Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt

Use this file to discover all available pages before exploring further.

Isolates a single endpoint.
External DocumentationTo learn more, visit the Cortex XDR documentation.

Parameters

ParameterDescription
Endpoint IDThe endpoint to be isolated. Select the endpoint’s hostname or manually type its ID.
Incident IDString representing the incident ID.

When included in the request, the Isolate Endpoints action will appear
in the Cortex XDR Incident View Timeline tab.

Example Output

{
	"reply": {
		"action_id": "<action ID>",
		"status": "1",
		"endpoints_count": "1"
	}
}

Workflow Library Example

Isolate Endpoint with Cortex Xdr and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop