From b7f98802c9fdfe65fbfe8e3a74d66e6fc6b1d1bd Mon Sep 17 00:00:00 2001
From: lvoloshyn-sekoia <leonid.voloshyn@sekoia.io>
Date: Mon, 9 Dec 2024 11:25:02 +0200
Subject: [PATCH] Add smart descriptions

---
 .../_meta/smart-descriptions.json                     | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/Trend Micro/trend-micro-vision-one-oat/_meta/smart-descriptions.json b/Trend Micro/trend-micro-vision-one-oat/_meta/smart-descriptions.json
index 0637a088a..01163576e 100644
--- a/Trend Micro/trend-micro-vision-one-oat/_meta/smart-descriptions.json	
+++ b/Trend Micro/trend-micro-vision-one-oat/_meta/smart-descriptions.json	
@@ -1 +1,10 @@
-[]
\ No newline at end of file
+[
+  {
+    "value": "Observed {threat.tactic.id} tactics and {threat.technique.id} techniques on {host.ip}",
+    "conditions": [
+      { "field": "threat.tactic.id" },
+      { "field": "threat.technique.id" },
+      { "field": "host.ip" }
+    ]
+  }
+]