Hive Alerter - Title Field - Dynamic Fields #676
-
Hi @jertel and @nsano-rururu thx for all modifications on this project! The error return : "ERROR:elastalert:Error while running alert hivealerter: Error posting to TheHive: 400 Client Error: Bad Request for url: https://hive-hml.domain::443/api/alert" Example: follow: True Thx in Advance. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 4 replies
-
Hello, As mentioned here TheHive alerter has limited support for dynamic value substitution into only a few fields. Unfortunately, the I do not know why this functionality was removed, but it appears to have occurred in between these two commits: May 21, 2021: c7bd38764c65175817b3b2b55ccd3175b26acb00 Regardless, the functionality would need to be re-added, re-tested, and documented in order to be accepted back into the project. As far as the title goes, that is explained in the TheHive alerter documentation: In other words, to customize TheHive alert title, you must use the |
Beta Was this translation helpful? Give feedback.
Hello,
As mentioned here TheHive alerter has limited support for dynamic value substitution into only a few fields. Unfortunately, the
type
field is one that is not dynamic. To support this you will need to issue a PR, following the contribution guidelines, or use an Enhancement.I do not know why this functionality was removed, but it appears to have occurred in between these two commits:
May 21, 2021: c7bd38764c65175817b3b2b55ccd3175b26acb00
and
May 22, 2022: b8f3ea7009826d888e40a96f19aeb14d187de216
Regardless, the functionality would need to be re-added, re-tested, and documented in order to be accepted back into the project.
As far as the title goes, that is explained in the TheHive a…