First
define action Script Parameters have two select action
what is the Fixed Property and Network Event Property difference?
two
Script Configuration i use python
and set devicetime username EVENT_NAME command (use QRadar 7.2.8)
and trigger the execution
about the devicetime
i use
devicetime = sys.argv[1]
devicetime = time.strftime("%Y-%m-%d %H:%M:%S",time.localtime())
but result is UTC time not my timezone
and orther question
i use
eventname = str(sys.argv[3])
but result is null (in log activity have some information look like User Login)
and i build a 7.3.3 Hotfix 9 environment Script Parameters Network Event Property no have EVENT_NAME can select
so somebody can hele me
THX~
------------------------------
Hung-Ting Chou
------------------------------