Cases
- POSTGet case statistics by severity
- POSTGet case statistics by category class
- GETGet weekly case counts
- POSTGet case counts grouped by team
- GETGet example case for demonstration
- GETGet all detections for a case
- GETGet all detections for a case without entities
- DELDelete a case
- PATCHUpdate case details
- POSTCalculate mean time to resolution
- POSTCalculate mean time to detect for filtered cases
- POSTCalculate mean time to verdict for filtered cases
- POSTCalculate mean time to contain
- POSTReingest all detections for a case
- GETGet related cases
- GETGet threat indicators for a case
- POSTSearch and list cases
- POSTGet cases search count
- POSTSubmit feedback for AI case summary
- GETGet active bulk jobs for current user
- GETGet bulk job status
- GETGet case by ID or SID
- POSTExport cases to CSV
- POSTBulk close cases
Integration
- GETGet integration health summary
- POSTSearch integrations
- POSTGet integration search count
- POSTSearch integration logs from ClickHouse
- POSTGet integration log search count from ClickHouse
- POSTGet daily integration log counts from ClickHouse
- PUTAdd API key integration
- PUTAdd other integration type
- PUTAdd basic authentication integration
- POSTGet OAuth installation URL
- GETGet all integration configurations
- GETGet integration by ID
- DELDelete integration
- PATCHUpdate integration
- GETGet integration configuration by type
- GETHandle OAuth redirect
- POSTVerify JWT token
- GETHandle authenticated OAuth redirect
- POSTInvoke integration action
- GETGet webhook secret
- GETGet AWS remote API key
- PUTRegister AWS integration remotely
- GETGet synced licenses for integration
- POSTCheck integration entitlements
- POSTDismiss an entitlement warning
- DELUndismiss an entitlement warning
- POSTTrigger health check for all team integrations
- POSTTrigger health check for integration
- POSTMute hourly quality notifications for integration
- POSTUnmute hourly quality notifications for integration
- POSTRequest a new integration
- GETVerify integration webhook
- POSTHandle integration webhook
- GETGet Microsoft Sentinel RBAC setup URL
- GETGet Microsoft Sentinel deploy template
- GETGet ConnectWise PSA configuration
- PUTUpdate ConnectWise PSA configuration
- GETGet ConnectWise companies
- GETGet ConnectWise boards
- GETGet board ticket types
- GETGet board ticket statuses
- GETGet ConnectWise priorities
- GETGet Halo ITSM configuration
- PUTUpdate Halo ITSM configuration
- GETGet additional required fields for Halo ITSM Incident tickets
- GETGet Halo ITSM teams
- GETGet Halo ITSM clients
- GETGet Halo ITSM categories (type_id=1)
- GETGet Jira configuration
- PUTUpdate Jira configuration
- GETGet Jira Cloud instances
- GETGet Jira projects
- GETGet Jira issue types
- GETGet Odoo Helpdesk configuration
- PUTUpdate Odoo Helpdesk configuration
- GETList available Odoo Helpdesk databases
- GETList Odoo Helpdesk companies for a database
- GETList Odoo Helpdesk teams for a database
- GETList Odoo Helpdesk stages and return a suggested Wirespeed→stage mapping
Asset
- GETGet all assets for a case
- GETGet all assets for a detection
- GETGet asset counts by type
- POSTBulk contain multiple assets
- POSTBulk uncontain multiple assets
- POSTContain directory user
- POSTContain endpoint
- POSTUncontain endpoint
- POSTUncontain directory
- POSTContain file
- POSTUncontain file
- GETGet active containment actions for an asset
- GETGet containment action history for an asset
Users
Team
- POSTGet team detection statistics
- POSTGet team billable resource statistics
- POSTSet or clear the billing license for a target type
- POSTGet team endpoint operating system statistics
- POSTGet team geographic distribution statistics
- POSTGet team event statistics by integration
- POSTDetections created over time
- POSTEscalated cases over time
- POSTContainment actions over time
- POSTNoise reduction rate over time
- POSTMean time to verdict over time
- POSTMean time to detect over time
- POSTMean time to respond over time
- POSTDetections grouped by category
- POSTDetections grouped by integration
- POSTDetections grouped by endpoint/user group
- POSTSwitch to a different team
- GETGet current team information
- PUTCreate a new team
- POSTSearch service provider teams
- DELDelete the current team and all associated data
- PATCHUpdate team information
- GETCheck if the current user can modify all team members, including SP-managed users
- GETGet team by any UUID
- GETGet all teams
- GETGet all teams with slim payload
- POSTGet service provider teams search count
- POSTGet service provider client aggregate stats
- POSTSearch team members
- POSTGet team member search count
- GETGet distinct email domains of team members
- POSTSearch system logs
- POSTGet system log search count
- GETGet a system log entry by id (current team)
- PUTAdd operating team
- DELRemove operating team
- PATCHUpdate a client team subscription
- PUTInvite user to team
- PUTResend invitation to user
- GETGet platform logos
- PUTUpload platform logo
- DELDelete platform logo
- PATCHReset default chat ops for a field
- DELRemove external user from team
- GETGet all team-level API keys
- PUTCreate a team-level API key
- DELDelete a team-level API key
- POSTPublic team sign-up endpoint
- POSTCreate a SKU change request
- GETGet pending SKU change request for current team
- PATCHUpdate a SKU change request (cancel, accept, deny, or accept with modifications)
- POSTList all SKU change requests (internal only)
- GETGet pending SKU change request for a client team
- POSTList SKU change requests for child teams of the current SP
- GETGet onboarding checklist items for the team
- PATCHMark a self-attested onboarding item as complete
Directory
- GETGet directory user statistics
- GETGet directory user by ID
- PATCHUpdate directory user
- POSTGet directory user search count
- POSTSearch directory users
- PUTAdd users to chat ops onboarding
- DELRemove user from chat ops onboarding
- PUTAdd users to chat ops onboarding
- DELRemove users from chat ops onboarding
- PUTAdd group to directory user
- DELRemove group from directory user
- GETGet VIP user count and change
- POSTRefresh directory user data
- POSTReset SMS invite attempts and resend invite
Detection
- POSTGet detection statistics by severity
- POSTGet detection statistics by category class
- POSTGet detection chat ops statistics
- POSTGet noise reduction statistics over time
- POSTCalculate mean time to detect
- POSTCalculate mean time to verdict
- POSTSearch and list detections
- POSTCount detections matching search filters
- GETGet example detection for demonstration
- PUTCreate a custom detection
- POSTList custom detections
- DELDelete a custom detection
- PATCHUpdate a custom detection
- POSTReingest a detection
- GETGet detection by ID or SID
- GETGet AQL questions for detection
- DELDelete a detection
- PATCHUpdate detection details
- POSTExport detections to CSV
Search service provider teams
curl --request POST \
--url https://api.wirespeed.co/team \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"size": 123,
"page": 123,
"filter": "<string>",
"search": "<string>",
"orderBy": "<string>",
"orderDir": "asc",
"onlyDemo": true,
"onlyTestMode": true,
"onlyOperatingTeam": true,
"onlyEndpointAutoContainment": true,
"onlyIdentityAutoContainment": true,
"escalationEmailSource": "custom"
}
'{
"data": [
{
"id": "<string>",
"name": "<string>",
"demo": true,
"refreshable": true,
"testMode": true,
"chatOpsEscalationDelayMinutes": 123,
"identityAutoContainment": true,
"endpointAutoContainment": true,
"fileAutoContainment": true,
"escalationEmails": [
"<string>"
],
"logoUrl": "<string>",
"chatOpsSecondFactor": true,
"chatOpsAccountLockedMessage": "<string>",
"createdAt": "<string>",
"richCaseNotifications": true,
"managerChatOps": true,
"emailSignature": "<string>",
"chatOpsSubjectLine": "<string>",
"notificationEscalationSeverity": "INFORMATIONAL",
"autoSubscribeServiceProviderUsers": true,
"sku": "identity",
"isTrial": true,
"skipThirdPartyManagedSourceUpdates": true,
"onboardingChecklistCompleted": true,
"chatOpsWelcomeMessage": "<string>",
"platformName": "<string>",
"maxChatOpsPerDay": 123,
"maxAutoContainmentsPerDay": 123,
"escalationSubjectLine": "<string>",
"chatOpsWelcomeMessageInherited": true,
"emailSignatureInherited": true,
"chatOpsSubjectLineInherited": true,
"chatOpsAccountLockedMessageInherited": true,
"serviceProvider": true,
"parentTeamName": "<string>",
"parentTeamId": "<string>",
"parentServiceProvider": true,
"operatingTeam": true,
"useChatOpsOnboardingGroup": true,
"chatOpsAllowBulkSmsInvite": true,
"billableUsers": 123,
"billableEndpoints": 123,
"teamMembers": 123,
"supportEmail": "<string>",
"address": "<string>",
"skuStartDate": "<string>",
"skuEndDate": "<string>",
"billingUserLicenseId": "<string>",
"billingEndpointLicenseId": "<string>"
}
]
}Team
Search service provider teams
POST
/
team
Search service provider teams
curl --request POST \
--url https://api.wirespeed.co/team \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"size": 123,
"page": 123,
"filter": "<string>",
"search": "<string>",
"orderBy": "<string>",
"orderDir": "asc",
"onlyDemo": true,
"onlyTestMode": true,
"onlyOperatingTeam": true,
"onlyEndpointAutoContainment": true,
"onlyIdentityAutoContainment": true,
"escalationEmailSource": "custom"
}
'{
"data": [
{
"id": "<string>",
"name": "<string>",
"demo": true,
"refreshable": true,
"testMode": true,
"chatOpsEscalationDelayMinutes": 123,
"identityAutoContainment": true,
"endpointAutoContainment": true,
"fileAutoContainment": true,
"escalationEmails": [
"<string>"
],
"logoUrl": "<string>",
"chatOpsSecondFactor": true,
"chatOpsAccountLockedMessage": "<string>",
"createdAt": "<string>",
"richCaseNotifications": true,
"managerChatOps": true,
"emailSignature": "<string>",
"chatOpsSubjectLine": "<string>",
"notificationEscalationSeverity": "INFORMATIONAL",
"autoSubscribeServiceProviderUsers": true,
"sku": "identity",
"isTrial": true,
"skipThirdPartyManagedSourceUpdates": true,
"onboardingChecklistCompleted": true,
"chatOpsWelcomeMessage": "<string>",
"platformName": "<string>",
"maxChatOpsPerDay": 123,
"maxAutoContainmentsPerDay": 123,
"escalationSubjectLine": "<string>",
"chatOpsWelcomeMessageInherited": true,
"emailSignatureInherited": true,
"chatOpsSubjectLineInherited": true,
"chatOpsAccountLockedMessageInherited": true,
"serviceProvider": true,
"parentTeamName": "<string>",
"parentTeamId": "<string>",
"parentServiceProvider": true,
"operatingTeam": true,
"useChatOpsOnboardingGroup": true,
"chatOpsAllowBulkSmsInvite": true,
"billableUsers": 123,
"billableEndpoints": 123,
"teamMembers": 123,
"supportEmail": "<string>",
"address": "<string>",
"skuStartDate": "<string>",
"skuEndDate": "<string>",
"billingUserLicenseId": "<string>",
"billingEndpointLicenseId": "<string>"
}
]
}Documentation Index
Fetch the complete documentation index at: https://docs.wirespeed.co/llms.txt
Use this file to discover all available pages before exploring further.
Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Body
application/json
Available options:
asc, desc Only include demo clients
Only include test mode clients
Only include clients marked as operating teams
Only include clients with endpoint auto containment enabled
Only include clients with identity auto containment enabled
Filter by escalation email source
Available options:
custom, inherited Response
Array of team objects
Show child attributes
Show child attributes
⌘I