From 93e9e8d9b9565dd8e64d13643b908f6cb87d808f Mon Sep 17 00:00:00 2001
From: vg-svitla <v.huriev@svitla.com>
Date: Thu, 9 Jan 2025 18:01:52 +0400
Subject: [PATCH] Add smart-descriptions.json

---
 .../_meta/smart-descriptions.json                 | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/Trend Micro/trend-micro-vision-one-oat/_meta/smart-descriptions.json b/Trend Micro/trend-micro-vision-one-oat/_meta/smart-descriptions.json
index 656e4f9c7..233994a0d 100644
--- a/Trend Micro/trend-micro-vision-one-oat/_meta/smart-descriptions.json	
+++ b/Trend Micro/trend-micro-vision-one-oat/_meta/smart-descriptions.json	
@@ -23,5 +23,20 @@
       { "field": "threat.technique.subtechnique.id" },
       { "field": "host.ip" }
     ]
+  },
+  {
+    "value": "Email with subject {email.subject} sent from {email.from.address} to {email.to.address}",
+    "conditions": [
+      { "field": "email.subject" },
+      { "field": "email.from.address" },
+      { "field": "email.to.address" }
+    ]
+  },
+  {
+    "value": "Email with subject {email.subject} sent from {email.from.address}",
+    "conditions": [
+      { "field": "email.subject" },
+      { "field": "email.from.address" }
+    ]
   }
 ]