name must support Go template strings, so that the name can be rendered from data in the context
uuid field in the request - Fabric should generate a unique UUID value
content field in the request should contain a rendered document in the format specified in doc_format generic attribute
the data sink supports only markdown output format
deleted parameter in the request is always false
timestamp is filled in by Fabric
after the push, the data sink should write an info log message with EventReport.id, EventReport.uuid, EventReport.event_id, EventReport.name values from the response received from the endpoint
Description
MISP allows users to attach analysis to any event. Here is a blog post on how to use it in UI.
Use Case
It would be very useful to be able to push the produced report straight into the MISP instance and attach it to the event.
Requirements
api_key- (required) string attributeevent_id- (required) string attributename- (required) string attributedistribution- (optional) int attribute, enumsharing_group_id- (optional) string attributeBehaviour
namemust support Go template strings, so that the name can be rendered from data in the contextuuidfield in the request - Fabric should generate a unique UUID valuecontentfield in the request should contain a rendered document in the format specified indoc_formatgeneric attributedeletedparameter in the request is alwaysfalsetimestampis filled in by FabricEventReport.id,EventReport.uuid,EventReport.event_id,EventReport.namevalues from the response received from the endpointAdditional Information
EventReportsendpoint docs -- https://www.misp-project.org/openapi/#tag/Event-Report