Skip to main content
Skip table of contents

Sync Incident Form

LAST UPDATED: AUG 12, 2024

Enables the synchronization of incident form between the master and the tenant instance(s).

Implementation

System

Command Category

System Utility

Tags

INCIDENT DYNAMIC FORM MULTITENANCY

Inputs

Parameter Name

Required/Optional

Description

Sample Data

Sync All Shared

Optional

Whether to synchronize all available incident types.

False

Incident Type Info

Optional

The specific incident type(s) to synchronize.

[
{
"Incident Type": "Brute Force"
},
{
"Incident Type": "Compromised Credential"
}
]

Tenant Region

Required

The region of the tenant.

AMER

Tenant Name

Required

The name of the tenant.

Test Tenant

READER NOTE

Either Sync All Shared or Incident Type Info must receive input. If both are provided, the D3 system will disregard the Incident Type Info input.

Remote Command API

The D3 command API allows you to send requests to D3 SOAR to execute this utility command via REST API.

Request

POST

CODE 
https:/{base_url}/{api_namespace}/api/Command/SyncIncidentForm

Headers

Please refer to the page Webhook Configuration Guide - Authentication Method: API Keys for more details.

Request Body

JSON 
{
  "Username": <Username here>,
  "Site": <Site here>,
  "CommandParams": {
    "Sync All Shared": <Sync All Shared here>,
    "Incident Type Info": <Incident Type Info here>,
    "Tenant Region": <Tenant Region here>,
    "Tenant Name": <Tenant Name here>
  }
}

Body Parameters

Parameter Name

Type

Required/Optional

Description

Username

string

Required

The D3 SOAR site to run the remote command.

Site

string

Required

The D3 SOAR site to run the remote command.

Sync All Shared

boolean

Optional

Whether to synchronize all available incident types.

Incident Type Info

array<JSON Object>

Optional

The specific incident type(s) to synchronize.

Tenant Region

string

Required

The region of the tenant.

Tenant Name

string

Required

The name of the tenant.

Sample Request

SAMPLE DATA

JSON 
{
  "Username": "Admin",
  "Site": "Security Operations",
  "CommandParams": {
    "Sync All Shared": "False",
    "Incident Type Info": [
      {
        "Incident Type": "Brute Force"
      },
      {
        "Incident Type": "Compromised Credential"
      }
    ],
    "Tenant Region": "AMER",
    "Tenant Name": "TestTenant"
  }
}

Response

Response Fields

Field Name

Type

Description

error

string

The error message if the API request has failed.

Sample Response

JSON 
{
    "error": "",
}
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close