2.4.70

What's Changed

• Deleting Detection Comments and Test Anchors by @coreyogburn in #389
• fix license log field uniqueness by @jertel in #392
• ElastAlert Repo Community Rule Support by @coreyogburn in #391
• Fix quotes around yara meta values. by @coreyogburn in #393
• Cogburn/detections tweaks by @coreyogburn in #394
• Better Error When Detection PublicId Collisions Happen by @coreyogburn in #395
• Sigma and Suricata Rules Now Require Public Id by @coreyogburn in #396
• ClickToEdit and Docs Link in Sigma Overrides by @coreyogburn in #397
• add grouping attribute by @jertel in #398
• Better Behavior around Ctrl+C by @coreyogburn in #399
• Manually Sync Detections From UI by @coreyogburn in #400
• Added data-aid attr to new elements by @coreyogburn in #401
• Cogburn/correct casing by @coreyogburn in #402
• Prepare Detection After Save by @coreyogburn in #403
• Remove Suricata links by @defensivedepth in #405
• Initial cut for auto enable sigma rules by @defensivedepth in #406
• Details Tweaks by @coreyogburn in #404
• Timer State by @coreyogburn in #407
• Remove AutoRefresh and TimeZone from Detection's Advanced Options by @coreyogburn in #408
• Sigma Descriptions Added by @coreyogburn in #409
• Enable QuickActions in Detections by @coreyogburn in #410
• Visual Glitch Fixed by @coreyogburn in #411
• Sync Without Engine Selection Fixed by @coreyogburn in #412
• clarify test popup description by @jertel in #413
• Yara Author Fix by @coreyogburn in #414
• Cogburn/duplicate fix by @coreyogburn in #415
• use consistent delete icon similar to case comments/events; open new … by @jertel in #416
• Cleanup for Cypress Tests by @coreyogburn in #417
• Sigma Overrides by @coreyogburn in #418
• Overrides Enabled by @coreyogburn in #419
• New Enabled Toggle for Detections by @coreyogburn in #420
• Misc Fixes To Overrides by @coreyogburn in #421
• Custom Filter Usability by @coreyogburn in #422
• Duplication Fixes, Improvements by @coreyogburn in #423
• Fix fingerprint paths by @defensivedepth in #424
• Refactored Git Work by @coreyogburn in #425
• Simplify Sigma by @coreyogburn in #426
• Fix for Multiple Rows Opening in Detection Overrides by @coreyogburn in #427
• Cogburn/suricata community fixes by @coreyogburn in #429
• Validate YAML in Detection Validation by @coreyogburn in #430
• Extract additional fields by @defensivedepth in #432
• bump x/net per #14 by @jertel in #433
• additional logging; auto-enable yara rules by @defensivedepth in #428
• Truncate logs by @defensivedepth in #435
• enable license checks by @jertel in #436
• Refactored UpdateDetection by @coreyogburn in #434
• Use Better Unquote Function For Suricata Titles by @coreyogburn in #437
• Cogburn/advanced suricata by @coreyogburn in #438
• FEATURE: Add SOC Quick Link for Elasticsearch ILM Deletion Security-Onion-Solutions/securityonion#12854 by @dougburks in #439
• Smarter YARA Imports by @coreyogburn in #440
• Sanitize Strings by @coreyogburn in #441
• rbac by @jertel in #442
• Modified Detections Permission Checks by @coreyogburn in #443
• fix type conflict due to mistyped log field name by @jertel in #444
• Update YARA Parser by @coreyogburn in #445
• Respect User Input by @coreyogburn in #446
• Small Tweaks for a Better Experience by @coreyogburn in #447
• Add lastImport status by @defensivedepth in #448
• Sigma pivot fix by @defensivedepth in #449
• Custom Ruleset by @coreyogburn in #450
• Config Repos - Community by @coreyogburn in #451
• Fix Tests by @coreyogburn in #453
• support duplicate settings by @jertel in #455
• support new readOnlyUi annotations by @jertel in #456
• Cogburn/public id on duplicate by @coreyogburn in #457
• Update Go Version by @coreyogburn in #459
• Specify Correct Image by @coreyogburn in #460
• Additional human readable fieldnames by @defensivedepth in #461
• Moved defaults to constants by @defensivedepth in #462
• Update help links for new override, suricata override, and elastalert override by @dougburks in #463
• Hide the advanced interface toggle in Detections by @dougburks in #464
• config ui improvements by @jertel in #465
• SOC Detections - Airgap support by @defensivedepth in #466
• Error Tracking and Retry Timing by @coreyogburn in #467
• Use diff airgap var by @defensivedepth in #468
• Updated Broadcast Permissions by @coreyogburn in #469
• config reset confirmation by @jertel in #470
• Control When Allow/Deny Regexes Are Applied by @coreyogburn in #471
• Regenerate elastalert rules if Sigma pipelines change by @defensivedepth in #472
• Fix for Whitespace by @coreyogburn in #473
• Populate User Details in Detections History by @coreyogburn in #474
• Smarter Strelka Sync by @coreyogburn in #475
• Add git by @defensivedepth in #476
• Always Run CompileYARA Script by @coreyogburn in #477
• add related alerts quick action by @jertel in #478
• temporarily disable threaded tests by @jertel in #479
• Update Dockerfile to pull docs from dev branch by @dougburks in #480
• Write but No Read by @coreyogburn in #481
• fix missing nil check by @jertel in #482
• Remove no compile option by @defensivedepth in #483
• detections UI improvements by @jertel in #484
• Cogburn/suricata conversion by @coreyogburn in #485
• fix log field names; fix nil pointer crash by @jertel in #486
• remove custom files when resetting to default by @jertel in #487
• require confirmation to delete detection by @jertel in #488
• Fix path' by @defensivedepth in #489
• another nil pointer error; added missing test scenario by @jertel in #490
• Changed the directory where Migrations are stored by @coreyogburn in #491
• Clear Kind by @coreyogburn in #492
• Add rule name and publicId to log by @defensivedepth in #493
• Allow for idstoolsYaml to not have enabled or disabled entries by @coreyogburn in #494
• Detections Author and License improvements by @jertel in #495
• support custom alerters by @jertel in #496
• default imported author to the author specified in the source rule by @jertel in #497
• disable title edit by @jertel in #498
• Cogburn/integrity check by @coreyogburn in #499
• IsEnabled=false when syncing after delete by @coreyogburn in #500
• Reorder Sigma Fields by @defensivedepth in #501
• match gitleaks config to other repo by @jertel in #504
• prioritize integrity errors over sync errors; lic feature by @jertel in #503
• YARA Parsing Fix by @coreyogburn in #502
• Remove Disabled Suricata Rules From Local File by @coreyogburn in #505
• Duplicate Suricata Rules Should Start Disabled by @coreyogburn in #506
• updateLocal Should Respect Flowbits by @coreyogburn in #507
• elastalert adjustments by @jertel in #508
• Add event.action groupby by @defensivedepth in #509
• More groupbys by @defensivedepth in #510
• Re-enable quick drilldown feature now that rule.uuid is a new default column by @dougburks in #512
• Strelka PublicId Change by @coreyogburn in #511
• Suricata Modify Needs Quotes by @coreyogburn in #513
• Update Test by @coreyogburn in #514
• detections ui cosmetics; ensure soc logs included on grid screen pivot to hunt by @jertel in #516
• Suricata Sync Deletion by @coreyogburn in #515
• Fix 2 Tests by @coreyogburn in #517
• Cogburn/button visibility by @coreyogburn in #518
• Don't show "unsaved changes" dialog on New Detection page by @coreyogburn in #519
• fix detection summary metadata styling by @jertel in #520
• prevent creation of new overrides with blank, required values by @jertel in #521
• Give Strelka a similar performance boost that both suricata and elast… by @coreyogburn in #522
• several bug fixes in overrides, cosmetic corrections, implemented validation logic by @jertel in #523
• Migration override timestamps & sidsYaml does not exist by @coreyogburn in #524
• Proper Validation During GetDetectionByPublicId by @coreyogburn in #525
• realert on all matches by @jertel in #526
• 2.4.70 by @TOoSmOotH in #527

Full Changelog: 2.4.60...2.4.70