File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 33All notable user-visible changes should be recorded here.
44
55## Unreleased
6-
7- ### Added
8-
9- - None yet.
10-
11- ### Changed
12-
13- - None yet.
14-
15- ### Fixed
16-
17- - None yet.
18-
6+
7+ ### Added
8+
9+ - None yet.
10+
11+ ### Changed
12+
13+ - None yet.
14+
15+ ### Fixed
16+
17+ - None yet.
18+
1919### Docs
2020
2121- None yet.
2222
23+ ## v0.2.0
24+
25+ ### Added
26+
27+ - Added dedicated sanitized parser fixture matrices for both ` syslog_legacy ` and ` journalctl_short_full ` , expanding ` sshd ` and ` pam_unix ` coverage.
28+ - Added deterministic unknown-line telemetry coverage for unsupported parser inputs and unknown-pattern buckets.
29+
30+ ### Changed
31+
32+ - Moved sudo handling onto the signal layer so detectors consume one unified normalized input model.
33+ - Kept detector thresholds and the existing report schema stable while simplifying internal detector semantics.
34+
35+ ### Fixed
36+
37+ - None.
38+
39+ ### Docs
40+
41+ - Improved release-facing documentation in ` README.md ` , added ` docs/release-process.md ` , and formalized changelog discipline for future releases.
42+
2343## v0.1.0
24-
25- ### Added
44+
45+ ### Added
2646
2747- Parser support for ` syslog_legacy ` and ` journalctl_short_full ` authentication log input.
2848- Rule-based detections for SSH brute force, multi-user probing, and sudo burst activity.
You can’t perform that action at this time.
0 commit comments