{
  "name": "HarfangLab_SearchDriverByFileName",
  "version": "1.0",
  "author": "HarfangLab Product Team",
  "url": "https://github.com/TheHive-Project/Cortex-Analyzers",
  "license": "AGPL-V3",
  "description": "Search a driver load in HarfangLab EDR's telemetry per filename",
  "dataTypeList": [
    "thehive:case_artifact"
  ],
  "command": "HarfangLab/HarfangLab.py",
  "baseConfig": "HarfangLab",
  "config": {
    "service": "searchDriverByFileName"
  },
  "configurationItems": [
    {
      "name": "apiURL",
      "description": "HarfangLab EDR API URL",
      "type": "string",
      "multi": false,
      "required": true,
      "defaultValue": "https://hurukai:8443/"
    },
    {
      "name": "apiKey",
      "description": "HarfangLab EDR API Key",
      "type": "string",
      "multi": false,
      "required": true,
      "defaultValue": "0123456789abcdef"
    },
    {
      "name": "limit",
      "description": "Maximum number of items to collect from telemetry searches",
      "type": "number",
      "multi": false,
      "required": true,
      "defaultValue": "100"
    }
  ],
  "subscription_required": true,
  "free_subscription": false,
  "service_logo": {
    "path": "assets/HarfangLab_logo.png",
    "caption": "logo"
  }
}