New
- Added a function to graph the timeline.
- Added a function to detect policy change.
- Added a function to detect added/removed groups.
- Added a function to detect deletion of event log.
- Added a function to associate hostname and IP address.
- Added a function to check suspicious domains.
- Added a function to parse XML file for event log.
- Added a function to detect NTLM remote logon.
- Added a function to detect malicious account using HMM.
Update
- Changed to connect to neo4j server just before uploading data.
- Updated graph loading function.
Bug fix
- Fixed issue where host name and account name conflict in PageRank calculation.
- Fixed a bug global name 'fh' is not defined.
- Fixed a bug in graph loading function.
- Fixed a bug when importing large files.
- Fixed performance issue of rank view.
- Fixed a bug that failed to load number of records.
- Fixed a bug status 500 error after uploading Event log.