New Features
- Major update to display_timeline control:
- allows arbitrary number of event series
- input as dict of data series or grouped DataFrame
- added interactive visual time range control
- added display_timeline_values to display timelines with a scalar value (line, circle, vbar)
- added sample notebook
- added ReadtheDocs page describing usage
- Moved to timeline.py module
Other Improvements/Additions
- Updated Base64Unpack, EventClustering, NotebookWidgets and TIProviders notebooks.
- Added unit test capability for UI-dependent packages by running notebooks within the unit test
- nbwidgets: added filtering text box to all select widgets
- nbwidgets: added SelectSubset widget allowing you to pick from one list and add to selected subset
- Updates to documentation/README.md
- Added checks for no TI Providers or missing keys and updated TIProvider docs for this.
- Added network data query yaml - kql_sent_winevent.yaml
- Added WinSecurityEvent.json events file
- Added pre-commit hooks including local hook script download_tlds.py
Fixes
- Fixes from testing notebook development:
- Minor change to base64unpack.py to prevent pandas warning
- entityschema: fixing repr to always return a string
- security_base: removing broken and deprecated properties adding repr
- ti_lookup - remove unneeded import
- nbwidgets - bug in restoring current index in selected items list
- eventcluster - first/last time range for clustered events was not properly calculated.
- Fixed foliummap error to display in notebook (implemented repr_html so that instances display directly in notebook.)