Search and list cases

curl --request POST \
  --url https://api.wirespeed.co/cases \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "size": 123,
  "page": 123,
  "filter": "<string>",
  "search": "<string>",
  "orderBy": "<string>",
  "orderDir": "asc",
  "statuses": [
    "NEW"
  ],
  "verdict": "MALICIOUS",
  "assetId": "<string>",
  "severity": "INFORMATIONAL",
  "assetType": "USER",
  "exclusionId": "<string>",
  "onlyWasEscalated": true,
  "onlyWasContained": true,
  "onlyWasMobile": true,
  "onlyChatOps": true,
  "hideDemoClients": true,
  "categoryClass": "ENDPOINT",
  "category": "OTHER__DIAGNOSTIC",
  "createdAt": {
    "gt": "<string>",
    "gte": "<string>",
    "lt": "<string>",
    "lte": "<string>"
  }
}'

{
  "data": [
    {
      "id": "<string>",
      "sid": "<string>",
      "teamId": "<string>",
      "name": "<string>",
      "lastNotifiedClientAt": {},
      "status": "NEW",
      "createdAt": "<string>",
      "detectionSids": [
        "<string>"
      ],
      "testMode": true,
      "firstDetectionSourceIngestedAt": "<string>",
      "firstDetectionSourceDetectedAt": "<string>",
      "updatedAt": "<string>",
      "closedAt": "<string>",
      "logs": [
        {
          "log": "<string>",
          "timestamp": "<string>",
          "debug": true
        }
      ],
      "contained": true,
      "reingested": true,
      "verdict": "MALICIOUS",
      "title": "<string>",
      "categories": [
        "OTHER__DIAGNOSTIC"
      ],
      "excludeFromMeans": true,
      "verdictedAt": "<string>",
      "detectionCount": 123,
      "firstRun": true,
      "mttr": 123,
      "teamName": "<string>",
      "containsVIP": true,
      "containsHVA": true,
      "containsMobile": true,
      "externalTicketId": "<string>",
      "externalTicketIntegrationId": "<string>",
      "autoContained": true,
      "severity": "<string>",
      "severityOrdinal": 123,
      "respondedAt": "<string>",
      "platforms": [
        "<string>"
      ],
      "notes": "<string>",
      "clientNotified": true,
      "summary": "<string>"
    }
  ],
  "totalCount": 123
}

POST

cases

curl --request POST \
  --url https://api.wirespeed.co/cases \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "size": 123,
  "page": 123,
  "filter": "<string>",
  "search": "<string>",
  "orderBy": "<string>",
  "orderDir": "asc",
  "statuses": [
    "NEW"
  ],
  "verdict": "MALICIOUS",
  "assetId": "<string>",
  "severity": "INFORMATIONAL",
  "assetType": "USER",
  "exclusionId": "<string>",
  "onlyWasEscalated": true,
  "onlyWasContained": true,
  "onlyWasMobile": true,
  "onlyChatOps": true,
  "hideDemoClients": true,
  "categoryClass": "ENDPOINT",
  "category": "OTHER__DIAGNOSTIC",
  "createdAt": {
    "gt": "<string>",
    "gte": "<string>",
    "lt": "<string>",
    "lte": "<string>"
  }
}'

{
  "data": [
    {
      "id": "<string>",
      "sid": "<string>",
      "teamId": "<string>",
      "name": "<string>",
      "lastNotifiedClientAt": {},
      "status": "NEW",
      "createdAt": "<string>",
      "detectionSids": [
        "<string>"
      ],
      "testMode": true,
      "firstDetectionSourceIngestedAt": "<string>",
      "firstDetectionSourceDetectedAt": "<string>",
      "updatedAt": "<string>",
      "closedAt": "<string>",
      "logs": [
        {
          "log": "<string>",
          "timestamp": "<string>",
          "debug": true
        }
      ],
      "contained": true,
      "reingested": true,
      "verdict": "MALICIOUS",
      "title": "<string>",
      "categories": [
        "OTHER__DIAGNOSTIC"
      ],
      "excludeFromMeans": true,
      "verdictedAt": "<string>",
      "detectionCount": 123,
      "firstRun": true,
      "mttr": 123,
      "teamName": "<string>",
      "containsVIP": true,
      "containsHVA": true,
      "containsMobile": true,
      "externalTicketId": "<string>",
      "externalTicketIntegrationId": "<string>",
      "autoContained": true,
      "severity": "<string>",
      "severityOrdinal": 123,
      "respondedAt": "<string>",
      "platforms": [
        "<string>"
      ],
      "notes": "<string>",
      "clientNotified": true,
      "summary": "<string>"
    }
  ],
  "totalCount": 123
}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json

size

number

page

number

filter

string

orderBy

string

orderDir

enum<string>

Available options:

asc,

desc

statuses

enum<string>[]

Filter cases by status

Show child attributes

verdict

enum<string>

Filter cases by verdict

Available options:

MALICIOUS,

SUSPICIOUS,

BENIGN

assetId

string

Filter cases involving a specific asset

severity

enum<string>

Filter cases by severity

Available options:

INFORMATIONAL,

LOW,

MEDIUM,

HIGH,

CRITICAL

assetType

enum<string>

Filter cases by asset type

Available options:

USER,

PROCESS,

USER_AGENT,

FILE,

ENDPOINT,

LOCATION,

IP,

DOMAIN

exclusionId

string

Filter cases by exclusion rule

onlyWasEscalated

boolean

Only include cases that were escalated

onlyWasContained

boolean

Only include cases that were contained

onlyWasMobile

boolean

Only include cases that involve mobile devices

onlyChatOps

boolean

Only include cases that involved chat ops

hideDemoClients

boolean

categoryClass

enum<string>

Available options:

ENDPOINT,

IDENTITY,

CLOUD,

EMAIL,

NETWORK,

DATA,

POSTURE,

OTHER

Response

200 - application/json

data

object[]

required

Show child attributes

totalCount

number

required

Get threat indicators for a case Submit feedback for AI case summary

Cases

Integration

Asset

Team

Users

Detection

Endpoint

Search and list cases

Authorizations

Body

Response