Upadate Application template to include summary

mgreen27 · Aug 7, 2023 · ffc13f2 · ffc13f2
1 parent cb1aa30
commit ffc13f2
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/templates/Applications.template b/templates/Applications.template
@@ -51,3 +51,17 @@ sources:
             WHERE ( KeyName =~ Regex OR DisplayName =~ Regex )
             LIMIT 1 -- limit 1 hit per domain for performance
         }, workers= 20)
+
+    notebook:
+      - type: vql_suggestion
+        name: Detection summary
+        template: |
+            /*
+            ### Detection summary
+            */
+
+            SELECT Category,DisplayName, 
+              count() as Total 
+            FROM source()
+            GROUP BY DisplayName
+            ORDER BY Total DESC