Skip to content
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions packages/ti_anomali/changelog.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "2.0.0"
changes:
- description: Modify field type to eliminate field conflicts within the data streams.
type: breaking-change
link: https://github.com/elastic/integrations/pull/13909
- version: "1.27.0"
changes:
- description: Add support for proxy URL and SSL configuration parameters in intelligence data stream.
Expand Down
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:06.784043054Z",
"@timestamp": "2025-05-14T09:52:05.745296373Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
"confidence": 60,
"deletion_scheduled_at": "2025-05-08T10:24:06.784043054Z",
"deletion_scheduled_at": "2025-08-07T09:52:05.745296373Z",
"expiration_ts": "9999-12-31T00:00:00.000Z",
"feed_id": 0,
"id": "232020126",
Expand All @@ -23,7 +23,7 @@
"status": "active",
"threat_type": "apt",
"type": "domain",
"update_id": 455403032,
"update_id": "455403032",
"uuid": "0921be47-9cc2-4265-b896-c62a7cb91042",
"value": "gen1xyz.com"
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:07.348248898Z",
"@timestamp": "2025-05-14T09:52:06.444815516Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
"confidence": 12,
"deletion_scheduled_at": "2025-05-08T10:24:07.348248898Z",
"deletion_scheduled_at": "2025-08-07T09:52:06.444815516Z",
"expiration_ts": "9999-12-31T00:00:00.000Z",
"feed_id": 0,
"id": "235548914",
Expand All @@ -23,7 +23,7 @@
"status": "active",
"threat_type": "apt",
"type": "email",
"update_id": 467407026,
"update_id": "467407026",
"uuid": "bc5a223e-f7a1-4acb-b50b-c81395e34218",
"value": "edc2@wsx.com"
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:07.906457098Z",
"@timestamp": "2025-05-14T09:52:07.158010555Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
"confidence": -1,
"deletion_scheduled_at": "2025-05-08T10:24:07.906457098Z",
"deletion_scheduled_at": "2025-08-07T09:52:07.158010555Z",
"expiration_ts": "9999-12-31T00:00:00.000Z",
"feed_id": 0,
"id": "235549247",
Expand All @@ -23,7 +23,7 @@
"status": "active",
"threat_type": "apt",
"type": "ip",
"update_id": 467409119,
"update_id": "467409119",
"uuid": "463f01f8-7675-4caa-a6aa-db2fb3787b09",
"value": "89.160.20.176"
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:08.460033038Z",
"@timestamp": "2025-05-14T09:52:07.783997794Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
"confidence": -1,
"deletion_scheduled_at": "2025-05-08T10:24:08.460033038Z",
"deletion_scheduled_at": "2025-08-07T09:52:07.783997794Z",
"expiration_ts": "9999-12-31T00:00:00.000Z",
"feed_id": 0,
"id": "235548934",
Expand All @@ -23,7 +23,7 @@
"status": "active",
"threat_type": "apt",
"type": "url",
"update_id": 467408247,
"update_id": "467408247",
"uuid": "8031fe34-3eb4-47f5-b0c8-e85fa1d1195d",
"value": "http://www.bnmv3.com/"
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:09.014353190Z",
"@timestamp": "2025-05-14T09:52:08.459727429Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
"confidence": 100,
"deletion_scheduled_at": "2025-05-08T10:24:09.01435319Z",
"deletion_scheduled_at": "2025-08-07T09:52:08.459727429Z",
"expiration_ts": "2318-07-09T20:41:16.995Z",
"feed_id": 0,
"id": "184983050",
Expand All @@ -23,10 +23,10 @@
"status": "active",
"threat_type": "bot",
"trusted_circle_ids": [
10015
"10015"
],
"type": "ip",
"update_id": 376544052,
"update_id": "376544052",
"uuid": "c7e4fd9e-b4c0-4c20-83f2-9415ff671a19",
"value": "216.160.83.63"
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:09.580358848Z",
"@timestamp": "2025-05-14T09:52:09.129536168Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
"confidence": 100,
"deletion_scheduled_at": "2025-05-08T10:24:09.580358848Z",
"deletion_scheduled_at": "2025-08-07T09:52:09.129536168Z",
"expiration_ts": "2318-07-09T20:41:16.995Z",
"feed_id": 0,
"id": "184979083",
Expand All @@ -23,10 +23,10 @@
"status": "active",
"threat_type": "c2",
"trusted_circle_ids": [
10015
"10015"
],
"type": "domain",
"update_id": 376540078,
"update_id": "376540078",
"uuid": "435d7aa2-93ce-4178-9eaf-6b70be95800e",
"value": "www.poledancepoint.com"
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:10.159539369Z",
"@timestamp": "2025-05-14T09:52:09.812192594Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
Expand All @@ -23,7 +23,7 @@
"status": "inactive",
"threat_type": "c2",
"type": "ip",
"update_id": 424188174,
"update_id": "424188174",
"uuid": "f0b4bb2b-bef0-432f-b84b-55cc1ea46cda",
"value": "81.2.69.143"
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:10.714019424Z",
"@timestamp": "2025-05-14T09:52:10.434272737Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
"confidence": 100,
"deletion_scheduled_at": "2025-05-08T10:24:10.714019424Z",
"deletion_scheduled_at": "2025-08-07T09:52:10.434272737Z",
"expiration_ts": "2318-07-09T20:41:16.995Z",
"feed_id": 0,
"id": "184992550",
Expand All @@ -23,10 +23,10 @@
"status": "active",
"threat_type": "c2",
"trusted_circle_ids": [
10015
"10015"
],
"type": "url",
"update_id": 376553552,
"update_id": "376553552",
"uuid": "d6a3e03c-f8d5-4820-83a0-848001ca3848",
"value": "http://89.160.20.149/"
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:11.276647645Z",
"@timestamp": "2025-05-14T09:52:11.063102171Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
Expand All @@ -23,7 +23,7 @@
"status": "inactive",
"threat_type": "i2p",
"type": "ip",
"update_id": 528280279,
"update_id": "528280279",
"uuid": "97116f93-a68d-4fe3-a108-0e9876933670",
"value": "67.43.156.251"
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:11.893969228Z",
"@timestamp": "2025-05-14T09:52:11.720928420Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
Expand All @@ -10,7 +10,7 @@
"expiration_ts": "2020-03-17T02:13:59.830Z",
"feed_id": 0,
"id": "172122186",
"import_session_id": 245,
"import_session_id": "245",
"is_anonymous": false,
"is_editable": false,
"is_public": true,
Expand All @@ -30,7 +30,7 @@
"status": "inactive",
"threat_type": "malware",
"type": "domain",
"update_id": 358590378,
"update_id": "358590378",
"uuid": "90cb701f-7011-4583-bb88-bed24edb1b72",
"value": "51web8.net"
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:12.496849702Z",
"@timestamp": "2025-05-14T09:52:12.477537186Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
Expand All @@ -23,7 +23,7 @@
"status": "inactive",
"threat_type": "malware",
"type": "email",
"update_id": 358592413,
"update_id": "358592413",
"uuid": "51b0891b-8c6e-4756-ae03-4e512a16634b",
"value": "test_mail_remote@test.com"
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:13.123631052Z",
"@timestamp": "2025-05-14T09:52:13.135107334Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
"confidence": 100,
"deletion_scheduled_at": "2025-05-08T10:24:13.123631052Z",
"deletion_scheduled_at": "2025-08-07T09:52:13.135107334Z",
"expiration_ts": "2318-07-09T20:41:16.995Z",
"feed_id": 0,
"id": "184983854",
Expand All @@ -23,10 +23,10 @@
"status": "active",
"threat_type": "malware",
"trusted_circle_ids": [
10015
"10015"
],
"type": "string",
"update_id": 376544856,
"update_id": "376544856",
"uuid": "b57eba4a-39c6-4e03-8bdf-9ed5f8c03eab",
"value": "Users\\Administrator\\AppData\\Local\\Temp\\Cab3795.tmp"
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:13.684357072Z",
"@timestamp": "2025-05-14T09:52:13.757919416Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
Expand All @@ -23,7 +23,7 @@
"status": "inactive",
"threat_type": "malware",
"type": "ip",
"update_id": 367054933,
"update_id": "367054933",
"uuid": "7250250a-60f4-4ef0-bef4-f666701f4870",
"value": "67.43.156.93"
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:14.249507155Z",
"@timestamp": "2025-05-14T09:52:14.432878421Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
"confidence": 50,
"deletion_scheduled_at": "2025-05-08T10:24:14.249507155Z",
"deletion_scheduled_at": "2025-08-07T09:52:14.432878421Z",
"expiration_ts": "9999-12-31T00:00:00.000Z",
"feed_id": 0,
"id": "231017345",
"import_session_id": 1133,
"import_session_id": "1133",
"is_anonymous": false,
"is_editable": false,
"is_public": true,
Expand All @@ -24,7 +24,7 @@
"status": "active",
"threat_type": "malware",
"type": "ipv6",
"update_id": 452320631,
"update_id": "452320631",
"uuid": "fe78f00b-805f-467d-99d6-64fcf0895c75",
"value": "::e"
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
{
"expected": [
{
"@timestamp": "2025-02-12T10:24:14.795435050Z",
"@timestamp": "2025-05-14T09:52:15.163973626Z",
"anomali": {
"threatstream": {
"can_add_public_tags": true,
"confidence": 50,
"deletion_scheduled_at": "2025-05-08T10:24:14.79543505Z",
"deletion_scheduled_at": "2025-08-07T09:52:15.163973626Z",
"expiration_ts": "9999-12-31T00:00:00.000Z",
"feed_id": 0,
"id": "184902936",
"import_session_id": 876,
"import_session_id": "876",
"is_anonymous": false,
"is_editable": false,
"is_public": false,
Expand All @@ -24,10 +24,10 @@
"status": "active",
"threat_type": "malware",
"trusted_circle_ids": [
10015
"10015"
],
"type": "md5",
"update_id": 376395928,
"update_id": "376395928",
"uuid": "51d955f5-66fb-4fb5-b61d-6e543dcd8dec",
"value": "b97d099e6c132d19a47cf7e72840cac6c3ddd6dc"
}
Expand Down
Loading