Update an Alert
PUT/workspace/:ws_id/case_management/table/alerts/:alert_id
Updates an alert record.
Request
Path Parameters
Workspace ID
Alert ID
- application/json
Body
required
Alert Data
Possible values: [1
, 2
, 3
, 4
]
Possible values: [Malware
, Ransomware
, Adware
, Spyware
, Crypto Miner
, Data Exfiltration
, Insider Threat
, Network Intrusion
, DoS
, DDoS
, MITM
, SQL Injection
, Email Spoofing
, DNS Spoofing
, C2 Communications
, Rogue Device
, Brute Force
, Phishing
, Compromised Credentials
, Account Takeover
, Physical
, Vulnerability
, Reconnaissance
, Domain Takeover
, Lateral Movement
, Network Exposure
, Data Exposure
, Credential Exposure
, Suspicious User Activity
, Suspicious Login
, Suspicious Network Activity
, Suspicious USB Device
, Security Policy Violation
, Security Compliance Violation
]
Possible values: [CrowdStrike
, Checkpoint
, Delinea
, Securonix
, Falcon LogScale
, Splunk
, ArcSight
, SolarWinds Service Desk
, Datadog
, SentinelOne
, Microsoft Defender For Cloud
, Microsoft Defender For Cloud Apps
, Microsoft Defender For Endpoints
]
Responses
- 200
- 400
OK
- */*
- Schema
- Example (from schema)
Schema
Possible values: [1
, 2
, 3
, 4
]
Possible values: [Malware
, Ransomware
, Adware
, Spyware
, Crypto Miner
, Data Exfiltration
, Insider Threat
, Network Intrusion
, DoS
, DDoS
, MITM
, SQL Injection
, Email Spoofing
, DNS Spoofing
, C2 Communications
, Rogue Device
, Brute Force
, Phishing
, Compromised Credentials
, Account Takeover
, Physical
, Vulnerability
, Reconnaissance
, Domain Takeover
, Lateral Movement
, Network Exposure
, Data Exposure
, Credential Exposure
, Suspicious User Activity
, Suspicious Login
, Suspicious Network Activity
, Suspicious USB Device
, Security Policy Violation
, Security Compliance Violation
]
Possible values: [CrowdStrike
, Checkpoint
, Delinea
, Securonix
, Falcon LogScale
, Splunk
, ArcSight
, SolarWinds Service Desk
, Datadog
, SentinelOne
, Microsoft Defender For Cloud
, Microsoft Defender For Cloud Apps
, Microsoft Defender For Endpoints
]
{
"description": "Malware detected and blocked by CrowdStrike Falcon",
"event": "{\"process\": \"malware.exe\", \"action\": \"blocked\"}",
"name": "CrowdStrike Falcon Detection",
"severity": 3,
"type": "Endpoint Detection and Response (EDR)",
"vendor": "CrowdStrike"
}
Failed to update record
- */*
- Schema
- Example (from schema)
Schema
{
"data": {},
"details": "string",
"identifier": "string",
"message": "string",
"status": 404,
"user_error": {}
}