This atomic executes an OCSF query for an observable using one or more Cisco XDR integrations. This query can be executed synchronously or asynchronously and supports various filtering options.

Target: Platform APIs

Steps:
- Make sure an observable type or type ID was provided
- Build the query string and request payload
- Send the OCSF query request
- Check if the request was successful:
  - If not, end the workflow
- Check if the request was synchronous:
  - If it was, set the output variable with the request's results
  - If it wasn't, attempt to extract the request ID and set the output variable

XDR - Analytics - Execute OCSF Query