[Feature Request] autorun analyzers for alert

TheHive-Project / TheHive

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

https://thehive-project.org

GNU Affero General Public License v3.0

3.28k stars 609 forks source link

[Feature Request] autorun analyzers for alert #2322

Open heywiorld opened 2 years ago

heywiorld commented 2 years ago

Request Type

Feature Request : need new api for autorun analyzers of alert.

Feature Description

we want to auto run analyzers when create alert, so that we can verify whether import as case or not more clearly, but now run analyzer only support case, not supprt alert, so may be we need new api.

Possible Solutions

NEW API.

Complementary information

fandigunawan commented 2 years ago

You may look at https://github.com/TheHive-Project/TheHiveHooks The code is a webhook for The Hive, I think you can implement event when alert created to run analyzer.