Skip to main content
Retrieve the log events associated with an alert.
External DocumentationTo learn more, visit the Panther documentation.

Parameters

ParameterDescription
Alert IDThe alert ID to list events for.
CursorThe endCursor token from the API response, which points to the next page.
Page SizeThe maximum number of events to return in the response. Valid range is 1-50.

Example Output

{
	"p_any_ip_addresses": [
		{
			"ip_value": "<string>"
		}
	],
	"p_any_usernames": [],
	"p_any_emails": []
}

Workflow Library Example

List Alert Events with Panther and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop