Changelog

Synapse-TeamCymru Changelog

v2.3.0 - 2024-05-20

Features and Enhancements

  • Add modelling for JA3 fields.

  • Add teamcymru.recon.ja3.search command to search on JA3 related fields.

v2.2.0 - 2024-05-15

Features and Enhancements

  • Update $lib.bytes usage with $lib.axon APIs.

  • Update teamcymru.recon.setup.apikey command to accept a baseurl argument.

  • Update to use vaults for storing API keys and base URL configs. Existing global and user API keys will be automatically migrated during the first instantiation of this version.

  • Update configuration workflow to accept baseurl option.

v2.1.1 - 2024-02-20

Features and Enhancements

  • Update deprecated $lib.dict() usage to JSON style syntax.

v2.1.0 - 2023-12-08

Features and Enhancements

  • Automatically retry requests when a rate limit exceeded response is returned by the TeamCymru API.

v2.0.0 - 2023-06-07

Features and Enhancements

  • Add --batch-size parameter to allow aggregating sets of inbound nodes into jobs. By default, jobs will be created out of sets of 100 inbound nodes. The previous behavior of one node per job can be used by specifying --batch size 1.

  • Add category tags to src/dst inet:ipv4 nodes created when ingesting the results of flows jobs.

  • Add teamcymru.recon.x509.enrich and teamcymru.recon.x509.search commands for creating and ingesting x509 queries.

Bugfixes

  • The teamcymru.recon.dnsquery command has been removed due to no longer being a valid query type.

Documentation

  • Add API documentation for the teamcymru Storm module.

v1.4.0 - 2023-02-15

Features and Enhancements

  • Use it:exec:query to link job results instead of inet:search:query.

Bugfixes

  • Verify that the requested size is below the API limit.

  • Improve the error message when a timeout occurs for an HTTP request.

  • Fix examples in User Guide.

v1.3.0 - 2022-05-17

Features and Enhancements

  • Cached API responses are now stored in the JsonStor instead of in nodedata.

v1.2.0 - 2022-04-21

Features and Enhancements

  • Record :tot:txcount and :tot:txbytes on inet:flow nodes created from flows jobs.

v1.1.0 - 2022-02-21

Features and Enhancements

  • Record :ip:proto and :ip:tcp:flags on inet:flow nodes created from flows jobs.

v1.0.2 - 2022-02-15

Bugfixes

  • Use job_id field to generate unique inet:search:query node.

v1.0.1 - 2022-02-15

Bugfixes

  • Use start_time field to populate inet:flow:time for flows jobs.

v1.0.0 - 2021-12-10

Features and Enhancements

  • Initial release of the Synapse-TeamCymru Power-Up

  • Storm command support to create queries for flows, dns_query, pdns, and pdns_other queries.

  • Storm command support to list/ingest/delete exising queries.

  • Storm API support for create/list/ingest/delete queries of arbitrary type.