Hello,
When configuring Detection Rules, is there a way to send a CSV file as part of the Email action (when the rule triggers)? I am aware Mustache and Markdown syntax is supported for the email body, but I was wondering if Kibana allows to automatically create a CSV file containing all the generated alerts for the triggered rule, and then send that CSV file in an email as an action.
For example: this text would print in the email body specific fields for all the generated alerts as a table; I am looking to "translate" that table to a CSV file.
| Date and Time | User | Process |
| :--- | :---: | :---: |
{{#context.alerts}}
| {{@timestamp}} | {{winlog.event_data.SubjectUserName}} | {{process.name}} |
{{/context.alerts}}
Any input will be appreciated. Thank you!
Camilo