Closed SimonRefslund closed 10 months ago
@SimonRefslund thanks for bringing this up. Sounds like a bug, we'll take a look into it
@SimonRefslund This issue occurs only when commenting is on for the MDE module. As a temporary workaround you can disable comments for the MDE module.
The problem is the hyperlinking we do in the incident comments is done on a reference to the same object that is returned by the module, so the module return also includes the hyperlinked content
@SimonRefslund To apply the patch go to your STATv2 function -> Settings -> Configuration and edit the WEBSITE_RUN_FROM_PACKAGE application setting to a value of: https://github.com/briandelmsft/STAT-Function/releases/download/v1.5.10/stat.zip and Save the change and then restart the function app.
With this build you will still be able to make comments on the incident without it impacting the output.
Thanks a lot guys, and thank you for a great project!
Im not sure if this is an error in the custom connector, the python module, or somewhere else.
When using the "id" variable from the MDE-Module, STATv1 returned only the DeviceID from the Defender API. However after updating to STATv2, it now returns a full HTML formatted URL,
Could this be a bug, or am i misunderstanding something completely?