Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt

Use this file to discover all available pages before exploring further.

Get the alert matching the specified alert ID.
External DocumentationTo learn more, visit the Microsoft Defender For Cloud Apps documentation.

Parameters

ParameterDescription
Alert IDThe ID of the alert. Can be obtained via the List Alerts action.

Example Output

{
	"_id": "603f704aaf7417985bbf3b22",
	"contextId": "206e2965-6533-48a6-ba9e-794364a84bf9",
	"description": "Contoso user performed 11 suspicious activities MITRE Technique used Account Discovery (T1087) and subtechnique used Domain Account (T1087.002)",
	"entities": [
		{
			"entityRole": "Source",
			"entityType": 2,
			"id": "6204bdaf-ad46-4e99-a25d-374a0532c666",
			"inst": 0,
			"label": "user1",
			"pa": "user1@contoso.com",
			"saas": 11161,
			"type": "account"
		}
	]
}

Workflow Library Example

Get Alert with Microsoft Defender for Cloud Apps and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop