search

remg427 / misp42splunk

A Splunk app to use MISP in background
GNU Lesser General Public License v3.0
109 stars 30 forks source link

Support filtering by organization #245

Open joshnck opened 11 months ago

joshnck commented 11 months ago

the restsearch API supports filtering events by org and that could and should be a native feature in the Splunk app

remg427 commented 11 months ago

Hi Josh,

Thank you for using misp42

Not all filters are directly available as parameters of mispgetevent or mispgetioc

But using json_request you can make a request exactly as you would do using the REST client on MISP GUI so there you can filter on org

Hope it helps Remi

Le 25 septembre 2023 19:16:08 GMT+02:00, Josh @.***> a écrit :

the restsearch API supports filtering events by org and that could and should be a native feature in the Splunk app

-- Reply to this email directly or view it on GitHub: https://github.com/remg427/misp42splunk/issues/245 You are receiving this because you are subscribed to this thread.

Message ID: @.***> -- Sent with K-9 Mail.