i write a custom alert with bash script who send values of spl query to the hive, the script create a case on the hive but with empty fields. alert_actions.conf: [alert_to_thehive] is_custom = 1 disabled = 0 label = Alert to TheHive description = Custom alert action to send alerts to TheHive icon_path = alert_icon.png payload_format = json ttl = 10 # Command to execute alert.execute.cmd = alert_to_thehive.sh # Arguments passed to the script alert.execute.cmd.arg.1 = $result.Image$ alert.execute.cmd.arg.2 = $result.CommandLine$
... View more