![]() The current owner's display name, such as admin. Prompt, approval, manualtask, actionreview. JSON object containing a variety of parameters entered in response to prompt. The next owner for an approval, such as admin. Time (UTC) when this action is due ( time at which the SLA expires/expired ). The container Id of the playbook action run. See REST Assets for further information about assets. "playbook_name": "Detect and Respond Against Malicious Domains",Ĭan be empty depending on the notification type and if it contains an asset. "comment": "Possibly malicious IP address",Ī successful GET for prompt notification type will return a 200 response, and a JSON formatted list of details. "container_name": "Possible Malicious Email", "description": "Default Asset Configuration for AbuseIPDB", "action_name": "user initiated post ip action", ![]() The response varies depending on the notification type, which is a sub-type of notifications. ![]() List details of notifications for a particular container. "message": "Task 'Determine functional impact' of phase 'Analysis and Containment' for case 'HUD Container' has been assigned to you",Īlways displays the notification type for all notifications, and distinguishes between the different types of approvals: action reviews, approvals, manual tasks, and prompts.ĭisplays notification due date for any notification that has a due date.ĭisplays message of notification no matter the type, because currently message is empty for approval notifications: message, and approval for block ip. "message": "approval for block ip on asset 'zscaler'",
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |