Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Get Offense ID in case name #5

Open
th3r3d opened this issue Apr 11, 2019 · 2 comments
Open

Get Offense ID in case name #5

th3r3d opened this issue Apr 11, 2019 · 2 comments

Comments

@th3r3d
Copy link

th3r3d commented Apr 11, 2019

Im trying to get in case name also offense ID from QRadar. When You in detail of case there is offense ID, but it is missing in case name, when You access TheHIve. So Im truing to have name of offense parsed from QRadar + offense ID in case name. As Im not programmer at all I have no idea what line of code I should change. Can You help me with that? Thx
2019-04-11 11_33_40-Window
@pierrebarlet
Copy link
Owner

Hello, sorry for my late answer.
The case name is declared at this point of the script:
(line 78) case = Case(title=offenseDescription,
Maybe you should try to modify this line like this:
case = Case(title=offenseDescription offenseId,
I didn't test it yet so i don't know if it will work.
I'll try to test it as soon as possible.

@AlmasMuratovich
Copy link

Hi, I have the same problem with the script, it triggers and writes to the file the latest number of violation, writes status 200, but does not create an alert in Thehive? Please help me

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@th3r3d @pierrebarlet @AlmasMuratovich