* 2007-10-18, prewikka-0.9.13:

- Only perform additional database request when using Sensor localtime:
  this bring a performance improvement of about 36% on aggregated query,
  when using either frontend localtime (the default), or UTC time. 

- JQuery support: Port most of the javascript code to make use of JQuery.
  Add show/hide effect to CSS popup. More filtering functionality in the
  SensorListing view.  

- Cleanup the Authentication class, so that uper Prewikka layer can act
  depending whether the backend support user creation / deletion. Anonymous
  authentication is nowa plugin.

- Better integration of CGI authentication allowing user listing and deletion.

- Report template exception directly to the user.              

- Fix exception if an alert analyzer name is empty.

- Fix problem when adding new Prewikka users (#262).

- Fix exception when user has no permission set.

- When changing password, we didn't try to match an empty 'current password'
  (which is a minor issue since the user is already authenticated). Thanks
  to Helmut Azbest <helmut.azbest@gmail.com> for the fix.

- Fix a typo making mod_python use the parent method (patch from 
  Helmut Azbest <helmut.azbest@gmail.com>).

- In the configuration file, recognize section even if there are whitespace 
  at the beginning of the line. 

- Localization fixes, by Sebastien Tricaud <toady@gscore.org>, and
  Bjoern Weiland.



* 2007-08-02, prewikka-0.9.12.1:

- Fix a template compilation problem with certain version of Cheetah
  (Giandomenico De Tullio <ghisha at email.it>)


* 2007-08-01, prewikka-0.9.12:

- Implement an Auto-Refresh system (fix #231).  (including code from
  Paul Robert Marino <prmarino1@gmail.com>).

- Ability to filter on missing/offline/online/unknown agents. Make more easier
  to read each agent status in collapsed mode.

- Fix filter load/save/delete issue with translation.

- New 'My account' tabs, under the Settings section (fix #241).

- New messageid and analyzerid parameters, allowing link to a Prewikka alert
  from an external tool (previously required a database query in order to
  retrieve the database event id).

- Don't redirect to user listing once an user preference are recorded. Fix
  changing of another user language by an user with PERM_USER_MANAGEMENT.
  Display target user language rather than current user language.

- Improve the timeline control table layout.

- Fix translation of string possibly using plural.


* 2007-06-11, prewikka-0.9.11.4:

	- Fix PostgreSQL user deletion error.


* 2007-05-29, prewikka-0.9.11.3:

	- Fix database schema version.


* 2007-05-26, prewikka-0.9.11.2:

        - In case a database schema upgrade is required, or the Prewikka 
          database does not exist, make the error available from the Prewikka
          console, rather than exiting badly (which previously required the 
          user to parse its web server log in order to find out the problem).
          

* 2007-05-25, prewikka-0.9.11.1:

	- Fix Apache CGI authentication. (Robin Gruyters)

	- Fix incorrect locale switch when accessing certain pages.

	
* 2007-05-21, prewikka-0.9.11:

        - Prewikka has been internationalized: user might choose the language
          used in their settings tabs. Additionally, you might specify
          a default locale using the "default_locale" configuration keyword.

        - Brazilian Portuguese translation, by Edelberto Franco Silva<edeunix@edeunix.com>. 
        - French translation, by Sebastien Tricaud <sebastien@gscore.org>.
        - German translation, by Bjoern Weiland <mail@bjou.de>.
        - Russian translation, by Valentin Bogdanov <bogdanov.valentin@gmail.com>. 
        - Spanish translation, by Carlo G. Añez M. <carlo.anez@gmail.com>.

        - New powerfull and scalable agent view, grouping agent together by 
          Location and Node. 
        
        - In the Alert/Heartbeat summary view, number analyzers backward so that
          it reflect the ordering in the analyzer list.
          
        - Improved support for resizing menu. 
        
        - Fix a konqueror rendering bug with the inline filter. 

        - Various bug fixes.
        
        
* 2007-04-05, prewikka-0.9.10:

        - Don't show all source and target when they reach a predefined limit, instead 
          provide an expansion link.
        
        - Add two new view in the Events section: CorrelationAlert and ToolAlert.
        
        - Ability to filter and aggregate on all IDMEF path. If the filtered path is 
          an enumeration, automatically provide the list of possible value. 
          
        - Add a combo box for the user to choose which criteria operator to use. 
        
        - Provide an enumeration filter for the type of alert (Alert, CorrelationAlert, 
          ToolAlert, OverflowAlert).
        
        - Prewikka can now aggregate by analyzer.
        
        - When a session expire and the user login, the user is redirected to the page 
          he attempted to access when the session expired.
          
        - When an error occur, the default Prewikka layout is now preserved.
        
        - Correct handling of empty value for hash key generation. Fix #204. 
        
        - Use new libpreludedb function that return the results as well as the number 
          of results. This avoid using COUNT() in some places (namely, this speedup 
          non aggregated view by ~50%).
          
        - Avoid iterating the list of database result more than needed.
        
        - Support IDMEF Action, SNMPService, and WebService class.
        
        - Improved support for small screen resolution.
        
        

* 2007-02-06, prewikka-0.9.9:

        - Improve database performance by reducing the number of query. (Paul Robert Marino)
        
        - Activate CleanOutput filtering (lot of escaping fixes).
      
        - More action logging.
        
        - Bug fixes with the error pages Back/Retry buttons.
          
        - Fix error on group by user (#191).
        
        - Fix template compilation error with Cheetah version 2 (#184).
        

* 2006-11-23, prewikka-0.9.8:
	
	- Save/load user configuration when using CGI authentication mode (#181).

	- Show Prewikka version in the About page (#177).

	- Use Python logging facility (available backend: stderr, file, smtp, syslog), 
	  multiple simultaneous handler supported (#113).

	- Fix anonymous authentication.

	- Fix external process going into zombie state (#178).

	- Fix sqlite schema (#180).

	- Display correct alertident for invalid CorrelationAlert analyzerid/messageid pair.

	- prewikka-httpd should now log the source address.

	- Thread safety fixes.


* 2006-08-18, prewikka-0.9.7.1:
	
	- Fix filter interface bug introduced in 0.9.7.

	- Improved error reporting on filter creation.

	- Rename command configuration section to host_commands.


* 2006-08-16, prewikka-0.9.7:

	- Use preludedb_delete_(alert|heartbeat)_from_list(). Require 
	  libpreludedb 0.9.9. Provide a deletion performance improvement 
	  of around 3000%.

	- Handle multiple listed source/target properly. Separate 
	  source/target in the message listing.

	- Make host command/Information link available from the Sensor
	  listing.

	- Always take care of the "external_link_new_window" configuration 
	  parameter. 
	  
	- Make external command handling more generic. Allow to specify 
	  command line arguments.

	- Allow to define unlimited number of external commands rather than 
	  only a defined subset (fix #134). 

	- Avoid toggling several popup at once in the HeartbeatListing.

	- Only provide lookup capability for known network address type (fix #76).

	- New address and node name lookup provided through prelude-ids.com service.

	- Link to new prelude-ids.com port lookup instead of broken portsdb 
          database (fix #162).

	- Various bug fixes.


* 2006-07-27, prewikka-0.9.6:

	- CGI authentication module, from Tilman Baumann <tilman.baumann@collax.com>.

	- Correct libpreludedb runtime version check.

	- Show multiple source/target in message listing/summary.

	- Fix invalid use of socket.inet_ntoa() to read ICMP Gateway Address, 
	  which is stored as string (#156).

	- Fix aggregation on IDMEF-Path that are not string.

	- Fix setup.py --root option (#166).



* 2006-05-04, prewikka-0.9.5:

	- Fix 'Filter on Target' link (fix #148).

	- Fix alert summary exception with alert including file permission (fix #149).

	- Fix creation of an empty __init__.py file in lib/site-packages (#147).

	- Print currently installed version on libpreludedb requirement error.

	- Make sure /usr/bin/env is expanded.



* 2006-04-13, prewikka-0.9.4:

	- Intelligent display for CorrelationAlert. Include correlated
	  alert information in the alert listing.

	- Intelligent printing of Network centric information. 

	- Fix Cheetah compilation for the heartbeat page.

	- Correct handling of AdditionalData containing an integer 0.

	- Handle ignore_atomic_event AdditionalData key (used by CorrelationAlert to
	  hide linked-in alert).

	- Fix aggregation when done simultaneously on multiple fields.

	- Aggregation on fields other than "address" was not working well.



* 2005-01-10, prewikka-0.9.3:

	- Distribute SQLite schema.

	- Fix exception in the heartbeat analysis view when the heartbeat_count
	  or heartbeat_error_margin settings are explicitly set (#124). 

	- Fix Cheetah 1.0 heartbeat listing exception (#119). 

	- Open external link in new windows by default. Add a configuration option
	  to disable opening external link in new window (#61).

	- Provide the ability to specify the configuration file that Prewikka 
	  use (#117).

	- Sanitize the limit parameter in case the input value is not correct
	  instead of triggering an exception (#118). 

	- Handle the preludeDB "file" setting (for use with SQLite like database). 

	- Fix filter saving issue in the heartbeat listing.

	- Fix unlimited timeline option in heartbeat listing.

	- Various bug fixes.



* 2005-12-07, prewikka-0.9.2:

	- Correct Analyzer path when unwiding aggregated alert.

	- Add an "Unlimited" timeline option.

	- Fix classification escaping problem that could lead to empty 
	  listing when unwiding alert with classification text containing backslash.

	- Don't print un-necessary separator when the protocol field is 
	  empty in the alert listing.

	- Improve Correlation Alert display. Allow focus both on the Correlation Alert 
	  summary and on the correlated alert listing.

	- Don't propagate the "save" parameter, so that the user don't end up saving 
	  settings without knowing about it. 


* 2005-11-30, prewikka-0.9.1:

	- Resolve the protocol number from the message summary view. 

	- Separate port and protocol value, so that we don't end up 
	  linking the protocol to portdb if there is no port.

	- Ability to setup IDMEF filter using iana_protocol_name and iana_protocol_number.

	- Sanitize timeline years value on system which does not support time
	  exceeding 2^31-1. Fix #104.

	- Mark CorrelationAlert explicitly in the AlertListing. 

	- Make inline filter mark more visible. 

	- Ability for the user to save settings for the current view.

	- New --address and --port option to prewikka-httpd.

	- Fix a bug where clicking the IP address popup would cause
	  Firefox to go back to the top of the page. Fix #112.

	- Don't hardcode path to /usr/bin/python, but resort to 
	  /usr/bin/env to find it.


* 2005-09-20, prewikka-0.9.0:

	- 0.9.0 final.

	- Minor rendering fix.

	- Handle service.iana_protocol_name / service.iana_protocol_number 
	  as well as service.protocol.


* 2005-09-05, prewikka-0.9.0-rc12:

	- Correct Konqueror rendering.

	- Minor bugfix with timeline selection.

	- Minor UI tweak.


* 2005-08-25, prewikka-0.9.0-rc11:

	- The Summary view now support showing CorrelationAlert.

	- Avoid mangling URL query string on form input.

	- Handle possibly null AdditionalData properly.

	- Don't default to 'low' severity.

	- Allow the user to set analyzerID inline filter.

	- Make sure we keep aggregation in per analyzer view.

	- Keep inline filter object sorted, and merge them if there are duplicate.

	- When the same object is specified more than once, OR both.

	- Various cleanup, bugfix.


* 2005-08-17, prewikka-0.9.0-rc10:

	- Allow configuration entry without space after the ':' separator.

	- More operator (case insensitive operator, regex operator).

	- Show target file in the message listing.

	- Much more information in the alert summary view. 
	  Especially useful for users of integrity checker.


* 2005-08-02, prewikka-0.9.0-rc9:

	- New experimental mod_python handler.

	- Use the same template for user creation as for user modification.
	  The interface is much cleaner, and more consistant.

	- Fix Invalid parameters exception on 'delete all'.

	- Print all analyzer, whether they have an analyzerID or not. This provide
	  more analyzer information.

	- Show Analyzer Node location, Classification Ident, and Process path in the
	  MessageSummary view.

	- Correct SNMP/Web Service, and some other Process/File filter path.

	- Allow for correct '\' escaping when creating filters.

	- Internet Explorer rendering tweak.

	- Various bugfix.



* 2005-06-17, prewikka-0.9.0-rc8:

	- Use relative path everywhere.

	- Some escaping fixes.

	- Fix Filter formula check.

	- Ability to filter on alert.classification.ident.

	- Fix aggregated classification link in expanded list entry.

	- Various bugfix, English typo.



* 2005-06-16, prewikka-0.9.0-rc7:

	- Prewikka now work and render perfectly with IE 6.0.

	- XHTML conformance in most of the code.

	- Fix possible exception with filtered classification text.
	
	- Allow filtering on heartbeat.analyzer.name.



* 2005-06-01, prewikka-0.9.0-rc6:

	- Implement alert/heartbeat select all for deletion.

	- Fix handling of alert without classification.

	- Fix HTML code problem. Try to make the W3C validator happy.
	  Fix Javascript warnings. Correct URL escaping. Make it work
	  better in Apple's Safari browser.

	- More error checking when saving custom filter. Error out in case a 
	  filter reference non existing criteria. Add the substr operator.

	- Fix bug in the whole alert/heartbeat navigation system, simplify 
	  and cleanup the code, always report the current filtered field 'action' to 
	  the user.

	- Make the mouse pointer behave like it does for javascript links on Alert 
	  listing table head.

	- Fix alert mixup when expanding an aggregated classification with different 
	  severity.
	
	- Fix low/mid/high/none severity filtering.

	- Fix a bug where agents with multiple address would disappear.

	- Avoid Authentication Failed message when the user didn't try to authenticate
	  (the session does not exist).

	- UI tweak for the detailed alert/heartbeat view.

	- Link source and destination port to portdb.

	- Add an heartbeat_error_margin configuration keyword.

	- Saving modification to an existing filter now work.
	
	- Make prewikka.cgi catch exceptions that are raised during the prewikka 
	  initialization step and display an error screen to the user instead of
	  a server internal error.

	- Don't display message checkbox and delete button if the user don't
	  have the PERM_IDMEF_ALTER permission

	- Fix module importation on MacOSX.

	- Various bugfix.


* 2005-04-17, prewikka-0.9.0-rc5:

	- Fix classification filters in the alert listing.

	- Let the user provide the path to external command (whois, traceroute).

	- Fix prewikka exception on 'info' severity.

	- Fix broken installation permission.

	- Fix bad template variable initialization resulting in an exception
	  with Cheetah 0.9.16.

	- Fix alert deletion in un-agreggated mode.

	- Fix GMT offset calculation.

	- Fix a problem when appending more filters in the alert list view.

	- Update Auth cookie expiration time.

	- Fix escaping issue.
	

* 2005-04-05, prewikka-0.9.0-rc4:

	- Minor UI tweak.

	- Fix a problem when changing password.

	- Remove trailling space from config entry.

	- Display all analyzer address in agent listing.

	- Fix some bug in the authentication system, that would refuse
          login for no appearent reasons.

	- Set default session expiration time to 60 minutes.
	
	
* 2005-03-31, prewikka-0.9.0-rc3:

	- Installation cleanup / bugfix.

  	- Fix database authentication failure.

  	- Fix error page.


* 2005-03-31, prewikka-0.9.0-rc2

  	- Fix a loading problem when the database is not created.


* 2005-03-29, prewikka-0.9.0-rc1:

  	- Initial release
