Releases: aplura/cribl_geese
Releases · aplura/cribl_geese
Release 1.1.6
- Security
- Updated
deepdiffto>=8.6.1to resolve CWE-915
- Updated
- API Spec Updates
- Added
4.13.0,4.13.1,4.13.2,4.13.3API Specification - Fixed bad Regex in API Specification to perform input validation.
- See README.md in
geese/constants/api_specs
- See README.md in
- Added
- New Features
- Added
--renderoption to theexportcommand- Allows for Secrets to be 'rendered' with their secret value in the config.
- Added
Release 1.1.5
- API Spec Updates
- Added
4.10.1API Specification - Added
4.11.0,4.11.1API Specification - Added
4.12.0,4.12.2API Specification - Fixed bad Regex in API Specification to perform input validation.
- See README.md in
geese/constants/api_specs
- See README.md in
- Added
- New Features
- Environment Variables in Config
- In
config.yaml, or a user defined configuration file, each root level item (username,password, etc) can now include an environment variable. - The key is variable as the environment requires.
- The variable must have a double
$$ - Example is below, where the key will be replaced according to the regex
$$\S+.
destination: username: $CRIBL_LEADER_USERNAME password: $CRIBL_LEADER_PASSWORD
- In
- Environment Variables in Config
- Improvements
- Export
ALL- When working with geese, if a config source does not have the
worker_groupsconfiguration item, Cribl will be queried to determine available groups, and the entire set will be utilized for exporting. - Destinations without a
worker_groupsconfiguration item will default to the single groupdefault.
- When working with geese, if a config source does not have the
- Export
Release 1.1.4
- Security Updates
- Updated
urllib3to v2.2.2 to address CVE-2024-37891 - Updated
setuptoolsto>=70.0.0
- Updated
- Bugs
- Fixed
packsexport, configuration of the pack is now exported into the export config file. - Fixed group targeting in source and destination.
- Fixed
- Improvements
- Across the board, reworked internal command switches to be more consistent.
- New Feature
- When uploading packs, the option to include a custom "pack" called a "ruck" is available.
- "kits" allow a more-comprehensive approach to packs, as they can include
collectors,inputs,secretsand a default route that funnels matching data to the pack. - The pack itself will still only contain pack routes, pipelines, and other knowledge settings, but other objects will be created if defined.
- "kits" allow a more-comprehensive approach to packs, as they can include
- Added configuration option
is_freefor standalone or not Enterprise editions of Cribl. - Added
createcommand for future use. - Restrict to specific sources/destinations using
namespaces.
- When uploading packs, the option to include a custom "pack" called a "ruck" is available.
- Export
- Ability to export a lookup file (CSV) of Cribl Ids and Display names for further enrichments.
- Added ability to "split" configs into their knowledge objects with group and namespace information.
- Validate
- Added multiple API Specs
- Still not working as intended due to malformed OpenAPI spec parsing.
- Knowledge Objects
routes- Fixed the update call to "substitute and replace" only configured routes. Will not overwrite entire route list.
Release 1.1.3
- Improvements
- Updated README for links to releases.
- Included Snyk Scanning
1.1.2
Initial Release to Public