List Cases
Gets a filtered list of the cases.
External Documentation
To learn more, visit the LogRhythm documentation.
Basic Parameters
| Parameter | Description |
|---|---|
| Direction | Sorts results in ascending or descending order. |
| Order By | Sorts the returned results by the specified field. |
| Priority | Filter cases that have a specific case priority. |
| Query | Filter results that have a case number or name that contains the specified value. |
| Status Number | Filter cases that have a specific case status. |
Advanced Parameters
| Parameter | Description |
|---|---|
| Collaborator Number | Filter results that have a specific case collaborator, by person number. |
| Count | Maximum number of results to be returned when paging. |
| Created After | Filter results that were created after the specified date. |
| Created Before | Filter results that were created before the specified date. |
| Due Before | Filter results that have a due date before the specified date. |
| Entity Number | Filter results that have the specified assigned entity number. |
| Evidence Type | Filter results that have evidence of the specified type. |
| External ID | Filter results that have the specified unique, external identifier. |
| Offset | Number of results to skip when paging. |
| Owners | Filter results that have a specific case owner, by person numbers. |
| Reference ID | Filter results that have evidence with the given reference identifier. For example, an alarm ID. |
| Tag Number | Filter results that are tagged, by tag numbers. |
| Updated After | Filter results that were updated after the specified date. |
| Updated Before | Filter results that were updated before the specified date. |
Example Output
[
{
"id": "baca95ad-e9d7-4270-a677-da0cf4a587d8",
"number": 1,
"externalId": "EXTERNAL-1234",
"dateCreated": "2024-08-06T11:58:06.992Z",
"dateUpdated": "2024-08-06T11:58:06.992Z",
"dateClosed": "2024-08-06T11:58:06.992Z",
"owner": {
"number": 1,
"name": "John Smith",
"disabled": false
},
"lastUpdatedBy": {
"number": 1,
"name": "John Smith",
"disabled": false
},
"name": "System Compromise",
"status": {
"name": "Mitigated",
"number": 4
},
"priority": 1,
"dueDate": "2024-08-06T11:58:06.992Z",
"resolution": "Quarantined the target system for further investigation.",
"resolutionDateUpdated": "2024-08-06T11:58:06.992Z",
"resolutionLastUpdatedBy": {
"number": 1,
"name": "John Smith",
"disabled": false
},
"summary": "Investigated a potential system compromise. More details at http://example.com/.",
"entity": {
"number": 1,
"name": "Child Entity",
"fullName": "Parent Entity/Child Entity"
},
"collaborators": [
{
"number": 1,
"name": "John Smith"
},
{
"number": 2,
"name": "Jane Clark"
}
],
"tags": [
{
"number": 1,
"text": "System"
},
{
"number": 2,
"text": "Urgent"
}
]
}
]
Workflow Library Example
List Cases with Logrhythm and Send Results Via Email
Preview this Workflow on desktop