final update after processing a list of files using --name-files Other bug fixes
* Fri Dec 02 2016 Lawrence R. Rogers 5.5-2
* Release 5.5-2 Rebuilt with silk-common-3.14.0
* Tue Oct 18 2016 Lawrence R. Rogers 5.5-1
* Release 5.5-1 New PERSISTENCE primitive to detect a FOREACH tuple\'s presence for a specified number of HOURS or DAYS. A minimum number of records requirement can be added to primitives, either at the overall EVALUATION level, or for each value of the FOREACH field. Alerts will not be sent until the minimum number of records is seen. Other bug fixes.
* Thu Jul 14 2016 Lawrence R. Rogers 5.4.1-1
* Release 5.4.1-1 List configuration can now write files with the contents of the list without sending an alert. ICMP fields are fixed. Filtering by comparing two fields works with derived fields. Other bug fixes.
* Fri Jun 03 2016 Lawrence R. Rogers 5.4-1
* Release 5.4-1 Significant memory and processing efficiency improvements. Streamlined Statistic processing Reloading of bag files used as custom thresholds upon update.
* Thu Apr 07 2016 Lawrence R. Rogers 5.3.2-2
* Release 5.3.2-2 Rebuilt with silk-common-3.12.0
* Wed Feb 17 2016 Lawrence R. Rogers 5.3.2-1
* Release 5.3.2-1 Pmaps are IP version agnostic. Pmaps can have both v4 and v6 address that can be used with SIP and SIP_V6. Small bug fixes with Ubuntu compiling and domain name processing. Unit test improvements
* Fri Jan 22 2016 Lawrence R. Rogers 5.3.1-3
* Release 5.3.1-3 Changes for 5.3.1
* Changed Snarf alerts when using FOREACH. Rather than a single string containing a comma separated field list and a single string for the values, each value and field will be in parallel arrays, with values in appropriate format.
* Small bug fixes. Change for 5.3.0
* Expanded data inputs to include records from YAF (including all deep packet inspection fields), and any flat IPFIX records.
* The handling of multiple data sources at once.
* FAST FLUX primitive to detect fast flux networks from DNS records
* Derived fields, that operate on values from the records, such as the length of a string, the second level domain from a fully qualified domain name, and pulling the day of the week from a timestamp.
* The ability to have a watchlist using any type of field, paired with the having a LIST CONFIGURATION write the contents to file regardless of field type.
* A special type of watchlist for DNS that checks each part of a domain name, rather than a generic string match.
* First public release of Analysis Pipeline version 5.
* Tue Oct 20 2015 Lawrence R. Rogers 4.4.1-3
* Release 4.4.1-3 Rebuilt with silk-common-3.11.0
* Sat Dec 20 2014 Lawrence R. Rogers 4.4.1-2
* Release 4.4.1-2 Rebuilt with silk-common-3.10.0.
* Tue Oct 28 2014 Lawrence R. Rogers 4.4.1-1
* Release 4.4.1-1 Pmaps files are now reloaded when updated similar to IPSet files Bug fix with reloading IPSet files
* Fri Sep 26 2014 Lawrence R. Rogers 4.4-2
* Release 4.4-2 Rebuilt with silk-common-3.9.0.
* Tue Sep 16 2014 Lawrence R. Rogers 4.4-1
* Release 4.4-1 Pmaps can be used for processing data List bundles added, which alert if a value is in all lists in bundle Filters can use bracketted list of tuples now. ANY IP/PORT can be used in FOREACH to build state for both
* Mon Feb 03 2014 Lawrence R. Rogers 4.3.2-2
* Release 4.3.2-2 Rebuilt with silk-common-3.8.1
* Mon Dec 30 2013 Lawrence R. Rogers 4.3.2-1
* Release 4.3.2-1 4.3.2: Small bug fixes 4.3.1: CLEAR NEVER or CLEAR ALWAYS must now be specified in evals; Efficiency improvements
* Mon Apr 01 2013 Lawrence R. Rogers 4.2-2
* Release 4.2-2 Rebuilt with silk-common-3.6.1
* Fri Feb 15 2013 Lawrence R. Rogers 4.2-1
* Release 4.2-1 Added a new primitive: DIFFERENCE DISTRIBUTION for statistics Updated available fields for iterative comparison Statistics can now have a forever duration
* Fri Jan 04 2013 Lawrence R. Rogers 4.1-1
* Release 4.1-1 Lists created by internal filters can now send alerts Removed the need for underscores in the config file Can now alert when an output is removed by an evaluation When pipeline runs out of memory, the alert contains memory used Evaluations that hit output threshold can be shut down temporarily
* Sat Sep 29 2012 Lawrence R. Rogers 4.0.1-1
* Release 4.0.1-1 Bug and compatability fixes. Additional debug statements.
* Tue Sep 28 2010 Lawrence R. Rogers 3.0.0-1
* Release 3.0.0-1 Initial public release
  
ICM