This release includes:
Anomaly sequence analysis and visualization using Markov chain @karishma-dixit
Morph Chart visualization of log events @petebryan
(originally released as v0.4.1 but updated to v0.5.0)
New Features
- Anomalous sequences (#60)
Markov Chain anomaly analysis for sequences of commands/patterns in a session - Morph Charts visualization - 3D visualization of event data using experimental (#58)
Morph Charts exploration - nbinit: a neater and more robust startup/setup function for Jupyter notebooks
handling package installs, imports and option setting (#62) - Azure Sentinel Queries
- Added two Logon fail queries for Linux (#62)
- Add Linux logons for host
- Added msticpy.common.pkg_config.validate_config() to validate current config
or external config file (#62)
Fixes
- f78a29e:
- Change return type on for bokeh graphs to return whole layout
- Improved geoip error messages when Api key is missing
- Fixing bug in pkg_config if no workspaces are defined (empty workspaces key)
- 31cb17f: Added context manager to temporarily set msticpyconfig to another path and auto-revert settings afterwards.
- 827477b: make titles consistent on the widgets page (#59)
- 7964b5f: Fix to utility.py - check_and_install_missing_packages to all package version to be specified.
- f793d55:
- Updated pkg_config to allow AzureCLI and AzureSentinel sections to use Key Vault protection of the keys and use of Env Vars, etc.
- Timeline - fixed Tooltip representation of Timestamps for different representations of numpy's types
- Fixed an error in test-pypi-test-pkg.cmd
- 3e42e42: Doc fix and OutOfBoundsDatetime catch
- efc3d69: OTX TI Provider fixes to encode URL IoC prior to submitting (#55)
- 0ad166a: fixing headings in rst docs for timeseries
- 606fc8f: Fixing broken Readthedocs link (#53)
- 4810e1f: Fixing some documentation omissions/errors (#52)
- 43bbd3c: Updating pylintrc to change limits for some checks.
- f50eec2: Notebooklet queries and timeline hide option
- 13c3f3f Flake8 error with unknown "QuerySource" (#63)
- 9921352 Adding pkgs to conda-reqs-pip.txt Removing Python 3.7 version setting from pre-commit
- 921370c (#63)
- requirements.txt and setup.py changes to avoid version conflicts (causing sphinx to fail)updated version to 5.0
- c900386 Fixed issue causing test failure (#63)
- 5c9db2d Adding get_all_entities feature used in Alerts Notebook (#63)