Changelog
Synapse-TeamCymru Changelog
v4.0.1 - 2025-07-10
Bugfixes
Fixed an issue where incomplete X509 records could stop the ingest of a Recon job.
v4.0.0 - 2025-05-30
Automatic Migrations
Migrated
:server:fingerprint:ja3to:server:ja3sand:client:fingerprint:ja3to:client:ja3oninet:tls:handshakenodes created by the Synapse-TeamCymru Power-Up.
Features and Enhancements
Updated ingest logic for JA3/JA3S to use modern properties.
v3.3.0 - 2025-05-20
Features and Enhancements
Updated
teamcymru.recon.jobs.ingestto populate theit:exec:query:synuserproperty.
v3.2.0 - 2025-03-07
Features and Enhancements
Added
teamcymru.scout.detailsto pull information concerning an IP address using the Scout API.Added
teamcymru.scout.foundationto pull information about IP addresses that show up in alerts or security incidents.Added
teamcymru.scout.usageto list current Scout API usage and limits.Added
teamcymru.scout.searchto search for IP addresses matching a Scout search query.
v3.1.0 - 2025-02-05
Features and Enhancements
Added modelling for OS Fingerprint, Beacon, and Useragent reports.
v3.0.0 - 2025-01-17
Automatic Migrations
Migrated all
inet:ssl:certcreated by Synapse-TeamCymru toinet:tls:servercertnodes. The migratedinet:ssl:certnodes are removed by this migration if they don’t have any othermeta:source -(seen)>edges.
Features and Enhancements
Updated Power-Up to make
inet:tls:servercertnodes instead of deprecatedinet:ssl:certnodes.
v2.3.0 - 2024-05-20
Features and Enhancements
Add modelling for JA3 fields.
Add
teamcymru.recon.ja3.searchcommand to search on JA3 related fields.
v2.2.0 - 2024-05-15
Features and Enhancements
Update
$lib.bytesusage with$lib.axonAPIs.Update
teamcymru.recon.setup.apikeycommand to accept abaseurlargument.Update to use vaults for storing API keys and base URL configs. Existing global and user API keys will be automatically migrated during the first instantiation of this version.
Update configuration workflow to accept
baseurloption.
v2.1.1 - 2024-02-20
Features and Enhancements
Update deprecated
$lib.dict()usage to JSON style syntax.
v2.1.0 - 2023-12-08
Features and Enhancements
Automatically retry requests when a rate limit exceeded response is returned by the TeamCymru API.
v2.0.0 - 2023-06-07
Features and Enhancements
Add
--batch-sizeparameter to allow aggregating sets of inbound nodes into jobs. By default, jobs will be created out of sets of 100 inbound nodes. The previous behavior of one node per job can be used by specifying--batch size 1.Add category tags to src/dst
inet:ipv4nodes created when ingesting the results offlowsjobs.Add
teamcymru.recon.x509.enrichandteamcymru.recon.x509.searchcommands for creating and ingesting x509 queries.
Bugfixes
The
teamcymru.recon.dnsquerycommand has been removed due to no longer being a valid query type.
Documentation
Add API documentation for the
teamcymruStorm module.
v1.4.0 - 2023-02-15
Features and Enhancements
Use
it:exec:queryto link job results instead ofinet:search:query.
Bugfixes
Verify that the requested size is below the API limit.
Improve the error message when a timeout occurs for an HTTP request.
Fix examples in User Guide.
v1.3.0 - 2022-05-17
Features and Enhancements
Cached API responses are now stored in the JsonStor instead of in nodedata.
v1.2.0 - 2022-04-21
Features and Enhancements
Record
:tot:txcountand:tot:txbytesoninet:flownodes created fromflowsjobs.
v1.1.0 - 2022-02-21
Features and Enhancements
Record
:ip:protoand:ip:tcp:flagsoninet:flownodes created fromflowsjobs.
v1.0.2 - 2022-02-15
Bugfixes
Use
job_idfield to generate uniqueinet:search:querynode.
v1.0.1 - 2022-02-15
Bugfixes
Use
start_timefield to populateinet:flow:timeforflowsjobs.
v1.0.0 - 2021-12-10
Features and Enhancements
Initial release of the
Synapse-TeamCymruPower-UpStorm command support to create queries for flows, dns_query, pdns, and pdns_other queries.
Storm command support to list/ingest/delete existing queries.
Storm API support for create/list/ingest/delete queries of arbitrary type.