+1
Under review
Teams integration customization
We tried the new Teams integration and noticed it now has the justification field but no way to customize it at all. With the previous method of alerting via session trigger, I was able to edit the JSON to remove some info we aren't interested in such as user groups and also added a hyperlink/buttons to scan the certificates and file hashes in VirusTotal -
"https://virustotal.com/gui/file/{GETDATAFIELD(CorrelationEvent.Data, 'CertificateThumbprint'):jsnq}"}}]}},
{{"type":"ActionSet","actions":[{{"type":"Action.OpenUrl","title":"File hash","url":
"https://virustotal.com/gui/file/{GETDATAFIELD(CorrelationEvent.Data, 'FileSha256'):jsnq}"}}]}},
It would be nice if we could customize the new integration option.
Customer support service by UserEcho