3.0.0 Release

Full Changelog

Implemented enhancements:

• Assign default values to case templates' custom fields #375
• Add the Ability to Import and Export Case Templates #369
• Add a sighted flag for IOCs #365
• Alert id should not be used to build case title when using case templates #364
• Set task assignee in case template #362
• Add Autonomous Systems to the Default Datatype List #359
• Display more than 10 users per page and sort them by alphanumerical order #346
• [Minor] Add user dialog title issue #345
• Deleted cases showing in statistics #317
• Dynamic dashboard #312
• Add health check in status API #306
• Alerts in Statistics #274
• Statistics: Observables and IOC over time #215
• Export Statistics/Metrics #197
• Msg_Parser analyser show for all files #184
• Assign default metric values #176
• Display Cortex Version, Instance Name, Status and Available Analyzers #130
• Feature Request: Webhooks #20
• Remove the From prefix and template suffix around a template name in the New Case menu #348
• Keep the alert date when creating a case from it #320
• Export to MISP: add TLP #314
• Show already known observables in Import MISP Events preview window #137

Fixed bugs:

• The misp > instance name > tags parameter is not honored when importing MISP events #373
• [Bug] Merging an alert into case with duplicate artifacts does not merge descriptions #357
• Share a case if MISP is not enabled raise an error #349
• Validate alert's TLP and severity attributes values #326
• Merge of cases overrides task log owners #303

Closed issues:

• MISP Connection Error with Cortex/HIVE #371
• Single Sign-On with X.509 certificates #297
• Remove the deprecated "user" property #316
• Run observable analyzers through API #308

Merged pull requests:

• typos and improvements to text #355 (steoleary)
• Correct typo #353 (arnydo)

2.13.2 Release

Full Changelog

Fixed bugs:

• Security issue on Play 2.6.5 #356
• Incorrect stats: non-IOC observables counted as IOC and IOC word displayed twice #347
• Deleted Observables, Show up on the statistics tab under Observables by Type #343
• Statistics on metrics doesn't work #342
• Error on custom fields format when merging cases #331

2.13.1 Release

Full Changelog

Fixed bugs:

• Tasks Tab Elasticsearch exception: Fielddata is disabled on text fields by default. Set fielddata=true on [title] #311

2.13.0 Release

2.13 (2017-09-15)

Full Changelog

Implemented enhancements:

• Group ownership in Docker image prevents running on OpenShift #307
• Improve the content of alert flow items #304
• Add a basic support for webhooks #293
• Add basic authentication to Stream API #291
• Add Support for Play 2.6.x and Elasticsearch 5.x #275
• Fine grained user permissions for API access #263
• Alert Pane: Catch Incorrect Keywords #241
• Specify multiple AD servers in TheHive configuration #231
• Export cases in MISP events #52

Fixed bugs:

• Download attachment with non-latin filename #302
• Undefined threat level from MISP events becomes severity "4" #300
• File name is not displayed in observable conflict dialog #295
• A colon punctuation mark in a search query results in 500 #285
• Previewing alerts fails with "too many substreams open" due to case similarity process #280

Closed issues:

• Threat level/severity code inverted between The Hive and MISP #292

2.12.1 Release

2.12.1

Full Changelog

Implemented enhancements:

• Fix warnings in debian package #267
• Merging alert into existing case does not merge alert description into case description #255

Fixed bugs:

• Case similarity reports merged cases #272
• Closing a case with an open task does not dismiss task in "My tasks" #269
• API: cannot create alert if one alert artifact contains the IOC field set #268
• Can't get logs of a task via API #259
• Add multiple attachments in a single task log doesn't work #257
• Cortex Connector Not Found #256
• TheHive doesn't send the file name to Cortex #254
• Renaming of users does not work #249

2.12.0 Release

2.12.0

Full Changelog

Implemented enhancements:

• Sort the analyzers list in observable details page #245
• More options to sort cases #243
• Alert Preview and management improvements #232
• Ability to Reopen Tasks #156
• Display short reports on the Observables tab #131
• Custom fields for case template #12
• Show case status and category (FP, TP, IND) in related cases #229
• Open External Links in New Tab #228
• Observable analyzers view reports. #191
• Specifying tags on statistics page or performing a search #186
• Choose case template while importing events from MISP #175
• Use local font files #250

Fixed bugs:

• Fix case metrics malformed definitions #248
• Sorting alerts by severity fails #242
• Alerting Panel: Typo Correction #240
• files in alerts are limited to 32kB #237
• Alert can contain inconsistent data #234
• Search do not work with non-latin characters #223
• report status not updated after finish #212
• A locked user can use the API to create / delete / list cases (and more) #251

2.11.3 Release

2.11.3 (2017-06-14)

Full Changelog

Fixed bugs:

• Unable to add tasks to case template #239
• Problem Start TheHive on Ubuntu 16.04 #238
• MISP synchronization doesn't retrieve all events #236

2.11.2 Release

2.11.2

Full Changelog

Implemented enhancements:

• Visually distinguish between analyzed and non analyzer observables #224
• Add Description Field to Alert Preview Modal #218
• Show case severity in lists #188

Fixed bugs:

• MISP synchronization - attributes are not retrieve #221
• MISP synchronization - Alerts are wrongly updated #220
• Cortex jobs from thehive fail silently #219

Merged pull requests:

• Fixing links to docu repo #213 (SHSauler)

2.11.1 Release

2.11.1

Full Changelog

Implemented enhancements:

• Show available reports number for each observable #211
• Merge Duplicate Tasks during Case Merge #180

Fixed bugs:

• Case templates not applied when converting an alert to a case #206
• Observable of merged cased might have duplicate tags #205
• Error updating case templates #204

2.11.0 Release

2.11.0

Full Changelog

Implemented enhancements:

• Improve logs browsing #128
• Refresh the UI's skin #145
• Show severity on the "Cases Page" #165
• Update the datalist filter previews to display meaningful values #166
• Display the logos of the integrated external services #198
• TheHive send to many information to Cortex when an analyze is requested #196
• Sort the list of report templates #195
• Add support to .deb and .rpm package generation #193
• Cannot distinguish which analysers run on which cortex instance #179
• Connect to Cortex protected by Basic Auth #173
• Implement the alerting framework feature #170
• Make the flow collapsible, in case details page #167
• Connect to Cortex instance via proxy #147
• Proxy authentication #143
• Add pagination component at the top of all the data lists #151
• Ignored MISP events are no longer visible and cannot be imported #107
• Reordering Tasks #21
• MISP import filter / filtering of events #86
• Add support of case template in back-end API #144
• Disable field autocomplete on the login form #146
• Feature request: Autocomplete tags #119

Fixed bugs:

• Duplicate HTTP calls in case page #187
• Job status refresh #171
• Fix the success message when running a set of analyzers#199

Closed issues:

• Support for cuckoo malware analysis plattform (link analysis) #181

Merged pull requests:

• Fixed minor typo in template creation and update notifications. #194 (dewoodruff)