post
/public_api/v1/incidents/get_incident_extra_data/
Get extra data fields for a specific incident including alerts and key artifacts.
Note: The API includes a limit rate of 10 API requests per minute.
Required license: Cortex Xpanse Expander
Request headers
authorization
String
required
api-key
Example:
{{api_key}}
x-xdr-auth-id
String
required
api-key-id
Example:
{{api_key_id}}
Body parameters
required
request_dataObjectrequired
A dictionary containing the API request fields.
incident_idString
The ID of the incident for which you want to retrieve extra data.
alerts_limitInteger
The maximum number of related alerts in the incident that you want to retrieve.
Default: 1000
REQUEST BODY
{
"request_data": {
"alerts_limit": 0,
"incident_id": "incident_id"
}
}
CURL
curl -X 'POST'
-H
'Accept: application/json'
-H
'Content-Type: application/json'
-H
'authorization: {{api_key}}'
-H
'x-xdr-auth-id: {{api_key_id}}'
'https://api-}/public_api/v1/incidents/get_incident_extra_data/'
-d
'{
"request_data" : {
"alerts_limit" : 0,
"incident_id" : "incident_id"
}
}'
Responses