MISP 2.4.183 released with new ECS log feature, improvements and bugs fixed

January 9, 2024

MISP 2.4.183 released with a new ECS log feature, improvements and bugs fixed.

  • MISP now supports Elastic Common Schema (ECS) security logging. A new option has been added Security.ecs_log to enable this new functionality. A new Security.alert_on_suspicious_logins to security audit has been added.
  • The sync configuration in MISP now supports sharing group blueprints for a simple creation of filter rules based on dynamically updated organisation lists.
  • Major improvement to STIX import handling and especially the misp-stix library such as Parsing PE binary extensions within File observable objects and many more improvements/fixes.
  • API add tag functions updated to also work with uuids, rather than just local IDs.
  • [event:view] Added option to mass local cluster tag.

Many bugs fixed and minor improvements. Feel free to read the detailed changelog

MISP project knowledge bases

MISP Objects

MISP Galaxy

A new dedicated website has been developed to easily reference galaxy outside MISP.

MISP warning-lists

Warning-lists updated to the latest version from the different sources.

Don’t forget to follow us on Mastodon

The MISP project has its own Mastodon server misp-community.org - don’t forget to follow @misp@misp-community.org on the fediverse. Core contributors of MISP can sign-up if they wish to have an account.

MISP Professional Services

MISP Professional Services (MPS) is a program handled by the lead developers of MISP Project, in order to offer highly skilled services around MISP and to support the sustainability of the MISP project. This initiative is meant to address the policy requirements of companies/organisations requiring commercial support contracts. Don’t hesitate to get in touch with us if you need specific services.