Get Investigation

External DocumentationTo learn more, visit the Agari Phishing Response documentation.

Parameter	Description
Fields	Comma-delimited list of fields to include in the payload.
Investigation ID	The ID of the investigation. Can be obtained by the List Investigations action.

Parameter

Description

Fields

Comma-delimited list of fields to include in the payload.

Investigation ID

The ID of the investigation. Can be obtained by the List Investigations action.

Parameter	Description
Add Fields	A comma-delimited list of optional fields to add to the default payload. See Agari’s Fields Language for more information.
Remove Fields	A comma-delimited list of optional fields to remove to the default payload. See Agari’s Fields Language for more information.

Parameter

Description

Add Fields

A comma-delimited list of optional fields to add to the default payload. See Agari’s Fields Language for more information.

Remove Fields

A comma-delimited list of optional fields to remove to the default payload. See Agari’s Fields Language for more information.

Example Output

{
	"assignee": {
		"email": "string",
		"full_name": "string",
		"id": 0
	},
	"classification": "string",
	"created_at": "2024-02-18T07:03:45.469Z",
	"from": "string",
	"from_domain": "string",
	"id": 0,
	"indicators": {
		"domain": {
			"malicious": true,
			"malicious_count": 0,
			"total_count": 0,
			"summary": {
				"additionalProp": "string"
			}
		},
		"ip": {
			"malicious": true,
			"malicious_count": 0,
			"total_count": 0,
			"summary": {
				"additionalProp": "string"
			}
		},
		"uri": {
			"malicious": true,
			"malicious_count": 0,
			"total_count": 0,
			"summary": {
				"additionalProp": "string"
			}
		},
		"attachment": {
			"malicious": true,
			"malicious_count": 0,
			"total_count": 0,
			"summary": {
				"additionalProp": "string"
			}
		},
		"agari_msg_risk": {
			"malicious": true,
			"malicious_count": 0,
			"total_count": 0,
			"summary": {
				"additionalProp": "string"
			}
		}
	},
	"investigation_portal_link": "string",
	"phish_message_ids": {},
	"phish_messages_link": "string",
	"priority": "string",
	"reported_at": "2024-02-18T07:03:45.469Z",
	"reported_by": "string",
	"similar_message_ids": {
		"additionalProp": "string"
	},
	"similar_messages_link": "string",
	"source_type": "string",
	"state": "string",
	"subject": "string",
	"tag_ids": [
		0
	],
	"updated_at": "2024-02-18T07:03:45.469Z",
	"user_id": 0
}

Integrations

Basic Parameters

Advanced Parameters

Example Output

Workflow Library Example

Integrations

Documentation Index

​Basic Parameters

​Advanced Parameters

​Example Output

​Workflow Library Example

Basic Parameters

Advanced Parameters

Example Output

Workflow Library Example