0.19.0

0.19.0 - 2024-12-13

• [server] Don't forget session on server restart. Persists session
  tokens in the config db.
• Reduced data between client and server for inbox/alert views.
• Move to sqlx for database.
• Move to chrono for time.
• Re-add commenting, this for SQLite as well:
  #271
• Send less data for alert views:
  #261
• [alerts] Display sni and/or rrname in alerts view. Useful for
  alerts using sni or rrname as an IOC.
• [webapp] Re-add logout button. Disappeared in the move to SolidJS:
  #315
• Start on a JA4 report, a bit crude but working.
• Support JA4db with an update tool and an API endpoint to update it.
• Support Suricata 8 DNS v3 records.

0.18.2

Full Changelog: 0.18.1...0.18.2

0.18.1

What's Changed

• build(deps): bump follow-redirects from 1.15.5 to 1.15.6 in /webapp by @dependabot in #300

Full Changelog: 0.18.0...0.18.1

0.18.0

What's Changed

• build(deps-dev): bump vite from 3.2.5 to 3.2.7 in /webapp by @dependabot in #276

Full Changelog: 0.17.0...0.18.0

0.17.2

0.17.2 - 2023-05-27

• [elastic] Fixing negation queries using '-':
  #266
• [server] Don't error out if authentication enabled but no users
  exist, instead just log an error:
  #267
• [webapp] Use relative login URL:
  #268
• [packaging] Fix quotes in systemd unit files:
  #270

0.17.1

0.17.1 - 2023-03-27

• [elastic] Fix timestamp used in archive queries:
  #263

0.17.0

• Move to SolidJS for frontend development.
• New special query string keywords:
  • @ip: match src_ip or dest_ip, and other fields known to be IP addresses
  • @earliest:TIMESTAMP
  • @latest:TIMESTAMP
• Feature parity between SQLite and Elasticsearch. This means that
  some reports were removed, but should come back for both SQLite and
  Elasticsearch: #95
• [sqlite] Enable event retention by default to a value of 7 days. If
  an SQLite database becomes too large, it can be hard to trim back
  down to a usable size without significant downtime.
• Start on a new overview report.
• Fix issue where alert report graph didn't refresh over time change:
  #247
• Don't allow the agent to send a payload larger than the server can
  receive: #248
• [webapp] Fix broken filter on SIDs search:
  #251
• [packaging] Add default configuration file:
  #221
• [webapp] Alert graph failing to refresh on time range change:
  #247
• [agent] Add Elasticsearch as the submission endpoint for events.
• [elastic-import] Deprecated, use the agent instead.
• [sqlite] Database file size based event retention:
  #256
• [server] Fix PCAP downloads when authentication fails:
  #262

0.16.0 - 2022-11-12

• [server] Fix authentication:
  #227,
  #230
• [server] Auto archive: #52
• [webapp] Update to Bootstrap 5
• [webapp] Update to Angular 14
• [sqlite] Typo when opening sqlite database:
  #226
• Many cleanups from 0.15.0

0.15.0

0.15.0 - 2022-02-27

• [sqlite] Remove full text search engine. It provided little benefit on search
  and was very expensive to add events to.
• Add a stats view.
• [webapp] Update to Angular 13.
• [server] Move from Warp to Axum.
• [webapp] Remove Brace editor for pretty printing of JSON and replace with
  a JSON pretty printer module.
• [elastic] Fixes to Elastic field name mappings that should address issues
  with ECS. Most things seem to work.

0.14.0

0.14.0 - 2021-06-16

• Relicense under MIT, oops.
• Server: Wait for Elasticsearch to be ready:
  #170
• Fix add users command to take parameters from command line as
  documented: #173
• Rule parser: Fix stripping of quotes:
  #177
• Angular plus other dependency updates.