This may exist already and I'm just not seeing it but for my use case I would love to be able to build a subset of detection content based on a tag set in a yaml file passed into the cli. (i.e. contentctl build --tag something)
For example, an MSSP could tag content to which customers have data that support it and then build a custom detection app with just their content. Or if you wanted to build an app that just supported a specific use case you could pass in that tag etc.
This may exist already and I'm just not seeing it but for my use case I would love to be able to build a subset of detection content based on a tag set in a yaml file passed into the cli. (i.e. contentctl build --tag something)
For example, an MSSP could tag content to which customers have data that support it and then build a custom detection app with just their content. Or if you wanted to build an app that just supported a specific use case you could pass in that tag etc.