Get The Least Busy User
Identifies the user with the lowest current workload based on specified criteria.
Implementation | System |
Command Category | Basic Utility |
Tags | USER |
Inputs
Parameter Name | Required/Optional | Description | Sample Data |
---|---|---|---|
Online | Optional | Check if the users are online |
|
Least Incidents | Optional | Get users with least incidents |
|
Least Event | Optional | Get users with least events |
|
Least Pending Tasks | Optional | Get users with least pending tasks |
|
Randomize | Optional | If Randomize is Yes, return a list containing only one random qualified user. |
|
Incident Number | Optional | If command not runs under a Playbook, incident number input is required. |
|
Output
Remote Command API
The D3 command API allows you to send requests to D3 SOAR to execute this utility command via REST API.
Request
POST
https:/{base_url}/{api_namespace}/api/Command/GetTheLeastBusyUser
Headers
Please refer to the page Webhook Configuration Guide - Authentication Method: API Keys for more details.
Request Body
{
"Username": "<Username here>",
"Site": "<Site here>",
"CommandParams": {
"Online": "<Online here>",
"Least Incidents": "<Least Incidents here>",
"Least Events": "<Least Events here>",
"Least Pending Tasks": "<Least Pending Tasks here>",
"Randomize": "<Randomizehere>",
"Incident Number": "<Incident Numberhere>",
}
}
Body Parameters
Parameter Name | Type | Required/Optional | Description |
---|---|---|---|
Username |
| Required | The username of your D3 SOAR account. |
Site |
| Required | The D3 SOAR site to run the remote command. |
Online |
| Optional | Check if the users are online |
Least Incidents |
| Optional | Get users with least incidents |
Least Events |
| Optional | Get users with least events |
Least Pending Tasks |
| Optional | Get users with least pending tasks |
Randomize |
| Optional | If Randomize is Yes, return a list containing only one random qualified user. |
Incident Number |
| Optional | If command not runs under a Playbook, incident number input is required. |
Sample Request
SAMPLE DATA
{
"Username": "Admin",
"Site": "Security Operations",
"CommandParams": {
"Online": "Yes",
"Least Incidents": "Yes",
"Least Events": "Yes",
"Least Pending Tasks": "Yes",
"Randommize": "Yes",
"Incident Number": "20211126-4"
}
}
Response
Response Fields
Field Name | Type | Description |
---|---|---|
error |
| The error message if the API request has failed. |
returnData |
| The return data from the API request. |
contextData |
| The context data from the API request. |
Sample Response
{
"error":"",
"returnData":"Successful",
"contextData":[
{
"ID": 1,
"Email": "test@d3security.com",
"User Name": "user, admin"
}
]
}