Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release #2951

Closed
wants to merge 89 commits into from
Closed

Release #2951

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
89 commits
Select commit Hold shift + click to select a range
1875a04
Update windows_admin_permission_discovery.yml
MHaggis Oct 19, 2023
5ab0b7d
Citrix CVE-2023-4966- Citrix Bleed
MHaggis Oct 24, 2023
3bd3798
Update citrix_adc_and_gateway_unauthorized_data_disclosure.yml
MHaggis Oct 24, 2023
4bb68a3
Update citrix_adc_and_gateway_unauthorized_data_disclosure.yml
MHaggis Oct 25, 2023
aa413a8
Merge pull request #2893 from splunk/citrixbleed
patel-bhavin Oct 25, 2023
0757d7a
updating contentctl yml to 415
patel-bhavin Oct 25, 2023
93d7a12
Citrix Bleed
MHaggis Oct 26, 2023
7c7eb48
Merge branch 'citrix-new-1' into 'release_v4.15.0'
patel-bhavin Oct 26, 2023
9aefbd1
AppInspect via ci
patel-bhavin Oct 26, 2023
5aca39f
Merge branch 'appinspect_via_ci' into 'release_v4.15.0'
patel-bhavin Oct 26, 2023
4d530bf
Confluence Updates
MHaggis Oct 26, 2023
ad79a44
Merge branch 'conflu-update-1' into 'release_v4.15.0'
patel-bhavin Oct 26, 2023
49b3f7c
Merge branch 'windows-admin-permissionfix' into 'release_v4.15.0'
patel-bhavin Oct 26, 2023
a5eead6
false and bucket updates
patel-bhavin Oct 26, 2023
4260667
test updates
patel-bhavin Oct 26, 2023
86e561c
workflow rules
patel-bhavin Oct 26, 2023
881ad42
changes to release yaml
patel-bhavin Oct 26, 2023
051c3da
only test github push
patel-bhavin Oct 26, 2023
4fed536
upsteam
patel-bhavin Oct 26, 2023
7e6b84a
remove nothing to commit
patel-bhavin Oct 26, 2023
8990a69
seems to be working
patel-bhavin Oct 26, 2023
c945082
e2e
patel-bhavin Oct 26, 2023
f82a229
curl up a GH PR automatically
patel-bhavin Oct 26, 2023
fc88799
Branch was auto-updated.
srv-rr-gh-researchbt Oct 26, 2023
79213f4
verfied files with 4.14.0 tag
patel-bhavin Oct 27, 2023
339f309
Merge pull request #2903 from splunk/manual_revert
patel-bhavin Oct 27, 2023
40fdab8
F5 CVE-2023-46747
MHaggis Oct 30, 2023
a907039
Merge pull request #2905 from splunk/f5news
patel-bhavin Nov 1, 2023
698d9b7
testing conflicts
patel-bhavin Nov 1, 2023
dfd7454
Merge pull request #2910 from splunk/gitlab_release_v4.15.0
patel-bhavin Nov 1, 2023
aecf5a2
removing CODEOWNERS
Nov 16, 2023
09df1c4
Resolve merge conflict
pyth0n1c Nov 16, 2023
346201a
add gitmodule back
pyth0n1c Nov 16, 2023
e470162
git submodule updated
pyth0n1c Nov 16, 2023
27003e1
update submod
patel-bhavin Nov 16, 2023
1f16d12
416 files
patel-bhavin Nov 16, 2023
429a7ba
Merge pull request #2916 from splunk/gitlab_release_v4.16.0
patel-bhavin Nov 16, 2023
9d7b187
removing CODEOWNERS
Nov 22, 2023
e6d1c72
fixing conflicts
patel-bhavin Nov 22, 2023
ad179cb
Merge pull request #2918 from splunk/gitlab_release_v4.16.1
patel-bhavin Nov 22, 2023
a17707f
version bump
patel-bhavin Nov 22, 2023
d26a337
Bump pysigma from 0.9.8 to 0.10.9
dependabot[bot] Dec 1, 2023
097e392
Bump jsonschema from 4.19.1 to 4.20.0
dependabot[bot] Dec 1, 2023
c9f300c
Bump pytest from 7.4.2 to 7.4.3
dependabot[bot] Dec 1, 2023
9e14520
Bump psutil from 5.9.5 to 5.9.6
dependabot[bot] Dec 1, 2023
aa23a18
removing CODEOWNERS
Dec 6, 2023
25016e8
conflicts
patel-bhavin Dec 6, 2023
874a059
Merge pull request #2927 from splunk/gitlab_release_v4.17.0
patel-bhavin Dec 6, 2023
d5a6657
Branch was auto-updated.
srv-rr-gh-researchbt Dec 6, 2023
d8745b3
Branch was auto-updated.
srv-rr-gh-researchbt Dec 6, 2023
4dc1b7f
Branch was auto-updated.
srv-rr-gh-researchbt Dec 6, 2023
cabafc8
Branch was auto-updated.
srv-rr-gh-researchbt Dec 6, 2023
59333d2
Merge pull request #2923 from splunk/dependabot/pip/jsonschema-4.20.0
dependabot[bot] Dec 6, 2023
7f0bd70
Merge pull request #2921 from splunk/dependabot/pip/pysigma-0.10.9
dependabot[bot] Dec 6, 2023
a8e9b4e
Merge pull request #2926 from splunk/dependabot/pip/psutil-5.9.6
dependabot[bot] Dec 6, 2023
d6c1ef0
Merge pull request #2924 from splunk/dependabot/pip/pytest-7.4.3
dependabot[bot] Dec 6, 2023
bc1824d
deprecated office story
patel-bhavin Dec 6, 2023
22533f1
removing CODEOWNERS
Dec 20, 2023
74d71f4
merge conflicts
patel-bhavin Dec 20, 2023
87cb8c9
Merge pull request #2932 from splunk/gitlab_release_v4.18.0
patel-bhavin Dec 20, 2023
a660cb1
Bump pytest from 7.4.3 to 7.4.4
dependabot[bot] Jan 2, 2024
1375105
Bump psutil from 5.9.6 to 5.9.7
dependabot[bot] Jan 2, 2024
27f1f55
Bump pysigma from 0.10.9 to 0.11.0
dependabot[bot] Jan 2, 2024
3d0b11a
Bump gitpython from 3.1.37 to 3.1.41
dependabot[bot] Jan 10, 2024
c20b48d
removing CODEOWNERS
Jan 10, 2024
a7b59ef
updating 4190 after conflicts
patel-bhavin Jan 10, 2024
c44a229
updating conflicts
patel-bhavin Jan 10, 2024
ff63030
Merge pull request #2941 from splunk/gitlab_release_v4.19.0
patel-bhavin Jan 10, 2024
ef06d1f
Branch was auto-updated.
srv-rr-gh-researchbt Jan 10, 2024
1f038c3
Branch was auto-updated.
srv-rr-gh-researchbt Jan 10, 2024
4521df7
Branch was auto-updated.
srv-rr-gh-researchbt Jan 10, 2024
865fa08
Branch was auto-updated.
srv-rr-gh-researchbt Jan 10, 2024
511c1da
Merge pull request #2935 from splunk/dependabot/pip/psutil-5.9.7
dependabot[bot] Jan 10, 2024
ab41b10
Merge pull request #2934 from splunk/dependabot/pip/pytest-7.4.4
dependabot[bot] Jan 10, 2024
670d7fb
Merge pull request #2940 from splunk/dependabot/pip/gitpython-3.1.41
dependabot[bot] Jan 10, 2024
99fd815
Merge pull request #2936 from splunk/dependabot/pip/pysigma-0.11.0
dependabot[bot] Jan 10, 2024
cf5edeb
Bump jinja2 from 3.1.2 to 3.1.3
dependabot[bot] Jan 11, 2024
5ca8c8f
removing CODEOWNERS
Jan 17, 2024
7096c5a
4.20.0
patel-bhavin Jan 17, 2024
6c68bd7
conflcits
patel-bhavin Jan 17, 2024
bb5231b
Merge pull request #2945 from splunk/gitlab_release_v4.20.0
patel-bhavin Jan 17, 2024
7b82141
Branch was auto-updated.
srv-rr-gh-researchbt Jan 17, 2024
d54db88
Merge pull request #2942 from splunk/dependabot/pip/jinja2-3.1.3
dependabot[bot] Jan 17, 2024
4396c4b
removing CODEOWNERS
Jan 22, 2024
e4a5832
remove conflicts
patel-bhavin Jan 22, 2024
47eea50
Merge pull request #2946 from splunk/gitlab_release_v4.21.0
patel-bhavin Jan 22, 2024
4993fd6
removing CODEOWNERS
Jan 24, 2024
00b2ce7
re run
patel-bhavin Jan 24, 2024
fee6f11
Merge pull request #2949 from splunk/gitlab_release_v4.22.0
patel-bhavin Jan 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .gitmodules
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
[submodule "contentctl"]
path = contentctl
url = https://github.com/splunk/contentctl.git
ignore = all
ignore = all
2 changes: 0 additions & 2 deletions CODEOWNERS
View file
Open in desktop

This file was deleted.

2 changes: 1 addition & 1 deletion contentctl
Open in desktop
Submodule contentctl updated 2 files
+0 −104 contentctl/actions/release_notes.py
+3 −25 contentctl/contentctl.py
2 changes: 1 addition & 1 deletion dist/DA-ESS-ContentUpdate/default/analyticstories.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#############
# Automatically generated by generator.py in splunk/security_content
# On Date: 2024-01-24T19:36:41 UTC
# On Date: 2024-01-24T22:03:46 UTC
# Author: Splunk Threat Research Team - Splunk
# Contact: research@splunk.com
#############
Expand Down
4 changes: 2 additions & 2 deletions dist/DA-ESS-ContentUpdate/default/app.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#############
# Automatically generated by generator.py in splunk/security_content
# On Date: 2024-01-24T19:36:41 UTC
# On Date: 2024-01-24T22:03:46 UTC
# Author: Splunk Threat Research Team - Splunk
# Contact: research@splunk.com
#############
Expand All @@ -10,7 +10,7 @@
is_configured = false
state = enabled
state_change_requires_restart = false
build = 20240124193302
build = 20240124220001

[triggers]
reload.analytic_stories = simple
Expand Down
2 changes: 1 addition & 1 deletion dist/DA-ESS-ContentUpdate/default/collections.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#############
# Automatically generated by generator.py in splunk/security_content
# On Date: 2024-01-24T19:36:41 UTC
# On Date: 2024-01-24T22:03:46 UTC
# Author: Splunk Threat Research Team - Splunk
# Contact: research@splunk.com
#############
Expand Down
2 changes: 1 addition & 1 deletion dist/DA-ESS-ContentUpdate/default/content-version.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#############
# Automatically generated by generator.py in splunk/security_content
# On Date: 2024-01-24T19:36:41 UTC
# On Date: 2024-01-24T22:03:46 UTC
# Author: Splunk Threat Research Team - Splunk
# Contact: research@splunk.com
#############
Expand Down
2 changes: 1 addition & 1 deletion dist/DA-ESS-ContentUpdate/default/es_investigations.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#############
# Automatically generated by generator.py in splunk/security_content
# On Date: 2024-01-24T19:36:41 UTC
# On Date: 2024-01-24T22:03:46 UTC
# Author: Splunk Threat Research Team - Splunk
# Contact: research@splunk.com
#############
Expand Down
2 changes: 1 addition & 1 deletion dist/DA-ESS-ContentUpdate/default/macros.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#############
# Automatically generated by generator.py in splunk/security_content
# On Date: 2024-01-24T19:36:41 UTC
# On Date: 2024-01-24T22:03:46 UTC
# Author: Splunk Threat Research Team - Splunk
# Contact: research@splunk.com
#############
Expand Down
4 changes: 2 additions & 2 deletions dist/DA-ESS-ContentUpdate/default/savedsearches.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#############
# Automatically generated by generator.py in splunk/security_content
# On Date: 2024-01-24T19:36:41 UTC
# On Date: 2024-01-24T22:03:46 UTC
# Author: Splunk Threat Research Team - Splunk
# Contact: research@splunk.com
#############
Expand Down Expand Up @@ -62804,7 +62804,7 @@ relation = greater than
quantity = 0
realtime_schedule = 0
is_visible = false
search = | tstats count min(_time) as firstTime max(_time) as lastTime from datamodel=Web where Web.uri_path="/template/aui/text-inline.vm" Web.http_method=POST Web.status IN (200, 202) by Web.src, Web.dest, Web.http_user_agent, Web.url, Web.uri_path, Web.status | `drop_dm_object_name("Web")` | `security_content_ctime(firstTime)` | `security_content_ctime(lastTime)` | `confluence_pre_auth_rce_via_ognl_injection_cve_2023_22527_filter`
search = | tstats count min(_time) as firstTime max(_time) as lastTime from datamodel=Web where Web.url="*/template/aui/text-inline.vm*" Web.http_method=POST Web.status IN (200, 202) by Web.src, Web.dest, Web.http_user_agent, Web.url, Web.status | `drop_dm_object_name("Web")` | `security_content_ctime(firstTime)` | `security_content_ctime(lastTime)` | `confluence_pre_auth_rce_via_ognl_injection_cve_2023_22527_filter`

[ESCU - Confluence Unauthenticated Remote Code Execution CVE-2022-26134 - Rule]
action.escu = 0
Expand Down
2 changes: 1 addition & 1 deletion dist/DA-ESS-ContentUpdate/default/transforms.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#############
# Automatically generated by generator.py in splunk/security_content
# On Date: 2024-01-24T19:36:41 UTC
# On Date: 2024-01-24T22:03:46 UTC
# Author: Splunk Threat Research Team - Splunk
# Contact: research@splunk.com
#############
Expand Down
2 changes: 1 addition & 1 deletion dist/DA-ESS-ContentUpdate/default/workflow_actions.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#############
# Automatically generated by generator.py in splunk/security_content
# On Date: 2024-01-24T19:36:41 UTC
# On Date: 2024-01-24T22:03:46 UTC
# Author: Splunk Threat Research Team - Splunk
# Contact: research@splunk.com
#############
Expand Down
2 changes: 1 addition & 1 deletion dist/api/detections.json
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion dist/api/macros.json
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion dist/api/stories.json
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion dist/api/version.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"version": {"name": "v4.22.0", "published_at": "2024-01-24T19:40:33Z"}}
{"version": {"name": "v4.22.0", "published_at": "2024-01-24T22:08:23Z"}}
12 changes: 6 additions & 6 deletions requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
attackcti==0.3.9
docker==6.1.3
GitPython==3.1.37
Jinja2==3.1.2
jsonschema==4.19.1
GitPython==3.1.41
Jinja2==3.1.3
jsonschema==4.20.0
mock==4.0.3
psutil==5.9.5
psutil==5.9.7
pycvesearch==1.2
pydantic==1.10.8
pysigma==0.9.8
pysigma==0.11.0
pysigma-backend-splunk==1.0.2
pytest==7.4.2
pytest==7.4.4
PyYAML>=5.4.1
questionary==1.10.0
requests==2.31.0
Expand Down
Loading