Update Alert
Update alert by alert ID.
Basic Parameters
| Parameter | Description |
|---|---|
| Alert ID | The _id of the entity or its 'name' (depends of the entity). |
| Assignee | - |
| Description | - |
| Status | - |
| Title | - |
| Type | - |
Advanced Parameters
| Parameter | Description |
|---|---|
| Add Tags | Those tags will be added to the current alert. |
| Custom Fields | - |
| Date | - |
| External Link | - |
| Follow | - |
| Last Sync Date | - |
| PAP | Prioritized Asset Profile, the severity level that is used to indicate the importance of an asset. White: The asset is not critical. Green: The asset is important, but not critical. Amber: The asset is critical. Red: The asset is essential. |
| Remove Tags | Those tags will be removed from the current alert. |
| Severity | - |
| Source | - |
| Source Ref | - |
| Summary | - |
| TLP | Traffic Light Protocol, a set of designations used to ensure that sensitive information is shared with the appropriate audience. CLEAR: unlimited formerly. GREEN: community-wide. AMBER: limited distribution. AMBER+STRICT: restricts sharing to the organization only. RED: personal for named recipients only. |
| Tags | - |
Workflow Library Example
Update Alert with Thehive and Send Results Via Email
Preview this Workflow on desktop