> ## Documentation Index
> Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt
> Use this file to discover all available pages before exploring further.

> API endpoint to create a new alert in Blink's case management system.

# Create an Alert



## OpenAPI

````yaml post /workspace/{ws_id}/case_management/table/alerts
openapi: 3.0.1
info:
  title: Blink REST API
  description: >-
    The Blink REST API provides programmatic access to Blink data and
    functionality, enabling the management of resources such as workflows,
    users, cases, and more.
  termsOfService: https://www.blinkops.com/terms-of-use
  contact:
    name: API Support
    url: http://blinkops.com/support
    email: support@blinkops.com
  version: '1.0'
servers:
  - url: https://app.blinkops.com/api/v1
security: []
tags:
  - name: Controller
    description: Controller health and stats
  - name: Connections
    description: Manage your connections
  - name: Integrations
    description: Manage your integrations
  - name: Invites
    description: Manage your invites
  - name: Workflows
    description: Create and execute your workflows
  - name: Executions
    description: Get information and manage executions
  - name: Runners
    description: Configure your runners
  - name: Tables
    description: Manage your tables
  - name: Case Management
    description: Manage your cases
  - name: User Settings
    description: Manage user settings
  - name: Webhook
    description: Send to webhook
  - name: workspaces
    description: Manage your workspaces
  - name: User Info
    description: Get Information on current user
  - name: Portal
    description: Manage your portal apps
  - name: Groups
    description: Manage your Groups
  - name: Users
    description: Manage your users
paths:
  /workspace/{ws_id}/case_management/table/alerts:
    post:
      tags:
        - Case Management
      summary: Create an Alert
      description: Adds a new Alert record.
      operationId: CreateAlert
      parameters:
        - name: ws_id
          in: path
          description: Workspace ID
          required: true
          schema:
            type: string
      requestBody:
        description: Alert Data
        content:
          '*/*':
            schema:
              $ref: '#/components/schemas/api.AlertObject'
        required: true
      responses:
        '200':
          description: OK
          content:
            '*/*':
              schema:
                $ref: '#/components/schemas/api.AlertObject'
        '400':
          description: Failed to create record
          content:
            '*/*':
              schema:
                $ref: '#/components/schemas/api_responses.ErrorWrapper'
      security:
        - ApiKeyAuth: []
components:
  schemas:
    api.AlertObject:
      type: object
      properties:
        description:
          type: string
          example: Malware detected and blocked by CrowdStrike Falcon
        event:
          type: string
          example: '{"process": "malware.exe", "action": "blocked"}'
        name:
          type: string
          example: CrowdStrike Falcon Detection
        processing_status:
          type: string
          example: Missing Template
          enum:
            - Unprocessed
            - Missing Template
            - Mid-processing
            - Bad Template
            - Processed
        severity:
          type: integer
          example: 3
        type:
          type: string
          example: Endpoint Detection and Response (EDR)
          enum:
            - Malware
            - Ransomware
            - Adware
            - Spyware
            - Crypto Miner
            - Data Exfiltration
            - Insider Threat
            - Network Intrusion
            - DoS
            - DDoS
            - MITM
            - SQL Injection
            - Email Spoofing
            - DNS Spoofing
            - C2 Communications
            - Rogue Device
            - Brute Force
            - Phishing
            - Compromised Credentials
            - Account Takeover
            - Physical
            - Vulnerability
            - Reconnaissance
            - Domain Takeover
            - Lateral Movement
            - Network Exposure
            - Data Exposure
            - Credential Exposure
            - Suspicious User Activity
            - Suspicious Login
            - Suspicious Network Activity
            - Suspicious USB Device
            - Security Policy Violation
            - Security Compliance Violation
        vendor:
          type: string
          example: CrowdStrike
          enum:
            - CrowdStrike
            - Checkpoint
            - Delinea
            - Securonix
            - Falcon LogScale
            - Splunk
            - ArcSight
            - SolarWinds Service Desk
            - Datadog
            - SentinelOne
            - Microsoft Defender For Cloud
            - Microsoft Defender For Cloud Apps
            - Microsoft Defender For Endpoints
    api_responses.ErrorWrapper:
      type: object
      properties:
        data:
          type: object
        details:
          type: string
        identifier:
          type: string
        message:
          type: string
        status:
          type: integer
          example: 404
        user_error:
          type: object
  securitySchemes:
    ApiKeyAuth:
      type: apiKey
      description: >-
        Use your API key to access BlinkOps API. To generate an API key, please
        log in to your BlinkOps account and navigate to the API Keys section in
        the user settings page. Add the generated key to your request headers as
        BLINK-API-KEY.
      name: BLINK-API-KEY
      in: header

````