MISP | Version 1#
MISP version 1 for EclecticIQ Intelligence Center (EIQ IC) offers:
An incoming feed for ingesting intelligence from your MISP instance in EIQ IC.
An enricher that adds context from your MISP instance to your intel in EIQ IC.
An Outgoing feed for exporting data from EIQ IC to MISP.
# Release History
## EclecticIQ MISP Extension
## 3.3.1, 3.2.3, 3.1.8, 2.14.12
## Release date: 08 April 2024
**Fixed**
- Added support for bazaar.abuse.ch feed.
- Maliciousness of the observables that have value true on`to_ids` field for Event.Attribute list is controlled through `include_ids_attr_maliciousness` checkbox.
## 3.2.2, 3.1.7, 2.14.11
## Release date: 05 Feb 2024
*Changed*
- Removed pymisp dependency from the extension.
## 3.2.1, 3.1.6, 2.14.10
## Release date: 15 Dec 2023
**Changed**
- EIQ Metadata attribute now is controlled through `Include EIQ metadata attribute` checkbox in the outgoing feed.
## 3.1.5, 3.0.9, 2.14.9
## Release date: 03 Nov 2023
**Fixed**
- If distribution is not provided, set distribution level 5 (inherit) for incoming feed and manual upload.
## 3.1.4, 3.0.8, 2.14.8
Release date: 30 Aug 2023
**Changed:**
- TLP:AMBER+STRICT values from MISP are now mapped as TLP:RED values in ingested entities.
## 3.1.3, 3.0.7, 2.14.7
Release date: 18 Aug 2023
**Added:**
- TLP 2.0 values from MISP are now handled as TLP 1.0 values on ingested entities.
**Fixed:**
- Issue where MISP event tags were not added to ingested Report entities.
**Changed:**
- When "Ingest only the events created after this date" field is empty,
now use a default value so that feed ingests all events created since the beginning of time.
## 3.1.2, 3.0.6, 2.14.6
Release date: 03 Aug 2023
**Fixed:**
- Issue when 'Filter by tags' field is left blank.
## 3.1.1, 3.0.5, 2.14.5
Release date: 27 Jul 2023
**Added:**
- 'Filter by tags' field now allows filtering events by a comma-separated list of tags and taxonomies.
**Changed:**
- Now updates previously ingested entities if they've been modified on the MISP instance since the last time the feed was run.
## 3.2.0, 3.1.0, 3.0.4, 2.14.4
Release date: 30 June 2023
**Fixed**
- Removes option `Reduce lock contention` to fix high memory usage. `Reduce lock contention` was previously added to fix slow ingestion in MISP feeds. Ingestion in EclecticIQ Intelligence Center has since improved, and `Reduce lock contention` is no longer needed.
## 3.0.3
Release date: 22 June 2023
**Fixed:**
- Indicators created from `to_ids` field will have more details in the analysis field.
## 3.0.2
Release date: 20 June 2023
**Fixed:**
- Indicators do not include tags if `to_ids` field is false
- Maliciousness of the observables depends on the value of `to_ids`
## 3.0.1
Release date: 08 June 2023
**Fixed:**
- Children indicators are created and connected to one parent indicator that is connected to the main incident
- Indicators include the `to_ids` field if it is found in the MISP dataset
## 2.13.2, 2.12.2, 2.11.5
Release date: 30 August 2022
**Fixed:**
- Actually fetch data when ingesting embedded files in MISP events.
## 2.13.1, 2.12.1, 2.11.4
Release date: 27 July 2022
**Added:**
- Now supports ingesting embedded files in MISP events.
## 2.10.3, 2.11.3
Release date: 9 March 2022
**Fixed:**
- Issue where outgoing feeds would fail because entities packed
by the IC were missing the "description" field.
## 2.11.2 (02 February 2022)
**Fixed:**
* Issue with the bad urls in reference section.
* Issue with parsing specific values.
**Features:**
* Initial release.
* Now provides the MISP API incoming feed.
* Now provides the MISP API Enricher.
* Now provides the MISP upload outgoing feed.