Releases: dlamspl/splunk_attack_range_reporting
Releases · dlamspl/splunk_attack_range_reporting
Version 1.0.9
- Update some visualizations (punchcard) to use Treemap instead
- Add PurpleSharp information to the Navigator dashboard
- Add new dashboard to make it easier for users to map ATT&CK techniques to Splunk Detections and/or Atomic Red Team/PurpleSharp tests available
- Fix an issue displaying the SanKey diagram for "Executed Simulations" on the main dashboard
Version 1.0.8
- Update MITRE & Atomic Red Tests Lookups
- Update contributor link
- Fix AppInspect failed tests
v1.0.7 - Fixed Links, additional detection viz and cosmetic improvements
- Fixed the links for Analytic Stories to ES and documentation (as that was moved to research.splunk.com)
- Added a Sankey visualization to display the executed simulations/atomic tests
- Minor cosmetic improvements to table column headers
- Documentation update (README)
v1.0.6
splunk_attack_range_reporting-1.0.6.tar.gz
- Fix "The Attack Range Dashboard, Potential detections panel does not show expected Detections" issue
- Fix "
View [ESCU]link is broken with latest ESCU version bug" issue
v1.0.5
v1.0.4
v1.0.3: Updated dashboards with deetections
This version of Splunk attack range reporting provides the following:
- Attack range main dashboard - Added detections
- Attack range navigator - Added more precise detection view
Known issues:
On attack range navigator token is not unset on removing Tactic filter
Dependencies:
Make sure sseidenrcihment from SSE is available to system
Good enough !
Added macro for index data and removed offending IDs
Minor update
Minor csv update to avoid SSE issues.
First release !
This is the initial release of the Splunk attack range reporting app. Provides the following two dashboards
- Attack Range Dashboard
- Attack Range Navigator