assign_analytic_case

Use this command to assign a threat analytics or risk spotter case to a Guardium email, group, role, or user.

This API is available in Guardium V11.0 and later.

REST API syntax

This API is available as a REST service with the PUT method. Call this API as follows:
PUT https://[Guardium hostname or IP address]:8443/restAPI/analytic_case

GuardAPI syntax

assign_analytic_case parameter=value

Parameters

Parameter Value type Description
case_id Long Required for Advanced threat analytics only. The case ID is in the Case # column in the GUI.
DBUser String Required for Risk Spotter only. The DB user associated with the risk, as seen in the GUI.
emails String Required if receiver_type=email. Comma separated list of email addresses.
email_content_type Integer Required if receiver_type=email.
  • 0: PDF
  • 1: CSV
Default = 0
isRiskSpotter Boolean Required for Risk Spotter only. Identifies the case as a RiskSpotter case. Valid values:
  • 0 (false)
  • 1 (true)

Default = 0 (false)

iterationID Integer Risk Spotter only. Indicates if this case is a Risk spotter case only. Valid values:
  • 0 (false)
  • 1 (true)

Default = 0 (false)

receiver String Required if receiver_type = one of group, role, or user. Valid values:
  • For group: valid Guardium user group that has at least one member
  • For role: valid Guadrium role that has at least one member
  • For user: valid Guardium user
receiver_type Integer Required. Determines who the ticket is assigned to. Valid values:
  • 1: email
  • 2: role
  • 3: group
  • 4: user
serverIP String Required for Risk Spotter only. Server IP associated with the risk, as seen in the GUI.

Examples

To assign the advanced threat analytics case 145 to the guardium group "group24":

grdapi assign_analytic_case case_id=145 receiver_type=3 receiver=group24