Open kmussa opened 4 years ago
Hello, I am trying to further filter my indicators using the aggregators "conditions" infilter. From the MISP miner, we get these as tags:
"misp_event_tags": [ "mcgill:restricted", "canssoc:discovery-method=\"analyst\"", "canssoc:recommended-action=\"exclude\"", "canssoc:source-reliability=\"a\"", "canssoc:event-classification=\"safelist\"", "tlp:green" ],
And I having no luck using JMESPath expression for eg.
true
Am I doing this right or is there something I am missing?
Is your feature request related to a problem?
Hello, I am trying to further filter my indicators using the aggregators "conditions" infilter. From the MISP miner, we get these as tags:
"misp_event_tags": [ "mcgill:restricted", "canssoc:discovery-method=\"analyst\"", "canssoc:recommended-action=\"exclude\"", "canssoc:source-reliability=\"a\"", "canssoc:event-classification=\"safelist\"", "tlp:green" ],
And I having no luck using JMESPath expression for eg.
trueAm I doing this right or is there something I am missing?