Parse Event Raw Data to D3 Events
LAST UPDATED: AUG 19, 2024
This command is an asynchronous command designed to parse input raw data events to create D3 events.
READER NOTE
Please note that this command is only applicable within a Playbook.
Implementation | System |
Command Category | Cyber Utility |
Tags | EVENT EVENT INGESTION |
Inputs
Parameter Name | Required/Optional | Description | Sample Data |
---|---|---|---|
Event Data | Required | The input raw data of events |
CODE
|
Integration Source | Required | The name of the integration from which the events ingest | Test_Webhook |
Is Directly Correlated | Required | Whether events are directly correlated to the incident | No |
Run MITRE TTP Search | Optional | Choose whether the system automatically maps tactic & techniques on newly ingested events. Default value is True | True |
Run Event Automation Rules | Optional | Choose whether the system executes Event Automation Rules for dismissal and escalation. Default value is True | True |