- APP-1829 - [Session] Added logic to use http instead of https for proxy.
- Update setup.py package_data to include STIX parser lark file.
- APP-1829 - [Session] Added logic to attempt to handle “[SSL: WRONG_VERSION_NUMBER] wrong version number” error new to urllib3.
- APP-1807, APP-1801 - [STIX] Remove dependency on Dendrol and replace with lark parser.
- APP-891 - [STIX] Added additional support for consuming and producing STIX documents.
- APP-1212 - [Testing] fixed output deletion issue for skipped test when –merge_outputs is used.
- APP-1244 - [Testing] Added the is_json operator to assist in testing validation.
- APP-1406 - [Testing] Fixed testing issue centered around the validation_criteria field present during bulk tests.
- APP-1407 - [Testing] Fixed issue encountered when validation_criteria is set in a test profile (apps that use batch).
- APP-1413 - [Testing] Converts option inputs that have a value of null to use #App:1234:null!String.
- APP-1641 - [Batch] Fixed issue that batch delete that prevented single submission or last submission from working.
- APP-1642 - [Service] Increased tc_svc_broker_conn_timeout arg to 60 to address disconnect issue in API service.
- APP-1643 - [App Init] Added “no-commit-to-branch” feature to the pre-commit configuration.
- APP-1760 - [KeyValueStore] Updated module to support new endpoint for PLAT-1237 in support of service Apps running on MEO.
- APP-1394 - [Batch] Updated batch data processing to handle max sizes appropriately.
- APP-1296 - [Session] Updated external session retry to accept a URL for retry mount.
- APP-1366 - [Batch] Fixed issue in batch where self._file_threads was not getting updated appropriately.
- APP-1126 - [Logger] Compress backup log files and increase backup count to 25.
- APP-1127 - [Batch] Fixed issue with recursion when having a large number of associations.
- APP-1128 - [Batch] Updated DEBUG feature to assist in testing batch module..
- APP-1129 - [Batch] Added support for batch_max_size to truncate the batch job at ~75Mb.
- APP-1130 - [Batch] Removed file_contents getter and setter method.
- APP-1131 - [Session] Updated request_to_curl method in Utils module to truncate body and not write body to disk.
- APP-1262 - [App Feature] Update advanced_request module to take output_prefix as an arg.
- APP-1263 - [Session] Update session module to only log curl command when request receives an invalid response or enabled globally.
- APP-1264 - [Logger] - Update logger modules to set default encoding to “UTF-8” when no value set at the OS level.
- APP-1266 - [Utils] Update utils datetime module to include a chunk_date_range method to be used in job Apps that need to break request into smaller timeframes.
- APP-1267 - [Batch] Add batch callback method to batch module to allow downloading/processing of data while batch job polls for status.
- APP-1268 - Update the default temp directory to use an OS appropriate value.
- APP-1272 - [App Feature] - Remove feature to update install.json and layout.json for advanced_request.
- APP-1280 - [Session] Add ability to mask the body when logging curl command.
- APP-1107 - Added MITRE ATTACK Utils methods to return the properly formatted tag value.
- APP-1119 - Update to batch module to handle recursion issue with integrations that have a large number of group associations.
- APP-890 - Added discoverTypes to Ready command for API Services.
- APP-939 - Restructure of Service module to better support API Services.
- APP-943, APP-1027, App-1036 - Updated ReadArg and IterateArgs decorators for better transform and validator support.
- APP-944 - Added rate limit and 429 (too-many-requests) in external session module.
- APP-964 - Updated inputs module to allow duplicate args (advanced request requirement).
- SUP-8557 - Updated how the Threat Intelligence module was adding observations to ThreatConnect objects.
- Multiple misc. enhancements (APP-865, APP-1021, APP-1030, APP-1086)
- APP-921 - Updated default operator rule for test cases.
- APP-926 - Updated profile generation to not add String type to all inputs.
- APP-935 - Updated tcinit to include custom_feature.py when missing.
- APP-936 - Updated test handling when incorrect stage data is provided.
- APP-849 - Updated request_to_curl method to handle proxy values properly.
- APP-852 - Moved jmespath package from dev dependencies to standard dependencies.
- APP-796 - Updated Advanced Request Method to always write output variable.
- APP-813 - Updated datastore and cache modules; renamed ttl_minute to ttl_seconds, added handling of 0 or null ttl_second value.
- APP-815 - Updated session_external to not raise RetryError.
- APP-816 - Updated tcinit to not fail when no tcex.json file is present.
- APP-780 - Added truncate method to Utils module.
- APP-786 - Updated logger to addres TypeError exception.
- APP-789 - Updated pre-commit configuration for App templates.
- APP-790 - Added new Advance Request feature for App that utilize a remote API.
- APP-791 - Updated session and session_external to not require an instance of tcex.
- APP-792 - Updated services module to support sending failed message on ack.
- APP-793 - Updated session to not create curl logs when sending API logs.
- APP-77 - Added mechanism to tell if Webhook service Apps fired in testing framework.
- APP-88 - Added “magic” variable expansion for tctest interactive mode.
- APP-715 - Update validation for tags to be case insensitive in testing framework.
- APP-746 - Update to address issue with email validation in testing framework.
- APP-769 - Added rargs property to profile for custom methods in testing framework.
- APP-79 - Added curl command to the log file at debug level to assist in troubleshooting.
- APP-80 - Added support for __comment__ in testing profile.
- APP-87 - Added check for invalid values in profile for Boolean inputs.
- APP-102 - Addded pytest fixture for testing sessions.
- APP-557 - Added update logic for profiles to convert static String inputs to Staged KVStore variables.
- APP-561 - Updated precommit template file to support large files on commit.
- APP-676 - Updated –interactive mode to support all input types.
- APP-677 - Added –negative flag to tctest command to auto-generate negative test profiles.
- Multiple enhancements for testing framework (APP-78, APP-82, APP-83, APP-84, APP-85, APP-86, APP-87, APP-106, APP-219)
- Updated testing framework to decouple App version of TcEx and testing version.
- Updated deepdiff validation method to better handle OrderedDicts.
- Added simple caching to env_store.
- Added session recording & playback for testing framework.
- Added automatic staging of inputs to kvstore for testing framework.
- Added additional support for batch in testing framework.
- Updated decorator method logging.
- Updated testing framework validation template to support dynamic output variable.
- Updated testing framework validation template to validate output variable consistency.
- Updated profile module to support variable from env store server.
- Updated OnException decorator to log traceback.
- Multiple enhancement and fixes to testing framework.
is_variable()method to Playbook module.
- Updated ReadArgs decorator to return None when arg doesn’t exist.
- Updated ReadArgs to not log input value.
- Added new Permutations class to app_config_object module.
- Added new Profile and ProfileInteractive Classes to app_config_object module.
- Added new TcexJson Class to app_config_object module.
- Moved all testing template generation/download logic to consolidated templates.py file.
- Added schema management to InstallJson class.
- Added schema management to LayoutJson class.
- Multiple updates for App testing framework. + Updated testing framework to support permutations for Service Apps + Added –replace_exit_message CLI flag for pytest to replace outputs for test cases + Added –replace_outputs CLI flag for pytest to replace outputs for test cases + Added –merge_outputs CLI flag for pytest to merge new outputs with existing outputs for test cases + Profile schema is now managed and old profiles will be automatically updated + Changed default run method for Serice Apps to be subprocess instead of thread.
- Updated tcinit CLI command. + Removed –action CLI arg + Added –update CLI arg to enable updates of non-customized template files + Added –migrate CLI arg to enable migration of non-compliant PB Apps + Added –layouts CLI arg to allow for dynamic creation of example layout.json based on install.json * The tcinit command now store the template in the tcex.json file to allow easier updates
- Updated tcpackage CLI command. * Moved logic that updates the install.json to the InstallJson class * Updated to use InstallJson and LayoutJson objects
- Updated tctest CLI command. + Added –interactive flag to allow for dynamic creation of testing profile. + Updated to use new Profile Class and Template Classes
- Updated tcvalidate CLI command. * Updated to use InstallJson and LayoutJson objects * Updated validation logic for layout.json
- Multiple updates to App templates to remove subprocess.
run()method to run.py template for job and playbook Apps + Added app_lib.py dependencies for all App types + Updated __main__.py to call run method of run.py
- Added logging of TcEx path.
- Updated Utils Class to no longer require tcex instance.
- Updated requirement for stdlib-list to >= 0.6.0 to support Python 3.8.
- Updated test cases to call setup/teardown instead of start/done.
- Added pydocstyle as a development dependency.
- Removed isort from App template pre-commit file.
- Multiple updates for templates and testing logic for Service Apps.
- Issue-103 - added support for ThreatConnect ThreatIntelligence File Actions.
- Issue-107 - added check for missing config file for external Apps.
- Issue-110 - added example for associations using Threat Intelligence Module.
- Issue-111 - updated trace logger method for Python 3.8.x changes.
- Updated bin module to delete reference to removed profile and run files.
- Updated setup.py for long_description.
- Updated README.md to include all dependencies.
- Added support for ThreatConnect Case Management.
- Added support for ThreatConnect Service Apps.
- Updated templates to support changes in tcex 2.0.
- Updated code to support Python 3.6+, removing support for all older versions of Python.
- Removed old tcrun and tcprofile commands.
- Breaking Change: Multiple updates to
- Breaking Change: Moved datetime methods in tcex.utils.xxx to tcex.utils.datetime.xxx.
- Breaking Change: Reworked App decorators to improve usability.
- Breaking Change: Renamed
done()methods in templates to
- Breaking Change: Removed
- Breaking Change: Removed
tcex.data_filterproperty and module.
- Breaking Change: Removed
tcex.requestproperty and module.
- Breaking Change: Removed
tcex.resourcesproperty and module.
- Breaking Change: Removed
- Breaking Change: Removed
- Breaking Change: Updated
tcex.safe_indicator()method input params.
- Breaking Change: Updated
tcex.safe_url()method input params.
- Breaking Change: Updated
tcex.safe_tag()method input params.
- Improved support for TI module to support creating files given a unique_id.
- Updates to playbook modules to remove logging affecting environment servers.
- Updates to testing framework for custom validation.
- Updates to the docs for multiple modules.
- Multiple updates to testing framework.
- Updated deleted() method of TI module to yield results instead of returning raw response.
- Updates to testing framework for custom methods when testing profiles.
- Updated inputs to ensure args provided via sys.argv take precedent over all other args.
- Added new service_id arg for service Apps.
- Added POC of session_external. Python requests session with auto-proxy configuration.
- Updated excludes for tcpackage command for pytest report folders.
- Updated validation module to handle local imports and shared modules.
- Added additional support for v2 API endpoints.
- Added support for new appId field in the install.json.
- Updated validation command to better handle packages with nested modules.
- Updated PB module to handle execution with no requested output variables.
- Updated PB module to handle null values in BinaryArray.
- Updated TI modules to better handle conversion to and from TCEntity.
- Updated external App template to allow passing configuration in on TcEx() initialization.
- Multiple updates for testing framework.
- Added cache handler to logging module.
- Updated args module to use dict input over sys.argv when possible.
- Updated args module replaced required args with a default value when possible.
- Updated testing module for args changes and more.
- Updated logging add handler calls in multiple modules.
- Renamed args module to inputs.
- Removed reference to args in logging module.
- Updates to token and args modules to better support testing framework and external Apps.
- Added kwargs on tcex init for external Apps.
- Updates to testing templates.
- Moved registration of default token to default_args method to address issue with secure params.
- Updated template files.
- Updated build process for wheel files.
- Updated permutations generation to include hidden inputs.
- Restructured tcex modules into individual directories.
- Added services module for service Apps.
- Added token module to manage tokens for all types of Apps.
- Moved token renewal from session to new token module.
- Updated multiple module to simplify testing.
- Updated logging formatter for issue in py2.
- Updated test_case to automatically create profile output.
- Reworked logging for the TcEx framework to provide better flexibility.
- Updated logging of batch sizes to not log when there is not content.
- Moved the logging of App info to the args call.
- Added trace logging level (unsupported in platform currently).
- Added new testing module using pytest.
- Updated arg parsing to better handle delimited input strings for secureParams/AOT input.
- Updated TI module to better handle filters and retrieving generic indicator/group types.
- Updated logging initialization to ensure user provided log path is available before adding file handler.
- Updated datastore module to prevent creating of empty record on index creation.
- Updated batch module to support additional debugging features.
- Updated playbook read for
\sreplacement issue in Python 3.7.
- Updated utils
unix_time_to_datetime()method to handle unix timestamps with milliseconds that are not floats.
- Updated TI module with changes for indicators data.
- Updated tcinit for temporary proxy fields names.
- Updated read_embedded to escape newline characters in embedded string values
- Updated install.json schema validation to ensure that displayName contains a minimum of three characters
- Updated read_embedded to cast data value to a string
- Made minor updates to the TI module
- Added new Threat Intel (TI) module to interact with ThreatConnect REST API
- Added support of “s” characters to be replaced automatically with a space (” “) character on user string input in Playbook Apps
- Added templates for external Apps
- Updated read_embedded method to deserialize nested variables before replacement
- Updated Utils module to better handle datetime timezone conversions
- Updated ReadArg decorator to support
- Updated IterateOnArg decorator to support
fail_onparameter and removed
Datastoremodule to support no ID for POST and GET methods
- Added new FailOnInput decorator
- Changed FailOn decorator to FailOnError with arg input changes to enable
- Added additional logging to IterateOnArg decorator
- Reverted change to Playbook module
read()method for null value returned when Array is True
- Updated App templates to call
parse_args()from init method
IterateOnArgdecorator to take an addition default value
IterateOnArgto exit or log when no data is retrieved from Redis
TcExRunmodule to detect v3 profile args section by either optional or required field
TcExProfilemodule to use new layout.json output logic and always display output variables unless display value exists and return negative validation
- Added new
- Added new
- Updated App templates to ignore or exclude definitions
tcprofilepermutation_id to handle 0 index
tcpackagecommand to not add commitHash if value is None
tcvalidatecommand to handle permission errors when using pkg_resources
- Updated install.json schema to include commitHash
- Fixed issue with
sqlitebeing imported while not required for Apps
tcprofileto better support App bundle projects
tcex_argsmodule to parse injected params using a = separator instead of a space+ Updated
tcprofilecommand to support permutations logic for Apps with layout.json conditional input parameters
tcprofilecommand to update the profile schema to v3. Note that app.arg is now app.arg.optional and app.arg.required.
tcrunarg parsing logic to use a = separator instead of a space
- Updated Batch module to support new 5.8+ merge of file hash feature
- Added a fix for
tcvalidateoutput display statement validation
- Updated install.json schema file
tclibto error when environment variables are not available
- Updated Batch module to handle xid as str for py2 Apps
- Enabled package_data in setup.py for JSON schema files
- Switched from setup.py package_data to MANIFEST.in for JSON schema files
- Added new
tcvalidatecommand for App Builder
- Added validation of layout.json schema, inputs, and outputs
- Migrated JSON validation files from App to TcEx
- Added new
- Updated run.py in Playbook templates to handle TypeError on incorrect action
tcpackagecommand to suggest proper fix for missing modules
tcrunto handle null value in args
- Fixed issue in
tcpackagewith handling errors
tcpackagecommand to validate import module for .py file in project-root directory
tcpackagemoving install.json validation to top level
--ignore_validationarg. Using this flag will cause the command to not exit on validation errors.
- Updated install.json schema file to support new
run.pytemplate file to ensure proper paths are set for an App
- Updated all optional args in Batch module for Group/Indicator objects to kwargs. This will allow easier updates for new values in the future.
- Updated the decode arg on the read Binary/BinaryArray methods to be False by default. When set to True, the
read()method cannot be used in some use cases.
- Updated the Group and Indicator object in the Batch module to only produce random and unique xids when an xid is not provided. These objects will no longer produce a unique and reproducible xid.
- Added new App templates and updated templates with new files and content
tcex_argsmodule to include all args related methods from the
request()method to include proxy settings
tcprofileto include an epilog with command instructions on environment setup (> tcprofile -h)
tcprofileto split the args section to support “default” args and “app” args
tcinitto support templates instead of types
tcinitto include an epilog with template definitions (> tcinit -h)
tcinitto download additional files required for building Apps
tcrunto support update args schema in profiles
- Updated all code to standard formatting and structure
- Updated and restructured Documents
- Added decorator to provide common methods for Playbook Apps.
- Added logic to
tcpackageto do basic syntax validation of
write_output()methods to provide an alternative way to write Playbook output data
- Added access to resolved args
tcliblogic for lib_latest symbolic link
tcinitto include migration as an action to help convert non-App Builder compliant Apps
- Updated Utils module for additional method to determine local timezone
- Updated Utils module to output correct total_weeks value
tcinitcommand CLI option
--upgradeto download additional files
tcruncommand to use dockerImage parameter from install.json or profile
tcruncommand to support new autoclear value in profile
tclibto create a symbolic link to the latest Python lib directory
tcpackagecommand to add commitHash value to install.json
tcexmodule to log commitHash value
- Updated the
.gitignorefile for App templates
- Fixed GH issue #(60)
- Updated App templates. Added tc_action logic to handle launching action methods in the App class
tcruncommand to launch App in docker container
- Updated Batch module to handle Attribute values of False
read_arraymethod to Playbook module
- Updated App templates to include start and done methods
- Update tcprofile to create the tcex.d directory automatically
__slots__on Batch module due to issues with Python 2
- Updated tcinit and corresponding App templates
- Added PDF method to Resource module for supported Group types
- Added task_id method for Task class
- Added date_added property to Indicator and Groups objects
- Added last_modified property to Indicator objects
- Updated tcrun for handling Binary/BinaryArray validation
- Fixed deletion in Batch module for TC instances < 5.7
- Removed app.lock logic
- Updated file_content logic for Documents and Reports
add_file()method for batch Group objects
- Added playbook_triggers_enabled parameter to Batch module (requires ThreatConnect 5.7)
- Made minor change to batch poll
- Updated Batch module
close()method to check for xids-saved file existence before deletion
- Added app.lock file to temp directory to ensure single execution
- Removed debugging flag from Batch module and replaced with logic to control debug externally
- Updated batch-poll method logic to poll more frequently
- Update Resource module to allow the addition of a body when reading from the datastore
- Added signal handler to tcex to gracefully handle interrupts
- Added new
tcinitcommand to download files required for a new App or update files in an existing App
- Updated batch-poll method to automatically calculate poll interval. REMOVED interval-method parameter
- Updated Batch module to raise error on batch-status poll timeout
- Updated __main__.py to version 1.0.2
- Moved and added supporting file to app_init directory
close()method to allow cleanup of temp files when batch job is done
- Added global overrides for halt_on_error in Batch module
- Fixed issue with token renewal not failing properly on error
- Updated logging method to ensure all messages are logged to file
- Updated logging method to skip API logging during token renewal
- Changed tcrun to not use shell on Windows systems
- Updated Batch module to use Submit Job/Submit Data for deletes
- Replaced tcex_develop arg with branch arg for tclib command
generate_xid()method to help generate a unique and/or reproducible xid
- Added default value for Email score in Batch module
- Added active property to Indicator type objects
save()method be best effort
submit_file()to handle None value being returned
attribute()methods to handle unique values when using a formatter
- Fixed issue with –unmask arg not working on tcrun command
- Merged AOT feature in prep for 5.7
install_json()method to load install.json, which is used in the injection method to determine the structure on the param values
save()method to save batch data to disk to reduce memory usage of the App
- Updated the logic in
default_args()method to handle both injecting secureParams and AOT params depending, on selected feature.
inject_params()method to be public and generic and to allow params to be injected manually
tcex_redismodule to support additional Redis methods required for AOT
read_binary_array()methods to support b64decode and decode params
Report()module to make the Report file name optional for updates in 5.7
- Updated examples in Documents
- Fixed validation issues in tcrun
- Updated submit_create_and_upload method to clear raw list after submission
- Rewrote results_tc method to handle updates to key/value pairs
- Updated tcrun to automatically create required directories
- Updated tclib to support building tcex develop version with –tcex_develop CLI flag
- Rewrote tcrun and tcprofile commands
- Removed tcdata commands
- Changed logging of unsupported args to only show when App retrieves args
- Changed read_binary_array method to decode Redis data automatically
exit()methods to treat exit code of 3 as non-failure
- Updated v2 Batch createAndUpload
- Updated secure params injection to handle pipe-delimited multiple-choice values
- Fixed issue with API logging not working when secure params are enabled
- Fixed issue with API logging timestamp precision
- Updated tcdata for Playbook variable creation during staging testing data
- Updated tcex logging for level and removal of stream logger once API logger is initialized
- Updated tcdata to handle binary array
- Updated tclib command to support environment variables in tcex.json file
- Added initial functionality for v2 Batch create and upload
- Updated regex for Playbook variables
- Updated Tcdata module for local testing
- Updated Batch v2 API
- Updated secureParams loading order
tcexmodule to only import modules when required
inflect()to the Utils module
- Updated documents for Metrics, Notifications, and Batch
- Added tcex.session to provide access to the ThreatConnect API using Requests’ native interface
tcex_batch_v2module to replace the Jobs module starting in ThreatConnect 5.6
- Added msg to
exit_code()method to a property with a setter
request()property to a method
- Updated multiple methods to use
- Renamed Logger module to be consistent with other modules
- Removed second arg from
- Removed owner parameter from
- Added deprecation warning for the following methods:
to_string(). These methods will be removed in version 0.9.0.
- Cleaned up code, comments, and documentation
- Added error code/message for all RuntimeError exceptions
- Updated logging to log App name and other data
- Added Notifications module for ThreatConnect 5.6+
- Updated secure params injection to treat string value of True as Boolean/flag
- Updated secure params to handle unicode values in py2
- Updated Jobs module to use batch settings from args on init and to allow programmatic override of batch settings
- Updated token renewal to handle issue with newstr
- Updated Jobs module to not call safetag method when using Resource module
- Updated Intrusion Set class in Resource module
- Updated Group list to include new Group types
download()methods to Report class in resource module.
- Added Task as a group type.
- Added new secure params feature
- Updated Utils module for handling naive datetime in py2
- Added to_bool() method back to Utils module
- Updated utils datetime methods to not require a timezone
- Updated Tag class to urlencode tag value so slashes are supported
- Updated safetag method to strip ^ from tag values
- Changed modules dependency to use latest version instead of restricting to current version
- Added Event, Intrusion Set, and Report Group types in preparation for TC > 5.6.0
- Added metrics module to create and add metrics to ThreatConnect.
- Added deleted endpoint for Indicators.
- Updated Jobs module to delete by name when using replace for Groups
- Updated token renewal to log more information on failure
- Updated Playbooks read-binary array to better handle null values
- Updated file Indicator class for proper handling of Attributes, Tags, and Labels
expand_indicators()method to use a new regex to handle more formats for file hashes and custom Indicators
- Fixed issue with embedded variable matching during exact variable check
Resourcefor py2 unicode issue in ipAddress module
Resourcemodule to automatically handle files hashes in format “md5 : sha1 : sha256”
Resourcemodule to reformat ipv6 addresses to same format as TC
- Updated __main__.py template with better logic to detect Python lib directory version
- Updated regex patterns for variable matching in Playbook module
- Updated Playbook module function in handling variables
read_embedded()method to better support embedded variables
- Added –report arg to
tcrunto output a JSON Report of profiles and run data
- Added new JSON string comparison operator (jc/json compare) to
tcdatato compare two JSON strings (requires DeepDiff to be installed locally)
- Added KeyValueArray operator to
tcdata, which allows searching for a single key/value entry in array
- Updated functionality to replace non-quoted embedded variable to handle duplicate variables in KeyValueArray
- Added new string comparison operator (sc) to
tcdatathat strips all white space before eq comparison
- Added new functionality to
TcExPlaybookto replace non-quoted embedded variables in Read KeyValueArrays
- Updated Create KeyValue/KeyValueArray methods to not JSON load when passed a string
any_to_datetime()method to return datetime.datetime object
timedelta()method to return delta object from two provided datetime expressions
- Fixed issue with _newstr_ and dynamic-class generation
- Updated all TcEx framework command-line interface (CLI) commands to use utf-8 encoding by default
- Replaced usage of unicode with built-in str (Python 2/3 compatible
- Replaced usage of long with built-in int (Python 2/3 compatible)
- Update usage of urllib.quote to be Python 2/3 compatible
association_custom()to handle boolean values that are passed as strings
_resource()method to handle boolean returned as strings from the API
tcdatato properly delete Indicators when using
- Update the Log module to use tcex instead of tcapp
TcExUtilsmodule with date functions to handle common date-use cases
- Added DeepDiff functionality to
tcdatafor validating unsorted dictionaries and list
tcdatato pull item from lists by index for easier comparison
read()method to allow disabling of automatically resolving embedded variables
association_custom()method to support file actions
file_action()method as alias to
tcdatacommand for issue on sorting list in Python 3
- Added update for tcex.json file to allow the App version to be specified instead of using programVersion from install.json
- Added stub support for associatedGroup in Batch Indicator JSON
- Updated the TcEx Job module to better handle Document uploads in Python 3
- Updated TcEx Resource module to support query parameter list in the add_payload() method
- Updated TcEx Request module to support query parameter list in the add_payload() method
tclibto remove the old lib directory before creating the lib directory
- Updated the TcEx framework to only build custom Indicator classes when working with custom Indicators
- Updated TcEx Jobs module Group add logic to fix issue with skipping existing Groups
- Updated TcEx Jobs module to handle associatedGroup passed as string or int when using /v2
Breaking change to any App that uses the Direct Access method with a Custom Indicator type.
- Fixed issue in
tcdatawhen validating that data is not string type
tcprofileto set type check to binary on binary data
- Updated Playbook create_binary and create_binary array for to better support py3.
tcdatato support Security Labels in staged data
tcdatato support adding associations
tcdatato support variable reference #App:4768:tc.address!TCEntity::value during validation
tcdatato validate string as string_types for “is type” check using six modules
- Added fix for code font not matching line numbers in the documents
_argsvariable in tcex.py to
_parservariable in tcex.py to
- Cleaned up code (removed any Python 2.5-specific code)
- Replaced use of
str()in TcEx Playbook module
tcrunto pass data_owner for each action on
tcdatato stage TC data via
/v2instead of batch
tcdatawrite entity out as variable
tcprofileto support new parameters
tcdatato properly handle older tcex.json files
read_embedded()method to handle unicode error
- Added additional logging to TcEx Job for logging API response
job()association feature to handle Group-> Indicator and Group-> Group associations
safe_group_name()method to ensure Group meets the required length
tcdatainitial feature to stage Groups and Indicators in ThreatConnect
tcrunto use new parameter for logging
job()to support upload of file to Document Group
- Updated token renewal URL
tcprofileto include api_default_org, tc_proxy_external, tc_proxy_host, tc_proxy_port, tcp_proxy_password, tc_proxy_tc, tc_proxy_username
tcprofilechanging tc_playbook_db_path and tc_playbook_db_port parameters to environment variables by default
tcprofilechanging logging to tc_log_level
tclibto check for requirements.txt
- Updated tcex.playbook, tcrun, and tcdata to support deleting data from Redis from previous runs
tcrunto handle issue where install_json is not defined in the tcex.json file so that script name was improperly being set
- Updated create_output() method to fix issue when using output variables of the same name and different type
tcrunto not check for the program main file for Java Apps
tcrunto support running Java Apps
- Added support for install_json profile parameter to tcex.json. This should be included in all tcex.json files going forward.
- Added support for java_path config parameter to tcex.json for custom Java path. Default behavior is to use the default version of Java from user path.
- Added support for class_path profile parameter to tcex.json for custom Java paths. By default,
./target/will be used as the class_pass value.
tcpackageto grab minor version from programVersion in install.json. If no programVersion is found, the default version of an App is 1.0.0.
- Cleaned up PEP8
json()method to use proper entity value
tcprofileto use default env values for API credentials
- Added Groups parameter to tcex.json so that a profile can be part of multiple Groups
- Added additional exclude values for IDE directories
- Added app_name parameter to tcex.json for App built on system where App directory is not the App name
tcpackageto use new app_name, if it exists, and to default back to App directory name
tcprofileto only output Redis variable for Playbook Apps
tclibto have default config value for instance where there is not tcex.json file
- Update Building Apps section of the documentation
- Updated required module versions (requests, python-dateutil, and Redis)
- Fixed issue with sleep parameter being ignored in
tclibto automatically read tcex.json
tcpackageto output Apps zip files with .tcx extension
- Added support for binary data type in
- Added platform for docker support
- Added platform check for subprocess calls
- Added additional error logging for
- Added better support for build and test commands on Windows platform
- Removed pip as a dependency
tcdatato support multiple operators for validation
tcprofilecommand to automatically build testing profiles from install.json
tcrunto create log, out, and temp directories for testing output
tcpackageto exclude .pyc files and __pycache__ directory
tcpackageto append version number to zip file
- Added a bundle_name parameter to tcex.json file for systems where the directory name does not represent the App name
- Updated tcdata for issue with bytes string in Python 3
- Added new tcdata, tclib, tcpackage, and tcrun commands for App testing and packaging (The app.py will be deprecated in the future.)
__main__.pyfor new lib directory structure created with pip (replaced easy_install)
- Changed method so that Apps are now built with
association_custom()method to support DELETE/POST methods
_association_types()method to load Custom Association types from API
indicator_types_dataproperty with full Indicator Type data
indicator_associations_types_dataproperty with full Indicator Association Type data
- Update playbookdb variable name
- Updated __main__.py template for proper exit code
- Added support for output variable of the same name, but different types
- Added support for new TCKeyValueAPI DB types in Playbook Apps. This is a seamless change to the Apps.
authorization()method to return properly formatted header when no token_expires is provided
- Added automatic authorization to
- Updated documentation for Request module
- Changed proxy variable to proxies in
- Changed proxy variable to proxies in
assignees()method for Tasks
escalatees()method for Tasks
- Added 201 as valid status code for Task
- Changed private
_copy()method to public
occurrence()method Indicator parameter to be optional
Resourcemodule to retrieve DNS resolutions on Host Indicators
download()method to download Signature data
- Added urlencoding to proxy user and password
job()method to allow multiple jobs to run in an App
s()method to fix issues in Python 3
create_binary_array()method to properly handle binary array data
read_binary_array()method to properly handle binary array data
indicator_body()to support missing hashes
false_positive()endpoint for Indicators
- Merged pull requests for better native Python 3 support
- Added Campaign to Group types
- Increased request timeout to 300 second.
read_embedded()method logic for null values and better support of mixed values
- Updated TcEx Job module for file hashes updates using v2/indicators/files
TcExJobmodule for file hashes updates using
read_embedded()method to support different formatting dependent on the parent variable type
Resourcemodule to address issue in which copying the instance causes errors with request instance in Python 3
- Updated T**cExLocal**
run()method to better format error output
- Fixed issue with
TcExJobmodule in which batch Indicator POST with chunking would fail after first chunk
safe_indicator()method to urlencode and cleaned up Indicator before associations, etc.
expand_indicators()method to use a regex instead of split for better support of custom Indicators
_process_indicators_v2to better handle custom Indicator types
read_embedded()method to strip off double quote from JSON string on mixed types and to decode escaped strings
Resourcemodule so that all Indicator are URL encoded before adding to the URI
Indicator_body()method to only include items in the JSON body if not None.
indicators()method to handle extra white spaces on the boundary
- Added additional standard args of
associations()methods now take an instance of Resource and return a copy of the current Resource instance. Other methods such as
tags()now return a copy of the current Resource instance.
resource()method to get instance of Resource instance
DatastoreResource class to the
TcExJobmodule for changes in the
- Added logic around retrieving Batch errors to handle 404
- Added new
exit()method for Playbook Apps (exit code of 3 to 1 for partial success)
read_embedded()method with a better regex for matching variables
TcExPlaybook()module with better error handling with JSON loads
- Updated TcExLocal
run()method to sleep after subprocess executes the first time
TcEx Jobmodule to allow Indicators to be added via
- Updated structure for Attributes/Tags on Groups to use singular version (Attribute/Tag) in Jobs modules to match format used for Indicators
- Added custom case_preference and parsable properties to
- Added logic to cleanup temporary JSON bulk file. When logging is debug, a compressed copy of the file will remain.
- Fixed issue in
tcex_resourcesmodule with pagination stopping before all results are retrieved
s()method to replace the
to_string()method (handle bad unicode in Python 2 and still support Python 3)
read_embedded()method to better handle embedded vars
indicators()method to allow iteration over Indicator values in Indicator response JSON
set_basic_auth()method to use proper unicode method
tcex_playbookcreate and read methods to warn when None value is passed
add_payload()method to not force the value to string
set_basic_auth()method for instance where normal method does not work
- Fixed issue with boolean parameters having an extra space at the end
_parameters()method to build a list for subprocess.popen instead of a string
- Updated install.json schema to support note field
- Removed hiredis as a dependency
- Added hvac as a dependency for vault-credential storage
- Added ability to use vault as a credential store for local testing
- Fixed args wrapper for Windows (’ to “)
- Added sleep option for test profiles that take time to complete
tcex_localmodule to change tc.json profiles to list instead of dictionary to maintain order of profiles
- Added feature to
tcex_localto read environment variables for value in tc.json (e.g., $evn.my_api_key)
- Handled None type returned by Redis module
to_string()method to replace old
uni()method (handled Python 2/3 encoding for Apps)
- Updated string/unicode/bytes issue between Python 2 and 3
tcex_localmodule for Python 2/3 support
- Updated binary methods in
tcex_playbookmodule for Python 2/3 support
run()logic to support updated tc.json schema
- Changed –test arg to –profile in
- Added script field to tc.json that matches –script arg to support predefined script names
- Added Group field to tc.json that matches –group arg in
_required_arguments()to support running multiple profiles
- Added inflect requirement to version 0.2.5
- Changed python-dateutil requirement to version 2.6.10
- Changed requests requirement to version 2.13.0
- Added accepted status code of 201 for Custom Indicator POST on dynamic class creation
tcex_resourcesfor generating Indicator body
tcex_resourcesfor generating Indicator body
- Fixed issue with Job
TcExJobmodule to use new pagination functionality in
- Updated and labeled
paginate()method as deprecated
- Updated tcex_local for additional parameter support during build process
- Updated tcex_local for exit code when app.py is called (maven build issue)
- Added new log event for proxy settings
- Reworked iterator logic in
- Updated documentation
tcex_resourcesto allow iteration over the instance to retrieve paginated results
- Updated support-persistent args when running App locally
- Updated Playbook module for Python 3
- Added logging of platform for debugging purposes
- Updated Pep 8
tcex_data_filtermodule access via
epoch_seconds()method to return epoch seconds with optional delta period
python-dateutil==2.4.2as a Python dependency
group_cache()module to use
tcex_resourcesmodules renamed methods and changes
- Changed logging level logic to use
tc_logging_level, if it exists
- Added App version logging attempt
_resources()method to handle TC version without custom Indicators
- Updated logging to better debug API request failures
- Updated package command to create lib directory with Python version (e.g., lib_3.6.0)
- Updated logging the Logging Level, Python, and TcEx versions for additional debugging
- Updated open call for bytes issue on Python 3
- Updated to setup.py for Python 3 support
- Updated Campaign Resource type Class
building_appssection to documentation
- Updated documentation
- Initial Public Release