Releases: carbonblack/cbc-syslog
Releases · carbonblack/cbc-syslog
CBC Syslog 2.0.6 - Bug Fix
Bug Fixes
- Add catch for epoch time transform with milliseconds
CBC Syslog 2.0.5 - Proxy Support
Contributors
avanbrunt-cb
Assets 2
CBC Syslog 2.0.4 - Hot Fix
Bug Fixes
- Update copyrights on code to reflect current date and Broadcom.
- Update dependencies to fixed version of CBC SDK.
CBC Syslog 2.0.3 - Hot Fix
Bug Fixes
- Fix datetime.now UTC issue that prevents polling alerts
CBC Syslog 2.0.2 - Hot Fix
Bug Fixes:
- Adjust filename output and backup to use base64 instead of datetime
- Fix windows escape issue when using setup or convert commands to create config file
CBC Syslog 2.0.1 - Hot Fix
Bug Fixes:
- Enforce carbon-black-cloud-sdk >= 1.5.0
- Fix broken link in readme for pypi
CBC Syslog 2.0.0 - Brand new commands and enhanced alert metadata
The CBC Syslog tool has been rewritten from the ground up to provide increased customization and improved Alert data with support for the latest Carbon Black Cloud alert types
NEW:
- Added increased message templating support for any syslog format
- Supports customizable extensions based on a configurable type field
- Supports customizable timestamp format
- Audit logs and Alerts can be enabled independently
- Added new cbc_syslog_forwarder script which is installed into OS bin directory
- New CBC Syslog commands to support config validation, setup wizard, configuration convert, polling, and historical fetch for alerts
- All current and future alert types are supported by default
- Built in notification rule style support using alert_rules to configure specific filters that reduce noise and alert fatigue
- Only one API key required to fetch all Carbon Black Cloud data
- Improved configuration validation and logging
Breaking Changes:
- New configuration file format from conf to toml
- Moved from Carbon Black Cloud notifications to Alerts v7 schema
- Removed CEF and LEEF support for better message templating to customize to any syslog format
- back_up_dir renamed to backup_dir
- api_connector_id/api_key and siem_connector_id/siem_key renamed to custom_api_id/custom_api_key
- Removed requests_ca_cert
- Changed CLI parameters to increase functionality
- Removed dead cacert.pem
- Changed how cbc-syslog is executed to support better python practices
Bug fixes:
- Improved Backup Directory support to only process cbc syslog .bck files
- Improved handling for Carbon Black Cloud server_url supports hostname with https or without and removes trailing backslash
CBC Syslog v1.3.1 - General Fixes
General
- Update to latest jinja2 package
Bug fixes
- Rename parser file to prevent conflict on windows
- Reformat package to move files into a util subfolder
Python 3 support and various bug fixes
Changelog
Version 1.3.0
Breaking Changes:
- Leef output has been rewritten to better utilize common properties and include as much information as possible
- Code and files have been refactored and renamed to better align with the product
Bug fixes:
- Config file no longer fails when output_format is leef
- Added Python 3 support with the addition of the python six package.
- Tests have been rewritten and additional tests around the config file have been added
- https_ssl_verify allows for false value
Cb Defense Syslog TLS connector 1.2.12
Changelog
- Added HTTP output and ability to add custom headers in the conf file
- Bugfix on http out and added test case for http_out on test server
- Fixing logging for test server
- Fixed an output formatting bug