Open hmnguyen1201 opened 4 years ago
Hello. Thanks for your question! The result payload of the Proofpoint TRAP function should be available to you in the post-processing script of the workflow step you are working with. If the action succeeds, you should be able to work with results["content"]
to massage the data to meet your needs.
If you are still encountering issues, I would recommend posting in the community, as there are many more eyes monitoring that forum.
Description
The original payload from MISP was put into a comment in the Resilient Notes tab and I cannot enrich the data further as it I am not aware of a way to load the json object back from a note then do data massage from it
Describe How to Reproduce