> ## Documentation Index
> Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get Alert

Get alert details by given ID.

<Note>
  External Documentation

  To learn more, visit the [Exabeam documentation](https://developers.exabeam.com/exabeam/reference/threat-center-get-alert-by-id).
</Note>

## Parameters

<div className="integrations-table">
  | Parameter | Description                                                         |
  | --------- | ------------------------------------------------------------------- |
  | Alert ID  | The ID of the alert. Can be obtained by the `Search Alerts` action. |
</div>

## Example Output

```json theme={"dark"}
{
	"creationTimestamp": "2024-04-10T09:16:09.915",
	"alertId": "5119d712-1d4c-4da4-9ae5-fd8ea7d88c20",
	"approxLogTime": "2024-04-10T09:11:30.934",
	"creationBy": "system",
	"alertDescriptionRt": "Multiple Anomalies detected for user georgemartin",
	"lastModifiedBy": "si-user-1@exabeam.com",
	"lastModifiedTimestamp": "2024-04-17T08:32:02.522",
	"mitres": [
		{
			"tacticKey": "TA0004",
			"tactic": "Privilege Escalation",
			"techniqueKey": "T1078",
			"technique": "Valid Accounts"
		},
		{
			"tacticKey": "TA0011",
			"tactic": "Command and Control",
			"techniqueKey": "T1090",
			"technique": "Proxy"
		},
		{
			"tacticKey": "TA0005",
			"tactic": "Defense Evasion",
			"techniqueKey": "T1078",
			"technique": "Valid Accounts"
		},
		{
			"tacticKey": "TA0011",
			"tactic": "Command and Control",
			"techniqueKey": "T1071",
			"technique": "Application Layer Protocol"
		},
		{
			"tacticKey": "TA0001",
			"tactic": "Initial Access",
			"techniqueKey": "T1078",
			"technique": "Valid Accounts"
		},
		{
			"tacticKey": "TA0003",
			"tactic": "Persistence",
			"techniqueKey": "T1078",
			"technique": "Valid Accounts"
		}
	],
	"alertName": "Multiple Anomalies",
	"priority": "CRITICAL",
	"riskScore": 77,
	"status": "READ",
	"tags": [],
	"useCases": [
		"Compromised Credentials",
		"Evasion",
		"Abnormal Authentication & Access"
	],
	"products": [
		"NG Analytics"
	],
	"vendors": [
		"Exabeam"
	],
	"srcHosts": [],
	"srcIps": [
		"10.0.83.177"
	],
	"destHosts": [],
	"destIps": [
		"102.130.127.117"
	],
	"users": [
		"GeorgeMartin"
	],
	"groupedbyKey": "User",
	"groupedbyValue": "georgemartin",
	"ingestTimestamp": "2024-04-10T09:21:20.052",
	"srcEndpoints": [
		{
			"ip": "10.0.83.177",
			"host": "host1"
		}
	],
	"destEndpoints": [
		{
			"ip": "102.130.127.117",
			"host": "host5"
		}
	],
	"groupingRuleId": "detection-created-user-w4b4sm"
}
```

## Workflow Library Example

[Get Alert with Exabeam and Send Results Via Email](https://library.blinkops.com/workflows/get-alert-with-exabeam-and-send-results-via-email)

<div className="iframe-wrapper">
  <div className="iframe-media">
    <img src="https://mintcdn.com/blinkops-2/ojHYuDeYX5FWuN8a/img/Icons/play-box.svg?fit=max&auto=format&n=ojHYuDeYX5FWuN8a&q=85&s=b8af968e71438a9499c3223c9bd29fb2" alt="Workflow Library" width="16" height="16" data-path="img/Icons/play-box.svg" />

    Preview this Workflow on desktop
  </div>

  <iframe className="iframe" src="https://library.blinkops.com/workflows/get-alert-with-exabeam-and-send-results-via-email/canvas" />
</div>
