Widgets in Case Report Templates#

Several widget types are available for case report templates in TheHive.

This topic describes each widget type and its attributes.

Displays formatted text, with support for case variables and TheHive-flavored Markdown.

Text widget configuration includes:

Displays an image to visually support the report content.

Supported image formats

Image widgets only support JPG, JPEG, and PNG formats.

Image widget configuration includes:

A title for the image
An image that you can upload by dragging and dropping or selecting from your computer

Displays structured data in a tabular format, based on selected case elements.

Table widget configuration includes:

A title for the table
A parameter selection to choose from observables, tasks, TTPs, alerts, or custom fields, along with the data to display

Protect observable URLs

Turn on the Protect data? toggle to defang URLs and prevent accidental clicks.

Displays a simplified list of observables, tasks, TTPs, or alerts.

List widget configuration includes:

A title for the list
A parameter selection to choose from observables, tasks, TTPs, or alerts, along with the data to display

Protect observable URLs

Turn on the Protect data? toggle to defang URLs and prevent accidental clicks.

Displays case activity in a chronological list format.

Timeline widget configuration includes:

A title for the timeline
A selection of multiple parameters, allowing you to choose from alerts, case events, tasks, task logs, sighted IOCs, and TTPs
Custom events
5.5 You can choose if you want to display custom events with or without their descriptions.

Displays case comments with optional filters and a maximum display limit.

Comments widget configuration includes:

Displays selected case pages.

Pages widget configuration includes:

Text widget#