Skip to main content
Skip table of contents

Get incident investigation details ‎‎ ‎‎

POST /Command/getIncidentInvestigationDetails

Get incident investigation details.

Request

Authentication: API keys or JSON web tokens (JWT)

Body Parameters

Parameter Name

Type

Required/Optional

Description

Username

string

Required

The username of your D3 SOAR account.

Site

string

Required

The D3 SOAR site to run the remote command.

Incident Numbers

array<string>

Required

Identify which incidents to query the investigation data

Investigation Section Names

array<string>

Required

Identify which section on the investigation tab to query the data. Value(s) shall be chosen from "Summary", "Finding", "Remediations" and Mitigations", or "Recommendations"

Body Sample Data

application/json
JSON 
{
  "Username": "Admin",
  "Site": "Security Operations",
  "CommandParams": {
    "Incident Numbers": [
      "20240202-1",
      "20240202-2"
    ],
    "Investigation Section Names": [
      "Summary",
      "Findings",
      "Remediations and Mitigations",
      "Recommendations"
    ]
  }
}

Response

200 OK

application/json

Response Fields

Field Name

Type

Description

error

string

The error message if the API request has failed.

returnData

JSON Object

The return data from the API request.

Sample Data

CODE 
{
    "error": "",
    "returnData": {
        "Status": "Successful",
        "Data": [
            {
                "IncidentNo": "20240202-1",
                "Summary": {
                    "Content": "",
                    "Data": {}
                },
                "Finding": [
                    {
                        "Type": "",
                        "Content": "",
                        "Data": {}
                    },
                    {
                        "Type": "",
                        "Content": "",
                        "Data": {}
                    }
                ],
                "Remediations and Mitigations": [
                    {
                        "Content": "",
                        "Data": {}
                    },
                    {
                        "Content": "",
                        "Data": {}
                    }
                ],
                "Recommendations": [
                    {
                        "Content": "",
                        "Data": {}
                    },
                    {
                        "Content": "",
                        "Data": {}
                    }
                ]
            },
            {
                "IncidentNo": "20240202-2",
                "Summary": {
                    "Content": "",
                    "Data": {}
                },
                "Finding": [
                    {
                        "Type": "",
                        "Content": "",
                        "Data": {}
                    },
                    {
                        "Type": "",
                        "Content": "",
                        "Data": {}
                    }
                ],
                "Remediations and Mitigations": [
                    {
                        "Content": "",
                        "Data": {}
                    },
                    {
                        "Content": "",
                        "Data": {}
                    }
                ],
                "Recommendations": [
                    {
                        "Content": "",
                        "Data": {}
                    },
                    {
                        "Content": "",
                        "Data": {}
                    }
                ]
            }
        ]
    }
}

400 BadRequest

application/json

Response Fields

Field Name

Type

Description

Error

string

A error message when the API request fails.

Sample Data

JSON 
{"Error": "The body of the request must be a valid JSON object"}

401 Unauthorized

application/json

Response Fields

Field Name

Type

Description

Error

string

A error message when the API request fails.

Sample Data

JSON 
{"Error": "Invalid authentication key."}

429 TooManyRequests

application/json

Response Fields

Field Name

Type

Description

Error

string

A error message when the API request fails.

Sample Data

JSON 
{"Error": "The request exceeds rate limits or is otherwise blocked by rate limiting policies."}

500 InternalServerError

application/json

Response Fields

Field Name

Type

Description

Error

string

A error message when the API request fails.

Sample Data

JSON 
{"Error": "Unexpected Error."}

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close