Skip to main content
Returns the actionable alert correlating to a specific ID.
External DocumentationTo learn more, visit the Cybersixgill documentation.

Parameters

ParameterDescription
Actionable Alert IDThe ID of the actionable alert. Can be obtained by using the List Actionable Alert action.
Organization IDThe ID of the organization that the alert belongs to. Required for multi-tenant organizations. Can be obtained using the List Organizations action.

Example Output

{
	"id": "actionableID",
	"alert_type_id": "alertTypeID",
	"alert_name": "test alert name",
	"origin": "alert",
	"alert_id": "alertID",
	"threat_level": "emerging",
	"threats": [
		"exploit",
		"vulnerability"
	],
	"breach_info": "breachID",
	"case_id": "test case",
	"site": "test_site",
	"content": "a lot of text",
	"read": false,
	"es_id": "aSndIs322nBbd",
	"date": "2018-08-01 00:00:00",
	"title": "actionable alert title",
	"assessment": "some assessments taken from template",
	"description": "some description taken from template",
	"summary": "some summary taken from template",
	"recommendations": [
		"first recommendation from template",
		"second recommendation from template"
	],
	"langcode": "ru",
	"lang": "Russian",
	"status": {
		"name": "in_treatment",
		"by_user": "#12:1"
	}
}

Workflow Library Example

Get Actionable Alert by Id with Cybersixgill and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop
I