Skip to main content

List Investigations

List and query all investigations.

External Documentation

To learn more, visit the Agari Phishing Response documentation.

Basic Parameters

ParameterDescription
End DateThe end date of the investigation. Defaults to now.
FilterSearch filter that is applied on the results.
SortSort the returning results.
Start DateThe start date of the investigation. Defaults to 24 hours ago.

Advanced Parameters

ParameterDescription
AssigneeThe user ID of the investigation's assignee.
ClassificationThe classification of the investigation.
FromThe full email from of the phish message of the investigation.
From DomainThe domain of the phish message of the investigation.
LimitLimit the number of results.
OffsetThe offset of the results.
PriorityThe priority of the investigation.
Source TypeThe source type fo the investigation.
TagsFilter by the IDs of the tags of the investigation. Multiple tags can be passed in a comma separated list.

Example Output

{
"assignee": {
"email": "string",
"full_name": "string",
"id": 0
},
"classification": "string",
"created_at": "2024-02-18T07:03:45.469Z",
"from": "string",
"from_domain": "string",
"id": 0,
"indicators": {
"domain": {
"malicious": true,
"malicious_count": 0,
"total_count": 0,
"summary": {
"additionalProp": "string"
}
},
"ip": {
"malicious": true,
"malicious_count": 0,
"total_count": 0,
"summary": {
"additionalProp": "string"
}
},
"uri": {
"malicious": true,
"malicious_count": 0,
"total_count": 0,
"summary": {
"additionalProp": "string"
}
},
"attachment": {
"malicious": true,
"malicious_count": 0,
"total_count": 0,
"summary": {
"additionalProp": "string"
}
},
"agari_msg_risk": {
"malicious": true,
"malicious_count": 0,
"total_count": 0,
"summary": {
"additionalProp": "string"
}
}
},
"investigation_portal_link": "string",
"priority": "string",
"reported_at": "2024-02-18T07:03:45.469Z",
"reported_by": "string",
"source_type": "string",
"state": "string",
"subject": "string",
"tag_ids": [
0
],
"updated_at": "2024-02-18T07:03:45.469Z",
"user_id": 0
}

Workflow Library Example

List Investigations with Agari Phishing Response and Send Results Via Email

Workflow LibraryPreview this Workflow on desktop