The mentat-informant.py module is a Python replacement for previous mentat-briefer.py module. It is designed to provide periodical statistical overviews via email. The email reports are localized using babel package and can be translated into any language. Additionally, the reporting engine uses Jinja2 templating system for message rendering, so it enables very easy customization. (Redmine issue: #3377)

This action is capable of deleting nodes on specified JPath within given message. (Redmine issue: #3376)

(Redmine issue: #3387)

This default value prevented inspector to be placed at the end of message processing pipeline, because it was not capable of deleting processed messages.

(Redmine issue: #3387)

Renamed custom log_exception() method to log_exception_with_label(), there was an accidental name override of built-in Flask internal method.

Part of the work was extending the eventstorage service to enable parametrized deletion of multiple events similar to searching. (Redmine issue: #3381,#3752)

(Redmine issue: #3387)

Improved the mentat-ideagen.py to generate randomized values of (Source|Target|Node).Type attribute.

The GeoIP database requires single IPv4/IPv6 address, yet IDEA messages may contain ranges and CIDRs. Deal with that by ignoring errors.

(Redmine issue: #3734)

Improved coding style of the blueprint. Improved output of the status view page. The page now provides more detailed information about module and cronjob status as well as detailed information about discovered log files, pid files and processes. This should still be considered as a draft, there are many more improvements yet to be done, especialy the regarding the design of the page. (Redmine issue: #3734)

(Redmine issue: #3734)

(Redmine issue: #3734)

(Redmine issue: #3734)

Improved implementation, design, output and coding style of 'dbstatus' pluggable module. The view page now display basic characteristics of event table (number of rows, oldest and newest record, table size, ...) as well as the values of most important PostgreSQL configurations. (Redmine issue: #3734)

(Redmine issue: #3361)

(Redmine issue: #3752)

Improved internal code of both migration scripts, lots of code was moved to shared libraries, improved documentation, coding style and command output. (Redmine issue: #3752)

This commit contains following bulk changes:

* The search form was extended to include event class and event severity search options.
* Fields in event search form were reordered to more logical groups.
* Event field activation buttons were grouped into toolbar.
* Unified display of item search button inside event result table.
* Improved background HTML and JS code for event searc result table.

(Redmine issue: #3752)

There was a syntax error in configuration file and library function for fetching distinct column values did not take into account non array columns.

Improved documentation and output of the script. (Redmine issue: #3752)

Added new columns for '_CESNET.EventClass', '_CESNET.EventSeverity' and '_CESNET.InspectionErrors' IDEA message attributes. (Redmine issue: #3752)

This commit contains following design changes and fixes:

* Fixed the issue with duplicated HTML identifiers for datetime selects.
* Written macros for rendering search dropdown buttons for source addresses, categories and abuse groups.
* Modified accessors in internal IDEA representation.
* Implemented implicit sorting by storage time in case it was chosen in the search form.
* Additional minor design fixes and tweaks.

(Redmine issue: #3734)

* Added the ability to search according to the 'source|target|detector types' and  'description'.
* Added the ability to search according to the host address|ports|types. Host is an alias for Source OR Target.
* Minor design improvements in main menu and other page widgets.
* Updated mentat-precache.py according to changes mentioned above.
* Added new 'allow_empty' feature to mentat-precache.py.

(Redmine issue: #3752,#3734)

(Redmine issue: #3752)

(Redmine issue: #3752)

(Redmine issue: #3443)

This commit contains following new features:

* The PostgreSQL model for IDEA events now contains '(Source|Target|Node).Type' and 'Description' attributes. These are now represented as separate IDEA event table columns to enable better searching. This means, that the table schema changed !!!
* The migration script and all necessary underlying functions had to be updated accordingly.
* Minor facelift in output of migration script.

(Redmine issue: #3752)

(Redmine issue: #3383)

(Redmine issue: #3443)

This commit contains also following updates:

* improved module documentation
* improved module coding style with pylint tool
* improved configurability by putting remote_host and remote_dir to configuration options

(Redmine issue: #3752)

This commit also contains following related improvements:

* documentation enhancements
* configuration file cleanup
* runlog enhancement, better information about items created and deleted
* code simplification, the status and update command now share the same code
* coding style improvements using pylint tool

(Redmine issue: #3752)

(Redmine issue: #3734)