From 780fffaef652644475edb9a45942610469cfd4a0 Mon Sep 17 00:00:00 2001 From: Domenico Andreoli Date: Wed, 12 Apr 2023 17:20:16 +0200 Subject: [PATCH 1/2] Minor improvement to the "Data model" guide --- docs/data_model.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/data_model.md b/docs/data_model.md index baf17602..2e2d038d 100644 --- a/docs/data_model.md +++ b/docs/data_model.md @@ -18,8 +18,7 @@ Geneve input is queries. ## Queries You have to provide at least one query to Geneve, if you give it multiple -Geneve will randomly choose the one it will generate the document for at -that round. +Geneve will randomly choose one at each round. Suppose you have this query: From d0e4a20b90d16a1fc6a74cd5867cb7d689b5a611 Mon Sep 17 00:00:00 2001 From: Domenico Andreoli Date: Tue, 11 Apr 2023 12:31:41 +0200 Subject: [PATCH 2/2] Update changelog --- CHANGES.md | 59 +++++++++++++++++++++++++++++++++++++ cmd/geneve/source_events.go | 2 +- geneve/__init__.py | 2 +- 3 files changed, 61 insertions(+), 2 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 42e949f6..0155c548 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,62 @@ +## v0.2.0 - Apr 12, 2023 + +#### Documentation + +* Added the [Getting started](docs/getting_started.md) guide. +* Added the [Data model](docs/data_model.md) guide. +* Updated and improved the [events generation walk-through guide](docs/events_generation_walk-through.ipynb). + +#### User interface + +* Added [scripts/generate-alerts.sh](scripts/generate-alerts.sh). + Generate events that will trigger the rules you want. Use it as template. +* Added [scripts/generate-network-events.sh](scripts/generate-network-events.sh). + Forget rules and alers, let there be data! Use it as template. +* Improved robustness of `.ipynb` files. + You can play with the Jupiter notebooks with more freedom. + +#### API server + +* Configure rules execution schedule. + You'll get alerts in response to generated events sooner (~ 30 secs) than the + average rule's interval (~ 2.5 mins, at best). +* Unified requests body decoding. + Less code to maintain. +* Allow fetching rules from Kibana. + You can use rules directly from your Kibana. + +#### Core + +* Prevent double solver registration. + In future, when you'll be able to create your solvers, this will prevent + annoying and non-trivial to parse errors. +* Fix use of variable without associated value (IP generator). +* User prioritized document generation. + The order of generated fields is dictated by their order in the query. +* Incremental document generation. + Generated fields are progressively added to the document, content of + later fields may depend on content of earlier ones. +* Add Autonomous System group solver. + The AS organizations are total fake though. +* Use [Faker](https://github.com/joke2k/faker) for geo info generation. +* Switch to per-group data generation. + Fields in the same group are generated together, this will help later + with the development of entities generation. +* Make `*.bytes` fields are non-negative 32 bits numbers. +* Make `utils.resource()` able to cache downloaded files. +* Improved the [PyPi index entry](https://pypi.org/project/geneve/) of Geneve. + +#### Testing + +* Added stacks 8.6 and 8.7 to the test drill. +* Harmonize Geneve and Faker randomness. + One source of randomness to rule them all, a must for reproducible tests. +* Added helper `ExpectJson` for Geneve server testing. + It's easier to maintain test cases. +* Improved response body output when tests fail. + It's easier to understand what's wrong in the received output when it + differs from the expected one. + ## v0.1.1 - Nov 16, 2022 Service release to improve the CI/CD pipeline. diff --git a/cmd/geneve/source_events.go b/cmd/geneve/source_events.go index fee5b572..0893c63d 100644 --- a/cmd/geneve/source_events.go +++ b/cmd/geneve/source_events.go @@ -25,7 +25,7 @@ import ( "golang.org/x/mod/semver" ) -var Version = "0.1.1" +var Version = "0.2.0" type SourceEvents struct { o *python.PyObject diff --git a/geneve/__init__.py b/geneve/__init__.py index 721146f5..100b108b 100644 --- a/geneve/__init__.py +++ b/geneve/__init__.py @@ -17,4 +17,4 @@ from .events_emitter import * # noqa: F401, F403 -version = "0.1.1" +version = "0.2.0"