Graph API attribute comments not appended to description

[Parasdeepkohli]

Hi,

We needed some contextual information to be passed to Sentinel as well. We decided to use the comments of each attribute to achieve this as the README states that comments are mapped to description in Sentinel. But when we passed indicators and checked them on our Sentinel end, the comment was not appended as expected.

[cudeso]

Are you using the Graph API or Upload Indicators API (based on the title of the issue I'm assuming Graph API, but there it should definitely be included with https://github.com/cudeso/misp2sentinel/blob/main/RequestObject.py#L244)

What's set at ms_auth?

ms_auth = {
...
    'graph_api': False,                                 # Set to False to use Upload Indicators API   
...
}

[Parasdeepkohli]

Hi Cudeso,

I believe I am using an older version of the repo (before the graph API was announced as being deprecated) and there is no graph_api variable in the config file. But I did check the RequestObject.py file and it does have the line which maps an attribute's comment to additionalInformation

[cudeso]

I'll do a test shortly with the old Graph API to check if comments still make it to Sentinel

[cudeso]

The attribute comment is now appended to the event title for the Graph API with commit https://github.com/cudeso/misp2sentinel/commit/d3b70662dc36bb902a72a8f2ecd194919e4529e8

It was already there under the "AdditionalInformation" field but that only shows up in the logs, not in the TI-indicator overview page.