Get threat indicators for a case
curl --request GET \
--url https://api.wirespeed.co/v1/cases/{id}/threat-indicators \
--header 'Authorization: Bearer <token>'{
"data": [
{
"id": "<string>",
"teamId": "<string>",
"createdAt": "<string>",
"containments": [],
"testMode": true,
"sourceIngestedAt": "<string>",
"sourceDetectedAt": "<string>",
"logs": [
{
"log": "<string>",
"timestamp": "<string>",
"debug": true
}
],
"raw": {},
"title": "<string>",
"contained": true,
"reingested": true,
"prevented": true,
"managedByThirdParty": true,
"excludeFromMeans": true,
"sid": "<string>",
"firstRun": true,
"containOnChatOpsFailure": true,
"wasEscalated": true,
"ocsfDetectionFinding": {},
"chatOpsTest": true,
"severityOrdinal": 123,
"containsVIP": true,
"containsHVA": true,
"excluded": true,
"endpoints": [
{
"id": "<string>",
"displayName": "<string>",
"teamId": "<string>",
"hva": true,
"createdAt": "<string>",
"integrationId": "<string>",
"contained": true,
"workstation": true,
"server": true,
"mobile": true,
"domainController": true,
"groups": [
{
"id": "<string>",
"endpointId": "<string>",
"group": "<string>",
"teamId": "<string>",
"enabled": true,
"createdAt": "<string>",
"overriddenByUser": true,
"groupId": "<string>",
"overriddenByUserId": "<string>",
"overriddenByUserIdentifier": "<string>",
"groupName": "<string>",
"groupSlug": "<string>",
"groupContainmentEnabled": true,
"groupChatOpsEnabled": true,
"groupSourceSystemUpdates": true,
"groupRuleSearch": "<string>",
"groupRuleSearchField": "<string>"
}
],
"groupContainmentEnabled": true,
"groupChatOpsEnabled": true,
"groupSourceSystemUpdates": true,
"groupsSynced": true,
"edrSourceId": "<string>",
"mdmSourceId": "<string>",
"name": "<string>",
"hvaOverriddenByUser": true,
"privateIpAddress": "<string>",
"live": true,
"operatingSystem": "<string>",
"canonicalId": "<string>",
"canonicalClusterMemberCount": 123,
"canonicalClusterMembers": [
{
"id": "22222222-2222-2222-2222-222222222201",
"displayLabel": "WS-SAMPLE-BRAVO-WKS$",
"integrationId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeee0002",
"integrationPlatform": "sentinel-one",
"name": "WS-SAMPLE-BRAVO-WKS$",
"managed": true,
"live": true,
"operatingSystem": "Windows11 - 23H2",
"createdAt": "2025-01-02T00:00:00.000Z",
"updatedAt": "2025-01-15T12:00:00.000Z"
},
{
"id": "22222222-2222-2222-2222-222222222202",
"displayLabel": "WS-SAMPLE-CHARLIE-WKS$",
"integrationId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeee0003",
"integrationPlatform": "crowdstrike-falcon",
"name": "WS-SAMPLE-CHARLIE-WKS$",
"managed": true,
"live": true,
"operatingSystem": "Windows 10 Enterprise 22H2 (OS build 19045.4046)",
"createdAt": "2025-01-03T00:00:00.000Z",
"updatedAt": "2025-01-15T12:00:00.000Z"
}
],
"managed": true,
"publicIpAddress": "<string>",
"lastSeenAt": "<string>",
"updatedAt": "<string>",
"raw": {},
"lockPin": "<string>"
}
],
"files": [
{
"id": "<string>",
"displayName": "<string>",
"teamId": "<string>",
"createdAt": "<string>",
"updatedAt": "<string>",
"enrichedViaIntegration": true,
"name": "<string>",
"path": "<string>",
"sha256": "<string>",
"sha1": "<string>",
"toolName": "<string>",
"lastEnrichedAt": "<string>",
"nameWithPath": "<string>",
"metadata": {
"threatNames": [
{
"name": "<string>",
"engine": "<string>",
"excluded": true,
"matchedFileRiskRules": [
"<string>"
]
}
],
"versionInfo": [
{
"name": "<string>",
"value": "<string>"
}
],
"proposedFileNames": [
"<string>"
],
"fileNameCatalogMatches": [
"<string>"
],
"lastScanTime": "<string>",
"story": "<string>"
},
"contained": true
}
],
"processes": [
{
"id": "<string>",
"displayName": "<string>",
"teamId": "<string>",
"createdAt": "<string>",
"command": "<string>",
"sha256": "<string>",
"sha1": "<string>"
}
],
"locations": [
{
"id": "<string>",
"displayName": "<string>",
"teamId": "<string>",
"createdAt": "<string>",
"lat": "<string>",
"lon": "<string>",
"city": "<string>",
"state": "<string>",
"country": "<string>",
"countryCode": "<string>",
"continent": "<string>",
"continentCode": "<string>"
}
],
"directory": [
{
"id": "<string>",
"displayName": "<string>",
"teamId": "<string>",
"additionalEmails": [
"<string>"
],
"allEmails": [
"<string>"
],
"createdAt": "<string>",
"integrationId": "<string>",
"credentialsExposed": true,
"numberCredentialExposures": 123,
"containable": true,
"smsInviteAttempts": 123,
"groups": [
{
"id": "<string>",
"directoryUserId": "<string>",
"group": "<string>",
"teamId": "<string>",
"overriddenByUser": true,
"overriddenByUserId": "<string>",
"overriddenByUserIdentifier": "<string>",
"enabled": true,
"createdAt": "<string>",
"groupId": "<string>",
"groupName": "<string>",
"groupSlug": "<string>",
"groupContainmentEnabled": true,
"groupChatOpsEnabled": true,
"groupSourceSystemUpdates": true,
"groupRuleSearch": "<string>",
"groupRuleSearchField": "<string>"
}
],
"groupContainmentEnabled": true,
"groupChatOpsEnabled": true,
"groupSourceSystemUpdates": true,
"groupsSynced": true,
"enabled": true,
"directoryId": "<string>",
"name": "<string>",
"phoneNumber": "<string>",
"previousPhoneNumber": "<string>",
"title": "<string>",
"email": "<string>",
"vip": true,
"nhi": true,
"financial": true,
"technical": true,
"external": true,
"managerDirectoryId": "<string>",
"managerEmail": "<string>",
"domain": "<string>",
"department": "<string>",
"canonicalId": "<string>",
"canonicalClusterMemberCount": 123,
"canonicalClusterMembers": [
{
"id": "22222222-2222-2222-2222-222222222201",
"displayLabel": "WS-SAMPLE-BRAVO-WKS$",
"integrationId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeee0002",
"integrationPlatform": "sentinel-one",
"name": "WS-SAMPLE-BRAVO-WKS$",
"managed": true,
"live": true,
"operatingSystem": "Windows11 - 23H2",
"createdAt": "2025-01-02T00:00:00.000Z",
"updatedAt": "2025-01-15T12:00:00.000Z"
},
{
"id": "22222222-2222-2222-2222-222222222202",
"displayLabel": "WS-SAMPLE-CHARLIE-WKS$",
"integrationId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeee0003",
"integrationPlatform": "crowdstrike-falcon",
"name": "WS-SAMPLE-CHARLIE-WKS$",
"managed": true,
"live": true,
"operatingSystem": "Windows 10 Enterprise 22H2 (OS build 19045.4046)",
"createdAt": "2025-01-03T00:00:00.000Z",
"updatedAt": "2025-01-15T12:00:00.000Z"
}
],
"roles": [
"<string>"
],
"lastCredentialExposure": "<string>",
"lastCheckedForCredentialExposures": "<string>",
"needsChatOpsWelcome": true,
"contained": true,
"username": "<string>",
"smsConsentReceivedAt": "<string>",
"smsInviteLastSentAt": "<string>",
"smsInviteOptOut": true,
"administrator": true,
"updatedAt": "<string>",
"passwordLastChangedAt": "<string>",
"lastSignInAt": "<string>",
"raw": {},
"managed": true,
"chatOpsOnboardingUser": true,
"verifiedPhoneNumber": "<string>"
}
],
"ips": [
{
"displayName": "<string>",
"id": "<string>",
"teamId": "<string>",
"createdAt": "<string>",
"updatedAt": "<string>",
"metadataLastFetchedAt": "<string>",
"ipv4": "<string>",
"ipv6": "<string>",
"metadata": {
"ofac": true,
"adversarial": true,
"ip": "<string>",
"hostname": "<string>",
"city": "<string>",
"region": "<string>",
"country": "<string>",
"loc": "<string>",
"postal": "<string>",
"timezone": "<string>",
"org": "<string>",
"asn": {
"asn": "<string>",
"name": "<string>",
"domain": "<string>",
"type": "<string>",
"route": "<string>"
},
"company": {
"name": "<string>",
"domain": "<string>",
"type": "<string>"
},
"privacy": {
"vpn": true,
"proxy": true,
"tor": true,
"relay": true,
"hosting": true,
"service": "<string>",
"residentialProxy": true,
"lastSeen": "<string>",
"percentDaysSeen": 123
},
"abuse": {
"address": "<string>",
"country": "<string>",
"email": "<string>",
"name": "<string>",
"network": "<string>",
"phone": "<string>",
"ofac": true,
"adversarial": true
},
"domains": {
"ip": "<string>",
"total": 123,
"domains": [
"<string>"
]
},
"isAnycast": true,
"isMobile": true,
"isSatellite": true
},
"locationId": "<string>"
}
],
"domains": [
{
"id": "<string>",
"displayName": "<string>",
"teamId": "<string>",
"name": "<string>",
"createdAt": "<string>"
}
],
"whatHappened": "<string>",
"chatOpsActions": [
{
"id": "<string>",
"teamId": "<string>",
"directoryUserId": "<string>",
"integrationId": "<string>",
"detectionId": "<string>",
"mfaAttempts": 123,
"isManager": true,
"createdAt": "<string>",
"isSuccessful": true,
"isTimeout": true,
"isRateLimited": true,
"isOverride": true,
"caseId": "<string>",
"message": "<string>",
"settingsAtTimeOfAction": {},
"respondedAt": "<string>",
"ipAddress": "<string>",
"isMfaSuccess": true,
"isMfaFailure": true,
"isMfaUnavailable": true,
"mfaRespondedAt": "<string>"
}
],
"containmentActions": [
{
"id": "<string>",
"teamId": "<string>",
"createdAt": "<string>",
"detectionId": "<string>",
"caseId": "<string>",
"endpointId": "<string>",
"directoryUserId": "<string>",
"fileId": "<string>",
"userId": "<string>",
"integrationResponse": {},
"subAction": "<string>",
"integrationId": "<string>",
"integrationPlatform": "<string>"
}
],
"teamName": "<string>",
"sourceDescription": "<string>",
"notes": "<string>",
"sourceName": "<string>",
"caseId": "<string>",
"verdictedAt": "<string>",
"updatedAt": "<string>",
"closedAt": "<string>",
"refreshRaw": {},
"lastRefreshAt": "<string>",
"integrationId": "<string>",
"duplicateDetectionId": "<string>",
"nextSteps": "<string>",
"caseSid": "<string>",
"escalatedAt": "<string>",
"actionSlug": "<string>",
"exclusionId": "<string>",
"exclusionSid": "<string>",
"autoClosed": true,
"autoContained": true,
"verdictSetting": {
"default": true,
"managedByWspd": true,
"retired": true,
"escalate": true,
"chatOps": true,
"close": true,
"disabled": true,
"containUserActions": [],
"containEndpointActions": [],
"containFileActions": [],
"uncontainUserActions": [
"enable"
],
"uncontainEndpointActions": [],
"uncontainFileActions": [
"unquarantine"
],
"chatOpsMFA": true,
"monitor": true,
"managerChatOps": true,
"vipChatOps": true,
"description": "<string>",
"id": "<string>",
"createdAt": "<string>",
"updatedAt": "<string>",
"teamId": "<string>",
"chatOpsTimeoutMonitor": true,
"chatOpsTimeoutClose": true,
"managedByParent": true,
"useSourceSeverity": true,
"ignoresRemediation": true,
"defaults": "<unknown>"
},
"chatOpsTestEmail": "<string>",
"chatOpsTestPhoneNumber": "<string>",
"customDetectionId": "<string>",
"externalCustomDetectionId": "<string>",
"autoRemediateStartedAt": "<string>",
"remediatedAt": "<string>",
"userAgents": [
{
"id": "<string>",
"userAgent": "<string>",
"teamId": "<string>",
"createdAt": "<string>",
"displayName": "<string>",
"userAgentAlt": "<string>",
"browserName": "<string>",
"browserVersion": "<string>",
"browserMajorVersion": "<string>",
"cpuArchitecture": "<string>",
"deviceModel": "<string>",
"deviceVendor": "<string>",
"engineName": "<string>",
"engineVersion": "<string>",
"osName": "<string>",
"osVersion": "<string>"
}
],
"groups": "<string>"
}
],
"totalCount": 123
}Cases
Get threat indicators for a case
GET
/
v1
/
cases
/
{id}
/
threat-indicators
Get threat indicators for a case
curl --request GET \
--url https://api.wirespeed.co/v1/cases/{id}/threat-indicators \
--header 'Authorization: Bearer <token>'{
"data": [
{
"id": "<string>",
"teamId": "<string>",
"createdAt": "<string>",
"containments": [],
"testMode": true,
"sourceIngestedAt": "<string>",
"sourceDetectedAt": "<string>",
"logs": [
{
"log": "<string>",
"timestamp": "<string>",
"debug": true
}
],
"raw": {},
"title": "<string>",
"contained": true,
"reingested": true,
"prevented": true,
"managedByThirdParty": true,
"excludeFromMeans": true,
"sid": "<string>",
"firstRun": true,
"containOnChatOpsFailure": true,
"wasEscalated": true,
"ocsfDetectionFinding": {},
"chatOpsTest": true,
"severityOrdinal": 123,
"containsVIP": true,
"containsHVA": true,
"excluded": true,
"endpoints": [
{
"id": "<string>",
"displayName": "<string>",
"teamId": "<string>",
"hva": true,
"createdAt": "<string>",
"integrationId": "<string>",
"contained": true,
"workstation": true,
"server": true,
"mobile": true,
"domainController": true,
"groups": [
{
"id": "<string>",
"endpointId": "<string>",
"group": "<string>",
"teamId": "<string>",
"enabled": true,
"createdAt": "<string>",
"overriddenByUser": true,
"groupId": "<string>",
"overriddenByUserId": "<string>",
"overriddenByUserIdentifier": "<string>",
"groupName": "<string>",
"groupSlug": "<string>",
"groupContainmentEnabled": true,
"groupChatOpsEnabled": true,
"groupSourceSystemUpdates": true,
"groupRuleSearch": "<string>",
"groupRuleSearchField": "<string>"
}
],
"groupContainmentEnabled": true,
"groupChatOpsEnabled": true,
"groupSourceSystemUpdates": true,
"groupsSynced": true,
"edrSourceId": "<string>",
"mdmSourceId": "<string>",
"name": "<string>",
"hvaOverriddenByUser": true,
"privateIpAddress": "<string>",
"live": true,
"operatingSystem": "<string>",
"canonicalId": "<string>",
"canonicalClusterMemberCount": 123,
"canonicalClusterMembers": [
{
"id": "22222222-2222-2222-2222-222222222201",
"displayLabel": "WS-SAMPLE-BRAVO-WKS$",
"integrationId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeee0002",
"integrationPlatform": "sentinel-one",
"name": "WS-SAMPLE-BRAVO-WKS$",
"managed": true,
"live": true,
"operatingSystem": "Windows11 - 23H2",
"createdAt": "2025-01-02T00:00:00.000Z",
"updatedAt": "2025-01-15T12:00:00.000Z"
},
{
"id": "22222222-2222-2222-2222-222222222202",
"displayLabel": "WS-SAMPLE-CHARLIE-WKS$",
"integrationId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeee0003",
"integrationPlatform": "crowdstrike-falcon",
"name": "WS-SAMPLE-CHARLIE-WKS$",
"managed": true,
"live": true,
"operatingSystem": "Windows 10 Enterprise 22H2 (OS build 19045.4046)",
"createdAt": "2025-01-03T00:00:00.000Z",
"updatedAt": "2025-01-15T12:00:00.000Z"
}
],
"managed": true,
"publicIpAddress": "<string>",
"lastSeenAt": "<string>",
"updatedAt": "<string>",
"raw": {},
"lockPin": "<string>"
}
],
"files": [
{
"id": "<string>",
"displayName": "<string>",
"teamId": "<string>",
"createdAt": "<string>",
"updatedAt": "<string>",
"enrichedViaIntegration": true,
"name": "<string>",
"path": "<string>",
"sha256": "<string>",
"sha1": "<string>",
"toolName": "<string>",
"lastEnrichedAt": "<string>",
"nameWithPath": "<string>",
"metadata": {
"threatNames": [
{
"name": "<string>",
"engine": "<string>",
"excluded": true,
"matchedFileRiskRules": [
"<string>"
]
}
],
"versionInfo": [
{
"name": "<string>",
"value": "<string>"
}
],
"proposedFileNames": [
"<string>"
],
"fileNameCatalogMatches": [
"<string>"
],
"lastScanTime": "<string>",
"story": "<string>"
},
"contained": true
}
],
"processes": [
{
"id": "<string>",
"displayName": "<string>",
"teamId": "<string>",
"createdAt": "<string>",
"command": "<string>",
"sha256": "<string>",
"sha1": "<string>"
}
],
"locations": [
{
"id": "<string>",
"displayName": "<string>",
"teamId": "<string>",
"createdAt": "<string>",
"lat": "<string>",
"lon": "<string>",
"city": "<string>",
"state": "<string>",
"country": "<string>",
"countryCode": "<string>",
"continent": "<string>",
"continentCode": "<string>"
}
],
"directory": [
{
"id": "<string>",
"displayName": "<string>",
"teamId": "<string>",
"additionalEmails": [
"<string>"
],
"allEmails": [
"<string>"
],
"createdAt": "<string>",
"integrationId": "<string>",
"credentialsExposed": true,
"numberCredentialExposures": 123,
"containable": true,
"smsInviteAttempts": 123,
"groups": [
{
"id": "<string>",
"directoryUserId": "<string>",
"group": "<string>",
"teamId": "<string>",
"overriddenByUser": true,
"overriddenByUserId": "<string>",
"overriddenByUserIdentifier": "<string>",
"enabled": true,
"createdAt": "<string>",
"groupId": "<string>",
"groupName": "<string>",
"groupSlug": "<string>",
"groupContainmentEnabled": true,
"groupChatOpsEnabled": true,
"groupSourceSystemUpdates": true,
"groupRuleSearch": "<string>",
"groupRuleSearchField": "<string>"
}
],
"groupContainmentEnabled": true,
"groupChatOpsEnabled": true,
"groupSourceSystemUpdates": true,
"groupsSynced": true,
"enabled": true,
"directoryId": "<string>",
"name": "<string>",
"phoneNumber": "<string>",
"previousPhoneNumber": "<string>",
"title": "<string>",
"email": "<string>",
"vip": true,
"nhi": true,
"financial": true,
"technical": true,
"external": true,
"managerDirectoryId": "<string>",
"managerEmail": "<string>",
"domain": "<string>",
"department": "<string>",
"canonicalId": "<string>",
"canonicalClusterMemberCount": 123,
"canonicalClusterMembers": [
{
"id": "22222222-2222-2222-2222-222222222201",
"displayLabel": "WS-SAMPLE-BRAVO-WKS$",
"integrationId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeee0002",
"integrationPlatform": "sentinel-one",
"name": "WS-SAMPLE-BRAVO-WKS$",
"managed": true,
"live": true,
"operatingSystem": "Windows11 - 23H2",
"createdAt": "2025-01-02T00:00:00.000Z",
"updatedAt": "2025-01-15T12:00:00.000Z"
},
{
"id": "22222222-2222-2222-2222-222222222202",
"displayLabel": "WS-SAMPLE-CHARLIE-WKS$",
"integrationId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeee0003",
"integrationPlatform": "crowdstrike-falcon",
"name": "WS-SAMPLE-CHARLIE-WKS$",
"managed": true,
"live": true,
"operatingSystem": "Windows 10 Enterprise 22H2 (OS build 19045.4046)",
"createdAt": "2025-01-03T00:00:00.000Z",
"updatedAt": "2025-01-15T12:00:00.000Z"
}
],
"roles": [
"<string>"
],
"lastCredentialExposure": "<string>",
"lastCheckedForCredentialExposures": "<string>",
"needsChatOpsWelcome": true,
"contained": true,
"username": "<string>",
"smsConsentReceivedAt": "<string>",
"smsInviteLastSentAt": "<string>",
"smsInviteOptOut": true,
"administrator": true,
"updatedAt": "<string>",
"passwordLastChangedAt": "<string>",
"lastSignInAt": "<string>",
"raw": {},
"managed": true,
"chatOpsOnboardingUser": true,
"verifiedPhoneNumber": "<string>"
}
],
"ips": [
{
"displayName": "<string>",
"id": "<string>",
"teamId": "<string>",
"createdAt": "<string>",
"updatedAt": "<string>",
"metadataLastFetchedAt": "<string>",
"ipv4": "<string>",
"ipv6": "<string>",
"metadata": {
"ofac": true,
"adversarial": true,
"ip": "<string>",
"hostname": "<string>",
"city": "<string>",
"region": "<string>",
"country": "<string>",
"loc": "<string>",
"postal": "<string>",
"timezone": "<string>",
"org": "<string>",
"asn": {
"asn": "<string>",
"name": "<string>",
"domain": "<string>",
"type": "<string>",
"route": "<string>"
},
"company": {
"name": "<string>",
"domain": "<string>",
"type": "<string>"
},
"privacy": {
"vpn": true,
"proxy": true,
"tor": true,
"relay": true,
"hosting": true,
"service": "<string>",
"residentialProxy": true,
"lastSeen": "<string>",
"percentDaysSeen": 123
},
"abuse": {
"address": "<string>",
"country": "<string>",
"email": "<string>",
"name": "<string>",
"network": "<string>",
"phone": "<string>",
"ofac": true,
"adversarial": true
},
"domains": {
"ip": "<string>",
"total": 123,
"domains": [
"<string>"
]
},
"isAnycast": true,
"isMobile": true,
"isSatellite": true
},
"locationId": "<string>"
}
],
"domains": [
{
"id": "<string>",
"displayName": "<string>",
"teamId": "<string>",
"name": "<string>",
"createdAt": "<string>"
}
],
"whatHappened": "<string>",
"chatOpsActions": [
{
"id": "<string>",
"teamId": "<string>",
"directoryUserId": "<string>",
"integrationId": "<string>",
"detectionId": "<string>",
"mfaAttempts": 123,
"isManager": true,
"createdAt": "<string>",
"isSuccessful": true,
"isTimeout": true,
"isRateLimited": true,
"isOverride": true,
"caseId": "<string>",
"message": "<string>",
"settingsAtTimeOfAction": {},
"respondedAt": "<string>",
"ipAddress": "<string>",
"isMfaSuccess": true,
"isMfaFailure": true,
"isMfaUnavailable": true,
"mfaRespondedAt": "<string>"
}
],
"containmentActions": [
{
"id": "<string>",
"teamId": "<string>",
"createdAt": "<string>",
"detectionId": "<string>",
"caseId": "<string>",
"endpointId": "<string>",
"directoryUserId": "<string>",
"fileId": "<string>",
"userId": "<string>",
"integrationResponse": {},
"subAction": "<string>",
"integrationId": "<string>",
"integrationPlatform": "<string>"
}
],
"teamName": "<string>",
"sourceDescription": "<string>",
"notes": "<string>",
"sourceName": "<string>",
"caseId": "<string>",
"verdictedAt": "<string>",
"updatedAt": "<string>",
"closedAt": "<string>",
"refreshRaw": {},
"lastRefreshAt": "<string>",
"integrationId": "<string>",
"duplicateDetectionId": "<string>",
"nextSteps": "<string>",
"caseSid": "<string>",
"escalatedAt": "<string>",
"actionSlug": "<string>",
"exclusionId": "<string>",
"exclusionSid": "<string>",
"autoClosed": true,
"autoContained": true,
"verdictSetting": {
"default": true,
"managedByWspd": true,
"retired": true,
"escalate": true,
"chatOps": true,
"close": true,
"disabled": true,
"containUserActions": [],
"containEndpointActions": [],
"containFileActions": [],
"uncontainUserActions": [
"enable"
],
"uncontainEndpointActions": [],
"uncontainFileActions": [
"unquarantine"
],
"chatOpsMFA": true,
"monitor": true,
"managerChatOps": true,
"vipChatOps": true,
"description": "<string>",
"id": "<string>",
"createdAt": "<string>",
"updatedAt": "<string>",
"teamId": "<string>",
"chatOpsTimeoutMonitor": true,
"chatOpsTimeoutClose": true,
"managedByParent": true,
"useSourceSeverity": true,
"ignoresRemediation": true,
"defaults": "<unknown>"
},
"chatOpsTestEmail": "<string>",
"chatOpsTestPhoneNumber": "<string>",
"customDetectionId": "<string>",
"externalCustomDetectionId": "<string>",
"autoRemediateStartedAt": "<string>",
"remediatedAt": "<string>",
"userAgents": [
{
"id": "<string>",
"userAgent": "<string>",
"teamId": "<string>",
"createdAt": "<string>",
"displayName": "<string>",
"userAgentAlt": "<string>",
"browserName": "<string>",
"browserVersion": "<string>",
"browserMajorVersion": "<string>",
"cpuArchitecture": "<string>",
"deviceModel": "<string>",
"deviceVendor": "<string>",
"engineName": "<string>",
"engineVersion": "<string>",
"osName": "<string>",
"osVersion": "<string>"
}
],
"groups": "<string>"
}
],
"totalCount": 123
}Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Path Parameters
Case identifier
Query Parameters
Available options:
asc, desc ⌘I