microsoft/msticpy v2.13.0

AI documentation assistant, BinaryEdge TI provider and other misc fixes

on GitHub

We've been quietly doing some work to introduce LLM/GPT/AI capabilities into msticpy.
@EileenG02 has helped us in that direction by building a document Q&A agent using Autogen.

You can try it out in a notebook using the following:

Load the magic extension

%load_ext msticpy.aiagents.mp_docs_rag_magic

Ask a question in a separate cell using the %%ask cell magic

%%ask
What are the three things that I need to connect to Azure Query Provider?

Awesome work @EileenG02!

There's also a new TI provider for BinaryEdge courtesy of @petebryan.

Alongside this there have been quite a few contributions to fix and improve things like:

• Splunk improvements (thanks @Tatsuya-hasegawa)
• Fixes for Sentinel provider get_alert_rules to use updated API (thanks @BWC-TomW)
• A massive amount of type annotation work and fixes to context/TI providers by @FlorianBracq
• Miscellaneous fixes to things like Sentinel TI provider, MSSentinel tidy-up to more consistently handle parameters,
  correct use of the term CountryOrRegionName from CountryName in geolocation contexts.

The gory details of the PRs follow:

What's Changed

• Add extra tests and fixes to QueryProvider, DriverBase and (as)sync query handling by @FlorianBracq in #777
• Fix incorrect ref to ip_utils module in docs by @ianhelle in #779
• Fix some deprecation warnings by @FlorianBracq in #781
• Fixing np.NaN error and build warnings by @ianhelle in #785
• Removing data matching AV signatures by @ianhelle in #786
• Create codeql_updated.yml by @ianhelle in #787
• Update black requirement from <24.0.0,>=20.8b1 to >=20.8b1,<25.0.0 by @dependabot in #742
• Update docutils requirement from <0.20.0 to <0.22.0 by @dependabot in #768
• Add upload data styles to Splunk uploader by @Tatsuya-hasegawa in #776
• Added BinaryEdge provider by @petebryan in #780
• Update sentinel_analytics.py to update get_alert_rules to use new API version by @BWC-TomW in #789
• Fixing MSSentinel to obey parameters by @ianhelle in #791
• Add Autogen and RAG Agent to MSTICpy by @EileenG02 in #793
• Update TILookup and ContextLookup by @FlorianBracq in #794
• Fix sentinel TI provider by @ianhelle in #797
• Updating CountryName to CountryOrRegionName by @ianhelle in #796

New Contributors

• @BWC-TomW made their first contribution in #789
• @EileenG02 made their first contribution in #793

Full Changelog: v2.12.0...v2.13.0