Skip to content

DataProviders, QueryEditor, CrowdSec and AbuseIPDB TIProviders

Pre-release
Pre-release
Compare
Choose a tag to compare
@ianhelle ianhelle released this 08 Aug 18:50
· 91 commits to main since this release
v2.7.0.pre1
1c6a689
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Preview release of 2.7.0

More detailed release notes in the full release.

Main Changes

Two new TI Providers:

Updated Data providers for Sentinel/Azure Monitor/Log Analytics and Kusto/Azure Data Explorer

These were introduced in v2.5.0 but are now the default drivers for these providers.

Query Editor

ipywidgets based query template editor - this is somewhat provisional so please be sure to test and
report bugs.

Updates to Authentication - esp for the AzureData and MicrosoftSentinel API modules

  • You can now authenticate by supplying an AzureCredential as a credential parameter
  • The connect methods for these support cloud parameter to specify different sovreign clouds
  • The init and connect methods are instrumented with logging to help debug issues:
import msticpy as mp
from msticpy.context.azure.sentinel_core import MicrosoftSentinel

mp.set_logging_level("INFO")
mssentinel = MicrosoftSentinel()
mssentinel.connect()

Other items

What's Changed

New Contributors

Full Changelog: v2.6.0...v2.7.0.pre1

Contributors

ianhelle, rrevuelta, and 4 other contributors
Assets 2
Loading