Rework the issue template to make it easier to use.

.gitignore

@@ -5,3 +5,5 @@ thehive-templates/*.sh
 
 .idea
 .DS_Store
+
+Cortex-analyzers.iml

analyzers/Abuse_Finder/abusefinder.py

@@ -1,6 +1,9 @@
 #!/usr/bin/env python
-# -*- coding: utf-8 -*-
+# -*- coding: utf-8 -*
-
+"""This analyzer leverages abuse_finder, an Open Source Python library provided by CERT Société Générale to help
+automatically find the most appropriate contact for abuse reports.
+See https://github.com/certsocietegenerale/abuse_finder for further reference.
+"""
 
 import sys
 import json
@@ -32,7 +35,7 @@ class AbuseFinderAnalyzer(Analyzer):
         elif self.data_type == "url":
             return url_abuse(self.getData())
         else:
-            self.error("datatype not handled")
+            self.error("invalid datatype")
 
     def run(self):
         self.report({'abuse_finder':self.abuse()})

analyzers/CIRCLPassiveDNS/circl_passivedns.py

@@ -68,9 +68,9 @@ class CIRCLPassiveDNSAnalyzer(Analyzer):
         elif self.data_type == 'domain':
             query = self.getData()
             if '/' in query:
-                self.error('\'/\' in domain. use url data type instead.')
+                self.error('\'/\' found in the supplied domain. use the URL datatype instead')
         else:
-            self.error('Incompatible data type.')
+            self.error('invalid datatype')
         self.report({'results': self.query(query)})
 
 if __name__ == '__main__':

analyzers/MISP/MISP.json

@@ -9,7 +9,7 @@
         "check_tlp": false,
         "max_tlp": 3
     },
-    "description": "Check if this IOC has been processed in different MISP instances.",
+    "description": "Query multiple MISP instances for events containing an observable.",
     "dataTypeList": ["domain", "ip", "url", "fqdn", "uri_path","user-agent", "hash", "email", "mail", "mail_subject" , "registry", "regexp", "other", "filename"],
     "command": "MISP/misp.py"
 }