8.7.0

edit

Schema changes

edit
Bugfixes
edit
  • Remove duplicated client.domain definition #2120
Added
edit
  • Adding name field to threat.indicator #2121
  • Adding api option to event.category #2147
  • Adding library option to event.category #2154
Improvements
edit
  • Description for host.name definition updated to encourage use of FDQN #2122

Tooling and artifact changes

edit
Improvements
edit
  • Updated usage docs to include threat.indicator.url.domain and changed indicator.marking.tlp and indicator.enrichments.marking.tlp from "WHITE" to "CLEAR" to align with TLP 2.0. #2124
  • Bump gitpython from 3.1.27 to 3.1.30 in /scripts. #2139