v1.0.8

This release adds the following features:

• Optional collection of metadata bundles (context) for each alert, to be submitted over a separate AMQP connection (#46)
• Flow IDs are now forwarded as strings to work around potential issues with syslog-ng (#48)

v1.0.7

This hotfix release fixes a problem where Bloom filter alerts might not be properly forwarded (cf. rhaist/surevego@b1cf215)

v1.0.6

This release adds the following features/fixes the following bugs:

• Do not use explicit types in InfluxDB submissions (#34)
• Add support for active rDNS queries (#36)
• Distinguish DNS query and answer in Bloom filter alerting (#40)
• Allow AMQP channel multiplexing (#43)
• Fix bug causing 100% CPU on AMQP reconnect (#43)
• Implement Bloom filter IoC blacklisting (#44)

v1.0.5

This release adds the following features/fixes the following bugs:

• Support for more flexible URL Bloom filter matching (#33)
• Improve stability of tests w.r.t. run time, see (#32 and #31)

v1.0.4

This release introduces the following fixes, improvements and features:

• Tests no longer fail intermittently (#27)
• Forwarding can be disabled by setting -o to empty string (#22)
• TLS metadata is included in TLS SNI Bloom filter alert (#26)
• All events are sent to the database, not just those unhandled by any additional processors (#29)

v1.0.3

This release adds the following features/fixes the following bugs:

• Adds support for IP blacklisting via EVE metadata (#18)
• Improves robustness of Bloom filter matching by more relaxed handling of corrupted filter input files (#19)

v1.0.2

This release adds customizable Bloom filter alert descriptions, see #16.

v1.0.1

This release just allows running without a config file and also adds the makeman command to create man pages.

v1.0

First proper open source release.