[FR] keep "event source" & "event tags" in a database for re-use

[hasamba]

event sources for me are usually : SIEM, EDR ....
sometime i write the name of the EDR, sometime the company name and sometime EDR,
i think it should be kept across all cases for consistency

same for event tags, usually event tags are repeated between cases.

thanks