[FR] Case, Alerts Export csv, json

Open kim-namjin opened this issue 2 years ago • 1 comments

Is your feature request related to a problem? Please describe. IRIS Web에서 Alerts와 Case 현황에서 필터한 결과를 CSV, JSON형태로 결과 내보내기가 되었으면 좋겠습니다.

ex) https://v200.beta.dfir-iris.org/alerts?cid=1&page=1&per_page=10&sort=desc&alert_severity_id=6&is-expanded=true#

해당 페이지에서 Severity가 Critical인 경우 필터를 하고, 이를 CSV, JSON으로 export 하는 기능이 필요합니다.

Jul 26 '23 03:07 kim-namjin

Kim Namjin,

It would be a handy feature, thanks for pointing that out.

Meanwhile, you can use the api to filter alerts and get the json export easily: https://docs.dfir-iris.org/_static/iris_api_reference_v2.0.1.html#tag/Alerts/operation/get-alerts-filter

I advise to use the python client: https://docs.dfir-iris.org/python_client/

The method filter_alerts from Alert class should be what you are looking for: https://github.com/dfir-iris/iris-client/blob/master/dfir_iris_client/alert.py

Jul 26 '23 08:07 Ektoplasma