[TheHive] Possibility to filter the type of cases to import

OpenCTI-Platform / connectors

OpenCTI Connectors

https://www.opencti.io

Apache License 2.0

374 stars 403 forks source link

[TheHive] Possibility to filter the type of cases to import #294

Open Tyrell20 opened 3 years ago

Tyrell20 commented 3 years ago

Problem to Solve

Currently, any type of case from TheHive is imported into OpenCTI.

Proposed Solution

Implementation of a specific parameter/option, inside the OpenCTI connector configuration, in order to choose the status (True Positive, False Positive, Indeterminate, Other...) of the case to import.

Additional Information

screenshot 361

Jipegien commented 1 year ago

@SamuelHassine is it still relevant regarding latest development on TheHive connector?

SamuelHassine commented 1 year ago

Hello @Jipegien,

Yes it is. I've implemented TLP filters on both cases and incidents / alerts, but not other filters for the moment.

Kind regards, Samuel