Installed modified extension on fresh install of Minemeld v0.9.70. Configured output node for tenant and added IOCs to assigned input node. Verified IOCs were successfully imported into MSFT Defender ATP and the severity value was set correctly. Changed severity value in output node UI and reran IOC add test to verify each severity value was successful.
Types of changes
New feature (non-breaking change which adds functionality)
Checklist
[ ] I have updated the documentation accordingly.
[X] I have read the CONTRIBUTING document.
[ ] I have added tests to cover my changes if appropriate.
Description
Add pick-list for MSFT supported severity levels to the output node UI and logic to add the assigned severity value to the API call.
Motivation and Context
Severity in MSFT Defender ATP is useful for triggering alerts and prioritizing actions. Issue #11 https://github.com/PaloAltoNetworks/minemeld-wd-atp/issues/11
How Has This Been Tested?
Installed modified extension on fresh install of Minemeld v0.9.70. Configured output node for tenant and added IOCs to assigned input node. Verified IOCs were successfully imported into MSFT Defender ATP and the severity value was set correctly. Changed severity value in output node UI and reran IOC add test to verify each severity value was successful.
Types of changes
Checklist