[FEATURE] TTP/Procedure output to alert/case

LetMeR00t / TA-thehive-cortex

Technical add-on for Splunk related to TheHive/Cortex from TheHive project

GNU Lesser General Public License v3.0

47 stars 11 forks source link

[FEATURE] TTP/Procedure output to alert/case #43

Closed SecurityJill closed 1 year ago

SecurityJill commented 1 year ago

Request Type

Feature Request

Work Environment

Question	Answer
OS version (server)	Splunk ES
TheHive version / git hash	theHive5 / 2.3.1

Feature Description

When creating a case or alert, export of TTPs from Splunk alerts/notables to TTP tab (procedures) in theHive similarly to how observables are exported and uploaded.

LetMeR00t commented 1 year ago

Hello @SecurityJill , Good news, a new version of this application with a complete rework is going to be ready soon. Your issue will be fixed by this new version. Tomorrow, I'll proceed with the commits/doc updates in the development branch. If you want to test it directly you can do so but of course I would recommand you to wait for the Splunk validation before.

LetMeR00t commented 1 year ago

Hi, v3.0.0 with a fix for your issue is available. I close this issue, thank you