remg427
commented
2 years ago Hello, Thank you for using misp42 For any parameter not present for a custom command I use json_request. It is less readable (escaped ") little more difficult to put but it works
I have a subsearch building json_ request with dynamic timestamp value Hope it helps Remi
-- Sent with K-9 Mail.
timestamp: Restrict the results by the timestamp (last edit). Any event with a timestamp newer than the given timestamp will be returned. In case you are dealing with /attributes as scope, the attribute's timestamp will be used for the lookup. The input can be a timetamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
Current Options are Last ( which only works for published events ) and date which only takes a certain date to look for.
If we can add this field it would greatly increase ease of use!
Thanks