Update an Observable

curl --request PUT \
  --url https://app.blinkops.com/api/v1/workspace/{ws_id}/case_management/table/observables/{observable_id} \
  --header 'BLINK-API-KEY: <api-key>' \
  --header 'Content-Type: */*' \
  --data '
{
  "content": "1.1.1.1",
  "description": "Suspicious IP address observed in network traffic",
  "enrichment_data": "{\"VirusTotal-Score\":\"value\"}",
  "name": "Suspicious IP Address",
  "type": "IP Address",
  "verdict": "Suspicious"
}
'

{
  "content": "1.1.1.1",
  "description": "Suspicious IP address observed in network traffic",
  "enrichment_data": "{\"VirusTotal-Score\":\"value\"}",
  "name": "Suspicious IP Address",
  "type": "IP Address",
  "verdict": "Suspicious"
}

PUT

workspace

{ws_id}

case_management

table

observables

{observable_id}

Update an Observable

curl --request PUT \
  --url https://app.blinkops.com/api/v1/workspace/{ws_id}/case_management/table/observables/{observable_id} \
  --header 'BLINK-API-KEY: <api-key>' \
  --header 'Content-Type: */*' \
  --data '
{
  "content": "1.1.1.1",
  "description": "Suspicious IP address observed in network traffic",
  "enrichment_data": "{\"VirusTotal-Score\":\"value\"}",
  "name": "Suspicious IP Address",
  "type": "IP Address",
  "verdict": "Suspicious"
}
'

{
  "content": "1.1.1.1",
  "description": "Suspicious IP address observed in network traffic",
  "enrichment_data": "{\"VirusTotal-Score\":\"value\"}",
  "name": "Suspicious IP Address",
  "type": "IP Address",
  "verdict": "Suspicious"
}

Authorizations

BLINK-API-KEY

string

header

required

Use your API key to access BlinkOps API. To generate an API key, please log in to your BlinkOps account and navigate to the API Keys section in the user settings page. Add the generated key to your request headers as BLINK-API-KEY.

Path Parameters

ws_id

string

required

Workspace ID

observable_id

string

required

Observable ID

Body

*/*

Observable Data

content

string

Example:

"1.1.1.1"

description

string

Example:

"Suspicious IP address observed in network traffic"

enrichment_data

string

Example:

"{\"VirusTotal-Score\":\"value\"}"

name

string

Example:

"Suspicious IP Address"

type

enum<string>

Available options:

Unknown,

Hostname,

IP Address,

MAC Address,

User Name,

Email Address,

URL String,

File Name,

Hash,

Process Name,

Resource UID,

Port,

Subnet,

Command Line,

Country,

Process ID,

HTTP User-Agent,

CWE Object: uid,

CVE Object: uid,

User Credential ID,

Endpoint,

User,

Email,

Uniform Resource Locator,

File,

Process,

Geo Location,

Container,

Registry Key,

Registry Value,

Fingerprint,

Other

Example:

"IP Address"

verdict

enum<string>

Available options:

Unknown,

Benign,

Suspicious,

Malicious

Example:

"Suspicious"

Response

content

string

Example:

"1.1.1.1"

description

string

Example:

"Suspicious IP address observed in network traffic"

enrichment_data

string

Example:

"{\"VirusTotal-Score\":\"value\"}"

name

string

Example:

"Suspicious IP Address"

type

enum<string>

Available options:

Unknown,

Hostname,

IP Address,

MAC Address,

User Name,

Email Address,

URL String,

File Name,

Hash,

Process Name,

Resource UID,

Port,

Subnet,

Command Line,

Country,

Process ID,

HTTP User-Agent,

CWE Object: uid,

CVE Object: uid,

User Credential ID,

Endpoint,

User,

Email,

Uniform Resource Locator,

File,

Process,

Geo Location,

Container,

Registry Key,

Registry Value,

Fingerprint,

Other

Example:

"IP Address"

verdict

enum<string>

Available options:

Unknown,

Benign,

Suspicious,

Malicious

Example:

"Suspicious"

Create an Observable Create a Task

⌘I

Get Started

API

Connections

Workflows

Tables

Case Management

Users

Groups

Executions

Workspaces

Update an Observable

Authorizations

Path Parameters

Body

Response