Skip to main content
POST
/
workspace
/
{ws_id}
/
case_management
/
table
/
cases
Create a Case
curl --request POST \
  --url https://app.blinkops.com/api/v1/workspace/{ws_id}/case_management/table/cases \
  --header 'BLINK-API-KEY: <api-key>' \
  --header 'Content-Type: */*' \
  --data '{
  "case_manager": [
    "[email protected]"
  ],
  "case_tags": [
    "Malware",
    "Ransomware",
    "Insider Threat"
  ],
  "mitre_attack": [
    "Reconnaissance",
    "Resource Development"
  ],
  "name": "New Case",
  "overview": "<p>1. New Malware detected</p>",
  "severity": 3,
  "sla": 259200000,
  "sla_expiry": 60000,
  "status": "OPEN",
  "summary": "Summary of the case",
  "type": "Malware",
  "vendors": [
    "CrowdStrike"
  ]
}'
{
  "case_manager": [
    "[email protected]"
  ],
  "case_tags": [
    "Malware",
    "Ransomware",
    "Insider Threat"
  ],
  "mitre_attack": [
    "Reconnaissance",
    "Resource Development"
  ],
  "name": "New Case",
  "overview": "<p>1. New Malware detected</p>",
  "severity": 3,
  "sla": 259200000,
  "sla_expiry": 60000,
  "status": "OPEN",
  "summary": "Summary of the case",
  "type": "Malware",
  "vendors": [
    "CrowdStrike"
  ]
}

Authorizations

BLINK-API-KEY
string
header
required

Path Parameters

ws_id
string
required

Body

*/*
case_manager
string[]
Example:
case_tags
enum<string>[]
Example:
mitre_attack
enum<string>[]
Example:
name
string
Example:
overview
string
Example:
severity
integer
Example:
sla
integer
Example:
sla_expiry
integer
Example:
status
enum<string>
Available options:
OPEN,
IN PROGRESS,
CLOSED
Example:
summary
string
Example:
type
enum<string>
Available options:
Malware,
Ransomware,
Adware,
Spyware,
Crypto Miner,
Data Exfiltration,
Insider Threat,
Network Intrusion,
DoS,
DDoS,
MITM,
SQL Injection,
Email Spoofing,
DNS Spoofing,
C2 Communications,
Rogue Device,
Brute Force,
Phishing,
Compromised Credentials,
Account Takeover,
Physical,
Vulnerability,
Reconnaissance,
Domain Takeover,
Lateral Movement,
Network Exposure,
Data Exposure,
Credential Exposure,
Suspicious User Activity,
Suspicious Login,
Suspicious Network Activity,
Suspicious USB Device,
Security Policy Violation,
Security Compliance Violation
Example:
vendors
enum<string>[]
Example:

Response

case_manager
string[]
Example:
case_tags
enum<string>[]
Example:
mitre_attack
enum<string>[]
Example:
name
string
Example:
overview
string
Example:
severity
integer
Example:
sla
integer
Example:
sla_expiry
integer
Example:
status
enum<string>
Available options:
OPEN,
IN PROGRESS,
CLOSED
Example:
summary
string
Example:
type
enum<string>
Available options:
Malware,
Ransomware,
Adware,
Spyware,
Crypto Miner,
Data Exfiltration,
Insider Threat,
Network Intrusion,
DoS,
DDoS,
MITM,
SQL Injection,
Email Spoofing,
DNS Spoofing,
C2 Communications,
Rogue Device,
Brute Force,
Phishing,
Compromised Credentials,
Account Takeover,
Physical,
Vulnerability,
Reconnaissance,
Domain Takeover,
Lateral Movement,
Network Exposure,
Data Exposure,
Credential Exposure,
Suspicious User Activity,
Suspicious Login,
Suspicious Network Activity,
Suspicious USB Device,
Security Policy Violation,
Security Compliance Violation
Example:
vendors
enum<string>[]
Example: