I'm utilizing a data set of vulnerabilities that I need to show in a table in my report, it looks like ODTS app is perfect for what I need, however I am having trouble populating the fields of a custom table using the "dump_two_tables.odt" report template.
My search string is something like:
index=vulns ip=192.168.1.1 | table ip, cve, severity | eval table="table_176" | append [search index=solutions ip=192.168.1.1 | table cve, solution | eval table="table_176solution"] | docgen -key=table -tfile=dump_two_tables.odt
I've modified the table and comments in the template with:
"do row for event in table_176" and "do row for event in table_176solution" in the comments
event['ip'] event['cve'] event['severity'] event['solution'] in the table
My results are two tables with what appear to be the correct number of rows, but filled with the "event['ip']" strings from the template rather than the field information from my search. What am I missing? It seems like I'm this close to having it exactly how I envision it
