assemblyline

assemblyline copied to clipboard

**Describe the bug** In setups using Docker Compose, health checks work only for dependency container (and only if they are update containers with an AL service inside ;)). Health check...

kam193

Scaler to recognize service in failed state

1

**Is your feature request related to a problem? Please describe.** There have been multiple occasions recently where an AL4 analytic service in the cluster gets stuck in a state it...

ed4wg

Suricata service can be stuck for hours if suricata didn't start

5

**Describe the bug** Recently, I've recognized a few times that Suricata service stopped processing files. After analysing what's going on, I've found that Suricata is not running, and the service...

kam193

UI: Badlisted tags are not colored in file details view

1

**Describe the bug** I see that for some time, badlisted tags are not colored in the file details view, in on the top (they are usually colored in sections view)....

kam193

**Describe the bug** In a code (attached) there is a gTLD `.online` domain, which wasn't recognized during a static analysis. I know that with gTLDs the static detection is especially...

kam193

**Is your feature request related to a problem? Please describe.** One of our data sources does not generate a SHA256 but rather references samples using a GUID. We would like...

ociappara

**Is your feature request related to a problem? Please describe.** Currenly, AssemblyLine allows searching by SHA256 on VirusTotal by specifying a [Sha256Source](https://cybercentrecanada.github.io/assemblyline4_docs/odm/models/config/#sha256source). Some EDRs and other sources of data only...

scottpas

Wrong file type identification - Python as INI

4

**Describe the bug** I've come across wrong identification of a Python code. It's identified as INI script, by both AL and the mimetype. My suspicious is that UTF chars used...

kam193

(optionally) Remove signatures from removed sources - or bulk edit them

5

**Is your feature request related to a problem? Please describe.** I've added a new source of Yara rules, but then I decided they are not good enough, so I removed...

kam193

Full-text search in submission files

2

**Is your feature request related to a problem? Please describe.** When analyzing a submission consisting of multiple linked files (e.g. a python package), sometimes it's really useful to search for...

kam193