Merge pull request #38 from NextronSystems/v3

chore: changelog 3.1.6
NextronSystems · Nov 14, 2024 · 695de52 · 695de52
2 parents 46227c4 + cacfa76
commit 695de52
Showing 1 changed file with 113 additions and 83 deletions.
diff --git a/changelog/log1.rst b/changelog/log1.rst
@@ -1,6 +1,36 @@
 Management Center v3.1
 ======================
 
+Management Center 3.1.6
+-----------------------
+
+Release Date: Wed, 13 Nov 2024 15:00:00 +0100
+
+.. list-table::
+    :header-rows: 1
+    :widths: 15, 85
+
+    * - Type
+      - Description
+    * - Bugfix
+      - Fixed a bug, which caused the maintenance task 'Move asset to another ASGARD' to fail
+    * - Bugfix
+      - Increased max. size for temporary tables to prevent 'table is full' errors
+    * - Bugfix
+      - Fixed grayed out 'Save' button when creating one-time use playbooks
+    * - Bugfix
+      - Fixed a bug, which caused not all asset labels to be applied when accepting a new asset
+    * - Bugfix
+      - Increased the max. size for mac addresses to prevent 'Data too long for column' errors
+    * - Bugfix
+      - Fixed csv export of the asset table to include all rows
+    * - Bugfix
+      - Fixed missing 'last seen' column in csv export of the asset table
+    * - Bugfix
+      - Fixed performance issues in the asset table
+    * - Bugfix
+      - Fixed scheduled group scan's details page showing all group scans
+
 Management Center 3.1.5
 ------------------------
 
@@ -10,121 +40,121 @@ Release Date: Tue, 22 Oct 2024 14:02:00 +0200
 
 * Breaking Changes
 
-  - The ASGARD Agent now also acts as the Service Controller. Existing Service Controller installations will be automatically put into sleep mode. Deployed Aurora Agents will still work as expected. (MC-517, MC-518)
+  - The ASGARD Agent now also acts as the Service Controller. Existing Service Controller installations will be automatically put into sleep mode. Deployed Aurora Agents will still work as expected
 
 ----
 
 * Highlights
 
-  - The ASGARD Agent will from now on receive new tasks in real time. (MC-202)
-  - The ASGARD Agent will from now on be able to run multiple tasks in parallel. (MC-202)
-  - With the new real time agent, there will also be a new field 'Status' in the asset table (online/offline). (MC-572)
-  - Added 'Essential Mode' to the ASGARD Agent, including only THOR and Aurora. It's ideal for critical systems where only the basic functionality is needed. (MC-573)
-  - New 'Managed Service' mode that will use an ASGARD Security Center to manage the asset's licenses on a per-tenant basis. (MC-2)
-  - Integrated THOR Thunderstorm into the ASGARD Management Center to scan samples sent from any device within the network. (MC-458)
-  - New agent module 'File Browser' that allows you to browse the file system of the ASGARD Agent. (MC-447)
+  - The ASGARD Agent will from now on receive new tasks in real time.
+  - The ASGARD Agent will from now on be able to run multiple tasks in parallel.
+  - With the new real time agent, there will also be a new field 'Status' in the asset table (online/offline).
+  - Added 'Essential Mode' to the ASGARD Agent, including only THOR and Aurora. It's ideal for critical systems where only the basic functionality is needed.
+  - New 'Managed Service' mode that will use an ASGARD Security Center to manage the asset's licenses on a per-tenant basis.
+  - Integrated THOR Thunderstorm into the ASGARD Management Center to scan samples sent from any device within the network.
+  - New agent module 'File Browser' that allows you to browse the file system of the ASGARD Agent.
 
 ----
 
 * Features
 
-  - New agent module 'Sysstats' that allows you to view the system statistics such as CPU, RAM, and disk usage of the ASGARD Agent in real time. (MC-371)
-  - New agent module 'Log' that allows you to view and download the agent's log. (MC-574)
-  - Users can now be forced to use 2FA or change their password on the next login (MC-5)
-  - Bruteforce protection (MC-4)
-  - Users can now be temporarily disabled (MC-162)
-  - Backup and restore via UI (MC-247)
+  - New agent module 'Sysstats' that allows you to view the system statistics such as CPU, RAM, and disk usage of the ASGARD Agent in real time.
+  - New agent module 'Log' that allows you to view and download the agent's log.
+  - Users can now be forced to use 2FA or change their password on the next login
+  - Bruteforce protection
+  - Users can now be temporarily disabled
+  - Backup and restore via UI
 
 ----
 
 * Improvements
 
-  - IOC rulesets can now be configured to automatically recompile after changes (MC-46)
-  - New configuration option to use THOR for Server licenses for workstations once the THOR for Workstation licenses are exhausted (MC-77)
-  - Added more API endpoints to the API documentation page (MC-62)
-  - Replaced 'Resource Control' for THOR scans with more granular options like RAM and disk limits (MC-90)
-  - Added a new button to relaunch playbooks or scans (MC-117)
-  - Improved interrogate job for MacOS and Linux assets, e.g. collect installed software and local users (MC-123)
-  - Improved interrogate job to also collect network interface names and mac adresses (MC-393)
-  - Status of Master ASGARD now represents the status of the connected ASGARD Management Centers (MC-50)
-  - Created new 'Incoming requests' graphs in the Overview section (MC-561)
-  - Added new stop button to the group scans table, which will also stop all running tasks (MC-395)
-  - Store the used Aurora Agent version in the service table and show if the version is outdated (MC-74)
-  - Added revision numbers to IOC rulesets (MC-511)
-  - Added new delete button to the scheduled group tasks/scans table (MC-342)
-  - Added new edit button to the scheduled group scans table (MC-341)
-  - Improved and migrated the Agent API validators from the ASGARD Gatekeeper (MC-598)
-  - Added new column 'status' to the Sigma rules table (MC-68)
-  - Added new option to automatically remove Sigma rules from a ruleset if the rule's level has been changed and is under the configured level (MC-69)
-  - Added new columns 'failed' and 'successful' to the group tasks/scans table (MC-340)
-  - Added an option in the LDAP settings to use nested groups (MC-324)
+  - IOC rulesets can now be configured to automatically recompile after changes
+  - New configuration option to use THOR for Server licenses for workstations once the THOR for Workstation licenses are exhausted
+  - Added more API endpoints to the API documentation page
+  - Replaced 'Resource Control' for THOR scans with more granular options like RAM and disk limits
+  - Added a new button to relaunch playbooks or scans
+  - Improved interrogate job for MacOS and Linux assets, e.g. collect installed software and local users
+  - Improved interrogate job to also collect network interface names and mac adresses
+  - Status of Master ASGARD now represents the status of the connected ASGARD Management Centers
+  - Created new 'Incoming requests' graphs in the Overview section
+  - Added new stop button to the group scans table, which will also stop all running tasks
+  - Store the used Aurora Agent version in the service table and show if the version is outdated
+  - Added revision numbers to IOC rulesets
+  - Added new delete button to the scheduled group tasks/scans table
+  - Added new edit button to the scheduled group scans table
+  - Improved and migrated the Agent API validators from the ASGARD Gatekeeper
+  - Added new column 'status' to the Sigma rules table
+  - Added new option to automatically remove Sigma rules from a ruleset if the rule's level has been changed and is under the configured level
+  - Added new columns 'failed' and 'successful' to the group tasks/scans table
+  - Added an option in the LDAP settings to use nested groups
 
 ----
 
 * UX
 
-  - Improved charts and statistics in the Overview section (MC-345)
-  - Moved manuals to more prominent position (MC-32)
-  - Made 'not yet valid' licenses in License section visible in the default view (MC-36)
-  - Added ASGARD Query to Service Control section (MC-60)
-  - When update servers are not reachable, the user will now get a link to the ip adress list (MC-56)
-  - Max. runtime of '0' has been mistakenly described as 'unlimited' in some places. This has been corrected to '48 hours' (MC-82)
-  - Sigma rule update counter will be hidden in case no Aurora or LogWatcher is used (MC-95)
-  - Added filters to the ASGARD Agent Installers page (MC-112)
-  - When creating new playbooks, the user can now also define all steps in one go (MC-216)
-  - When creating a new playbook task, the user can now also create a new playbook on-the-fly (MC-354)
-  - The IOC Management section has been improved. There is now a new 'IOCs' section that contains all IOCs of all groups. When adding new IOCs, groups can now be added on-the-fly. (MC-214)
-  - Toggle visibility of IPv6 addresses in the asset table (MC-184)
-  - Added role descriptions in the Roles management (MC-173)
-  - Added prompt to several dialogs to confirm the action, e.g. when stopping a group scan (MC-174)
-  - Added auto complete to Asset Labels selection (MC-238)
-  - Improved colors of MISP tags (MC-320)
-  - Improved error messages when linking or synchronizing with Master ASGARD or Analysis Cockpit fails (MC-325)
-  - Enhanced security by preventing API endpoint leaks and using a more secure password hash algorithm. (MC-329, MC-442)
-  - Show 'update available' indicator in the sidebar for the Broker Network (MC-78)
-  - Improved overall usability in the Licensing section (MC-466)
-  - Custom IOCs in scan table are now clickable (MC-512)
-  - Fixed double scrollbar in some sections (MC-527)
-  - Use pretty names instead of raw flags when creating a new THOR scan (MC-557)
-  - Show connectivity status in the Analysis Cockpit settings page (MC-380)
-  - Hide MISP stuff if MISP is not configured (MC-399)
-  - Made the license expiration warning dependent on the license runtime (MC-57)
+  - Improved charts and statistics in the Overview section
+  - Moved manuals to more prominent position
+  - Made 'not yet valid' licenses in License section visible in the default view
+  - Added ASGARD Query to Service Control section
+  - When update servers are not reachable, the user will now get a link to the ip adress list
+  - Max. runtime of '0' has been mistakenly described as 'unlimited' in some places. This has been corrected to '48 hours'
+  - Sigma rule update counter will be hidden in case no Aurora or LogWatcher is used
+  - Added filters to the ASGARD Agent Installers page
+  - When creating new playbooks, the user can now also define all steps in one go
+  - When creating a new playbook task, the user can now also create a new playbook on-the-fly
+  - The IOC Management section has been improved. There is now a new 'IOCs' section that contains all IOCs of all groups. When adding new IOCs, groups can now be added on-the-fly.
+  - Toggle visibility of IPv6 addresses in the asset table
+  - Added role descriptions in the Roles management
+  - Added prompt to several dialogs to confirm the action, e.g. when stopping a group scan
+  - Added auto complete to Asset Labels selection
+  - Improved colors of MISP tags
+  - Improved error messages when linking or synchronizing with Master ASGARD or Analysis Cockpit fails
+  - Enhanced security by preventing API endpoint leaks and using a more secure password hash algorithm
+  - Show 'update available' indicator in the sidebar for the Broker Network
+  - Improved overall usability in the Licensing section
+  - Custom IOCs in scan table are now clickable
+  - Fixed double scrollbar in some sections
+  - Use pretty names instead of raw flags when creating a new THOR scan
+  - Show connectivity status in the Analysis Cockpit settings page
+  - Hide MISP stuff if MISP is not configured
+  - Made the license expiration warning dependent on the license runtime
 
 ----
 
 * Security
 
-  - Changed the authentication for Mariadb to not use SHA-1 based mysql_native_password. Thanks to Ianis BERNARD from NATO Cyber Security Centre (NCSC) for reporting this (MC-673)
+  - Changed the authentication for Mariadb to not use SHA-1 based mysql_native_password. Thanks to Ianis BERNARD from NATO Cyber Security Centre (NCSC) for reporting this
 
 ----
 
 * Bugfixes
 
-  - Fixed wrong file paths and names when collecting nested directories on Windows assets (MC-84)
-  - Fixed 'Started' and 'Duration' columns for THOR scans, especially when the scan has been resumed (MC-87)
-  - Fixed wrong expire date in the license expiration warning (MC-94)
-  - Deletion of Nextron's default Sigma rules returned success even if the deletion failed (MC-130)
-  - Fixed some non-working filters on the Master ASGARD (MC-45)
-  - Fixed description of allowed characters for ASGARD Agent Installer affix (MC-48)
-  - When deleting IOCs, the affected rulesets have not been marked as 'uncompiled changes' (MC-52)
-  - Fixed a race condition during synchronization with ASGARD Analysis Cockpit (MC-43)
-  - Fixed wrong dialog when disconnecting an ASGARD Gatekeeper (MC-136)
-  - Removed directories from the ASGARD Installer page (MC-240)
-  - Fixed some tooltip overlap issues (MC-261)
-  - Prevent creating IOC groups without a name (MC-285)
-  - Fixed a bug where the total count didn't match the actual search result (MC-281)
-  - Fixed a rare case where the THOR scan fails due to a not yet valid license (MC-327)
-  - Fixed some error messages, which were based on the endpoint's system language (MC-513)
-  - Fixed ASGARD Agent Installer repacker to not touch the /usr/share directory (MC-519)
-  - Fixed ASGARD Agent Installer repacker for AIX not working when also using agent obfuscation (MC-566)
-  - Fixed error message when trying to test compilation of custom IOCs (MC-404)
-  - Fixed short delay of first scan start in a group scan in case a rate limit is set (MC-445)
-  - Fixed error message when trying to unlink a MISP (MC-578)
+  - Fixed wrong file paths and names when collecting nested directories on Windows assets
+  - Fixed 'Started' and 'Duration' columns for THOR scans, especially when the scan has been resumed
+  - Fixed wrong expire date in the license expiration warning
+  - Deletion of Nextron's default Sigma rules returned success even if the deletion failed
+  - Fixed some non-working filters on the Master ASGARD
+  - Fixed description of allowed characters for ASGARD Agent Installer affix
+  - When deleting IOCs, the affected rulesets have not been marked as 'uncompiled changes'
+  - Fixed a race condition during synchronization with ASGARD Analysis Cockpit
+  - Fixed wrong dialog when disconnecting an ASGARD Gatekeeper
+  - Removed directories from the ASGARD Installer page
+  - Fixed some tooltip overlap issues
+  - Prevent creating IOC groups without a name
+  - Fixed a bug where the total count didn't match the actual search result
+  - Fixed a rare case where the THOR scan fails due to a not yet valid license
+  - Fixed some error messages, which were based on the endpoint's system language
+  - Fixed ASGARD Agent Installer repacker to not touch the /usr/share directory
+  - Fixed ASGARD Agent Installer repacker for AIX not working when also using agent obfuscation
+  - Fixed error message when trying to test compilation of custom IOCs
+  - Fixed short delay of first scan start in a group scan in case a rate limit is set
+  - Fixed error message when trying to unlink a MISP
 
 ----
 
 * Chore
 
-  - Wordings (MC-61)
-  - Removed some deprecated playbooks like installation of the Service Controller or uninstalling the ASGARD 1 Agent (MC-328)
-  - Removed obsolete 'fast poll' mode from the ASGARD Agent (MC-468)
+  - Wordings
+  - Removed some deprecated playbooks like installation of the Service Controller or uninstalling the ASGARD 1 Agent
+  - Removed obsolete 'fast poll' mode from the ASGARD Agent