Download Latest Version v2.2.0 source code.tar.gz (14.1 MB)
Email in envelope

Get an email when there's a new version of Watcher

Home / v2.2.0
Name Modified Size InfoDownloads / Week
Parent folder
README.md 2025-07-02 3.1 kB
0
v2.2.0 source code.tar.gz 2025-07-02 14.1 MB
0
v2.2.0 source code.zip 2025-07-02 14.3 MB
7 7 weekly downloads
Totals: 3 Items   28.4 MB 7

v2.2.0

This release focuses on a complete overhaul of the MISP integration, improved code modularity, and the resolution of several front-end and dependency issues. It also addresses important issues such as #2 (creating MISP objects instead of attributes) and #206 (HTTP 500 errors when exporting IOC), improving overall export reliability and functionality. These updates aim to increase stability, maintainability, and flexibility when using Watcher with MISP.

Update Procedure

Please follow this process :

  1. Pull the latest Docker image from the repository.
  2. Apply any migrations: bash docker compose down docker compose run watcher bash python manage.py migrate
  3. Update your .env file:
    • Check MISP_URL, MISP_KEY, and MISP_VERIFY_SSL.
  4. Rebuild and restart containers with : bash docker compose down docker compose up

[WARNING] If you were using custom scripts for MISP export, you will need to adapt them to the new common.misp module.

What’s Changed

MISP Integration Redesign

  • New centralized MISP logic: The common module now handles all MISP-related interactions by @ygalnezri in #207
  • Shared MISP module across all features (e.g. dns_finder, website_monitoring), avoiding code duplication.
  • Possibility to specify a MISP Event UUID when exporting IOCs:
  • If the UUID exists, Watcher will detect and update the corresponding event.
  • Full support for both automatic and manual updates.

  • Enhanced export logic for MISP objects with support for object creation (e.g., domain, ip-port).

    This redesign addresses key issues including #2 (creating MISP objects instead of attributes) and #206 (HTTP 500 error when exporting IOC in Twisted DNS finder).

For more details on the new MISP integration, the MISP Export section of the documentation has been fully updated: MISP Export

Dependency and Security Updates

  • Fixed minor display issues detected during development
  • Bump @babel/runtime from 7.26.0 to 7.27.0 in /Watcher by @dependabot #189
  • Bump axios from 1.7.9 to 1.8.2 in /Watcher by @dependabot #190
  • Bump react-router and react-router-dom in /Watcher by @dependabot #191

Full Changelog: https://github.com/thalesgroup-cert/Watcher/compare/v2.1.4...v2.2.0

Source: README.md, updated 2025-07-02