Release/v10.8.1 (#1226)

mjabascal10 · yllada · JocLRojas · web-flow · commit 5c8901989733 · 2025-06-02T13:12:10.000-04:00
* fix(compliance-schedule): fix standard and section selection issue in report creation

* chore: Update CHANGELOG.md

* chore: update version.yml

* fix(ui): display array fields as a single field without numeric suffixes

* chore: update CHANGELOG.md

* fix(alert-field-render): resolve persistent loading spinner when displaying "tags" column

* chore: Update CHANGELOG.md

* fix: Resolve false positive checkbox selection when editing tagging rules

* feat: implement alert correlation and context building for enhanced alert analysis

* add debug logging for GPT request

* feat: add debug logging for alert processing and related alerts retrieval

* fix: update to return schema.Alert and adjust related logic

* refactor: simplify body creation in ElasticSearch function and remove unnecessary debug logs

* fix: optimize alert correlation logic and improve classification handling

* fix: update of the logic of correlation of alerts and construction of the historical context based on counts

* fix: improve log handling in GPT request and ensure last log entry is used

* feat: update macOS install steps with `utmstack-macos-agent.pkg`

* fix: add pipeline for aws, sophos-central and o365 integrations

* fix: remove logging of debug

* Migrate from correlation service to direct Logstash connection in aws integration.

* Migrate from correlation service to direct Logstash connection in office365 integration.

* Migrate from correlation service to direct Logstash connection in sophos integration.

* fix: add pipeline for aws, sophos-central and o365 integrations

* chore: resolve merge conflicts

* chore: integrate recent UI improvements

* add datasource in macos agent logs

* include logstash ports in installer for aws, o365 and sophos

* fix: update TagRulesApplied field type to slice and join in conversion

* fix: change TagRulesApplied field type from string to slice of int

* Refactoring the event sending format to Logstash in the AWS plugin.

* Refactoring the event sending format to Logstash in the Sophos plugin.

* Refactoring the event sending format to Logstash in the office365 plugin.

* fix: add pipeline for aws, sophos-central and o365 integrations

* "Update blocklist processing to support severity levels and enhance IP threat intelligence integration."

* "Add IP validation using net.ParseIP to ensure proper processing of source and destination IPs."

* "Fix path in Dockerfile COPY command for the correlation binary."

* fix: add pipeline for aws, sophos-central and o365 integrations

* Update correlation Dockerfile

* fix: add pipeline for aws, sophos-central and o365 integrations

* fix: add pipeline for aws, sophos-central and o365 integrations

* fix: filter only valid IPs when parsing coordinate map chart data

* fix: update display name for Sophos integration

* Implement Sophos Central filter (v1.0.0).

* Refactor AWS filter (v2.0.0) to use JSON instead of Grok.

* Refactor Office 365 filter (v2.0.0) by simplifying the structure.

* fix: corrected typo in compliance status label from "Complaint" to "Compliant"

* send logs from new windows channels in arm agent

* fix: hide sorting action for assets filters

* fix: improve CSV export limit parameters

* fix: correct uninstalling command for macOs agent

* feat: add Windows ARM64 support to agent installation platforms

* set correct api url environment

* fix: update filter for winevent log agent

* fix: update wineventlog filter

* fix: update wineventlog filter

* fix: add pipeline for aws, sophos-central and o365 integrations

---------

Co-authored-by: Yadian Llada Lopez &lt;yadian.llada@gmail.com&gt;
Co-authored-by: JocLRojas &lt;joc.l.rojas02@gmail.com&gt;
Co-authored-by: Kbayero &lt;yorjakbayero@gmail.com&gt;
Co-authored-by: Osmany Montero &lt;osmontero@icloud.com&gt;
Co-authored-by: Yorjander Hernandez Vergara &lt;99102374+Kbayero@users.noreply.github.com&gt;
diff --git a/backend/src/main/resources/config/liquibase/changelog/20250507003_add_o365_pipeline.xml b/backend/src/main/resources/config/liquibase/changelog/20250507003_add_o365_pipeline.xml
@@ -8,7 +8,7 @@
         <sql dbms="postgresql" splitStatements="true" stripComments="true">
 
             INSERT INTO utm_logstash_pipeline (id, pipeline_id, pipeline_name, parent_pipeline, pipeline_status, module_name, system_owner, pipeline_description, pipeline_internal, events_in, events_filtered, events_out, reloads_successes, reloads_failures, reloads_last_failure_timestamp, reloads_last_error, reloads_last_success_timestamp)
-            VALUES (57, 'o365', 'Office 365', null, 'up', 'AWS', true, null, false, 0, 0, 0, 0, 0, null, null, null);
+            VALUES (57, 'o365', 'Office 365', null, 'up', 'O365', true, null, false, 0, 0, 0, 0, 0, null, null, null);
 
             INSERT INTO utm_group_logstash_pipeline_filters (filter_id, pipeline_id, relation)
             VALUES (601, 57, 'PIPELINE_FILTER');
