Skip to main content
Get the details of an alert by its ID.
External DocumentationTo learn more, visit the Panther documentation.

Parameters

ParameterDescription
Alert IDThe ID of the alert. Can be obtained by using the List Alerts action.

Example Output

{
	"assignee": {
		"id": "user",
		"type": "text"
	},
	"context": null,
	"createdAt": "text",
	"deliveries": [
		{
			"dispatchedAt": "text",
			"label": "text",
			"message": "text",
			"outputId": "text",
			"statusCode": 1,
			"success": true
		}
	],
	"detection": {
		"id": "text",
		"type": "RULE"
	},
	"eventCount": 1,
	"firstEventOccurredAt": "text",
	"id": "text",
	"lastReceivedEventAt": "text",
	"runbook": "text",
	"severity": "CRITICAL",
	"status": "OPEN",
	"systemError": {
		"detection": {
			"id": "text",
			"type": "RULE"
		},
		"sourceId": "text",
		"sourceType": "text",
		"type": "text"
	},
	"title": "text",
	"type": "text",
	"updatedBy": {
		"id": "user",
		"type": "text"
	}
}

Workflow Library Example

Get Alert with Panther and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop