Vai al contenuto principale
POST
/
alerts
Create Alert
curl --request POST \
  --url https://local.casebender.com:3000/api/alerts \
  --header 'Content-Type: application/json' \
  --header 'X-Api-Key: <api-key>' \
  --data '
{
  "title": "<string>",
  "statusValue": "<string>",
  "severity": 2,
  "description": "",
  "count": 1,
  "type": "<string>",
  "source": "<string>",
  "sourceRef": "<string>",
  "externalLink": "<string>",
  "tlp": 2,
  "pap": 2,
  "customFields": {},
  "teams": [
    {
      "id": "<string>"
    }
  ],
  "tags": [
    {
      "id": 123
    }
  ],
  "organizations": [
    {
      "id": "<string>"
    }
  ],
  "observables": [
    {
      "dataType": "<string>",
      "data": "<string>",
      "attachment": "<string>"
    }
  ],
  "assigneeId": "<string>",
  "clientId": "<string>",
  "clientName": "<string>"
}
'
{
  "id": "<string>",
  "tinyId": 123,
  "title": "<string>",
  "description": "<string>",
  "statusValue": "<string>",
  "status": {
    "id": "<string>",
    "stage": "New",
    "label": "<string>",
    "color": "<string>",
    "value": "<string>",
    "canDelete": true
  },
  "count": 123,
  "severity": 123,
  "type": "<string>",
  "source": "<string>",
  "sourceRef": "<string>",
  "externalLink": "<string>",
  "tlp": 123,
  "pap": 123,
  "customFields": {},
  "createdAt": "<string>",
  "updatedAt": "<string>",
  "createdAtLabel": "<string>",
  "updatedAtLabel": "<string>",
  "severityColor": "<string>",
  "severityLabel": "<string>",
  "teams": [],
  "tags": [],
  "organizations": [],
  "assigneeId": "<string>",
  "createdById": "<string>",
  "deletedAt": "<string>",
  "observables": [],
  "visibleToAllOrganizations": true,
  "primaryAlertId": "<string>",
  "case": "<unknown>",
  "assignee": "<unknown>",
  "aiInsights": {
    "resolutionQuality": 123,
    "complianceScore": 123,
    "recommendations": [
      "<string>"
    ],
    "timeToResolution": 123,
    "riskScore": 123,
    "category": "<string>",
    "trendAnalysis": {
      "trend": "increasing",
      "confidence": 123
    },
    "similarCases": [
      {
        "id": "<string>",
        "similarity": 123,
        "resolution": "<string>"
      }
    ],
    "complianceImpact": {
      "frameworks": [
        "<string>"
      ],
      "severity": "low",
      "details": "<string>"
    },
    "threatIntel": {
      "knownThreatActors": [
        "<string>"
      ],
      "relatedMalware": [
        "<string>"
      ],
      "iocPatterns": [
        "<string>"
      ],
      "riskLevel": "low",
      "confidence": 123,
      "ttps": [
        "<string>"
      ],
      "targetedSystems": [
        "<string>"
      ],
      "exploitationRisk": 123,
      "malwareFamily": "<string>"
    },
    "patternAnalysis": {
      "behavioralPatterns": [
        "<string>"
      ],
      "anomalyScore": 123,
      "relatedTechniques": [
        "<string>"
      ],
      "mitreAttackPaths": [
        "<string>"
      ],
      "automationPotential": 123,
      "falsePositiveRisk": 123,
      "lateralMovementRisk": 123
    },
    "businessImpact": {
      "financialRisk": 123,
      "reputationalRisk": 123,
      "operationalRisk": 123,
      "dataRisk": 123,
      "overallImpact": "low",
      "affectedServices": [
        "<string>"
      ],
      "estimatedLoss": 123,
      "recoveryTime": 123
    },
    "timeToDetect": 123,
    "priorityScore": 123,
    "mitreReference": "<string>",
    "affectedAssets": [
      "<string>"
    ],
    "attackVector": "<string>",
    "remediationSteps": [
      "<string>"
    ],
    "falsePositiveProbability": 123,
    "relatedAlerts": [
      {
        "id": "<string>",
        "type": "<string>",
        "severity": 123
      }
    ],
    "securityPosture": {
      "vulnerabilities": [
        {
          "id": "<string>",
          "severity": "low",
          "description": "<string>",
          "remediation": "<string>",
          "cve": "<string>"
        }
      ],
      "exposedServices": [
        "<string>"
      ],
      "patchStatus": "up-to-date",
      "configurationIssues": [
        "<string>"
      ]
    },
    "incidentResponse": {
      "status": "new",
      "timeline": [
        {
          "timestamp": 123,
          "action": "<string>",
          "actor": "<string>"
        }
      ],
      "evidenceCollected": [
        "<string>"
      ],
      "assignedTo": "<string>",
      "containmentStrategy": "<string>"
    },
    "recommendationItems": [
      {
        "id": "<string>",
        "type": "immediate",
        "description": "<string>",
        "priority": 123,
        "status": "pending",
        "implementationComplexity": "low",
        "estimatedEffort": 123,
        "dependencies": [
          "<string>"
        ]
      }
    ],
    "processingStatus": "pending"
  }
}

Autorizzazioni

X-Api-Key
string
header
obbligatorio

Corpo

application/json
title
string
obbligatorio
statusValue
string
obbligatorio
severity
integer
obbligatorio
Intervallo richiesto: 1 <= x <= 4
description
string
predefinito:""
count
integer
predefinito:1
type
string
source
string
sourceRef
string
externalLink
string
tlp
integer
Intervallo richiesto: 0 <= x <= 4
pap
integer
Intervallo richiesto: 0 <= x <= 4
customFields
object
teams
object[]
tags
object[]
organizations
object[]
observables
object[]
assigneeId
string
clientId
string
clientName
string

Risposta

Successful response

id
string
obbligatorio
tinyId
number
obbligatorio
title
string
obbligatorio
description
string
obbligatorio
statusValue
string
obbligatorio
status
object
obbligatorio
count
number
obbligatorio
severity
number
obbligatorio
type
string | null
obbligatorio
source
string | null
obbligatorio
sourceRef
string | null
obbligatorio
externalLink
string | null
obbligatorio
tlp
number | null
obbligatorio
pap
number | null
obbligatorio
customFields
object
obbligatorio
createdAt
obbligatorio
updatedAt
obbligatorio
createdAtLabel
string
obbligatorio
updatedAtLabel
string
obbligatorio
severityColor
string
obbligatorio
severityLabel
string
obbligatorio
Required string length: 1
teams
any[]
obbligatorio
tags
object[]
obbligatorio
organizations
any[]
obbligatorio
assigneeId
string | null
obbligatorio
createdById
string
obbligatorio
deletedAt
string | null
obbligatorio
observables
object[]
obbligatorio
visibleToAllOrganizations
boolean
obbligatorio
primaryAlertId
string | null
obbligatorio
case
null
assignee
null
aiInsights
object