Ability to execute active response on any element of TheHive

[To-om]

Request Type

Feature Request

Description

The aim of this feature request is to add the ability to execute action (send an email, create a request on a ticketing system, ...) from any element of TheHive (case, task, alert, ...).
Similarly to analyzers, theses action are executed on Cortex but they don't generate report.

[saadkadhi]

@To-om Well hopefully while a report is not warranted, a success/failure/manual check needed status is a requirement :)

[To-om]

Actions haven't a report (so no need report templates) but they have a status, of course.

[crackytsi]

Actually I was a little surprised that all Topics were removed from the milestones and even the milestones that introduce e.g. migration to GraphDB disappeared.
I think your decision to implement this feature is really good and I support it, hopefully this does not mean that all the other teams are no longer planned.

A few comments from operation side:
I currently use custom-fields that "autorest" with webooks e.g. to implement functions like "Export all cases as CSV file" or to have reports.
So for me, it would be very helpfull
a) If also in Dashboards there would be a "active-respose" e.g. to implemente a generate a PDF from dashboar function can be implemented
b) If the result/status could also be a HTML supporting field. e.g. to offer an option to download a case/CSV Export of all cases etc.
c) Being able to understand what user executes an active response, e.g. to send the user a email with requested data.

Of course this is only my very limited view based on my usecases, but maybe they help/inspire you ;)
Best wishes, + Thanks for all your doing!!! Chris