v7.0.0
Breaking Changes
DB Schema
The database schema is updated without a backward compatibility. Please re-initialize your database. Sorry for the inconvenience.
Rule
artifact_lifetime
is removed. (Useartifact_ttl
instead)
Analyzers
- Feed analyzer (
feed
) is updated:- Feed data is no longer always wrapped as an array.
data
is renamed asform
Enrichers
- IPInfo enricher (
ipinfo
) is deprecated and MMDB enricher (mmdb
) is added to replace it.
Emitters
- TheHive emitter (
thehive
) no longer supports TheHive v4. (Only supports v5)
What's New
- Web and CLI applications are updated to perform basic CRUD operations on rules, alerts, artifacts and tags.
- Flexible search capabilities on rules, alerts, artifacts and tags.
- MMDB enricher to enrich IP type artifacts.
- Sidekiq integration to process time-consuming tasks in the background.
- Ruby 3.3 support
Fixes
- Fix
ignore_error
related issue - Fix Shodan analyzer's geolocation data handling issue
Also the codebase including tests has been refactored to improve consistency, readability and maintainability.
Full Changelog: v6.3.0...v7.0.0