@@ -7,6 +7,7 @@ CbAPI 1.3.1 - Released August 3, 2017
77This is a bugfix release with minor changes:
88
99* Cb Response
10+
1011 * Add ``partition_operations.py `` script to demonstrate the use of the StoragePartition model object.
1112 * Fix errors when accessing the ``.start `` attribute of child processes.
1213 * Fix errors generated by the ``walk_children.py `` example script. The output has been changed as well to indicate
@@ -19,6 +20,7 @@ This is a bugfix release with minor changes:
1920 ``create_process `` method will now wait for the target process to complete before returning.
2021
2122* Cb Defense
23+
2224 * Add ``wait_for_completion `` flag to ``create_process `` Live Response method, and default to ``True ``. The
2325 ``create_process `` method will now wait for the target process to complete before returning.
2426
@@ -32,9 +34,11 @@ This release introduces the Live Response API for Cb Defense. A sample ``cblr_cl
3234Other changes:
3335
3436* Cb Protection
37+
3538 * You can now create new ``FileRule `` and ``Policy `` model objects in cbapi.
3639
3740* Cb Response
41+
3842 * Added ``watchlist_exporter.py `` and ``watchlist_importer.py `` scripts to the Cb Response examples directory.
3943 These scripts allow you to export Watchlist data in a human- and machine-readable JSON format and then re-import them into another Cb Response server.
4044 * The ``Sensor `` Model Object now uses the non-paginated (v1) API by default. This fixes any issues encountered when
@@ -46,12 +50,14 @@ Other changes:
4650 ``Process `` Model Object.
4751 * Retrieve all events for a process when using ``segment `` ID of zero on a Cb Response 6.1 server.
4852 * Behavior of ``Process.children `` attribute has changed:
53+
4954 * Only one entry is present per child (before there were up to two; one for the spawn event, one for the
5055 terminate event)
5156 * The timestamp is derived from the start time of the process, not the timestamp from the spawn event.
5257 the two timestamps will be off by a few microseconds.
5358 * The old behavior is still available by using the ``Process.childprocs `` attribute instead. This incurs a
5459 performance penalty as another API call will have to be made to collect the childproc information.
60+
5561 * ``Binary `` Model Object now returns False for ``.is_signed `` attribute if it is set to ``(Unknown) ``.
5662
5763* Moved the ``six `` Python module into cbapi and removed the external dependency.
@@ -65,6 +71,7 @@ in the Cb Protection 8.0 APIs.
6571Other changes:
6672
6773* Cb Response
74+
6875 * New method ``synchronize() `` added to the ``Feed `` Model Object
6976
7077* Bug fixes and documentation improvements
@@ -81,6 +88,7 @@ This release includes compatibility fixes for Cb Response 6.1. Changes from 1.0.
8188* Add ``.all_events `` property to the ``Process `` Model Object to expose a list of all events across all segments.
8289* Add example script to perform auto-banning based on watchlist hits from Cb Event Forwarder S3 output files.
8390* Add bulk operations to the ``ThreatReport `` and ``Alert `` Query objects:
91+
8492 * You can now call ``.set_ignored() ``, ``.assign() ``, and ``.change_status() `` on an ``Alert `` Query object to change
8593 the respective fields for every Alert that matches the query.
8694 * You can now call ``.set_ignored() `` on a ``ThreatReport `` Query object to set or clear the ignored flag for every
0 commit comments