Hi OD gurus,
I’m using OD with wazuh, and works really good. The thing is I need more data while alertin. I 'd like to get full data Let s says I have a bad login. Is is psible to get full data (for eg includes user name, IP,etc) I think ctx.results.input
would be the var
Keep in touch
Mariano
Hi Mariano,
Glad to hear your are enjoying using ODFE!
Though I’m not sure what is the exact variable you want, I think it’s ctx.results[0].XXX
, note that the result
object is an array.
You could click the info
button near the Trigger condition
editor area in Define trigger
page. It will show you directly with JSON response of what’s available under the “ctx” variable.
Tianli