ePO - TheHive alert creation with opendxl-thehive-service-python

  • Viji

    Approved the thread.
  • Hi-

    Yes, we have demonstrated an integration between ePO, TheHive, and Node-RED. The particular workflow is that ePO sends threat events over DXL, the event is received by Node-RED, which in turn creates a case in TheHive (via the OpenDXL TheHive Service).

    Is there a specific use case you are looking to accomplish?



  • In short when i have an ePO alert i need to create the same alert into theHive. At a leter stage i would also like to be able to do it the other way, for instance an alert received into theHive from misp with a particular malicious URL the same url added to the Allow and Block list of web control. The latter however is not my priority for the moment.