List Investigations
List and query all investigations.
External Documentation
To learn more, visit the Agari Phishing Response documentation.
Basic Parameters
| Parameter | Description |
|---|---|
| End Date | The end date of the investigation. Defaults to now. |
| Filter | Search filter that is applied on the results. |
| Sort | Sort the returning results. |
| Start Date | The start date of the investigation. Defaults to 24 hours ago. |
Advanced Parameters
| Parameter | Description |
|---|---|
| Assignee | The user ID of the investigation's assignee. |
| Classification | The classification of the investigation. |
| From | The full email from of the phish message of the investigation. |
| From Domain | The domain of the phish message of the investigation. |
| Limit | Limit the number of results. |
| Offset | The offset of the results. |
| Priority | The priority of the investigation. |
| Source Type | The source type fo the investigation. |
| Tags | Filter by the IDs of the tags of the investigation. Multiple tags can be passed in a comma seperated list. |
Example Output
{
"assignee": {
"email": "string",
"full_name": "string",
"id": 0
},
"classification": "string",
"created_at": "2024-02-18T07:03:45.469Z",
"from": "string",
"from_domain": "string",
"id": 0,
"indicators": {
"domain": {
"malicious": true,
"malicious_count": 0,
"total_count": 0,
"summary": {
"additionalProp": "string"
}
},
"ip": {
"malicious": true,
"malicious_count": 0,
"total_count": 0,
"summary": {
"additionalProp": "string"
}
},
"uri": {
"malicious": true,
"malicious_count": 0,
"total_count": 0,
"summary": {
"additionalProp": "string"
}
},
"attachment": {
"malicious": true,
"malicious_count": 0,
"total_count": 0,
"summary": {
"additionalProp": "string"
}
},
"agari_msg_risk": {
"malicious": true,
"malicious_count": 0,
"total_count": 0,
"summary": {
"additionalProp": "string"
}
}
},
"investigation_portal_link": "string",
"priority": "string",
"reported_at": "2024-02-18T07:03:45.469Z",
"reported_by": "string",
"source_type": "string",
"state": "string",
"subject": "string",
"tag_ids": [
0
],
"updated_at": "2024-02-18T07:03:45.469Z",
"user_id": 0
}
Workflow Library Example
List Investigations with Agari Phishing Response and Send Results Via Email
Preview this Workflow on desktop