Tags: utmstack/UTMStack
Tags
Release/v10.8.4 (#1266) * Update agent-manager to use http.Server with TLS 1.3 configuration * Update the Bitdefender plugin to enforce the minimum required TLS version 1.3 * update nginx tls config to v1.3 * update changelog * trigger action * Allow agent dependencies download using powershell with tls v1.3 * allow only secure ciphersuites in tls 1.2 for agent dependencies * remove auth in dependencies endpoint * remove authentication when downloading dependencies from agent --------- Co-authored-by: Yadian Llada Lopez <yadian.llada@gmail.com> Co-authored-by: Yorjander Hernandez Vergara <yorjaKbayero@gmail.com>
Hotfix/10.8.2/correct status typos in compliance report config (#1230) * fix: correct typos in compliance report status values * fix: correct typos in compliance report status values * fix: correct typos in compliance report status values
Release/v10.8.1 (#1226) * fix(compliance-schedule): fix standard and section selection issue in report creation * chore: Update CHANGELOG.md * chore: update version.yml * fix(ui): display array fields as a single field without numeric suffixes * chore: update CHANGELOG.md * fix(alert-field-render): resolve persistent loading spinner when displaying "tags" column * chore: Update CHANGELOG.md * fix: Resolve false positive checkbox selection when editing tagging rules * feat: implement alert correlation and context building for enhanced alert analysis * add debug logging for GPT request * feat: add debug logging for alert processing and related alerts retrieval * fix: update to return schema.Alert and adjust related logic * refactor: simplify body creation in ElasticSearch function and remove unnecessary debug logs * fix: optimize alert correlation logic and improve classification handling * fix: update of the logic of correlation of alerts and construction of the historical context based on counts * fix: improve log handling in GPT request and ensure last log entry is used * feat: update macOS install steps with `utmstack-macos-agent.pkg` * fix: add pipeline for aws, sophos-central and o365 integrations * fix: remove logging of debug * Migrate from correlation service to direct Logstash connection in aws integration. * Migrate from correlation service to direct Logstash connection in office365 integration. * Migrate from correlation service to direct Logstash connection in sophos integration. * fix: add pipeline for aws, sophos-central and o365 integrations * chore: resolve merge conflicts * chore: integrate recent UI improvements * add datasource in macos agent logs * include logstash ports in installer for aws, o365 and sophos * fix: update TagRulesApplied field type to slice and join in conversion * fix: change TagRulesApplied field type from string to slice of int * Refactoring the event sending format to Logstash in the AWS plugin. * Refactoring the event sending format to Logstash in the Sophos plugin. * Refactoring the event sending format to Logstash in the office365 plugin. * fix: add pipeline for aws, sophos-central and o365 integrations * "Update blocklist processing to support severity levels and enhance IP threat intelligence integration." * "Add IP validation using net.ParseIP to ensure proper processing of source and destination IPs." * "Fix path in Dockerfile COPY command for the correlation binary." * fix: add pipeline for aws, sophos-central and o365 integrations * Update correlation Dockerfile * fix: add pipeline for aws, sophos-central and o365 integrations * fix: add pipeline for aws, sophos-central and o365 integrations * fix: filter only valid IPs when parsing coordinate map chart data * fix: update display name for Sophos integration * Implement Sophos Central filter (v1.0.0). * Refactor AWS filter (v2.0.0) to use JSON instead of Grok. * Refactor Office 365 filter (v2.0.0) by simplifying the structure. * fix: corrected typo in compliance status label from "Complaint" to "Compliant" * send logs from new windows channels in arm agent * fix: hide sorting action for assets filters * fix: improve CSV export limit parameters * fix: correct uninstalling command for macOs agent * feat: add Windows ARM64 support to agent installation platforms * set correct api url environment * fix: update filter for winevent log agent * fix: update wineventlog filter * fix: update wineventlog filter * fix: add pipeline for aws, sophos-central and o365 integrations --------- Co-authored-by: Yadian Llada Lopez <yadian.llada@gmail.com> Co-authored-by: JocLRojas <joc.l.rojas02@gmail.com> Co-authored-by: Kbayero <yorjakbayero@gmail.com> Co-authored-by: Osmany Montero <osmontero@icloud.com> Co-authored-by: Yorjander Hernandez Vergara <99102374+Kbayero@users.noreply.github.com>
Bugfix/10.7.1/alerts stopping tag rules exception (#1157) * feat: add new compliance reports * feat: update sophos and gcp filters * chore: update changelog * chore: update changelog * chore: update changelog * chore: update changelog
Release v10.7.1 (#1114) * force update agent related services * update changelog * force service update after final restart * Revert online/offline mode check in Sophos integration. * Revert online/offline mode check in AWS integration. * Revert online/offline mode check in Bitdefender integration. * Revert online/offline mode check in Office365 integration. * Revert "Revert online/offline mode check in Office365 integration." This reverts commit 55c8d79. * Revert "Revert online/offline mode check in Bitdefender integration." This reverts commit 5b4a89f. * Revert "Revert online/offline mode check in AWS integration." This reverts commit 7f95769. * Revert "Revert online/offline mode check in Sophos integration." This reverts commit ab26936. * Update base images to ubuntu 24 * remove temporary healthcheck * change base image * Don't restart agent manager and log auth proxy * Updating runners and images to ubuntu 24.04 * Update CHANGELOG.md * Fix Dockerfiles --------- Co-authored-by: Jose Angel Sanchez Velazquez <sanchezvelazquezjoseangel@gmail.com> Co-authored-by: JocLRojas <joc.l.rojas02@gmail.com>
Bugfix/10.6.2/update dependencies (#1100) * feature: correlation offline mode to avoid rules update * integrate dependencies from agent manager * Add connection checker utility for AWS modules * Add connection checker utility for Bitdefender modules * Change fatal logging to error for connection failures in AWS and Bitdefender modules * add timeout * Add connection checker utility for office 365 modules. * Add connection checker utility for sophos module. * Include arm64 agents * update dependencies * update CI/CD pipelines * remove arm builds * fix message when there is no command output * update version and changelog * Update dependencies * add connection mode * include agent debugger, remove mTLS and fix module names * add arm64 icons * Update changelog * change agent version * feat: update agent guides * feat: update agent guides * feat: update agent guides --------- Co-authored-by: Jose Angel Sanchez Velazquez <sanchezvelazquezjoseangel@gmail.com> Co-authored-by: Yadian Llada Lopez <yadian.llada@gmail.com> Co-authored-by: JocLRojas <joc.l.rojas02@gmail.com> Co-authored-by: Manuel Abascal <mjabascal10@gmail.com>
PreviousNext