From 8a8cb78fc92912c928318741b80b75fa90561274 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Tue, 22 Oct 2024 16:53:54 +0200
Subject: [PATCH] chg: [content] image path updated

---
 content/blog/MISP_IoC_retrosearch_with_misp42splunk.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/content/blog/MISP_IoC_retrosearch_with_misp42splunk.md b/content/blog/MISP_IoC_retrosearch_with_misp42splunk.md
index d816f63..f4f5485 100644
--- a/content/blog/MISP_IoC_retrosearch_with_misp42splunk.md
+++ b/content/blog/MISP_IoC_retrosearch_with_misp42splunk.md
@@ -18,7 +18,7 @@ The framework will run a series of scheduled searches to pull the IoC from MISP,
 
 All results are written to a summary index.
 
-![MISP IoC retrosearch lifecycle](https://github.com/remg427/misp42splunk/blob/master/images/misp42_ioc_retrosearch_lifecycle.png)
+![MISP IoC retrosearch lifecycle](https://raw.githubusercontent.com/remg427/misp42splunk/refs/heads/master/images/misp42_ioc_retrosearch_lifecycle.png)
 
 ## Preparation
 
@@ -65,11 +65,11 @@ field.sourcetype = string
 ```
 You could use Splunk App for Lookup File Editing:  
 
-![Create KV store](https://github.com/remg427/misp42splunk/blob/master/images/misp42_ioc_retrosearch_kvstore_creation.png)
+![Create KV store](https://raw.githubusercontent.com/remg427/misp42splunk/refs/heads/master/images/misp42_ioc_retrosearch_kvstore_creation.png)
 
 and then create a lookup definition **HUNT_LD_201_RETRO_catch_ip** pointing to the KV store HUNT_KV_201_RETRO_catch_ip.  
 
-![Lookup definition](https://github.com/remg427/misp42splunk/blob/master/images/misp42_ioc_retrosearch_lookup_defintion.png)
+![Lookup definition](https://raw.githubusercontent.com/remg427/misp42splunk/refs/heads/master/images/misp42_ioc_retrosearch_lookup_defintion.png)
 
 
 #### Collecting findings in a dedicated index