Would like to see if it was possible to send the Insight Investigation to TheHive as an alert instead of a case? This would give more flexibility on the Case Template side as an Empty Case template is used by default.
1 Like
I know that you can do this with a REST call, but hopefully it can get added to the plugin.
URL = http://<server>:9000/api/alert
Method = POST
ContentType = ‘application/json’
Body = {
“title” : “New Alert”
“description” : “N/A”
“type” : “external”
“source” : “instance1”
“sourceRef” : “alert-ref”
}
1 Like
Thanks for the response. Would I just have to create this from a http request? Just got on the Connect platform so I am unfamiliar with how best to accomplish this.
1 Like
Yes, create a connection with the root URL (<protocol>://<server>:<port>) and your header using the bearer token, then in the step add the route and body to create the alert
3 Likes