Get Case
Get case by ID.
Parameters
| Parameter | Description |
|---|---|
| Case ID | The ID of the case to return. It can be obtained by the List Case action. |
| Disable SSL | Enable this option to skip SSL verification of the server's certificate chain and host name. This may increase security vulnerabilities, but can be useful for testing or when custom verification is employed. |
Example Output
{
"ArcSightESM": {
"Cases": {
"URI": "/All Cases/All Cases/Downloads/test",
"action": "BLOCK_OR_SHUTDOWN",
"associatedImpact": "AVAILABILITY",
"attackAgent": "INSIDER",
"attackMechanism": "PHYSICAL",
"attributeInitializationInProgress": false,
"consequenceSeverity": "INSIGNIFICANT",
"createdDate": "2019-02-04T12:33:21.000Z",
"createdTime": {
"day": 4,
"hour": 7,
"milliSecond": 646,
"minute": 33,
"month": 1,
"second": 21,
"timezoneID": "America/New_York",
"year": 2019
},
"createdTimestamp": 1549283601646,
"creatorName": "admin",
"deprecated": false,
"detectionTime": {
"day": 5,
"hour": 4,
"milliSecond": 986,
"minute": 20,
"month": 1,
"second": 41,
"timezoneID": "America/New_York",
"year": 2019
},
"disabled": false,
"displayID": 10017,
"estimatedStartTime": {
"day": 5,
"hour": 4,
"milliSecond": 525,
"minute": 19,
"month": 1,
"second": 55,
"timezoneID": "America/New_York",
"year": 2019
},
"eventIDs": [
12395741,
45696713,
78996719
],
"frequency": "NEVER_OR_ONCE",
"history": "KNOWN_OCCURENCE",
"inCache": false,
"inactive": false,
"initialized": true,
"isAdditionalLoaded": false,
"localID": 30064771012,
"modificationCount": 1462,
"modifiedDate": "2020-05-10T10:42:34.000Z",
"modifiedTime": {
"day": 10,
"hour": 6,
"milliSecond": 194,
"minute": 42,
"month": 4,
"second": 34,
"timezoneID": "America/New_York",
"year": 2020
},
"modifiedTimestamp": 1589107354194,
"modifierName": "admin",
"name": "test",
"numberOfOccurences": 0,
"operationalImpact": "NO_IMPACT",
"reference": {
"id": "12ax-uGgBABCWb2puJdY8ZA==",
"isModifiable": true,
"managerID": "A1xxqmYBABCAXZPTkLg+BA==",
"referenceName": "Case",
"referenceString": "<Resource URI=\"/All Cases/All Cases/Downloads/test\" ID=\"12ax-uGgBABCWb2puJdY8ZA==\"/>",
"referenceType": 7,
"uri": "/All Cases/All Cases/Downloads/test"
},
"reportingLevel": 1,
"resistance": "HIGH",
"resourceid": "12ax-uGgBABCWb2puJdY8ZA==",
"securityClassification": "UNCLASSIFIED",
"securityClassificationCode": "P I D U A B ",
"sensitivity": "UNCLASSIFIED",
"stage": "QUEUED",
"state": 2,
"ticketType": "INTERNAL",
"type": 7,
"typeName": "Case",
"vulnerability": "DESIGN",
"vulnerabilityType1": "ACCIDENTAL",
"vulnerabilityType2": "EMI_RFI"
}
}
}
Workflow Library Example
Get Case with Arcsight Esm and Send Results Via Email
Preview this Workflow on desktop