Hey,
I`m struggling with some issues when trying to present insight on the case\\ alert page after enrichment actions, for example, QRadar AQL search or AAD user enrichment.
I tried using the "Insights_Create Entity Insight From JSON" action but no luck.
I would appreciate it if someone could please share a tutorial.
When it came to presenting insights, I installed TemplateEngine (Jinja) from the marketplace's PowerUps and passed my JSON to "TemplateEngine - Render Template", then wrote the query I needed to extract specific JSON and format it, then I passed it to "Add General Insight" rather than Entity Insight.
You can get pretty complex with what you do with Jinja (URL removed by Staff)
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.