List Actionable Alerts
Gets a list of actionable alerts by IDs/filters.
External Documentation
To learn more, visit the Cybersixgill documentation.
Basic Parameters
| Parameter | Description |
|---|---|
| Organization ID | ID of the organization that the alert belongs to. Required for multi-tenant organizations. Can be obtained using the List Organizations action. |
| Sort By | Sort by a field. |
| Sort Order | The order by which to sort. |
| Status | The status of the actionable alert. |
Advanced Parameters
| Parameter | Description |
|---|---|
| Alert Type ID | The ID of the alert type. |
| From Date | Get actionable alerts starting from this date. |
| Is Read | Filter by the read field. |
| Limit | The size of the page to fetch. |
| Offset | Pagination offset. |
| Threat Level | The threat level of the actionable alert. |
| Threat Type | The threat type of the actionable alert. |
| To Date | Get actionable alerts ending in this date. |
Example Output
[
{
"id": "testID",
"threat_level": "imminent",
"threats": [
"exploit",
"ddos"
],
"title": "actionable alert title",
"content": "a lot of text",
"read": true,
"date": "2018-01-01 00:00:00",
"user_id": "#12:0",
"status": {
"name": "in_treatment",
"by_user": "#12:1"
}
}
]
Workflow Library Example
List Actionable Alerts with Cybersixgill and Send Results Via Email
Preview this Workflow on desktop