google/timesketch 20191220

on GitHub

New UI, more analyzers and an updated API client

What's Changed

• Analyzer update by @kiddinn in #828
• Multiple changes for code flagged by pylint 2.1.1 by @joachimmetz in #833
• Remove u' from docker scripts by @berggren in #835
• Fixes for python3 compatibility by @kiddinn in #829
• Support RE flags by @berggren in #837
• Check if user exist by @berggren in #838
• New aggregation framework by @berggren in #842
• Allow comma separated list of usernames to share to by @berggren in #844
• Linkedin account extraction by @kovakina in #839
• New frontend by @berggren in #848
• Update Installation.md by @joachimmetz in #853
• Moved pylint to stand-alone CI test target by @joachimmetz in #831
• Updated CI test to use pylint 2.2.2 by @joachimmetz in #852
• Added Bionic Docker-based tests that use dependencies from GIFT PPA by @joachimmetz in #832
• Changed domain analyzer, removing human readable manipulation, issue #847 by @kiddinn in #858
• Update dockerfile to copy config recursively by @Onager in #859
• Updated .pylintrc and changes for linter #855 by @joachimmetz in #856
• Added l2tdevtools configuration files and generated dependency files by @joachimmetz in #790
• Adding a term aggregator. by @kiddinn in #857
• Added API calls for aggregations as well as enabling client access to aggregations (step 1) by @kiddinn in #860
• Markdown stories by @berggren in #866
• Delete sketch functionality by @berggren in #868
• MUS2019-CTF Colab by @obsidianforensics in #872
• Update CreateTimelineFromJSONorCSV.md by @obsidianforensics in #877
• Timeline management by @berggren in #875
• Aggregation SQL model by @berggren in #876
• Removed elasticsearch5-py as a dependency by @joachimmetz in #879
• Update dependencies by @berggren in #878
• Update dependencies by @joachimmetz in #881
• Fixed problem that the celery does not start automatically. by @piwikjapan in #807
• Changed phishy domain analyzer to return early if no results. by @kiddinn in #893
• Minor bug fixes in CSV file import for python3 compatability by @kiddinn in #894
• Updated Dockerfile to use Python 3 timesketch by @joachimmetz in #887
• Add example nginx and systemd config files by @berggren in #895
• Commit Sketch object to DB before setting ACL by @berggren in #897
• Exit early if there are no domains to analyze by @berggren in #898
• Use legacy aggregators in old UI by @berggren in #899
• Adding more aggregation APIs and upgrading API client to make use of them. by @kiddinn in #889
• Docker refactor by @berggren in #903
• Adding starred event lookups to colab example by @kiddinn in #907
• Added Debian packaging files by @joachimmetz in #882
• New timeline picker component by @berggren in #911
• Fixing wrong file locations in docker configs by @kiddinn in #915
• Logo Files by @althealabre in #917
• Fix a Python3 error by encoding before hashing by @taishi8117 in #914
• Yeti indicator analyzer by @tomchop in #900
• Editable sketch summary by @berggren in #910
• Dynamic analyzers by @berggren in #909
• Time bubbles by @berggren in #919
• GCP servicekey analyzer for stackdriver logs by @pstirparo in #918
• Fix for issue #927 by @jadams in #928
• Fixed typo in Users-guide.md. by @katemacleod in #929
• Remove file no longer used by @nnyx7 in #931
• Added tsctl import command to Users-Guide.md by @katemacleod in #932
• Add missing line in the docker-compose files by @nnyx7 in #936
• Add missing code quotes by @Liamdoult in #940
• Added basic sessionizer plugin. by @nnyx7 in #939
• Format error as string by @tomchop in #944
• Fix #934 by @tomchop in #949
• Move dependency install to Dockerfile by @berggren in #958
• Better explanation of the purge command by @jaegeral in #959
• Mention SearchQueryGuide and SketchOverview in the userguide by @jaegeral in #947
• Fix for error when adding a view with query_dsl by @katemacleod in #948
• Fixing an issue with domain analyzer. by @kiddinn in #961
• New UI: Time filters by @berggren in #925
• Remove Xenial from Travis tests by @berggren in #963
• Dynamic aggregators by @berggren in #920
• Delete view by @berggren in #962
• New login page by @berggren in #966
• New logo header by @berggren in #968
• Expert sessionizer by @katemacleod in #941
• Fix MockDataStore storing events by @nnyx7 in #970
• Add sequence sessionizer. by @nnyx7 in #960
• SSH sessionizing sketch analyser by @nnyx7 in #973
• New UI build by @berggren in #978
• Remove Vagrant by @berggren in #979
• Doc fixes for sessionizers by @katemacleod in #975
• Session chart by @katemacleod in #974
• Session resource by @katemacleod in #971
• Remove multiple inheritance in test classes by @nnyx7 in #977
• Fixing aggregations in the API client by @kiddinn in #982
• Making changes to how aggregations are done in API client by @kiddinn in #983
• Minor bug in client. by @kiddinn in #984
• Adding aggregation into the jupyter notebook demo by @kiddinn in #985
• Empty states by @berggren in #986
• Only run linter on changed files by @berggren in #987
• Add tags to event list by @berggren in #988
• Update docker-compose to correct elasticsearch volume by @exFill in #990
• Minor client changes by @kiddinn in #992
• Adding the OSDFCon demo notebook to our sample notebooks. by @kiddinn in #993
• New filter system by @berggren in #991
• Add Buefy UI framework by @berggren in #995
• Fixed the TypeError: delimiter must be string, not unicode error. by @wajihyassine in #999
• Improving error handling in the API by @kiddinn in #1001
• Adding list sketches to the tsctl command by @kiddinn in #1002
• Refactor UI by @berggren in #1003
• Adding the ability to manually run an analyzer in the API by @kiddinn in #998
• New UI: Star events by @berggren in #1005
• New UI: Result limit and sort order by @berggren in #1006
• New UI: Comment support by @berggren in #1007
• Install documentation from plaso changed location by @jaegeral in #1008
• New UI: Context query by @berggren in #1011
• Introduce .dockerignore by @au-phiware in #1010
• API client methods for comment and label by @jaegeral in #693
• Introduce documentation how to import arbitrary data to ts by @jaegeral in #1009
• New UI: Pagination support by @berggren in #1012
• New UI: Sharing controls by @berggren in #1015
• Added import stream object for more flexible data upload by @kiddinn in #1004
• Fixing #1017 and one other minor issue. by @kiddinn in #1018
• New UI: Upload progress bar by @berggren in #1020
• Adding a chain analyzer. by @kiddinn in #994
• New UI: Run analyzers from the UI by @berggren in #1019
• Fixing bug in listing stored aggregators by @kiddinn in #1021
• New UI: Loading state for uploaded timelines by @berggren in #1022
• New UI: Just show delete menu if user has permission by @berggren in #1023
• New UI: Error toast and analyzer run permissions by @berggren in #1025
• Fixing a minor py2 vs py3 compatibility issue in OAUTH by @kiddinn in #1026
• Adding OAUTH support to API client. by @kiddinn in #1027
• Timestomp by @fooris in #942
• Changes to the OAUTH support for the client API by @kiddinn in #1030
• Changing the OAUTH flow in the client to add a web server to catch response by @kiddinn in #1031
• New UI: Selectable columns by @berggren in #1029
• Fix views in story mode by @berggren in #1032
• Bugfix for views without fields by @berggren in #1033
• Small bugfix for word wraps by @berggren in #1034
• Adding description and chart titles for aggregation. by @kiddinn in #1036
• Add description to aggregation dropdown by @berggren in #1037
• Adding aggregation information to the API and API client. by @kiddinn in #1038
• CSRF refresh snackbar by @berggren in #1040
• Cleaning up analyzer tags by @berggren in #1039
• New UI: Bugfix for sharing form by @berggren in #1041
• Bugfix: Do not strip domain when changing ACL by @berggren in #1042
• Splitting up parsing of large CSV files with the importer by @kiddinn in #1044
• Set correct value in option dropdown by @berggren in #1048
• Separating client classes into their own files. by @kiddinn in #1049
• New base dev image build by @berggren in #1050
• Adding the ability to store aggregation into analyzer interface by @kiddinn in #1051
• Fix duplicate sorting order in sketch explore sort order dropdown by @vikahl in #1054
• Enable new UI by @berggren in #1057
• Remove vagrant from the readme by @jaegeral in #1058
• Use development_timesketch instead of docker_timesketch by @jaegeral in #1059
• Change default location for config file by @berggren in #1061
• Added dynamic form definition for the feature extraction analyzer. by @kiddinn in #1055
• Always use HTTPS for OIDC redirects by @berggren in #1062
• New release 20191220 by @berggren in #1063

New Contributors

• @piwikjapan made their first contribution in #807
• @althealabre made their first contribution in #917
• @taishi8117 made their first contribution in #914
• @pstirparo made their first contribution in #918
• @jadams made their first contribution in #928
• @Liamdoult made their first contribution in #940
• @exFill made their first contribution in #990
• @wajihyassine made their first contribution in #999
• @au-phiware made their first contribution in #1010
• @fooris made their first contribution in #942
• @vikahl made their first contribution in #1054

Full Changelog: 2019020...2019122