Search Incidents - Blink Documentation

The Search Incidents API lists incidents and related data.

Parameters

Parameter	Description
Expand	Specify which additional fields to include in the response.
Limit	Limit the number of identities per page.
Next Page	Token denoting start of next page.

Example Output

{
	"data": [
		{
			"apps": [],
			"assignee": {
				"userEmail": "Email",
				"userFirstName": "First Name",
				"userId": "Unique ID",
				"userLastName": "Last Name"
			},
			"assigneeId": "Unique id of assignee.",
			"category": "An enumeration.",
			"compliance": [],
			"createdAt": "The date the incident was first reported.",
			"description": "Description",
			"entities": [],
			"id": "Unique id",
			"isResolved": false,
			"policy": {
				"id": "Unique id of policy.",
				"name": "Name of policy.",
				"templateId": "Template ID"
			},
			"policyId": "Unique id of policy.",
			"recommendation": "Recommendation",
			"severity": "An enumeration.",
			"status": "An enumeration.",
			"tactics": [],
			"techniques": [],
			"updatedAt": "The date the incident was last updated.",
			"url": "URL"
		}
	],
	"pagination": {
		"hasMore": false,
		"limit": 20,
		"nextPage": "Token denoting start of next page"
	}
}

Workflow Library Example

Search Incidents with Authomize and Send Results Via Email

Preview this Workflow on desktop

Integrations

​Parameters

​Example Output

​Workflow Library Example

Parameters

Example Output

Workflow Library Example