op item list --format json | jq -c '.[] | {uuid:.id,title:.title,updatedAt:.updatedat}' >> 1passwordlookup.json
op list items | jq -c '.[] | {uuid:.uuid,title:.overview.title,updatedAt:.updatedAt}' >> 1password_lookup.json
item_uuid
.
uuid
. select * from your_company_logs.public.onepassword_itemusage limit 10
p.enrichment
field:
from panther_base_helpers import deep_get
def rule(event):
if deep_get(event, "p_enrichment", "1Password Translation","item_uuid", "title") == "Sensitive Password":
return True