Closed berggren closed 1 year ago
This PR adds support for plain opensearch queries from DFIQ. This complements the current support for search templates. There is also some UI performance gains and refactoring.
timesketch: - description: Remote Desktop Logons type: searchtemplate value: 08b0384b-92d8-46bb-b260-f87676afcf64 - description: Remote Desktop Logons (query) type: opensearch-query value: 'data_type:"windows:evtx:record" AND event_identifier:4624 AND logon_type:RemoteInteractive'
This PR adds support for plain opensearch queries from DFIQ. This complements the current support for search templates. There is also some UI performance gains and refactoring.