We have a python script that basically does "ip address -> ... python-generated splunk calls + viz api calls -> url of a cool generated interactive viz". Is there a recommended way to make the cool interactive viz viewable at the end of a phantom playbook alongside the rest of our results? Basically a fancier map.
We may want views that work at the level of 1 IP (e.g., the first), or of all. How would that work?
We see the phantom custom apps support the calls get context and custom template, suggesting get context should generate the viz url, and the custom template can be a django html fragment that redirects to the url. At the same time, we were under the impression that Phantom views are heavily sanitized. So we're unsure if the above strategy is the recommended approach.