Get Actionable Alert By ID
Returns the actionable alert correlating to a specific ID.
External Documentation
To learn more, visit the Cybersixgill documentation.
Parameters
| Parameter | Description |
|---|---|
| Actionable Alert ID | The ID of the actionable alert. Can be obtained by using the List Actionable Alert action. |
| Organization ID | The ID of the organization that the alert belongs to. Required for multi-tenant organizations. Can be obtained using the List Organizations action. |
Example Output
{
"id": "actionableID",
"alert_type_id": "alertTypeID",
"alert_name": "test alert name",
"origin": "alert",
"alert_id": "alertID",
"threat_level": "emerging",
"threats": [
"exploit",
"vulnerability"
],
"breach_info": "breachID",
"case_id": "test case",
"site": "test_site",
"content": "a lot of text",
"read": false,
"es_id": "aSndIs322nBbd",
"date": "2018-08-01 00:00:00",
"title": "actionable alert title",
"assessment": "some assessments taken from template",
"description": "some description taken from template",
"summary": "some summary taken from template",
"recommendations": [
"first recommendation from template",
"second recommendation from template"
],
"langcode": "ru",
"lang": "Russian",
"status": {
"name": "in_treatment",
"by_user": "#12:1"
}
}
Workflow Library Example
Get Actionable Alert by Id with Cybersixgill and Send Results Via Email
Preview this Workflow on desktop