317
382
* 2006-11-23, prewikka-0.9.8:
319
- Save/load user configuration when using CGI authentication mode (#181).
321
- Show Prewikka version in the About page (#177).
323
- Use Python logging facility (available backend: stderr, file, smtp, syslog),
324
multiple simultaneous handler supported (#113).
326
- Fix anonymous authentication.
328
- Fix external process going into zombie state (#178).
330
- Fix sqlite schema (#180).
332
- Display correct alertident for invalid CorrelationAlert analyzerid/messageid pair.
334
- prewikka-httpd should now log the source address.
336
- Thread safety fixes.
384
- Save/load user configuration when using CGI authentication mode (#181).
386
- Show Prewikka version in the About page (#177).
388
- Use Python logging facility (available backend: stderr, file, smtp, syslog),
389
multiple simultaneous handler supported (#113).
391
- Fix anonymous authentication.
393
- Fix external process going into zombie state (#178).
395
- Fix sqlite schema (#180).
397
- Display correct alertident for invalid CorrelationAlert analyzerid/messageid pair.
399
- prewikka-httpd should now log the source address.
401
- Thread safety fixes.
339
404
* 2006-08-18, prewikka-0.9.7.1:
341
- Fix filter interface bug introduced in 0.9.7.
343
- Improved error reporting on filter creation.
345
- Rename command configuration section to host_commands.
406
- Fix filter interface bug introduced in 0.9.7.
408
- Improved error reporting on filter creation.
410
- Rename command configuration section to host_commands.
348
413
* 2006-08-16, prewikka-0.9.7:
350
- Use preludedb_delete_(alert|heartbeat)_from_list(). Require
351
libpreludedb 0.9.9. Provide a deletion performance improvement
354
- Handle multiple listed source/target properly. Separate
355
source/target in the message listing.
357
- Make host command/Information link available from the Sensor
360
- Always take care of the "external_link_new_window" configuration
363
- Make external command handling more generic. Allow to specify
364
command line arguments.
366
- Allow to define unlimited number of external commands rather than
367
only a defined subset (fix #134).
369
- Avoid toggling several popup at once in the HeartbeatListing.
371
- Only provide lookup capability for known network address type (fix #76).
373
- New address and node name lookup provided through prelude-ids.com service.
375
- Link to new prelude-ids.com port lookup instead of broken portsdb
415
- Use preludedb_delete_(alert|heartbeat)_from_list(). Require
416
libpreludedb 0.9.9. Provide a deletion performance improvement
419
- Handle multiple listed source/target properly. Separate
420
source/target in the message listing.
422
- Make host command/Information link available from the Sensor
425
- Always take care of the "external_link_new_window" configuration
428
- Make external command handling more generic. Allow to specify
429
command line arguments.
431
- Allow to define unlimited number of external commands rather than
432
only a defined subset (fix #134).
434
- Avoid toggling several popup at once in the HeartbeatListing.
436
- Only provide lookup capability for known network address type (fix #76).
438
- New address and node name lookup provided through prelude-ids.com service.
440
- Link to new prelude-ids.com port lookup instead of broken portsdb
376
441
database (fix #162).
381
446
* 2006-07-27, prewikka-0.9.6:
383
- CGI authentication module, from Tilman Baumann <tilman.baumann@collax.com>.
385
- Correct libpreludedb runtime version check.
387
- Show multiple source/target in message listing/summary.
389
- Fix invalid use of socket.inet_ntoa() to read ICMP Gateway Address,
390
which is stored as string (#156).
392
- Fix aggregation on IDMEF-Path that are not string.
394
- Fix setup.py --root option (#166).
448
- CGI authentication module, from Tilman Baumann <tilman.baumann@collax.com>.
450
- Correct libpreludedb runtime version check.
452
- Show multiple source/target in message listing/summary.
454
- Fix invalid use of socket.inet_ntoa() to read ICMP Gateway Address,
455
which is stored as string (#156).
457
- Fix aggregation on IDMEF-Path that are not string.
459
- Fix setup.py --root option (#166).
398
463
* 2006-05-04, prewikka-0.9.5:
400
- Fix 'Filter on Target' link (fix #148).
402
- Fix alert summary exception with alert including file permission (fix #149).
404
- Fix creation of an empty __init__.py file in lib/site-packages (#147).
406
- Print currently installed version on libpreludedb requirement error.
408
- Make sure /usr/bin/env is expanded.
465
- Fix 'Filter on Target' link (fix #148).
467
- Fix alert summary exception with alert including file permission (fix #149).
469
- Fix creation of an empty __init__.py file in lib/site-packages (#147).
471
- Print currently installed version on libpreludedb requirement error.
473
- Make sure /usr/bin/env is expanded.
412
477
* 2006-04-13, prewikka-0.9.4:
414
- Intelligent display for CorrelationAlert. Include correlated
415
alert information in the alert listing.
417
- Intelligent printing of Network centric information.
419
- Fix Cheetah compilation for the heartbeat page.
421
- Correct handling of AdditionalData containing an integer 0.
423
- Handle ignore_atomic_event AdditionalData key (used by CorrelationAlert to
424
hide linked-in alert).
426
- Fix aggregation when done simultaneously on multiple fields.
428
- Aggregation on fields other than "address" was not working well.
479
- Intelligent display for CorrelationAlert. Include correlated
480
alert information in the alert listing.
482
- Intelligent printing of Network centric information.
484
- Fix Cheetah compilation for the heartbeat page.
486
- Correct handling of AdditionalData containing an integer 0.
488
- Handle ignore_atomic_event AdditionalData key (used by CorrelationAlert to
489
hide linked-in alert).
491
- Fix aggregation when done simultaneously on multiple fields.
493
- Aggregation on fields other than "address" was not working well.
432
497
* 2005-01-10, prewikka-0.9.3:
434
- Distribute SQLite schema.
436
- Fix exception in the heartbeat analysis view when the heartbeat_count
437
or heartbeat_error_margin settings are explicitly set (#124).
439
- Fix Cheetah 1.0 heartbeat listing exception (#119).
441
- Open external link in new windows by default. Add a configuration option
442
to disable opening external link in new window (#61).
444
- Provide the ability to specify the configuration file that Prewikka
447
- Sanitize the limit parameter in case the input value is not correct
448
instead of triggering an exception (#118).
450
- Handle the preludeDB "file" setting (for use with SQLite like database).
452
- Fix filter saving issue in the heartbeat listing.
454
- Fix unlimited timeline option in heartbeat listing.
499
- Distribute SQLite schema.
501
- Fix exception in the heartbeat analysis view when the heartbeat_count
502
or heartbeat_error_margin settings are explicitly set (#124).
504
- Fix Cheetah 1.0 heartbeat listing exception (#119).
506
- Open external link in new windows by default. Add a configuration option
507
to disable opening external link in new window (#61).
509
- Provide the ability to specify the configuration file that Prewikka
512
- Sanitize the limit parameter in case the input value is not correct
513
instead of triggering an exception (#118).
515
- Handle the preludeDB "file" setting (for use with SQLite like database).
517
- Fix filter saving issue in the heartbeat listing.
519
- Fix unlimited timeline option in heartbeat listing.
460
525
* 2005-12-07, prewikka-0.9.2:
462
- Correct Analyzer path when unwiding aggregated alert.
464
- Add an "Unlimited" timeline option.
466
- Fix classification escaping problem that could lead to empty
467
listing when unwiding alert with classification text containing backslash.
469
- Don't print un-necessary separator when the protocol field is
470
empty in the alert listing.
472
- Improve Correlation Alert display. Allow focus both on the Correlation Alert
473
summary and on the correlated alert listing.
475
- Don't propagate the "save" parameter, so that the user don't end up saving
476
settings without knowing about it.
527
- Correct Analyzer path when unwiding aggregated alert.
529
- Add an "Unlimited" timeline option.
531
- Fix classification escaping problem that could lead to empty
532
listing when unwiding alert with classification text containing backslash.
534
- Don't print un-necessary separator when the protocol field is
535
empty in the alert listing.
537
- Improve Correlation Alert display. Allow focus both on the Correlation Alert
538
summary and on the correlated alert listing.
540
- Don't propagate the "save" parameter, so that the user don't end up saving
541
settings without knowing about it.
479
544
* 2005-11-30, prewikka-0.9.1:
481
- Resolve the protocol number from the message summary view.
483
- Separate port and protocol value, so that we don't end up
484
linking the protocol to portdb if there is no port.
486
- Ability to setup IDMEF filter using iana_protocol_name and iana_protocol_number.
488
- Sanitize timeline years value on system which does not support time
489
exceeding 2^31-1. Fix #104.
491
- Mark CorrelationAlert explicitly in the AlertListing.
493
- Make inline filter mark more visible.
495
- Ability for the user to save settings for the current view.
497
- New --address and --port option to prewikka-httpd.
499
- Fix a bug where clicking the IP address popup would cause
500
Firefox to go back to the top of the page. Fix #112.
502
- Don't hardcode path to /usr/bin/python, but resort to
503
/usr/bin/env to find it.
546
- Resolve the protocol number from the message summary view.
548
- Separate port and protocol value, so that we don't end up
549
linking the protocol to portdb if there is no port.
551
- Ability to setup IDMEF filter using iana_protocol_name and iana_protocol_number.
553
- Sanitize timeline years value on system which does not support time
554
exceeding 2^31-1. Fix #104.
556
- Mark CorrelationAlert explicitly in the AlertListing.
558
- Make inline filter mark more visible.
560
- Ability for the user to save settings for the current view.
562
- New --address and --port option to prewikka-httpd.
564
- Fix a bug where clicking the IP address popup would cause
565
Firefox to go back to the top of the page. Fix #112.
567
- Don't hardcode path to /usr/bin/python, but resort to
568
/usr/bin/env to find it.
506
571
* 2005-09-20, prewikka-0.9.0:
510
- Minor rendering fix.
512
- Handle service.iana_protocol_name / service.iana_protocol_number
513
as well as service.protocol.
575
- Minor rendering fix.
577
- Handle service.iana_protocol_name / service.iana_protocol_number
578
as well as service.protocol.
516
581
* 2005-09-05, prewikka-0.9.0-rc12:
518
- Correct Konqueror rendering.
520
- Minor bugfix with timeline selection.
583
- Correct Konqueror rendering.
585
- Minor bugfix with timeline selection.
525
590
* 2005-08-25, prewikka-0.9.0-rc11:
527
- The Summary view now support showing CorrelationAlert.
529
- Avoid mangling URL query string on form input.
531
- Handle possibly null AdditionalData properly.
533
- Don't default to 'low' severity.
535
- Allow the user to set analyzerID inline filter.
537
- Make sure we keep aggregation in per analyzer view.
539
- Keep inline filter object sorted, and merge them if there are duplicate.
541
- When the same object is specified more than once, OR both.
543
- Various cleanup, bugfix.
592
- The Summary view now support showing CorrelationAlert.
594
- Avoid mangling URL query string on form input.
596
- Handle possibly null AdditionalData properly.
598
- Don't default to 'low' severity.
600
- Allow the user to set analyzerID inline filter.
602
- Make sure we keep aggregation in per analyzer view.
604
- Keep inline filter object sorted, and merge them if there are duplicate.
606
- When the same object is specified more than once, OR both.
608
- Various cleanup, bugfix.
546
611
* 2005-08-17, prewikka-0.9.0-rc10:
548
- Allow configuration entry without space after the ':' separator.
550
- More operator (case insensitive operator, regex operator).
552
- Show target file in the message listing.
554
- Much more information in the alert summary view.
555
Especially useful for users of integrity checker.
613
- Allow configuration entry without space after the ':' separator.
615
- More operator (case insensitive operator, regex operator).
617
- Show target file in the message listing.
619
- Much more information in the alert summary view.
620
Especially useful for users of integrity checker.
558
623
* 2005-08-02, prewikka-0.9.0-rc9:
560
- New experimental mod_python handler.
562
- Use the same template for user creation as for user modification.
563
The interface is much cleaner, and more consistant.
565
- Fix Invalid parameters exception on 'delete all'.
567
- Print all analyzer, whether they have an analyzerID or not. This provide
568
more analyzer information.
570
- Show Analyzer Node location, Classification Ident, and Process path in the
573
- Correct SNMP/Web Service, and some other Process/File filter path.
575
- Allow for correct '\' escaping when creating filters.
577
- Internet Explorer rendering tweak.
625
- New experimental mod_python handler.
627
- Use the same template for user creation as for user modification.
628
The interface is much cleaner, and more consistant.
630
- Fix Invalid parameters exception on 'delete all'.
632
- Print all analyzer, whether they have an analyzerID or not. This provide
633
more analyzer information.
635
- Show Analyzer Node location, Classification Ident, and Process path in the
638
- Correct SNMP/Web Service, and some other Process/File filter path.
640
- Allow for correct '\' escaping when creating filters.
642
- Internet Explorer rendering tweak.
583
648
* 2005-06-17, prewikka-0.9.0-rc8:
585
- Use relative path everywhere.
587
- Some escaping fixes.
589
- Fix Filter formula check.
591
- Ability to filter on alert.classification.ident.
593
- Fix aggregated classification link in expanded list entry.
595
- Various bugfix, English typo.
650
- Use relative path everywhere.
652
- Some escaping fixes.
654
- Fix Filter formula check.
656
- Ability to filter on alert.classification.ident.
658
- Fix aggregated classification link in expanded list entry.
660
- Various bugfix, English typo.
599
664
* 2005-06-16, prewikka-0.9.0-rc7:
601
- Prewikka now work and render perfectly with IE 6.0.
603
- XHTML conformance in most of the code.
605
- Fix possible exception with filtered classification text.
607
- Allow filtering on heartbeat.analyzer.name.
666
- Prewikka now work and render perfectly with IE 6.0.
668
- XHTML conformance in most of the code.
670
- Fix possible exception with filtered classification text.
672
- Allow filtering on heartbeat.analyzer.name.
611
676
* 2005-06-01, prewikka-0.9.0-rc6:
613
- Implement alert/heartbeat select all for deletion.
615
- Fix handling of alert without classification.
617
- Fix HTML code problem. Try to make the W3C validator happy.
618
Fix Javascript warnings. Correct URL escaping. Make it work
619
better in Apple's Safari browser.
621
- More error checking when saving custom filter. Error out in case a
622
filter reference non existing criteria. Add the substr operator.
624
- Fix bug in the whole alert/heartbeat navigation system, simplify
625
and cleanup the code, always report the current filtered field 'action' to
628
- Make the mouse pointer behave like it does for javascript links on Alert
631
- Fix alert mixup when expanding an aggregated classification with different
634
- Fix low/mid/high/none severity filtering.
636
- Fix a bug where agents with multiple address would disappear.
638
- Avoid Authentication Failed message when the user didn't try to authenticate
639
(the session does not exist).
641
- UI tweak for the detailed alert/heartbeat view.
643
- Link source and destination port to portdb.
645
- Add an heartbeat_error_margin configuration keyword.
647
- Saving modification to an existing filter now work.
649
- Make prewikka.cgi catch exceptions that are raised during the prewikka
650
initialization step and display an error screen to the user instead of
651
a server internal error.
653
- Don't display message checkbox and delete button if the user don't
654
have the PERM_IDMEF_ALTER permission
656
- Fix module importation on MacOSX.
678
- Implement alert/heartbeat select all for deletion.
680
- Fix handling of alert without classification.
682
- Fix HTML code problem. Try to make the W3C validator happy.
683
Fix Javascript warnings. Correct URL escaping. Make it work
684
better in Apple's Safari browser.
686
- More error checking when saving custom filter. Error out in case a
687
filter reference non existing criteria. Add the substr operator.
689
- Fix bug in the whole alert/heartbeat navigation system, simplify
690
and cleanup the code, always report the current filtered field 'action' to
693
- Make the mouse pointer behave like it does for javascript links on Alert
696
- Fix alert mixup when expanding an aggregated classification with different
699
- Fix low/mid/high/none severity filtering.
701
- Fix a bug where agents with multiple address would disappear.
703
- Avoid Authentication Failed message when the user didn't try to authenticate
704
(the session does not exist).
706
- UI tweak for the detailed alert/heartbeat view.
708
- Link source and destination port to portdb.
710
- Add an heartbeat_error_margin configuration keyword.
712
- Saving modification to an existing filter now work.
714
- Make prewikka.cgi catch exceptions that are raised during the prewikka
715
initialization step and display an error screen to the user instead of
716
a server internal error.
718
- Don't display message checkbox and delete button if the user don't
719
have the PERM_IDMEF_ALTER permission
721
- Fix module importation on MacOSX.
661
726
* 2005-04-17, prewikka-0.9.0-rc5:
663
- Fix classification filters in the alert listing.
665
- Let the user provide the path to external command (whois, traceroute).
667
- Fix prewikka exception on 'info' severity.
669
- Fix broken installation permission.
671
- Fix bad template variable initialization resulting in an exception
674
- Fix alert deletion in un-agreggated mode.
676
- Fix GMT offset calculation.
678
- Fix a problem when appending more filters in the alert list view.
680
- Update Auth cookie expiration time.
682
- Fix escaping issue.
728
- Fix classification filters in the alert listing.
730
- Let the user provide the path to external command (whois, traceroute).
732
- Fix prewikka exception on 'info' severity.
734
- Fix broken installation permission.
736
- Fix bad template variable initialization resulting in an exception
739
- Fix alert deletion in un-agreggated mode.
741
- Fix GMT offset calculation.
743
- Fix a problem when appending more filters in the alert list view.
745
- Update Auth cookie expiration time.
747
- Fix escaping issue.
685
750
* 2005-04-05, prewikka-0.9.0-rc4:
689
- Fix a problem when changing password.
691
- Remove trailling space from config entry.
693
- Display all analyzer address in agent listing.
695
- Fix some bug in the authentication system, that would refuse
754
- Fix a problem when changing password.
756
- Remove trailling space from config entry.
758
- Display all analyzer address in agent listing.
760
- Fix some bug in the authentication system, that would refuse
696
761
login for no appearent reasons.
698
- Set default session expiration time to 60 minutes.
763
- Set default session expiration time to 60 minutes.
701
766
* 2005-03-31, prewikka-0.9.0-rc3:
703
- Installation cleanup / bugfix.
705
- Fix database authentication failure.
768
- Installation cleanup / bugfix.
770
- Fix database authentication failure.
710
775
* 2005-03-31, prewikka-0.9.0-rc2
712
- Fix a loading problem when the database is not created.
777
- Fix a loading problem when the database is not created.
715
780
* 2005-03-29, prewikka-0.9.0-rc1: