See the example script Export Expel Alert Evidence. This script will write a CSV containing timestamp of alert, expel alert name, vendor name, and associated evidence fields.
See the example script Poll For New Incidents. This script will poll Expel Workbench for any incidents created in the past five minutes.
See the example script Jira Sync. This script will sync the following to JIRA from Expel Workbench:
- Investigative Actions details and outcome as sub tasks
- Investigation description, lead alert
- Investigative comments
- Incident findings
- Investigation status closed/opened
See the example script Poll For Unhealthy Devices. This script will poll Expel Workbench for any devices marked unhealthy in the past five minutes.
See the example script Poll For Investigaiton / Incident updates. This script will poll Expel Workbench for any updates to investigations or incidents in the past five minutes.
See the example script Pretty Print Lead Expel Alert Evidence. This script will pretty print the Expel Alert details along with all correlated vendor evidences.