Passer au contenu principal
POST
/
alerts
Create Alert
curl --request POST \
  --url https://local.casebender.com:3000/api/alerts \
  --header 'Content-Type: application/json' \
  --header 'X-Api-Key: <api-key>' \
  --data '
{
  "title": "<string>",
  "statusValue": "<string>",
  "severity": 2,
  "description": "",
  "count": 1,
  "type": "<string>",
  "source": "<string>",
  "sourceRef": "<string>",
  "externalLink": "<string>",
  "tlp": 2,
  "pap": 2,
  "customFields": {},
  "teams": [
    {
      "id": "<string>"
    }
  ],
  "tags": [
    {
      "id": 123
    }
  ],
  "organizations": [
    {
      "id": "<string>"
    }
  ],
  "observables": [
    {
      "dataType": "<string>",
      "data": "<string>",
      "attachment": "<string>"
    }
  ],
  "assigneeId": "<string>",
  "clientId": "<string>",
  "clientName": "<string>"
}
'
{
  "id": "<string>",
  "tinyId": 123,
  "title": "<string>",
  "description": "<string>",
  "statusValue": "<string>",
  "status": {
    "id": "<string>",
    "stage": "New",
    "label": "<string>",
    "color": "<string>",
    "value": "<string>",
    "canDelete": true
  },
  "count": 123,
  "severity": 123,
  "type": "<string>",
  "source": "<string>",
  "sourceRef": "<string>",
  "externalLink": "<string>",
  "tlp": 123,
  "pap": 123,
  "customFields": {},
  "createdAt": "<string>",
  "updatedAt": "<string>",
  "createdAtLabel": "<string>",
  "updatedAtLabel": "<string>",
  "severityColor": "<string>",
  "severityLabel": "<string>",
  "teams": [],
  "tags": [],
  "organizations": [],
  "assigneeId": "<string>",
  "createdById": "<string>",
  "deletedAt": "<string>",
  "observables": [],
  "visibleToAllOrganizations": true,
  "primaryAlertId": "<string>",
  "case": "<unknown>",
  "assignee": "<unknown>",
  "aiInsights": {
    "resolutionQuality": 123,
    "complianceScore": 123,
    "recommendations": [
      "<string>"
    ],
    "timeToResolution": 123,
    "riskScore": 123,
    "category": "<string>",
    "trendAnalysis": {
      "trend": "increasing",
      "confidence": 123
    },
    "similarCases": [
      {
        "id": "<string>",
        "similarity": 123,
        "resolution": "<string>"
      }
    ],
    "complianceImpact": {
      "frameworks": [
        "<string>"
      ],
      "severity": "low",
      "details": "<string>"
    },
    "threatIntel": {
      "knownThreatActors": [
        "<string>"
      ],
      "relatedMalware": [
        "<string>"
      ],
      "iocPatterns": [
        "<string>"
      ],
      "riskLevel": "low",
      "confidence": 123,
      "ttps": [
        "<string>"
      ],
      "targetedSystems": [
        "<string>"
      ],
      "exploitationRisk": 123,
      "malwareFamily": "<string>"
    },
    "patternAnalysis": {
      "behavioralPatterns": [
        "<string>"
      ],
      "anomalyScore": 123,
      "relatedTechniques": [
        "<string>"
      ],
      "mitreAttackPaths": [
        "<string>"
      ],
      "automationPotential": 123,
      "falsePositiveRisk": 123,
      "lateralMovementRisk": 123
    },
    "businessImpact": {
      "financialRisk": 123,
      "reputationalRisk": 123,
      "operationalRisk": 123,
      "dataRisk": 123,
      "overallImpact": "low",
      "affectedServices": [
        "<string>"
      ],
      "estimatedLoss": 123,
      "recoveryTime": 123
    },
    "timeToDetect": 123,
    "priorityScore": 123,
    "mitreReference": "<string>",
    "affectedAssets": [
      "<string>"
    ],
    "attackVector": "<string>",
    "remediationSteps": [
      "<string>"
    ],
    "falsePositiveProbability": 123,
    "relatedAlerts": [
      {
        "id": "<string>",
        "type": "<string>",
        "severity": 123
      }
    ],
    "securityPosture": {
      "vulnerabilities": [
        {
          "id": "<string>",
          "severity": "low",
          "description": "<string>",
          "remediation": "<string>",
          "cve": "<string>"
        }
      ],
      "exposedServices": [
        "<string>"
      ],
      "patchStatus": "up-to-date",
      "configurationIssues": [
        "<string>"
      ]
    },
    "incidentResponse": {
      "status": "new",
      "timeline": [
        {
          "timestamp": 123,
          "action": "<string>",
          "actor": "<string>"
        }
      ],
      "evidenceCollected": [
        "<string>"
      ],
      "assignedTo": "<string>",
      "containmentStrategy": "<string>"
    },
    "recommendationItems": [
      {
        "id": "<string>",
        "type": "immediate",
        "description": "<string>",
        "priority": 123,
        "status": "pending",
        "implementationComplexity": "low",
        "estimatedEffort": 123,
        "dependencies": [
          "<string>"
        ]
      }
    ],
    "processingStatus": "pending"
  }
}

Autorisations

X-Api-Key
string
header
requis

Corps

application/json
title
string
requis
statusValue
string
requis
severity
integer
requis
Plage requise: 1 <= x <= 4
description
string
défaut:""
count
integer
défaut:1
type
string
source
string
sourceRef
string
externalLink
string
tlp
integer
Plage requise: 0 <= x <= 4
pap
integer
Plage requise: 0 <= x <= 4
customFields
object
teams
object[]
tags
object[]
organizations
object[]
observables
object[]
assigneeId
string
clientId
string
clientName
string

Réponse

Successful response

id
string
requis
tinyId
number
requis
title
string
requis
description
string
requis
statusValue
string
requis
status
object
requis
count
number
requis
severity
number
requis
type
string | null
requis
source
string | null
requis
sourceRef
string | null
requis
externalLink
string | null
requis
tlp
number | null
requis
pap
number | null
requis
customFields
object
requis
createdAt
requis
updatedAt
requis
createdAtLabel
string
requis
updatedAtLabel
string
requis
severityColor
string
requis
severityLabel
string
requis
Required string length: 1
teams
any[]
requis
tags
object[]
requis
organizations
any[]
requis
assigneeId
string | null
requis
createdById
string
requis
deletedAt
string | null
requis
observables
object[]
requis
visibleToAllOrganizations
boolean
requis
primaryAlertId
string | null
requis
case
null
assignee
null
aiInsights
object