[incident_intelligence]
python.version = python3
description = Send a customized message to Incident Intelligence on a triggered alert action in Splunk.
label = Incident Intelligence
is_custom = 1
payload_format = json
icon_path = alert_incident_intelligence.png
param.severity = CRITICAL
param.title =
param.description =
param.org_id =
param.service_id =
param.realm =
param._cam            = {\
    "category":   ["Information Conveyance"],\
    "task":       ["create"],\
    "subject":    ["splunk.event"],\
    "technology": [{"vendor": "Splunk", "product": "API", "version": ["v1"]}],\
    "supports_adhoc": true\
}