certtools/intelmq 1.0.0.dev8

1.0.0.dev8 Beta

on GitHub

General changes

• It's now configurable how often the bots are logging how much events they have sent, based on both the amount and time. (fixes #743)
• switch from pycodestyle to pep8

Configuration

• Added log_processed_messages_count (500) and log_processed_messages_seconds (900) to defaults.conf.
• http_timeout has been renamed to http_timeout_sec and http_timeout_max_tries has been added.
  This setting is honored by bots.collectors.http.* and bots.collectors.mail.collector_mail_url, bots.collectors.rt (only http_timeout_sec), bots.outputs.restapi.output and bots.experts.ripencc_abuse_contact

Documentation

• Minor fixes
• Dropped install scripts, see INSTALL.md for more detailed instructions and explanations
• Better structure of INSTALL.md
• Better documentation of packages

Tools

• added a bot debugger (#975)
• missing bot executable is detected and handled by intelmqctl (#979)

Core

• fix bug which prevented dumps to be written if the file did not exist (#986)
• Fix reload of bots regarding logging
• type annotions for all core libraries

Bots

• added bots.experts.idea, bots.outputs.files
• possibility to split large csv Reports into Chunks, currently possible for mail url and file collector
• elasticsearch output supports HTTP Basic Auth
• bots.collectors.mail.collector_mail_url and bots collectors.file.collector can split large reports (#680)
• bots.parsers.shadowserver support the VNC feed
• handling of HTTP timeouts, see above #859
• bots.parsers.bambenek saves the malware name
• bots.parsers.fraunhofer.parser_dga saves the malware name
• bots.parsers.shadowserver handles NULL bytes
• bots.parsers.abusech.parser_ransomware handles the IP 0.0.0.0 specially

Harmonization

• New field named output to support export to foreign formats