MC2 Release Notes - January 11 2024

SDP-80198 Handle exceptions from acquire_data stream in MC2 mode

Now handling exceptions for attempts to execute .prf rulesets in MC2

When there is an attempt to run a .prf ruleset file in MC2, there is a clear exception raised:

PRF files are not supported by MC2.

 

SDP-79945, SDP-79947 Cloud Security for API: Validate Content type for INFLOW and EQL Endpoints

Enabled optional validation for content type for the INFLOW and EQL endpoints

To enable validation for content type with the inflow and eql endpoints, add the below line to estar/tpe/cfg/eaglemc2s/extractservice/application.yml:

eagle.mc2s.validateContentType: true

Create the file if it does not exist already.

Cycle extractservice.

 

Â