Release Notes: User can now choose the way alerts are sorted. Asynchronous DNS resolution is now supported in the alert view as well as the message summary. The alert summary view now handles portlist and ip_version service fields, and shows the alert's messageid. An exception when rendering ToolAlert was fixed along with double classification escaping. The Heartbeat view was sped up. A Polish translation was included. There were also various bugfixes and cleanups.
Release Notes: An auto-refresh system was implemented. The ability to filter on missing, offline, online, or unknown agents was added. It is now easier to read each agent status in collapsed mode. A filter load/save/delete problem with translation was fixed. New "My account" tabs were added under the Settings section. messageid and analyzerid parameters were added, allowing a link to a Prewikka alert from an external tool. The timeline control table layout was improved. Translation of strings possibly using plural forms was fixed. Various bugs were fixed.
Release Notes: A new powerful and scalable agent view, grouping agent together by Location and Node. This release has been internationalized: a user can choose the language used in their settings tab, or specify a default locale using the "default_locale" configuration keyword. Current translations: Brazilian Portuguese, French, German, Russian, and Spanish. In the Alert/Heartbeat summary view, analyzers are numbered backward to reflect the ordering in the analyzer list. Support has been added for resizing the menu. A Konqueror rendering bug with the inline filter has been fixed. There are various bugfixes.
Release Notes: All sources and targets are not shown if they reach a predefined limit; an expansion link is provided instead. Two new views were added in the Events section: CorrelationAlert and ToolAlert. The ability to filter/aggregate on all IDMEF paths was added. The user may choose which criteria filter operator to use. Analyzer aggregation was added. When a session expires and the user logs in, she is directed to the last page she attempted to access. When an error occur, the default layout is preserved. Non-aggregated views are faster by around 50%. IDMEF Action, SNMPService, and WebService class are supported. Support for small screen resolution was improved.
Release Notes: The newer preludeDB deletion API is used, providing a deletion performance improvement of around 3000%. Multiple sources and targets are handled properly. The host command and information link were made available from the Sensor listing. External command handling was improved so that command line arguments can be specified, instead of being limited to a defined command subset. Toggling several popups at once in the HeartbeatListing is avoided. Lookup capability is only provided for a known network address type. New address and node name lookup services were added. Various bugs were fixed.
Release Notes: Intelligent display for CorrelationAlert: includes correlated alert information in the alert listing. Intelligent printing of Network centric information. Fixes Cheetah compilation for the heartbeat page. Corrects handling of AdditionalData containing an integer 0. Handles the ignore_atomic_event AdditionalData key (used by CorrelationAlert to hide linked-in alert). Fixes aggregation when done simultaneously on multiple fields. Aggregation on fields other than "address" was not working well.
Release Notes: The ability for the user to save settings for the current view was added. CorrelationAlert is marked explicitly in the AlertListing. The inline filter mark was made more visible. The new --address and --port options were added to prewikka-httpd. The ability to setup a filter using iana_protocol_name and iana_protocol_number was added. The protocol number is resolved from the message summary view. The timeline years value is sanitized if it exceeds system specs. A bug where clicking the IP address popup would cause Firefox to go back to the top of the page was fixed. The path is no longer hardcoded to /usr/bin/python.
Release Notes: Configuration entry without a space after the ":" separator are allowed. More operators were added, including a case insensitive operator and a regex operator. The target file is shown in the message listing. Much more information is shown in the alert summary view. This is especially useful for users of file integrity checkers.
Release Notes: Prewikka now works and renders perfectly with IE 6.0. Most of the code conforms to XHTML. A possible exception with filtered classification text was fixed. Filtering on heartbeat.analyzer.name is now allowed.