Hoxhunt v2

Use the Hoxhunt integration to send feedback to reporters of incidents, set incident sensitivity, and apply SOC classification to incidents.

Email · Hoxhunt

Configuration parameters

  • url — Server URL (required)
  • api_key — API Key (required)
  • mirror_direction — Incident Mirroring Direction
  • insecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings
  • isFetch — Fetch incidents
  • incidentFetchInterval — Incidents Fetch Interval
  • incidentType — Incident type
  • first_fetch — First fetch timestamp
  • max_fetch — Fetch limit
  • only_escalated_incidents — Only fetch escalated incidents
  • only_open_incidents — Only fetch open incidents

Commands (9)

  • get-mapping-fields

    Get mapping fields from remote incident. Please note that this method will not update the current incident. It's here for debugging purposes.

  • hoxhunt-current-user-get

    Gets the current user information from Hoxhunt.

  • hoxhunt-incident-note-add

    Add Incident note.

  • hoxhunt-incident-set-sensitive

    Set incident to contain sensitive information.

  • hoxhunt-incident-set-soc-classification

    Set soc classification for an incident.

  • hoxhunt-incident-soc-feedback-send

    Send feedback to reporters of incident about whether the reported email was safe, spam or malicious.

  • hoxhunt-incident-threats-get

    Gets threats from Hoxhunt.

  • hoxhunt-incident-threats-remove

    Remove all threats that belong to an incident.

  • hoxhunt-incident-update-state

    Updates Incident state.