Skip to content

Commit

Permalink
Merge pull request #13 from misje/dev
Browse files Browse the repository at this point in the history 
Use filter mode 'and' for stix pattern type + values. Closes #9.
  • Loading branch information
@misje
misje authored Jan 22, 2024
2 parents 4901fdb + 88bd8ad commit cffa40b
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions custom-opencti.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -545,14 +545,14 @@ def query_opencti(alert, url, token):
'obs': {
"mode": "or",
"filterGroups": [],
"filters": [{'key': filter_key, 'values': filter_values}]
"filters": [{"key": filter_key, "values": filter_values}]
},
'ind': {
"mode": "or",
"mode": "and",
"filterGroups": [],
"filters": [
{'key': 'pattern_type', 'values': ['stix']},
{'key': 'pattern', 'values': ind_filter},
{"key": "pattern_type", "values": ["stix"]},
{"mode": "or", "key": "pattern", "values": ind_filter},
]
}
}}
Expand Down

0 comments on commit cffa40b

Please sign in to comment.