Dalton v4.0.0

CHANGELOG.rst

@@ -2,91 +2,124 @@
 Dalton Changelog
 ****************
 
-2.0.0 (2017-11-15)
+4.0.0 (2026-02-18)
 ##################
 
-Initial public release.
-
-Special thanks: SuriCon 2017
+* Upgraded jQuery from 2.0.3 to 3.7.1
+* Fixed UI issue where custom rules text area would be incorrectly hidden when browsing back to the submission page
+* Added dynamic polling to queue and sensors pages for real-time updates
+* Added status coloring and animation to queue page for better visual feedback
+* Added ``/clear_queue`` API endpoint to expire all jobs and delete job files
+* Flipped the chronological order of the CHANGELOG entries so you don't have to scroll to the bottom to see the latest changes
 
-2.x.x
-#####
+3.6.0 (2026-01-24)
+##################
 
-Tweaks, fixes, and updates over the years; not well-documented here.
+* Moved to using **Docker Compose Version 2** in start-dalton.sh
+* Added functionality for users to set username, along with simple shared auth (see dalton.conf)
+* Updated queue page to display user who submitted the job (if so configured)
+* Fixed support for Suricata Socket Control in Suricata version 8 and later.
+  The necessary Python libraries for suricatasc are no longer included with the Suricata
+  source beginning with Suricata version 8.
+* Updated docker-compose to have more recent versions of the Suriata and Zeek agents by default
 
-3.0.0 (2021-03-10)
+3.5.0 (2025-09-18)
 ##################
 
-* Move to Python 3 from Python 2.
-* Better Suricata EVE log support in UI now that unified2 is no longer supported with Suricata v6; can format/highlight, view in "dark mode", and download directly from the UI.
-* Support for running jobs using Suricata socket control and enabled it by default.  Now Suricata doesn't have to restart (load config, rules, etc.) between jobs if the config and rules stay the same.
-* Ability to easily enable SSL/TLS on the Controller.
-* Additions, updates, and fixes to the API to reduce complexity and make it work as expected. 
-* Can now submit multiple pcaps (or an archive with multiple pcaps) and have them processed as individual jobs.
-* Display the number of alerts for finished jobs on the Queue page.
-* Ubuntu docker containers now use 18.04.
-* Use more recent versions of libraries, e.g. flask, jquery, etc.
-* Minor UI reorganization.  Variables are no longer bifurcated from the rest of the config.
-* Dalton agent now has configurable "config" parameter that it can submit to tell controller which config to use.
-* Address issues # 113, 123, 128, 132 (https://github.com/secureworks/dalton/issues/).
-* Updated documentation to reflect current reality.
-* Sundry other bug fixes and enhancements.
+* Addressed issue #245, sanitize input on post_job_results - thanks @whartond
+* Updated documentation
+* Code cleanup (ruff)
+* Bump dependencies
+  * jinja2 to 3.1.6
+  * flask to 3.1.1
+* Contributions from @da667 - thank you!
+  * Added cyberchef container (#235)
+  * Updated base OS to Ubuntu 24.04 (#234)
 
-3.1.0 (2021-06-18)
+3.4.2 (2024-11-15)
 ##################
 
-Contributors: Donald Campbell, Adam Mosesso
+* Updated flask dependencies (#180) (#222)
+  * Configure flask maximum content length
 
-* Added ability to select multiple pcaps from the file upload dialog.
-* Support for dumping (displaying) inspection buffers from alerts.
-* Minor cleanup.
+3.4.1 (2024-11-14)
+##################
 
-3.1.1 (2021-09-29)
+* Fixed bug with zeek processing. (#213) (#214) (#216)
+* Added some unit tests. (#203) (#215)
+
+3.4.0 (2024-11-12)
 ##################
 
-* Fixed UI issue where the "Dump buffers" option was being shown for incompatible engine versions. (issue #139)
-* Server side enforcement ensuring "Dump buffers" will only be attempted for compatible versions.
-* Bumped the default agent versions in the ``docker-compose.yml`` file to be the latest.
-* Added ``INSTALL-AWS.rst`` file with instructions for quickly and easily spinning up Dalton in AWS.
+Version 3.4.x is available initially on the pilot branch,
+in a sort of pre-release mode.
 
-3.2.0 (2022-02-28)
+* Use pyproject.toml (#184) (#189)
+* Use ruff format to format the code (#183) (#190)
+* Use ruff check --fix to make style changes (#183) (#192)
+* Add github actions CI (#191) (#193)
+* Be able to run unit tests on dalton and flowsynth (#182) (#194)
+* Update nginx from 1.19 to 1.27 (#200) (#202)
+* Update redis from 3.2 to 7.4 (#201)
+* Add unit tests for flowsynth (#204)
+* Use ruff to sort and format imports (#207)
+* Use ruff to detect flake8 bugbears (B) (#209)
+* Use pre-built zeek images (#181)
+* Use bump-my-version to update the version and tag (#197)
+  * Also, use bump-my-version to update the dalton-agent version
+  * Also, show the dalton controller version on the About page
+
+3.3.6 (2024-09-23)
 ##################
 
-* Added support for Zeek as a sensor
+Zeek Enhancements (#177)
 
-3.2.1 (2022-03-10)
+* Dalton UI now will have an option to provide custom zeek script in zeek sensor job creation page. You can either upload custom script file or write the script (or both) in the Dalton UI, and can run pcaps using those custom scripts.
+* Add zeek version 7 and version 6 ; remove zeek version 4.
+
+Author: Nikhileswar Reddy <nreddy@octolabs.io>
+
+3.3.5 (2024-09-10)
 ##################
 
-* Added explicit requirement for ``itsdangerous==2.0.1``
+* Be able to pre-fill the flowsynth compile page via GET or POST
+* also ran isort
 
-3.2.2 (2022-04-28)
+Author: Robin Koumis (SecureWorks) <rkoumis@secureworks.com>
+
+3.3.4 (2024-08-14)
 ##################
 
-*  Specify Jinja2 version in requirements
+Bring sensor configs up to date with current versions
 
-3.2.3 (2022-05-26)
+* Download ET Suricata 5.0 ruleset since the 4.0 ruleset won't work on latest supported Suricata versions.
+* set default enabled sensors to be up to date versions
+* add Suricata 7 YAML config file
+* add conf file for snort-2.9.20 even though it is functionally unchanged from snort-2.9.11
+* move suricata-7.0.0.yaml to proper location
+
+Author: whartond <github@davidwharton.net>
+
+3.3.3 (2024-07-11)
 ##################
 
-* Added share_expire to dalton.conf
-* Recreate job submission page based on JID
-* Added ability to pull PCAPs from job file
-* Add share link to UI and using ruleset from job
-* Added job zip modification time adjustment
-* Added PCAP drag and drop to jobs
-* Add font size for PCAP drop
-* Adjusted drag and drop text size in dalton.css
-* Edit PCAP drop CSS
+* Fixes issue where unable to build suricata container
 
-3.2.4 (2022-08-16)
+Author: Spencer Owen <owenspencer@gmail.com>
+
+3.3.2 (2023-06-06)
 ##################
 
-* Update URI for Suricata source code download.
+* Update error catching for suri7
 
-3.2.5 (2022-09-27)
+Author: zoomequipd <4827852+zoomequipd@users.noreply.github.com>
+
+3.3.1 (2023-05-12)
 ##################
 
-* Speed up Zeek build on systems with multiple processing units by using simultaneous jobs when running 'make'. (#155)
-* Fix Zeek won't run if no scripts in path (#156)
+* Spelling
+
+Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 
 3.3.0 (2023-05-12)
 ##################
@@ -98,110 +131,88 @@ Contributors: Donald Campbell, Adam Mosesso
 
 Co-authored-by: Xenia Mountrouidou (drx) <pmountrouidou@cyberadapt.com>
 
-3.3.1 (2023-05-12)
+3.2.5 (2022-09-27)
 ##################
 
-* Spelling
-
-Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
+* Speed up Zeek build on systems with multiple processing units by using simultaneous jobs when running 'make'. (#155)
+* Fix Zeek won't run if no scripts in path (#156)
 
-3.3.2 (2023-06-06)
+3.2.4 (2022-08-16)
 ##################
 
-* Update error catching for suri7
-
-Author: zoomequipd <4827852+zoomequipd@users.noreply.github.com>
+* Update URI for Suricata source code download.
 
-3.3.3 (2024-07-11)
+3.2.3 (2022-05-26)
 ##################
 
-* Fixes issue where unable to build suricata container
-
-Author: Spencer Owen <owenspencer@gmail.com>
+* Added share_expire to dalton.conf
+* Recreate job submission page based on JID
+* Added ability to pull PCAPs from job file
+* Add share link to UI and using ruleset from job
+* Added job zip modification time adjustment
+* Added PCAP drag and drop to jobs
+* Add font size for PCAP drop
+* Adjusted drag and drop text size in dalton.css
+* Edit PCAP drop CSS
 
-3.3.4 (2024-08-14)
+3.2.2 (2022-04-28)
 ##################
 
-Bring sensor configs up to date with current versions
+* Specify Jinja2 version in requirements
 
-* Download ET Suricata 5.0 ruleset since the 4.0 ruleset won't work on latest supported Suricata versions.
-* set default enabled sensors to be up to date versions
-* add Suricata 7 YAML config file
-* add conf file for snort-2.9.20 even though it is functionally unchanged from snort-2.9.11
-* move suricata-7.0.0.yaml to proper location
+3.2.1 (2022-03-10)
+##################
 
-Author: whartond <github@davidwharton.net>
+* Added explicit requirement for ``itsdangerous==2.0.1``
 
-3.3.5 (2024-09-10)
+3.2.0 (2022-02-28)
 ##################
 
-* Be able to pre-fill the flowsynth compile page via GET or POST
-* also ran isort
-
-Author: Robin Koumis (SecureWorks) <rkoumis@secureworks.com>
+* Added support for Zeek as a sensor
 
-3.3.6 (2024-09-23)
+3.1.1 (2021-09-29)
 ##################
 
-Zeek Enhancements (#177)
-* Dalton UI now will have an option to provide custom zeek script in zeek sensor job creation page. You can either upload custom script file or write the script (or both) in the Dalton UI, and can run pcaps using those custom scripts.
-* Add zeek version 7 and version 6 ; remove zeek version 4.
-
-Author: Nikhileswar Reddy <nreddy@octolabs.io>
+* Fixed UI issue where the "Dump buffers" option was being shown for incompatible engine versions. (issue #139)
+* Server side enforcement ensuring "Dump buffers" will only be attempted for compatible versions.
+* Bumped the default agent versions in the ``docker-compose.yml`` file to be the latest.
+* Added ``INSTALL-AWS.rst`` file with instructions for quickly and easily spinning up Dalton in AWS.
 
-3.4.0 (2024-11-12)
+3.1.0 (2021-06-18)
 ##################
 
-Version 3.4.x is available initially on the pilot branch,
-in a sort of pre-release mode.
+Contributors: Donald Campbell, Adam Mosesso
 
-* Use pyproject.toml (#184) (#189)
-* Use ruff format to format the code (#183) (#190)
-* Use ruff check --fix to make style changes (#183) (#192)
-* Add github actions CI (#191) (#193)
-* Be able to run unit tests on dalton and flowsynth (#182) (#194)
-* Update nginx from 1.19 to 1.27 (#200) (#202)
-* Update redis from 3.2 to 7.4 (#201)
-* Add unit tests for flowsynth (#204)
-* Use ruff to sort and format imports (#207)
-* Use ruff to detect flake8 bugbears (B) (#209)
-* Use pre-built zeek images (#181)
-* Use bump-my-version to update the version and tag (#197)
-  * Also, use bump-my-version to update the dalton-agent version
-  * Also, show the dalton controller version on the About page
+* Added ability to select multiple pcaps from the file upload dialog.
+* Support for dumping (displaying) inspection buffers from alerts.
+* Minor cleanup.
 
-3.4.1 (2024-11-14)
+3.0.0 (2021-03-10)
 ##################
 
-* Fixed bug with zeek processing. (#213) (#214) (#216)
-* Added some unit tests. (#203) (#215)
+* Move to Python 3 from Python 2.
+* Better Suricata EVE log support in UI now that unified2 is no longer supported with Suricata v6; can format/highlight, view in "dark mode", and download directly from the UI.
+* Support for running jobs using Suricata socket control and enabled it by default.  Now Suricata doesn't have to restart (load config, rules, etc.) between jobs if the config and rules stay the same.
+* Ability to easily enable SSL/TLS on the Controller.
+* Additions, updates, and fixes to the API to reduce complexity and make it work as expected.
+* Can now submit multiple pcaps (or an archive with multiple pcaps) and have them processed as individual jobs.
+* Display the number of alerts for finished jobs on the Queue page.
+* Ubuntu docker containers now use 18.04.
+* Use more recent versions of libraries, e.g. flask, jquery, etc.
+* Minor UI reorganization.  Variables are no longer bifurcated from the rest of the config.
+* Dalton agent now has configurable "config" parameter that it can submit to tell controller which config to use.
+* Address issues # 113, 123, 128, 132 (https://github.com/secureworks/dalton/issues/).
+* Updated documentation to reflect current reality.
+* Sundry other bug fixes and enhancements.
 
-3.4.2 (2024-11-15)
-##################
+2.x.x
+#####
 
-* Updated flask dependencies (#180) (#222)
-  * Configure flask maximum content length
+Tweaks, fixes, and updates over the years; not well-documented here.
 
-3.5.0 (2025-09-18)
+2.0.0 (2017-11-15)
 ##################
 
-* Addressed issue #245, sanitize input on post_job_results - thanks @whartond
-* Updated documentation
-* Code cleanup (ruff)
-* Bump dependencies
-  * jinja2 to 3.1.6
-  * flask to 3.1.1
-* Contributions from @da667 - thank you!
-  * Added cyberchef container (#235)
-  * Updated base OS to Ubuntu 24.04 (#234)
-
-3.6.0 (2026-01-24)
-##################
+Initial public release.
 
-* Moved to using **Docker Compose Version 2** in start-dalton.sh
-* Added functionality for users to set username, along with simple shared auth (see dalton.conf)
-* Updated queue page to display user who submitted the job (if so configured)
-* Fixed support for Suricata Socket Control in Suricata version 8 and later.  
-  The necessary Python libraries for suricatasc are no longer included with the Suricata 
-  source beginning with Suricata version 8.
-* Updated docker-compose to have more recent versions of the Suriata and Zeek agents by default
+Special thanks: SuriCon 2017

app/__init__.py

@@ -6,7 +6,7 @@
 from app.dalton import dalton_blueprint, ensure_rulesets_exist, setup_dalton_logging
 from app.flowsynth import flowsynth_blueprint, setup_flowsynth_logging
 
-__version__ = "3.6.0"
+__version__ = "4.0.0"
 
 
 def create_app(test_config=None):