Get Device Alert Relations
Get details of specific device(s) with the related alerts from the database. The data returned by this action for each device corresponds to the Alerts table in the single device page.
External Documentation
To learn more, visit the Medigate documentation.
Parameters
| Parameter | Description |
|---|---|
| Field | Specify the field by which to search for device-alert relations. |
| Fields | Specify which fields to return for each item. |
| Value | Specify the search value. It can be either a single value or multiple values separated by commas. |
Example Output
{
"devices_alerts": [
{
"device_uid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"device_ip_list": [
"xx.xxx.xx.xx"
],
"device_mac_list": [
"xx:xx:xx:xx:xx:xx"
],
"device_network_list": [
"xxxxxxxxx"
],
"device_category": "xxxxxx",
"device_subcategory": "xxxxxxxxxxxxx",
"device_type": "xxxxxxxxxxxxx",
"device_risk_score": "xxxxxxxxx",
"device_retired": xxxx,
"device_purdue_level": "xxxx",
"device_site_name": "xxxxxxxxxxxxxxxxxxxxxxx",
"device_labels": [],
"device_assignees": [
"xxxxx"
],
"alert_id": x,
"alert_type_name": "xxxxxxxxxxxxxxx",
"alert_category": "xxxx",
"alert_class": "xxxxxxxxxxx",
"alert_labels": [
"xxxxxxxxxxxxxxx"
],
"alert_assignees": [],
"device_first_seen_list": [
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
],
"device_last_seen_list": [
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
],
"device_alert_detected_time": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"device_alert_updated_time": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"device_alert_status": "xxxxxxxxxxxxxx"
}
]
}
Workflow Library Example
Get Device Alert Relations with Medigate and Send Results Via Email
Preview this Workflow on desktop