Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include tags.atomic_guid and tags.required_fields into ESCU #2904

Closed
ccl0utier opened this issue Oct 30, 2023 · 1 comment
Closed

Include tags.atomic_guid and tags.required_fields into ESCU #2904

ccl0utier opened this issue Oct 30, 2023 · 1 comment
Assignees
@pyth0n1c
Labels
enhancement New feature or request

Comments

@ccl0utier
Copy link

ccl0utier commented Oct 30, 2023
edited
Loading

Is your feature request related to a problem? Please describe.
Could the team expose tags.atomic_guid and tags.required_fields in ESCU please? That would help a lot track this important information into other apps that "augment" ES or directly via REST.

Describe the solution you'd like
For those fields to be included in the savedsearches.conf information in ESCU.

Describe alternatives you've considered
N/A

Additional context
image
@ccl0utier ccl0utier added the enhancement New feature or request label Oct 30, 2023
@ccl0utier ccl0utier mentioned this issue Oct 30, 2023
Open
@patel-bhavin
Copy link
Contributor

We no longer maintain required fields, please refer to the data_source yaml file to find more information about the event!

atomic guid is now shipped in ss.conf : Example:

action.escu.atomic_red_team_guids = ["7e47ee60-9dd1-4269-9c4f-97953b183268"]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pyth0n1c pyth0n1c

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@patel-bhavin @ccl0utier @pyth0n1c