v1.4.2

Fixed

• Bug where some CSV outputs on Windows would have an extra newline between the rows.

• Issue where outputting or sending an alert or file-event with a timestamp without
  decimals would error.

• A performance issue with the code42 departing-employee bulk add command.

Changed

• code42 alert-rules list now outputs via a pager when results contain more than 10 rules.

• code42 cases list now outputs via a pager when results contain more than 10 cases.

v1.4.1

Fixed

• Arguments/options that read data from files now attempt to autodetect file encodings.
  Resolving a bug where CSVs written on Windows with Powershell would fail to be read properly.

v1.4.0

1.4.0 - 2021-03-09

Added

• code42cli.extensions module exposes sdk_options decorator and script group for writing custom extension scripts
  using the Code42 CLI.

• code42 devices list options:

  • --include-legal-hold-membership prints the legal hold matter name and ID for any active device on legal hold
  • --include-total-storage prints the backup archive count and total storage

v1.3.1

1.3.1 - 2021-02-25

Changed

• Command options for profile update:
  • -n --name is not required, and if omitted will use the default profile.
  • -s --server and -u --username are not required and can be updated independently now.
  • Example: code42 profile update -s 1.2.3.4:1234

v1.3.0

Fixed

• Issue where code42 alert-rules bulk add would show as successful when adding users to a non-existent alert rule.

Added

• New choice TLS-TCP for --protocol option used by send-to commands:
  • code42 security-data send-to
  • code42 alerts send-to
  • code42 audit-logs send-to
    for more securely transporting data. Included are new flags:
  • --certs
  • --ignore-cert-validation

Changed

• The error text in cases command when:
  • cases create sets a name that already exists in the system.
  • cases create sets a description that has more than 250 characters.
  • cases update sets a description that has more than 250 characters.
  • cases file-events add is performed on an already closed case.
  • cases file-events add sets an event id that is already added to the case.
  • cases file-events remove is performed on an already closed case.

v1.2.0

Added

• The devices command is added. Included are:

  • devices deactivate to deactivate a single device.
  • devices reactivate to reactivate a single device.
  • devices show to retrieve detailed information about a device.
  • devices list to retrieve info about many devices, including device settings.
  • devices list-backup-sets to retrieve detailed info about device backup sets.
  • devices bulk deactivate to deactivate a list of devices.
  • devices bulk reactivate to reactivate a list of devices.
  • devices bulk generate-template to create a blank CSV file for bulk commands.

• code42 departing-employee list command.

• code42 high-risk-employee list command.

• code42 cases commands:

  • create to create a new case.
  • update to update case details.
  • export to download a case summary as a PDF file.
  • list to view all cases.
  • show to view the details of a particular case.

• code42 cases file-events commands:

  • add to add an event to a case.
  • remove to remove an event from a case.
  • list to view all events associated with a case.

Changed

• The error text when removing an employee from a detection list now references the employee
  by ID rather than the username.

• Improved help text for date option arguments.

v1.1.0

Fixed

• Issue where code42 profile delete was allowed without giving a profile_name even
  though deleting the default profile is not allowed.

Added

• code42 audit-logs commands:
  • search to search for audit-logs.
  • send-to to send audit-logs to server.

Changed

• profile_name argument is now required for code42 profile delete, as it was meant to be.

• The --advanced-query option on alerts search and security-data (search|send-to) commands has been updated:

  • It can now accept the query as a JSON string or as the path to a file containing the JSON query.
  • It can be used with the --use-checkpoint/-c option.

• Now, when adding a cloud alias to a detection list user, such as during departing-employee add, it will remove the existing cloud alias if one exists.

  • Before, it would error and the cloud alias would not get added.

v1.0.0

1.0.0 - 2020-08-31

Fixed

• Bug where code42 legal-hold show would error when terminal was too small.

• Fixed bug in departing_employee bulk add command that allowed invalid dates to be passed without validation.

Changed

• The follow commands now print a nicer error message when trying to remove a user who is not on the list:

  • code42 departing-employee remove
  • code42 high-risk-employee remove
  • code42 alert-rules remove-user

• -i (--incremental) has been removed, use -c (--use-checkpoint) with a string name for the checkpoint instead.

• The code42cli has been migrated to the click framework. This brings:

  • BREAKING CHANGE: Commands that accept multiple values for the same option now must have the option flag provided before each value:
    use --option value1 --option value2 instead of --option value1 value2 (which was previously possible).
  • Cosmetic changes to error messages, progress bars, and help message formatting.

• The print command on the security-data and alerts command groups has been replaced with the search command.
  This was a name change only, all other functionality remains the same.

• A profile created with the --disable-ssl-errors flag will now correctly not verify SSL certs when making requests. A warning message is printed
  each time the CLI is run with a profile configured this way, as it is not recommended.

• The path positional argument for bulk generate-template commands is now an option (--p/-p).

• Below search subcommands accept argument --format/-f to display result in formats csv, table, json, raw-json:

  • Default output format is changed to table format from raw-json, returns a paginated response.
    All properties would be displayed by default except when using -f table.
    Pass --include-all when using table to view all non-nested top-level properties.
  • code42 alerts search
  • code42 security-data search
  • code42 security-data saved-search list
  • code42 legal-hold list
  • code42 alert-rules list

Added

• --or-query option added to security-data search and alerts search commands which combines the provided filter arguments into an 'OR' query instead of the default 'AND' query.

• --password option added to profile create and profile update commands, enabling creating profiles while bypassing the interactive password prompt.

• Profiles can now save multiple alert and file event checkpoints. The name of the checkpoint to be used for a given query should be passed to -c (--use-checkpoint).

• -y/--assume-yes option added to profile delete and profile delete-all commands to not require interactive prompt.

• Below subcommands accept argument --format/-f to display result in formats csv, table, json, formatted-json:

  • code42 alert-rules list
  • code42 legal-hold list
  • code42 legal-hold show
  • code42 security-data saved-search list

Removed

• The write-to command for security-data and alerts command groups.

v0.7.4

0.7.4 - 2020-08-25

Changes

• temporarily pins py42 to version <1.8.0 for compatibility until cli version 1.0 release

v1.0.0b2

bump version and add missing changelog items (#126)