post
/public_api/v1/mth/child/add_comment
Adds a new comment to an MTH/MDR report from a child tenant.
Notes:
- If the source_id is not found, a generic error response is returned.
Request headers
Authorization
String
required
{api_key}
{api_key}
Example:
UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP
x-xdr-auth-id
String
required
{api_key_id}
{api_key_id}
Example:
241
CLIENT REQUEST
curl -X 'POST'
-H
'Accept: application/json'
-H
'Content-Type: application/json'
-H
'Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP'
-H
'x-xdr-auth-id: 241'
'https://api-yourfqdn/public_api/v1/mth/child/add_comment'
-d
'{
"attachment_path" : "attachment_path",
"comment_text" : "comment_text",
"xsoar_source_id" : "xsoar_source_id",
"comment_created_by" : "comment_created_by",
"extract_zip_file" : "extract_zip_file"
}'
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
payload = "{\"xsoar_source_id\":\"string\",\"comment_text\":\"string\",\"comment_created_by\":\"string\",\"attachment_path\":\"string\",\"extract_zip_file\":\"string\"}"
headers = {
'Authorization': "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP",
'x-xdr-auth-id': "241",
'content-type': "application/json"
}
conn.request("POST", "/public_api/v1/mth/child/add_comment", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/v1/mth/child/add_comment")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP'
request["x-xdr-auth-id"] = '241'
request["content-type"] = 'application/json'
request.body = "{\"xsoar_source_id\":\"string\",\"comment_text\":\"string\",\"comment_created_by\":\"string\",\"attachment_path\":\"string\",\"extract_zip_file\":\"string\"}"
response = http.request(request)
puts response.read_bodyconst data = JSON.stringify({
"xsoar_source_id": "string",
"comment_text": "string",
"comment_created_by": "string",
"attachment_path": "string",
"extract_zip_file": "string"
});
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api-yourfqdn/public_api/v1/mth/child/add_comment");
xhr.setRequestHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP");
xhr.setRequestHeader("x-xdr-auth-id", "241");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);HttpResponse<String> response = Unirest.post("https://api-yourfqdn/public_api/v1/mth/child/add_comment")
.header("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP")
.header("x-xdr-auth-id", "241")
.header("content-type", "application/json")
.body("{\"xsoar_source_id\":\"string\",\"comment_text\":\"string\",\"comment_created_by\":\"string\",\"attachment_path\":\"string\",\"extract_zip_file\":\"string\"}")
.asString();import Foundation
let headers = [
"Authorization": "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP",
"x-xdr-auth-id": "241",
"content-type": "application/json"
]
let parameters = [
"xsoar_source_id": "string",
"comment_text": "string",
"comment_created_by": "string",
"attachment_path": "string",
"extract_zip_file": "string"
] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/v1/mth/child/add_comment")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/v1/mth/child/add_comment",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\"xsoar_source_id\":\"string\",\"comment_text\":\"string\",\"comment_created_by\":\"string\",\"attachment_path\":\"string\",\"extract_zip_file\":\"string\"}",
CURLOPT_HTTPHEADER => [
"Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP",
"content-type: application/json",
"x-xdr-auth-id: 241"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/v1/mth/child/add_comment");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP");
headers = curl_slist_append(headers, "x-xdr-auth-id: 241");
headers = curl_slist_append(headers, "content-type: application/json");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"xsoar_source_id\":\"string\",\"comment_text\":\"string\",\"comment_created_by\":\"string\",\"attachment_path\":\"string\",\"extract_zip_file\":\"string\"}");
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/v1/mth/child/add_comment");
var request = new RestRequest(Method.POST);
request.AddHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP");
request.AddHeader("x-xdr-auth-id", "241");
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"xsoar_source_id\":\"string\",\"comment_text\":\"string\",\"comment_created_by\":\"string\",\"attachment_path\":\"string\",\"extract_zip_file\":\"string\"}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);Body parameters
required
xsoar_source_idstringrequired
comment_textstringrequired
comment_created_bystringrequired
attachment_pathstring
extract_zip_filestring
application/json
xsoar_source_idstringrequiredThe unique identifier of the report to comment on
The unique identifier of the report to comment on
comment_textstringrequiredThe text content of the comment
The text content of the comment
comment_created_bystringrequiredEmail or username of the comment author (not validated)
Email or username of the comment author (not validated)
attachment_pathstringPath to attachment
Path to attachment
extract_zip_filestringWhether to extract zip file
Whether to extract zip file
REQUEST
{
"xsoar_source_id": "777771",
"comment_text": "Investigation completed. No malicious activity found.",
"comment_created_by": "analyst@company.com",
"attachment_path": "comment/investigation-report-1234567890.pdf",
"extract_zip_file": "false"
}Responses
Successful Response
Body
application/json
replybooleanIndicates if the comment was added successfully
Indicates if the comment was added successfully
RESPONSE
{
"reply": true
}Bad Request - Invalid parameters or missing required fields
Body
application/json
replyobject
err_codestringError code
Error code
err_msgstringError message
Error message
err_extrastringExtra information about the error
Extra information about the error
RESPONSE
{
"reply": {
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}
}Unauthorized - Invalid or missing API key
Body
application/json
replyobject
err_codestringError code
Error code
err_msgstringError message
Error message
err_extrastringExtra information about the error
Extra information about the error
RESPONSE
{
"reply": {
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}
}Forbidden - Tenant not authorized for this endpoint
Body
application/json
replyobject
err_codestringError code
Error code
err_msgstringError message
Error message
err_extrastringExtra information about the error
Extra information about the error
RESPONSE
{
"reply": {
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}
}Internal Server Error
Body
application/json
replyobject
err_codestringError code
Error code
err_msgstringError message
Error message
err_extrastringExtra information about the error
Extra information about the error
RESPONSE
{
"reply": {
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}
}