Workflows based on this trigger will search for new events every 5 minutes.
Sample Event
Copy
Ask AI
{
"rrn": "string",
"version": 0,
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"alerted_at": "2019-08-24T14:15:22Z",
"ingested_at": "2019-08-24T14:15:22Z",
"external_source": "string",
"external_id": "string",
"organization": {
"id": "string",
"name": "string",
"region": "string",
"product_token": "string",
"customer_id": "string",
"customer_name": "string",
"customer_code": "string",
"customer_group": "string",
"flags": [
"string"
]
},
"title": "string",
"type": "string",
"rule": {
"rrn": "string",
"name": "string",
"mitre_tcodes": [
"string"
],
"version_rrn": "string"
},
"rule_matching_keys": [
{
"key": "string",
"values": [
"string"
]
}
],
"rule_keys_of_interest": [
{
"key": "string",
"values": [
"string"
]
}
],
"responsibility": "UNMAPPED",
"monitored": true,
"assignee": {
"at": "2019-08-24T14:15:22Z",
"id": "string",
"email": "string",
"first_name": "string",
"last_name": "string"
},
"priority": "UNMAPPED",
"status": "UNMAPPED",
"status_transitions": {
"seconds_to_first_investigating": 0,
"seconds_to_first_closed": 0,
"first_closed_at": "2019-08-24T14:15:22Z"
},
"disposition": "UNMAPPED",
"investigation_rrn": "string",
"tags": [
"string"
],
"permissions": {
"canEdit": true
},
"fields": [
{
"id": "string",
"values": [
"string"
]
}
],
"analytics": {
"analytics_is_novel": true,
"analytics_novel_score": 0.1,
"analytics_cluster_malicious": 0.1,
"analytics_cluster_testing": 0.1,
"analytics_pac": "string"
},
"due_date": "2019-08-24T14:15:22Z",
"first_closed_at": "2019-08-24T14:15:22Z",
"log_details": [
{
"log_id": "string",
"logset_id": "string",
"log_timestamp": 0,
"log_entry_id": "string"
}
],
"ai_suggested_disposition": "UNMAPPED",
"prediction_metadata": {
"property1": {},
"property2": {}
},
"prediction_data": {
"property1": {},
"property2": {}
}
}