New Features
- Azure Sentinel Threat Intel provider in TILookup
- kql_base.py provider for TILookup to support other LogAnalytics TI sources
- Refactored unit tests for TIProviders with mocking of data sources.
- TIProviders notebook and ReadTheDocs TI Providers doc page.
- Added package config and ability for WSConfig to get workspace and tenant config from msticpyconfig.yaml
Fixes
- Fixes for mypy warnings - now mypy clean
- Addressed most other linting warnings
- Fixed broken multiple TI lookups for http providers
- Black formatting
- Bug in geoip that would throw exception for private IP addresses and issue warnings rather than exceptions if something goes wrong with GeoLite DB download
- Fixed errors in several network query definitions
- IoCExtract bug when trying to download TLD file offline