Documentation Index
Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt
Use this file to discover all available pages before exploring further.
Open an investigation of an incident. Its status will change to Active and the remediation process will start.
Parameters
| Parameter | Description |
|---|
| Incident ID | The ID of the incident to start investigating. |
| Version | The version of the investigation to start investigating. |
Example Output
{
"error": null,
"id": "123456",
"invPlaybook": null,
"investigation": {
"cacheVersn": 0,
"category": "",
"closed": "0001-01-01T00:00:00Z",
"created": "2024-02-21T09:41:41.293Z",
"creatingUserId": "XSOARPAPIUser_3992",
"dbotCreatedBy": "user@company.com",
"details": "",
"entryUsers": [
"user@company.com"
],
"highPriority": false,
"id": "157448",
"isDebug": false,
"lastOpen": "0001-01-01T00:00:00Z",
"mirrorAutoClose": null,
"mirrorTypes": null,
"modified": "0001-01-01T00:00:00Z",
"name": "b",
"rawCategory": "",
"reason": null,
"runStatus": "",
"sizeInBytes": 0,
"slackMirrorAutoClose": false,
"slackMirrorType": "",
"status": 0,
"systems": null,
"tags": null,
"type": 0,
"users": [
"user@company.com",
""
],
"version": 2
},
"version": 1
}
Workflow Library Example
Investigate Incident with Palo Alto Cortex Xsoar and Send Results Via Email
