- *Number of Alerts*: {{state.signals_count}}
- *Risk score*: {{context.rule.risk_score}}
- *Severity*: {{context.rule.severity}}
h2. Rule Details
[View Detection Alert|{{{context.results_link}}}]
- *Rule Description*: {quote}{{context.rule.description}}{quote}
- *Rule Query*: {quote}{{context.rule.query}}{quote}
h2. Source
{{#context.alerts}}
- *Source IP Address*: {noformat}{{source.ip}}{noformat}
- *Source Port*: {noformat}{{source.port}}{noformat}
{{/context.alerts}}
h2. Destination
{{#context.alerts}}
- *Destination IP Address*: {noformat}{{destination.ip}}{noformat}
- *Destination Port*: {noformat}{{destination.port}}{noformat}
{{/context.alerts}}
h3. Process
{{#context.alerts}}
- *Hash MD5*: {noformat}{{process.hash.md5}}{noformat}
- *Hash SH1*: {noformat}{{process.hash.sha1}}{noformat}
- *Hash SHA25*: {noformat}{{process.hash.sha256}}{noformat}
- *Process Name*: {noformat}{{process.name}}{noformat}
- *Process Parent Executable*: {noformat}{{process.parent.executable}}{noformat}
- *Process Parent Name*: {noformat}{{process.parent.name}}{noformat}
{{/context.alerts}}
h3. File
{{#context.alerts}}
- *File Name*: {noformat}{{file.name}}{noformat}
- *File Owner*: {noformat}{{file.owner}}{noformat}
- *File Path*: {noformat}{{file.path}}{noformat}
- *File size*: {noformat}{{file.size}}{noformat}
- *File Target Path*: {noformat}{{file.target_path}}{noformat}
- *File Type*: {noformat}{{file.type}}{noformat}
{{/context.alerts}}
Last active
February 27, 2024 01:03
-
-
Save austinsonger/998b3d784eb5f9c040276ac7c4c9f5c2 to your computer and use it in GitHub Desktop.
Elastic SIEM Connector to JIRA Service Desk Template #JIRA #Elastic
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- *Number of Alerts*: {{state.signals_count}}\n- *Risk score*: {{context.rule.risk_score}}\n- *Severity*: {{context.rule.severity}}\n\n h2. Rule Details\n [View Detection Alert|{{{context.results_link}}}]\n- *Rule Description*: {quote}{{context.rule.description}}{quote}\n- *Rule Query*: {quote}{{context.rule.query}}{quote}\n\n h2. Source\n {{#context.alerts}}\n- *Source IP Address*: {noformat}{{source.ip}}{noformat}\n- *Source Port*: {noformat}{{source.port}}{noformat}\n {{/context.alerts}}\n\n h2. Destination\n {{#context.alerts}}\n- *Destination IP Address*: {noformat}{{destination.ip}}{noformat}\n- *Destination Port*: {noformat}{{destination.port}}{noformat}\n {{/context.alerts}}\n\n h3. Process\n {{#context.alerts}}\n- *Hash MD5*: {noformat}{{process.hash.md5}}{noformat}\n- *Hash SH1*: {noformat}{{process.hash.sha1}}{noformat}\n- *Hash SHA25*: {noformat}{{process.hash.sha256}}{noformat}\n- *Process Name*: {noformat}{{process.name}}{noformat}\n - *Process Parent Executable*: {noformat}{{process.parent.executable}}{noformat}\n- *Process Parent Name*: {noformat}{{process.parent.name}}{noformat}\n {{/context.alerts}}\n\n h3. File\n {{#context.alerts}}\n- *File Name*: {noformat}{{file.name}}{noformat}\n- *File Owner*: {noformat}{{file.owner}}{noformat}\n- *File Path*: {noformat}{{file.path}}{noformat}\n- *File size*: {noformat}{{file.size}}{noformat}\n- *File Target Path*: {noformat}{{file.target_path}}{noformat}\n- *File Type*: {noformat}{{file.type}}{noformat}\n {{/context.alerts}}\n |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment