Get case by ID.
Parameter | Description |
---|---|
Case ID | The ID of the case to return. It can be obtained by the List Case action. |
Disable SSL Enforcement | Enable this option to skip SSL verification of the server’s certificate chain and host name. This may increase security vulnerabilities, but can be useful for testing or when custom verification is employed. |
{
"ArcSightESM": {
"Cases": {
"URI": "/All Cases/All Cases/Downloads/test",
"action": "BLOCK_OR_SHUTDOWN",
"associatedImpact": "AVAILABILITY",
"attackAgent": "INSIDER",
"attackMechanism": "PHYSICAL",
"attributeInitializationInProgress": false,
"consequenceSeverity": "INSIGNIFICANT",
"createdDate": "2019-02-04T12:33:21.000Z",
"createdTime": {
"day": 4,
"hour": 7,
"milliSecond": 646,
"minute": 33,
"month": 1,
"second": 21,
"timezoneID": "America/New_York",
"year": 2019
},
"createdTimestamp": 1549283601646,
"creatorName": "admin",
"deprecated": false,
"detectionTime": {
"day": 5,
"hour": 4,
"milliSecond": 986,
"minute": 20,
"month": 1,
"second": 41,
"timezoneID": "America/New_York",
"year": 2019
},
"disabled": false,
"displayID": 10017,
"estimatedStartTime": {
"day": 5,
"hour": 4,
"milliSecond": 525,
"minute": 19,
"month": 1,
"second": 55,
"timezoneID": "America/New_York",
"year": 2019
},
"eventIDs": [
12395741,
45696713,
78996719
],
"frequency": "NEVER_OR_ONCE",
"history": "KNOWN_OCCURENCE",
"inCache": false,
"inactive": false,
"initialized": true,
"isAdditionalLoaded": false,
"localID": 30064771012,
"modificationCount": 1462,
"modifiedDate": "2020-05-10T10:42:34.000Z",
"modifiedTime": {
"day": 10,
"hour": 6,
"milliSecond": 194,
"minute": 42,
"month": 4,
"second": 34,
"timezoneID": "America/New_York",
"year": 2020
},
"modifiedTimestamp": 1589107354194,
"modifierName": "admin",
"name": "test",
"numberOfOccurences": 0,
"operationalImpact": "NO_IMPACT",
"reference": {
"id": "12ax-uGgBABCWb2puJdY8ZA==",
"isModifiable": true,
"managerID": "A1xxqmYBABCAXZPTkLg+BA==",
"referenceName": "Case",
"referenceString": "<Resource URI=\"/All Cases/All Cases/Downloads/test\" ID=\"12ax-uGgBABCWb2puJdY8ZA==\"/>",
"referenceType": 7,
"uri": "/All Cases/All Cases/Downloads/test"
},
"reportingLevel": 1,
"resistance": "HIGH",
"resourceid": "12ax-uGgBABCWb2puJdY8ZA==",
"securityClassification": "UNCLASSIFIED",
"securityClassificationCode": "P I D U A B ",
"sensitivity": "UNCLASSIFIED",
"stage": "QUEUED",
"state": 2,
"ticketType": "INTERNAL",
"type": 7,
"typeName": "Case",
"vulnerability": "DESIGN",
"vulnerabilityType1": "ACCIDENTAL",
"vulnerabilityType2": "EMI_RFI"
}
}
}
Get Case with Arcsight Esm and Send Results Via Email
Preview this Workflow on desktop
Was this page helpful?
Get case by ID.
Parameter | Description |
---|---|
Case ID | The ID of the case to return. It can be obtained by the List Case action. |
Disable SSL Enforcement | Enable this option to skip SSL verification of the server’s certificate chain and host name. This may increase security vulnerabilities, but can be useful for testing or when custom verification is employed. |
{
"ArcSightESM": {
"Cases": {
"URI": "/All Cases/All Cases/Downloads/test",
"action": "BLOCK_OR_SHUTDOWN",
"associatedImpact": "AVAILABILITY",
"attackAgent": "INSIDER",
"attackMechanism": "PHYSICAL",
"attributeInitializationInProgress": false,
"consequenceSeverity": "INSIGNIFICANT",
"createdDate": "2019-02-04T12:33:21.000Z",
"createdTime": {
"day": 4,
"hour": 7,
"milliSecond": 646,
"minute": 33,
"month": 1,
"second": 21,
"timezoneID": "America/New_York",
"year": 2019
},
"createdTimestamp": 1549283601646,
"creatorName": "admin",
"deprecated": false,
"detectionTime": {
"day": 5,
"hour": 4,
"milliSecond": 986,
"minute": 20,
"month": 1,
"second": 41,
"timezoneID": "America/New_York",
"year": 2019
},
"disabled": false,
"displayID": 10017,
"estimatedStartTime": {
"day": 5,
"hour": 4,
"milliSecond": 525,
"minute": 19,
"month": 1,
"second": 55,
"timezoneID": "America/New_York",
"year": 2019
},
"eventIDs": [
12395741,
45696713,
78996719
],
"frequency": "NEVER_OR_ONCE",
"history": "KNOWN_OCCURENCE",
"inCache": false,
"inactive": false,
"initialized": true,
"isAdditionalLoaded": false,
"localID": 30064771012,
"modificationCount": 1462,
"modifiedDate": "2020-05-10T10:42:34.000Z",
"modifiedTime": {
"day": 10,
"hour": 6,
"milliSecond": 194,
"minute": 42,
"month": 4,
"second": 34,
"timezoneID": "America/New_York",
"year": 2020
},
"modifiedTimestamp": 1589107354194,
"modifierName": "admin",
"name": "test",
"numberOfOccurences": 0,
"operationalImpact": "NO_IMPACT",
"reference": {
"id": "12ax-uGgBABCWb2puJdY8ZA==",
"isModifiable": true,
"managerID": "A1xxqmYBABCAXZPTkLg+BA==",
"referenceName": "Case",
"referenceString": "<Resource URI=\"/All Cases/All Cases/Downloads/test\" ID=\"12ax-uGgBABCWb2puJdY8ZA==\"/>",
"referenceType": 7,
"uri": "/All Cases/All Cases/Downloads/test"
},
"reportingLevel": 1,
"resistance": "HIGH",
"resourceid": "12ax-uGgBABCWb2puJdY8ZA==",
"securityClassification": "UNCLASSIFIED",
"securityClassificationCode": "P I D U A B ",
"sensitivity": "UNCLASSIFIED",
"stage": "QUEUED",
"state": 2,
"ticketType": "INTERNAL",
"type": 7,
"typeName": "Case",
"vulnerability": "DESIGN",
"vulnerabilityType1": "ACCIDENTAL",
"vulnerabilityType2": "EMI_RFI"
}
}
}
Get Case with Arcsight Esm and Send Results Via Email
Preview this Workflow on desktop
Was this page helpful?