Skip to content

Releases: mfesiem/msiempy

msiempy 0.3.5

16 Oct 22:18
@tristanlatr tristanlatr
0.3.5
cbe3c40
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
msiempy 0.3.5 Latest
Latest

New:

  • Documentation website !
  • Change to search() method: applied to every list objects BUT DevTree
    The search() method only takes one arguments as the searching pattern (DevTree always only accepted one argument as the search pattern)
    If you used something like search('term1', 'term2') please use search('term1').search('term2').
    Note: The changes announced in https://github.com/mfesiem/msiempy/releases/tag/0.3.4 has not been acted yet
  • Rename get_watchlist_summary() to _init_watchlist_summary() cause it's not supposed to be called by the user
Assets 2
Loading

msiempy 0.3.4

05 Oct 20:07
@tristanlatr tristanlatr
0.3.4
9e8b0c6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
msiempy 0.3.4

New:

  • Better alarm filtering #83
  • NitroList.search() change: Comparing match values against dict values only.
    Argument match_prop has beed removed.
    Introducing fields argument to search into specific fields only.
    This change sets things up to unify DevTree .search() and other objects search() return values and arguments in the future. Right now DevTree.search() returns a Datasource object or None and DevTree.search_ds_group() returns a generator, this behaviour goes against what's defined in msiempy.core.types.NitroList.search(). All other objects returns a list of items matching the search.
    In the future DevTree will be deprecated and replaced by a another object that will behave just like DevTree except for the search method i.e. DataSourceManager
  • Clearer docs regarding EventManager.load_data(max_query_depth), Event.refresh, and other utils methods
Assets 2
Loading

msiempy 0.3.3

24 Sep 01:17
@tristanlatr tristanlatr
0.3.3
90883af
Compare
Choose a tag to compare
msiempy 0.3.3

New features:
- Grouped event queries !
- Implements remove watchlist values
- Transition all query calls to API v2
- Format code

Fixes:
- House kipping / Better docs

Assets 2
Loading

McAfee SIEM API Python wrapper 0.3.2

18 Sep 23:05
@tristanlatr tristanlatr
0.3.2
cf92d0f
Compare
Choose a tag to compare
McAfee SIEM API Python wrapper 0.3.2 
New features:
	- Retry requests once if network error
Fixes:
	- Fixed load_events() process for the AlarmManager. Was broken sicne 0.3.0, events would just not at all when using AlarmMamager.
Assets 2
Loading

McAfee SIEM API Python wrapper 0.3.1

18 Sep 13:36
@tristanlatr tristanlatr
0.3.1
13a3f49
Compare
Choose a tag to compare
McAfee SIEM API Python wrapper 0.3.1 
New features:
	- More simple imports (still 100% compatible with older code)
Fixes:
	- Fixed backwards compatibility of objects imports
	- Adjust alarm filtering so it can filter on Alarms event even if events_details=False (only siem v11.x)
Assets 2
Loading

McAfee SIEM API Python wrapper 0.3.0

18 Sep 03:53
@tristanlatr tristanlatr
0.3.0
422ac11
Compare
Choose a tag to compare
McAfee SIEM API Python wrapper 0.3.0 
New features:
	- New core objects structure , external API should not have changed !
	- PARAMS interpolation now are using Template strings for better documentation and safer processing.
		Using Template string allows us to programatically generate the liste of all possibles API calls registered in PARAMS mapping.
	- Use notifyGetTriggeredNotificationDetail when possible to load alarm details: this will only affect version 11.x. Event loaded from AlarmManager might have changed field names if you were using AlarmManager.load_data(events_details=False)
	- Better documentation site !
Fixes:
	- Typo in PARAMS
Assets 2
Loading

McAfee SIEM API Python wrapper 0.2.5

01 Sep 13:59
@tristanlatr tristanlatr
0.2.5
735863c
Compare
Choose a tag to compare
McAfee SIEM API Python wrapper 0.2.5 
New features:
	None
Fixes:
	Allow login method to be retried once
Assets 2
Loading

McAfee SIEM API Python wrapper 0.2.4

03 Aug 16:37
@tristanlatr tristanlatr
0.2.4
c2e79ab
Compare
Choose a tag to compare
McAfee SIEM API Python wrapper 0.2.4 
New features: None
Fixes: #67 and #68 : Automatically retry once on any kind of NitroError when EventManager.qry_load_data() fails. This works arround random job engine errors.
Assets 2
Loading

McAfee SIEM API Python wrapper 0.2.3

08 Jun 21:40
@tristanlatr tristanlatr
0.2.3
59b5da7
Compare
Choose a tag to compare
McAfee SIEM API Python wrapper 0.2.3 
New features:
	None
Fixes:
	#65 Typo in PARAMS
	#66 Fixed possible duplicate keys when querying events and error handling
	Added ERROR_INVALID_SESSION to the re-login error handler
	Fixed JSONDecodeError or exotic systems like raspberries
	Restored Old behaviour of __getitem__ if new map doesn't have the info: Loop thought FIELDS_TABLES and try with table prefix
Assets 2
Loading

McAfee SIEM API Python wrapper 0.2.2

21 Jan 05:25
@tristanlatr tristanlatr
0.2.2
e208f2e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
McAfee SIEM API Python wrapper 0.2.2 
New features:
	- More comprehensive usage of Event dictionnary. This means that you can use Event object with the same keys you requested when doing a query. Before you had to add the table prefix like 'Alert.<field>', or event use a completely different key like 'Alert.BIN(7)' when you requested 'UserIDSrc', now you can use the same fields that you requested (hopefully) with the Event objects. Note that all matching is done statically with a very big mapping of all known fields, it may contain bug or be imcomplete... Methods __getitem__, __contains__, __setitem__ and __delitem__ have been rewrote in order to offer this feature.

Fixes:
	- Event fields would not be queried as expected when using EventManager query splitting feature
	- Other minor event fixes
Assets 2
Loading