In the mitre_attack_overview.xml view (under "Drilldowns > MITRE ATT&CK" from the menu), clicking on a "process_path" cell redirects to the file_create_drilldown.xml view, with an empty list. This is due to the fact that the process_path field is incorrectly escaped. The Windows path should replace every \ with \\ to work. Manually doing the replacement for the path and refreshing the view works.
In the
mitre_attack_overview.xmlview (under "Drilldowns > MITRE ATT&CK" from the menu), clicking on a "process_path" cell redirects to thefile_create_drilldown.xmlview, with an empty list. This is due to the fact that theprocess_pathfield is incorrectly escaped. The Windows path should replace every\with\\to work. Manually doing the replacement for the path and refreshing the view works.