Skip to content

Latest commit

 

History

History
60 lines (53 loc) · 2.65 KB

CHANGELOG.md

File metadata and controls

60 lines (53 loc) · 2.65 KB

Notable changes between releases

See documentation for details.

devel

  • Embedded Cuckoo mode is deprecated now and scheduled for removal in a future release. A warning is printed at startup if embed mode is in use.
  • Generic rules allow to evaluate expressions with sample, cuckooreport and olereport and filereport
  • Distribute and install sample configuration files in/from PyPI source distribution
  • Make list of rules to run configurable in members and order. See ruleset.conf.sample section [rules] for details.
  • Lower default for in-flight lock staleness to 15 minutes.
  • Detect unknown config sections and options and refuse to start if any are found.
  • Submit the sample with its original filename if available when using the REST API. (#81, #82)
  • Improve REST API access robustness by introducing configurable urllib3 retry handling with backoff and defined endless retry or failure report to client. (#43)
  • Introduce peekaboo-util.py with subcommands scan-file (as a super charged replacement for scan_file.py (#107)), ping and raw (for diagnosis, scripting and debugging).
  • Add database indices to speed up processing and lower database CPU load. Rename analyses_time column to analysis_time in analysis_jobs table. Raises schema version to 7. (#124)

1.7

  • give threads names for easier identification
  • add configuration for rule cuckoo_analysis_failed to override what constitutes failure and what reliably indicates success
  • localise client communication, i.e. have the system report findings in English by default but provide gettext-compatible translation templates for other languages
  • add German translation (which was hard-coded in the source before)
  • add configuration option to force language of client communication beyond $LANG and friends
  • massively speed up shutdown
  • make the malware_reports directory configurable
  • add reporting of an overall analysis result (not just per sample-results) to correctly convey failures in addition to good/bad decisions to the client
  • usage of separate python virtualenvs for peekaboo and cuckoo is now recommended because we use newer module versions than cuckoo
  • make internal configuration defaults work so that peekaboo.conf can be mostly empty in standard setups
  • log multiple analysis jobs per sample in analysis_jobs to get an actual job log
  • multi-node concurrency coordinated via DB, see section [cluster] in peekaboo.conf.sample
  • remove analysis_results table from DB schema for simplicity and performance, bump version to 6
  • many bug fixes, internal cleanups and improviments

1.6.2

  • bug fix release
  • no individual change log before this