Update modalert_thehive_create_a_new_alert_helper.py

LetMeR00t / TA-thehive-cortex

Technical add-on for Splunk related to TheHive/Cortex from TheHive project

GNU Lesser General Public License v3.0

47 stars 11 forks source link

Update modalert_thehive_create_a_new_alert_helper.py #19

Closed yorkvik closed 3 years ago

yorkvik commented 3 years ago

Added the possibility to add a {token} inside the description of Title or an Alert. You can set for example title = 'Dns request to {domain}' and domain will be populated with the value of the field domain.

LetMeR00t commented 3 years ago

As discussed, I will remove what I've done on my last commit and explain how to use $result.FIELD$ in the documentation