WIZ Integration - Severity filtering | Voters

WIZ Integration - Severity filtering

Roman Voznyi

At this moment Wiz integration allows us to search for Wiz issues only by status

----- "filterBy": {"status": status_list} if status_list else {} -----

which is set by default to ["OPEN", "IN_PROGRESS"], but given the large number of issues that exist in the database, it is increasingly necessary to filter out less important issues, for example, not to take "Informational" severity issues.

So we suggest expanding the filtering capabilities, namely:

if the values can only be hardcoded, then set a filter like this:

----- "filterBy": {"status": ["OPEN", "IN_PROGRESS"], "severity": ["LOW", "MEDIUM", "HIGH", "CRITICAL"]} -----

if it can be made more dynamic, it will be even better, but then I would also ask for instructions on how exactly we can pass in variables or in some other way the list of fields/values by which we would like to synchronize.

And a small addition, if it is technically possible, it would be great to be able to filter also by internal fields of the entity, for example ".entitySnapshot.type" !="USER_ACCOUNT" or ".entitySnapshot.type": ["USER_ACCOUNT", "STORAGE_ACCOUNT"].

21 hours ago