Dear community, OpenCTI 5.0.1 has been released 🥳! This minor release includes several bug fixes for all known issues since the release of the version 5 👾. Also, a new rule has been introduced to automatically create incidents based on sightings in order to prepare our future case management system 💡.
One of the major enhancements in 5.0.1 is also the activation of new sorting capabilities (by observable "value", by author, by marking definition, etc.) 🎁, thanks to new ElasticSearch runtime fields. Next releases will be focused on garbage collection and case management, as planned in our strategic roadmap 💪.
This version requires ElasticSearch >= 7.12 (for observables sorting). This is not compatible with OpenSearch/AWS. Given the feedback from the community, we have decided to bring back the support of OpenSearch in the next version using a feature flag to disable this feature if not supported.
Enhancements:
- #1588 Enhancement of modification reference
- #1587 Add UI capability to manage x_opencti_stix_ids
- #1585 Create the SightingIncident rule and adapt the observed sighting one
- #1578 Migration to Yarn 2
- #1571 Improve inputs resolution and change tests to use object_refs direct creation
- #1570 Populate x_opencti_additional_names field of File observable when merging multiple file names
- #1564 The deleted or merged entities should not be imported once again.
- #1477 Multitenancy support
- #1394 [frontend] Sort report observables causes crash
Bug Fixes:
- #1586 Creating report with all object_refs unknown fail
- #1582 Artifact STIX2.1 export
- #1581 Artifact - Mutual exclusion of properties 'url' and 'payload_bin'
- #1575 TAXII Collections Discovery URL
- #1572 [frontent] File - Artifact relationship wrong name
- #1517 It will show error if the TLP level is not granted to the user on the whole page