Added support for investigation framework and implemented remaining endpoints for playbooks.

Fixed previous broken release

• Updated documentation
• Removed old endpoints

• Fixes for Playbook Analysis

• Fixed Running Playbook without TLP set

• Readded default TLP for analysis as TLP:CLEAR for "classic" analyses only (the ones that do not leverage a Playbook)

• Default TLP for analysis is not TLP:CLEAR anymore. For instance, this prevents the client to overwrite the TLP configuration of a Playbook.

• Little fixes

• Fixed client results management in case of errors
• Removed support for Python 3.7

• Added support for TLP:CLEAR

• Analyzing a File with a Playbook now works correctly
• other little bug fixing

• this version supports the usage of a proxy while connecting to IntelOwl via Python code.

• this version supports the new Playbooks feature released with IntelOwl v4.1.0

• this version is fully compatible with IntelOwl v4 (#165)
• fixed some errors in jobs view and jobs ls
• updated all dependencies and softened their requirements

• dependencies upgrade
• #163

• Added support for URLs that use TCP as protocol
• Updated linters + formatted code with isort

• Library: IntelOwl.ask_analysis_availability now accepts an argument minutes_ago. Use to specify number of minutes to go back when searching for a previous analysis.
• CLI: -m/--check-minutes-ago flag in analyse.

• Fix runtime_configuration bug in IntelOwl.send_observable_analysis_request

• Documentation fixes and adjusts
• Soften click package dependency to click>=7.0 to avoid pip conflicts
• Add support for python 3.10

This version supports only IntelOwl versions >=3.1.0.

Breaking Changes::

• Library: The tags: List[int] argument has been deprecated in favor of tags_labels: List[str] in the methods, IntelOwl.send_observable_analysis_request and IntelOwl.send_file_analysis_request. Previously, the tags argument would accept a list of tag indices, now the tags_labels accepts a list of tag labels (non-existing Tag objects are created automatically with a randomly generated color).
• CLI: Due to above change the -tl/--tags-list flag in analyse now also accepts a list of tag labels.

Others:

• Bump dependencies. click -> 8.0.1, rich -> 10.12, click-creds -> 0.0.3.

This version supports only IntelOwl versions >=3.0.0 and includes many breaking changes.

Changes:

• Refactored argument names and ordering for ask_analysis_availability, send_file_analysis_request, send_observable_analysis_request methods to comply with latest changes in IntelOwl's REST API.
• Deprecate run_all_available_analyzers argument/flag.

New Features:

• Ability to specify connectors_requested when creating a new analysis.
• Ability to request and view "Connector Reports" for a job.
• Ability to request connector_config.json file and view in either JSON or tabular format.
• Ability to request download of sample associated with a job.
• Added kill, retry and healthcheck features to analyzers and connectors. See Managing Analyzers and Connectors section of the documentation.

Others:

• Soften peer dependencies/requirements to avoid pip conflicts.
• Better testing across different python versions using tox's matrix.

• Fix IntelOwl._get_observable_classification not setting 'generic' classification properly.

• Fix to allow SSL verification without a specified PEM file

• Little fixes and adjustments

• Removed deprecated ask_analysis_result function
• Little fix to a problem in the logs for the ones that use pyintelowl as a library
• Tweaked configuration setup, allowing No Certification Validation
• Added dependabot config and updated dependencies
• Added basic testing suite for CLI

With this, pyintelowl now supports all API endpoints of IntelOwl.

More info at: https://github.com/intelowlproject/IntelOwl/releases/tag/v2.2.0

This release was created mainly to solve a problem with the installation of the pip package.

Other changes:

• added support for adding tags when requesting a new job
• added support for creating/editing tags
• added support for "generic" classification of observables

Note: Incompatible with previous versions

This version brings a complete rewrite of the pyintelowl library as well as command line client. We very much recommend you to update to the latest version to enjoy all new features.

• The new CLI is written with pallets/click and supports all IntelOwl API endpoints. The CLI is well-documented and will help you navigate different commands; you can use it to request new analysis, view an old analysis, view analyzer_config.json, view list of tags, list of jobs, etc.
• Complete type-hinting and sphinx docs for the pyintelowl.IntelOwl class with helper member functions for each IntelOwl API endpoint.

This version supports only IntelOwl versions >=1.8.0 (about to be released). To interact with previous IntelOwl versions programmatically please refer to pyintelowl version 1.3.5

• we forced black style, added linters and precommit configuration. In this way pyintelowl is aligned to IntelOwl.
• we have updated the authentication method from a JWT Token to a simple Token. In this way, it is easier to use pyintelowl for integrations with other products and there are no more concurrency problems on multiple simultaneous requests.

If you were using pyintelowl and IntelOwl before this version, you have to:

• update IntelOwl to version>=1.8.0
• retrieve a new API token from the Django Admin Interface for your user: you have to go in the Durin section (click on Auth tokens) and generate a key there. This token is valid until manually deleted.

Now optional parameter "runtime_configuration" properly works

Please use this version of pyintelowl with version >= 1.5.x of IntelOwl

see 1.3.3 for details

Some fixes:

• pyintelowl did not work correctly against HTTPS-enabled IntelOwl Servers
• fixed parameter name in send_observable_analysis_request

Please use this version of pyintelowl with v1.5.x of IntelOwl

Patch Release after 1.3.0.

• renamed additional_configuration to runtime_configuration.
• Formatting with psf/black formatter.

Please use this version of pyintelowl with v1.5.x of IntelOwl.

Fixes and improvements to "--show-colors" option

reformatted some code + added support for new parameter "additional_configuration"

PR #16 for details.

Added an option when executing pyintelowl as CLI: -sc will show the results in a colorful and organized way that helps the user in looking for useful information. By default, the results are still shown in the JSON format. Thanks to tsale to his idea and contribution.

Example:

python3 intel_owl_client.py -i <your_intelowl_instance> -sc -a VirusTotal_v2_Get_Observable -a HybridAnalysis_Get_Observable -a OTXQuery observable -v www.google.com

For all the details, check the official blog post:

https://www.honeynet.org/2020/07/05/intel-owl-release-v1-0-0/

This version is compatible only with the related (1.x) IntelOwl release.