crowdsec
crowdsec copied to clipboard
crowdsecurity
Improve `CTIHelper` and its methods
What would you like to be added?
We currently expose a CTIHelper expr method, but it has a few shortcoming:
- We might make its usage easier than currently (ie. we need to do
CTIHelper(evt.Overflow.GetSources()[0])or something similar. - We are exposing only a few properties via helpers
- The SmokeItem isn't up-to-date (ie. no mitre techniques)
- We lack "convenience" helpers
Why is this needed?
make cti helpers great again
@buixor: Thanks for opening an issue, it is currently awaiting triage.
In the meantime, you can:
- Check Crowdsec Documentation to see if your issue can be self resolved.
- You can also join our Discord.
- Check Releases to make sure your agent is on the latest version.
Details
I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
@buixor: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.
/kind feature/kind enhancement/kind bug/kind packaging
Details
I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.
