Change cli program to see debug log of REconverge 0.31.0

syncpark · Sep 7, 2022 · d81b7cc · d81b7cc
1 parent 0478bf7
commit d81b7cc
Show file tree

Hide file tree

Showing 20 changed files with 1,257 additions and 6,500 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,59 +6,10 @@ project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
 
-### Added
+### [Removed]
 
+- labeler, labtune program is removed
 
-## [0.1.2] - 2020-12-22
+### [Changed]
 
-### Added
-- labeler
-  - set tokens enable/disable automatically by it's benign/suspicious cluster matching ratio
-  - all(enabled+disabled) patterns are matched and saved it's usage statistics
-  - only enabled patterns are calculated as score
-- labtune
-  - Added - import/export labels from/to threat description database(.tdb).
-  - Added command - `/export`, `/import [force] <.tdb file>`
-
-### Changed
- - labtune - load/export for each thread description file in '.json' format.
-
-
-## [0.1.1] - 2020-12-10
-
-### Added
-- labtune
-  - Added command - `/add keyword|signature`, `/remove keyword|signature`, `/remove all`
-- labeler
-  - labeling by keyword and signature matching result.
-  - weight for each type of keyword, signature, token and scoring.
-  - default weight: 1.0 for token, 10.0 for keyword, signature
-- labtune, cli: score and probability
-  - label scoring and probability based on score ranage
-  - probability: VeryLoW, Log, Medium, High, VeryHigh
-
-### Changed
-- labtune
-  - `/status` command shows the keywords and signature usage too.
-  - `/status`, `/label` commands show the type of pattern in usage statistics too.
-- database schema changed to store pattern id for each token/signature/keywords.
-
-## [0.1.0] - 2020-11-30
-
-### Added
-- cli: Added command - `/filter diff`, `/set <Qualifier> [all]`
-- cli: Added command - `/set tokens on|off`
-- labtune: Added command - `/filter token`
-
-### Changed
-
-- labtune: Changed `/tokens` command to `/status`
-- labtune: Show matched clusters in the `#<label-id>`
-- labeler: The unknown clusters can be qualified by the ipaddrs from previous suspicious and benign clusters.
-- cli, labtune, labeler: Requires reconverge 0.25, review 0.10 or later
-- cli, labeler: Changed web log parser and tokenizer
-- cli: `/save` command will save all updated qualifiers to `cluster` table
-
-### Removed
-- cli: `/r`, `/reverse` command removed
-- cli: `/filter auto <Qualifier>` command removed
+- This cli program is modified to see the result of REconverge clustering