Hoxhunt v2
Use the Hoxhunt integration to send feedback to reporters of incidents, set incident sensitivity, and apply SOC classification to incidents.
Email · Hoxhunt
Configuration parameters
url— Server URL (required)api_key— API Key (required)mirror_direction— Incident Mirroring Directioninsecure— Trust any certificate (not secure)proxy— Use system proxy settingsisFetch— Fetch incidentsincidentFetchInterval— Incidents Fetch IntervalincidentType— Incident typefirst_fetch— First fetch timestampmax_fetch— Fetch limitonly_escalated_incidents— Only fetch escalated incidentsonly_open_incidents— Only fetch open incidents
Commands (9)
-
get-mapping-fieldsGet mapping fields from remote incident. Please note that this method will not update the current incident. It's here for debugging purposes.
-
hoxhunt-current-user-getGets the current user information from Hoxhunt.
-
hoxhunt-incident-note-addAdd Incident note.
-
hoxhunt-incident-set-sensitiveSet incident to contain sensitive information.
-
hoxhunt-incident-set-soc-classificationSet soc classification for an incident.
-
hoxhunt-incident-soc-feedback-sendSend feedback to reporters of incident about whether the reported email was safe, spam or malicious.
-
hoxhunt-incident-threats-getGets threats from Hoxhunt.
-
hoxhunt-incident-threats-removeRemove all threats that belong to an incident.
-
hoxhunt-incident-update-stateUpdates Incident state.