Drilldown not working with more than one MITRE Category

olafhartong / ThreatHunting

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

MIT License

1.13k stars 177 forks source link

Drilldown not working with more than one MITRE Category #15

Closed bmk666 closed 5 years ago

bmk666 commented 5 years ago

When i click on the overview page in the table "Top triggered techniques" one entry with more than one "mitre_category" the drilldown will not work!

For example:

T1088 | Bypass User Account Control | Privilege_Escalation,Defense_Evasion

In the drilldown the "MITRE Cagegory" field is filled with "Privilege_Escalation,Defense_Evasion", but you can only search for each one, not as comma separated.

BR,

BMK

olafhartong commented 5 years ago

I'm working on some improvements in this area, thanks for all Issues you've been filing, I appreciate you taking the time to do so!

olafhartong commented 5 years ago

this has been fixed in the latest commit