Skip to main content
Get a detection’s details by its ID.
External DocumentationTo learn more, visit the Vectra Detect documentation.

Parameters

ParameterDescription
Detection IDThe ID of the detection to retrieve.
FieldsA comma-separated list of fields to include in the response. When omitted all fields are returned.

Example Output

{
	"id": 1,
	"url": "https://dummy.link",
	"detection_url": "https://dummy.link",
	"category": "INFO",
	"detection_category": "INFO",
	"detection": "Hidden HTTP Tunnel",
	"detection_type": "Hidden HTTP Tunnel",
	"custom_detection": "string",
	"description": "string",
	"src_ip": "192.168.1.55",
	"state": "active",
	"t_score": 80,
	"threat": 80,
	"c_score": 80,
	"certainty": 80,
	"created_timestamp": "2022-01-01T00:00:00Z",
	"first_timestamp": "2022-01-01T00:00:00Z",
	"last_timestamp": "2022-01-01T00:00:00Z",
	"targets_key_asset": true,
	"is_targeting_key_asset": true,
	"src_account": {},
	"src_host": {
		"id": 1,
		"ip": "192.168.1.55",
		"name": "string",
		"url": "https://dummy.link",
		"is_key_asset": true,
		"threat": 80,
		"certainty": 80,
		"groups": [
			"string"
		]
	},
	"note": "string",
	"note_modified_by": "string",
	"note_modified_timestamp": "2022-01-01T00:00:00Z",
	"notes": [
		{
			"id": 1,
			"date_created": "2022-01-01T00:00:00Z",
			"date_modified": "2022-01-01T00:00:00Z",
			"created_by": "string",
			"modified_by": "string",
			"note": "string"
		}
	],
	"sensor": 80,
	"sensor_name": 80,
	"tags": [
		"string"
	],
	"triage_rule_id": 0,
	"assigned_to": "string",
	"assigned_date": "2022-01-01T00:00:00Z",
	"groups": [
		"string"
	],
	"is_marked_custom": true,
	"is_custom_model": true,
	"filtered_by_ai": true,
	"filtered_by_user": true,
	"filtered_by_rule": true,
	"grouped_details": [
		"string"
	],
	"summary": {
		"uuids": [
			"string"
		],
		"num_attempts": 0
	}
}

Workflow Library Example

Get Detection with Vectra Detect and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop