Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Bulk Merge Alerts into Case #271
Bulk Merge Alerts into Case
Sometimes we get a large number of alerts, with only slightly varying information (maybe MD5 is different between the alerts), however, they all still relate to the same case. It would be great to have a bulk merge alert (like we have bulk mark as read) to capture all the slightly varying observables into a single case easily.
This feature should allow:
Hi @BrevilleBro. Thank you for this feature request. We had it in mind for quite sometime but we failed to create the corresponding issue. Indeed, merging multiple alerts into a case (for example alerts stemming from a spamrun where users would report emails related to the same campaign) makes a lot of sense.
We will try to implement it in Cerana (3.x).
I have just begun using TheHive and this was the first thing I thought of as I began acclimating myself with the software. It would be amazing if I had a quicker way to go through the alerts and group them into a single case.
It would also be great to have something like the alert view in the case itself so I can have a pretty list of the alerts that were imported into the case and then I can expand them if I need be.