Add indicators fields

Packs/GoogleThreatIntelligence/IndicatorFields/indicatorfield-GTI_Severity.json

@@ -0,0 +1,26 @@
+{
+    "associatedToAll": true,
+    "caseInsensitive": true,
+    "cliName": "gtiseverity",
+    "closeForm": false,
+    "content": true,
+    "editForm": true,
+    "group": 2,
+    "hidden": false,
+    "id": "indicator_gti_severity",
+    "isReadOnly": false,
+    "locked": false,
+    "name": "GTI Severity",
+    "neverSetAsRequired": false,
+    "ownerOnly": false,
+    "required": false,
+    "sla": 0,
+    "system": false,
+    "threshold": 72,
+    "type": "shortText",
+    "unmapped": false,
+    "unsearchable": true,
+    "useAsKpi": true,
+    "version": -1,
+    "fromVersion": "5.5.0"
+}

Packs/GoogleThreatIntelligence/IndicatorFields/indicatorfield-GTI_Threat_Score.json

@@ -0,0 +1,26 @@
+{
+    "associatedToAll": true,
+    "caseInsensitive": true,
+    "cliName": "gtithreatscore",
+    "closeForm": false,
+    "content": true,
+    "editForm": true,
+    "group": 2,
+    "hidden": false,
+    "id": "indicator_gti_threat_score",
+    "isReadOnly": false,
+    "locked": false,
+    "name": "GTI Threat Score",
+    "neverSetAsRequired": false,
+    "ownerOnly": false,
+    "required": false,
+    "sla": 0,
+    "system": false,
+    "threshold": 72,
+    "type": "number",
+    "unmapped": false,
+    "unsearchable": true,
+    "useAsKpi": true,
+    "version": -1,
+    "fromVersion": "5.5.0"
+}

Packs/GoogleThreatIntelligence/IndicatorFields/indicatorfield-GTI_Verdict.json

@@ -0,0 +1,26 @@
+{
+    "associatedToAll": true,
+    "caseInsensitive": true,
+    "cliName": "gtiverdict",
+    "closeForm": false,
+    "content": true,
+    "editForm": true,
+    "group": 2,
+    "hidden": false,
+    "id": "indicator_gti_verdict",
+    "isReadOnly": false,
+    "locked": false,
+    "name": "GTI Verdict",
+    "neverSetAsRequired": false,
+    "ownerOnly": false,
+    "required": false,
+    "sla": 0,
+    "system": false,
+    "threshold": 72,
+    "type": "shortText",
+    "unmapped": false,
+    "unsearchable": true,
+    "useAsKpi": true,
+    "version": -1,
+    "fromVersion": "5.5.0"
+}

Packs/GoogleThreatIntelligence/Integrations/FeedLivehunt/FeedLivehunt.py

@@ -137,6 +137,7 @@ def fetch_indicators_command(client: Client,
         raw_data = {
             'value': value_,
             'type': type_,
+            'attributes': attributes,
         }
 
         detection_ratio = DetectionRatio(attributes.get('last_analysis_stats'))
@@ -179,6 +180,11 @@ def fetch_indicators_command(client: Client,
                 'displayname': attributes.get('meaningful_name'),
                 'name': attributes.get('meaningful_name'),
                 'size': attributes.get('size'),
+                'malwarefamily': malware_families or None,
+                'actor': threat_actors or None,
+                'gtithreatscore': gti_assessment.get('threat_score', {}).get('value'),
+                'gtiseverity': gti_assessment.get('severity', {}).get('value'),
+                'gtiverdict': gti_assessment.get('verdict', {}).get('value'),
             },
             # A dictionary of the raw data returned from the feed source about the indicator.
             'rawJSON': raw_data,
@@ -187,11 +193,6 @@ def fetch_indicators_command(client: Client,
             'fileType': attributes.get('type_description'),
             'rulesetName': context_attributes.get('ruleset_name'),
             'ruleName': context_attributes.get('rule_name'),
-            'gti_threat_score': gti_assessment.get('threat_score', {}).get('value'),
-            'gti_severity': gti_assessment.get('severity', {}).get('value'),
-            'gti_verdict': gti_assessment.get('verdict', {}).get('value'),
-            'malware_families': malware_families or None,
-            'threat_actors': threat_actors or None,
         }
 
         if feed_tags: