Hi guys, again me!
I have the following scenario. Custom connector developed for a custom technology. The technology collects network metadata and identifies if there are some contacts with known IOCs. The flow goes as follows:
Scenario 1
Scenario 1
Scenario 2:
Scenario 2:
Takes from the end of scenario 1
Bonus scenario:
Bonus scenario:
a run test of the collector (SUCCESS)
I have tried to debug adding logger lines but it seems there is no error in the logic added to the connector. The AlertInfo objects are created right and reported on the logs, but when you run the
create_package
function, only one case with one alert is created, except for the test scenario.
Thanks in advance for reading me and taking the time to understand this case. I'd be more than grateful for any hint or advice you could share with me!
Happy weekend to all!
Page 1 / 1
Hi again!
I've solved this. The issue was in the
display_id
field in the
AlertInfo
instance. I haven't set this value as a unique string for all related alerts to a particular case. I share this in case anyone has the same issue.
Thanks!
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.