assign_analytic_case
Use this command to assign a threat analytics or risk spotter case to a Guardium email, group, role, or user.
This API is available in Guardium V11.0 and later.
REST API syntax
This API is available as a REST service with the
PUT
method. Call this API as follows:
PUT https://[Guardium hostname or IP address]:8443/restAPI/analytic_case
GuardAPI syntax
assign_analytic_case parameter=value
Parameters
Parameter | Value type | Description |
---|---|---|
case_id | Long | Required for Advanced threat analytics only. The case ID is in the Case # column in the GUI. |
DBUser | String | Required for Risk Spotter only. The DB user associated with the risk, as seen in the GUI. |
emails | String | Required if receiver_type=email. Comma separated list of email addresses. |
email_content_type | Integer | Required if receiver_type=email.
|
isRiskSpotter | Boolean | Required for Risk Spotter only. Identifies the case as a RiskSpotter case. Valid values:
Default = 0 (false) |
iterationID | Integer | Risk Spotter only. Indicates if this case is a Risk spotter case only. Valid values:
Default = 0 (false) |
receiver | String | Required if receiver_type = one of group, role, or user. Valid values:
|
receiver_type | Integer | Required. Determines who the ticket is assigned to. Valid values:
|
serverIP | String | Required for Risk Spotter only. Server IP associated with the risk, as seen in the GUI. |
Examples
To assign the advanced threat analytics case 145 to the guardium group "group24":
grdapi assign_analytic_case case_id=145 receiver_type=3 receiver=group24