Enhancement: Add append=true to Commands

remg427 / misp42splunk

A Splunk app to use MISP in background

GNU Lesser General Public License v3.0

109 stars 30 forks source link

Enhancement: Add append=true to Commands #173

Closed malvidin closed 3 years ago

malvidin commented 3 years ago

Like the inputlookup command, having an append=true option would permit chaining multiple related queries together without using | append [mispgetioc <parameters>]

| mispgetioc <parameters>
| mispgetioc append=true <parameters>

arcsector commented 3 years ago

Looks like the syntax for the current functionality you gave is actually less characters than if he were to implement the append functionality...