Version 0.3.0

What's Changed

• Fixes FQL for Queued Sessions by @ChristopherHammond13 in #79
• [FEATURE] Add ability to filter on host online state by @kenoel in #95
• [ FEATURE ] Adds User Data Read Operations by @ChristopherHammond13 in #92
• Bumps dependencies

New Contributors

• @kenoel made their first contribution in #95

Full Changelog: v0.2.2...v0.3.0

Issues Resolved

• #81
• #87

Version 0.2.2

Overview

This release incorporates some updates to underlying dependencies, as well as a critical bug fix for policy imports (#72) to ensure that we dump data in a format that is fully compliant with the Falcon Policies APIs.

What's Changed

• Adds some error handling to the batching and pagination backends by @ChristopherHammond13 in #61
• ⬆️ Bump coverage from 6.5.0 to 7.0.3 by @dependabot in #63
• ⬆️ Bump coverage from 7.0.3 to 7.0.4 by @dependabot in #64
• ⬆️ Bump pydocstyle from 6.2.2 to 6.2.3 by @dependabot in #65
• ⬆️ Bump coverage from 7.0.4 to 7.1.0 by @dependabot in #70
• ⬆️ Bump crowdstrike-falconpy from 1.2.9 to 1.2.11 by @dependabot in #71
• ⬆️ Bump pydocstyle from 6.2.3 to 6.3.0 by @dependabot in #68
• ⬆️ Bump pytest from 7.2.0 to 7.2.1 by @dependabot in #66
• 🐛 Changes the key name to settings in flat_dump by @ChristopherHammond13 in #72

Full Changelog: v0.2.1...v0.2.2

Version 0.2.1

Version 0.2.1

This version of Caracara bumps up dependencies, and ensures that all installations get at least version 1.2.9 of FalconPy which includes some important bug fixes for features used by Caracara.

Version 0.2.0

This version of Caracara brings some important updates:

• IOA support is now available in alpha, thanks to some awesome work by @swedgwood!
• Dependencies have been bumped to get the latest fixes in FalconPy and Py7zr (including a fix for a CVE), as well as in other libraries.

Version 0.1.6

This release adds a couple of small filters that should have a real impact.

1. We now support the cswindiag and put-and-run RTR commands
2. You can now filter by host ConnectionStatus (Online or Offline), which avoids the need to use tricks like LastSeen GTE -30m to guess which systems are online

Version 0.1.5

This release adds basic support for MSSP CID introspection

Version 0.1.4

This releases integrates #39, which fixes a bug in the RTR automatic session renewal code and bumps up some of our dependencies.

Version 0.1.3

This release upgrades some aspects of our deployment pipeline and divides up hosts.describe_devices into two sub-functions, callable by developers:

• hosts.get_device_ids, which takes optional filters as a parameter and returns matching Device IDs in a tenant
• hosts.get_device_data, which takes a list of Device IDs and returns the device data as a list of dictionaries

Version 0.1.2

This release brings a slew of improvements to the hosts module, including grouping support, along with more than 100 commits of bug fixes. We recommend that all Caracara users migrate to this release.

Version 0.1.1

Caracara v0.1.1

This update resolves a results batching issue when the result set exceeded the DATA_BATCH_SIZE.

The Client object can now accept environment variable representations for the following arguments:

• client_id
• client_secret
• cloud_name
• user_agent
• member_cid

Format: ${VARIABLE_NAME}

Two new examples are added, and the list_windows_devices.py example was updated.

Testing for releases via Poetry is also implemented.

• Enhancement
• Bug fixes
• Documentation

Bandit analysis

[main]	INFO	running on Python 3.9.9
Run started:2022-06-08 03:57:19.208325

Test results:
	No issues identified.

Code scanned:
	Total lines of code: 3606
	Total lines skipped (#nosec): 1

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
Files skipped (0):

Added features and functionality

• Updated: Added total results returned to list Windows devices example.
  • examples/list_windows_devices.py
• Added: New example, list all devices.
  • examples/list_all_devices.py
• Added: New example, find devices.
  • examples/find_devices.py
• Added: Environment variables are now allowed for initialization arguments to the Client constructor.
  • client.py

  #!/usr/bin/env python3
  from caracara import Client
  
  client = Client(client_id="${FALCON_CLIENT_ID_TALON1}", client_secret="${FALCON_CLIENT_SECRET_TALON1}")
  
  for device_id, device_data in client.hosts.describe_devices().items():
      print(f"{device_id} {device_data['hostname']}")

Issues resolved

• Bug fix: Fix within batch handler causing results to be dropped in large result sets. Closes #26.
  • common/batching.py

Other

• Testing for new packaging deployment

Full Changelog: v0.1.0...v0.1.1