Update a Case
LAST UPDATED: FEB 27, 2024
Update a case.
Implementation | System |
Command Category | System Utility |
Tags | CASE |
Inputs
Parameter Name | Required/Optional | Description | Sample Data |
---|---|---|---|
Case Number | Required | The Case Number of the case that will undergo an update. | 20230130-156 |
Case Status | Optional | The desired status to which the case should be changed. | BillingApp |
Incident Date | Optional | The date on which the incident occurred. | 02/16/2021 00:00 |
Owner Site | Optional | The site where the case was reported. | Corporate Security |
Case Type | Optional | The type of the case. | IT Forensic |
Priority | Optional | The Priority of the case. | Level 1 |
Invesitagtor | Optional | Specifies the name of the Safe where the password is stored. | James |
Description | Optional | The Description of the case. | Here is the description of the case created |
Title | Optional | The title of the case. | Case Title |
Access Level | Optional | The Access Level of the case. | 5 |
User Name | Optional | The User Name of the user that is performing the update. | SecurityAdmin |
Output
Remote Command API
The D3 command API allows you to send requests to D3 SOAR to execute this utility command via REST API.
Request
POST
https:/{base_url}/{api_namespace}/api/Command/updateCase
Headers
Please refer to the page Webhook Configuration Guide - Authentication Method: API Keys for more details.
Request Body
{
"Username": "<Username here>",
"Site": "<Site here>",
"CommandParams": {
"Case Number": "<Case Number here>",
"Case Status": "<Case Status here>",
"Incident Date": "<Incident Date here>",
"Owner Site": "<Owner Site here>",
"Case Type": "<Case Type here>",
"Priority": "<Priority here>",
"Invesitagtor": "<Invesitagtor here>",
"Description": "<Description here>",
"Title": "<Title here>",
"Access Level": "<Access Level here>",
"User Name": "<User Name here>"
}
}
Body Parameters
Parameter Name | Type | Required/Optional | Description |
---|---|---|---|
Username |
| Required | The username of your D3 SOAR account. |
Site |
| Required | The D3 SOAR site to run the remote command. |
Case Number |
| Required | The Case Number of the case that will undergo an update. |
Case Status |
| Optional | The desired status to which the case should be changed. |
Incident Date |
| Optional | The date on which the incident occurred. |
Owner Site |
| Optional | The site where the case was reported. |
Case Type |
| Optional | The type of the case. |
Priority |
| Optional | The Priority of the case. |
Invesitagtor |
| Optional | Specifies the name of the Safe where the password is stored. |
Description |
| Optional | The Description of the case. |
Title |
| Optional | The title of the case. |
Access Level |
| Optional | The Access Level of the case. |
User Name |
| Optional | The User Name of the user that is performing the update. |
Sample Request
SAMPLE DATA
{
"Username": "Admin",
"Site": "Security Operations",
"CommandParams": {
"Case Number": "20230130-156",
"Case Status": "BillingApp",
"Incident Date": "02/16/2021 00:00",
"Owner Site": "Corporate Security",
"Case Type": "IT Forensic",
"Priority": "Level 1",
"Invesitagtor": "James",
"Description": "Here is the description of the case created",
"Title": "Case Title",
"Access Level": 5,
"User Name": "SecurityAdmin"
}
}
Response
Response Fields
Field Name | Type | Description |
---|---|---|
error |
| The error message if the API request has failed. |
returnData |
| The return data from the API request. |
rawData |
| The raw data from the API request. |
Sample Response
{
"error": "",
"returnData": "Successful",
"rawData": {
"CaseNumber": "20230130-156"
}
}