TheHive4py icon indicating copy to clipboard operation
TheHive4py copied to clipboard

Published 20 hours ago verified publisher icon TheHive-Project

Add create_alert_observable

Open mgabriel-silva opened this issue 6 years ago • 1 comments

Request Type

Feature Request

Problem Description

It would be nice to have a create_alert_observable that works the same as create_case_observable

Complementary information

I use hooks to automatically extract observables. Doing that on a case is easy, but I can't do on alertes because I can't add the new observables on alerts

mgabriel-silva avatar Jun 04 '19 18:06 mgabriel-silva

Case observables have their own table, so you can create them whenever you want, but Alert artifacts are embeded on the Alert definition. Adding an artifact to an Alert is equivalent to updating the Alert by adding an item to it's artifacts array.

nadouani avatar Jun 17 '19 09:06 nadouani