Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt

Use this file to discover all available pages before exploring further.

Add threats that have a SHA1 hash and that match the filter to the Blocklist of the target scope: Global, Account, Site, or Group. Your role must have permissions to change the Blocklist - Admin, IR Team, SOC - and your user scope access must include the Agent.

Parameters

ParameterDescription
Agents IDsList of agents IDs to filter by.
Target ScopeScope to be used for Restrictions.
Threats IDsList of threats IDs to add to exclusions.

Example Output

{
	"errors": [
		{
			"type": "object"
		}
	],
	"data": {
		"affected": "integer",
		"details": [
			{
				"analystVerdict": "updated",
				"result": "created",
				"threatId": "225494730938493804"
			}
		]
	}
}

Workflow Library Example

Add to Block List with Sentinelone and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop