Skip to content

v5.5.10

Choose a tag to compare

View all tags
@pyth0n1c pyth0n1c released this 14 Jan 19:42
· 43 commits to main since this release
v5.5.10
6ccfcbc
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

contentctl v5.5.10 Release Notes

Overview

contentctl v5.5.10 introduces support for Findings-Based Detections (FBDs), enhanced KVStore versioning validation for Splunk Enterprise Security 8.3+, and improved integration testing reliability. This release focuses on expanding deployment capabilities and strengthening version management workflows.

What's New

Findings-Based Detection (FBD) Support

  • New: Added FBD configuration output generation to support Findings-Based Detections in Splunk
  • Enhancement: Created dedicated Jinja2 template (savedsearches_fbds.j2) for FBD stanza generation
  • Integration: FBDs are now included in the build process and packaged into Splunk apps
  • Files modified: contentctl/output/conf_output.py:59, contentctl/actions/build.py:1

KVStore Versioning & Validation Enhancements

  • New: ES version detection to determine appropriate versioning method (KVStore for ES 8.3+, index-based for ES 8.0-8.2)
  • New: CMSEvent model for structured parsing and validation of content versioning events
  • New: Version-based validation endpoint to confirm versioning is active before deployment
  • Enhancement: Updated search queries to use cms_content_lookup for ES 8.3+ KVStore-based versioning
  • Enhancement: Improved error messages for versioning validation failures
  • Refactor: Streamlined versioning activation workflow for ES 8.3+ compatibility
  • Primary file: contentctl/objects/content_versioning_service.py (+216 lines, major enhancements)

Testing & Quality Improvements

  • Fix: Adjusted integration test time windows to use full time ranges, improving test reliability and reducing flaky test failures
  • Files modified: contentctl/objects/correlation_search.py:4

Technical Details

Modified Components

  • contentctl/actions/build.py - Integrated FBD output generation
  • contentctl/objects/content_versioning_service.py - Major versioning overhaul (216+ line changes)
  • contentctl/objects/correlation_search.py - Time range fixes
  • contentctl/output/conf_output.py - FBD configuration generation (+59 lines)
  • contentctl/output/templates/savedsearches_fbds.j2 - New FBD template

Breaking Changes

None.

Contributors

Full Changelog: v5.5.9...v5.5.10

Contributors

cmcginley and xqi
Assets 2
Loading