Case Manipulation
This section focuses on SDK functions that help manipulate a case’s state and data.
Name | Siemplify | SiemplifyAction | Description |
---|---|---|---|
close_case | NA | close_case | Closes the current case with the selected close reason and given comment |
add_comment | add_comment | add_comment | Adds a comment to the current case’s case wall |
close_alert | NA | close_alert | Closes the current alert with the selected close reason and given comment |
raise_incident | raise_incident | raise_incident | Changes the current case into an incident |
assign_case | assign_case | assign_case | Assigns the current case to the selected analyst or group |
add_entity_to_case | add_entity_to_case | add_entity_to_case | Creates a new entity in the case |
add_attachment | add_attachment | add_attachment | Adds attachment to the case. |
Case Metadata
This section focuses on SDK functions that manipulate case index and help maintain the system. Functions in this section are used to produce better search mechanism, KPIs and filters.
Methods:
Name | Siemplify | SiemplifyAction | Description |
---|---|---|---|
add_tag | NA | add_tag | Adds a new tag to the current case |
change_case_stage | NA | change_case_stage | Sets the current case’s stage to a specific stage |
change_case_priority | change_case_priority | change_case_priority | Sets the current case’s priority to a specific value |
mark_case_as_important | mark_case_as_important | mark_case_as_important | Marks the current case with the ‘importance triangle’ sign |
Data Retrieval
Name | Siemplify | SiemplifyAction | Description |
---|---|---|---|
get_case_comments | get_case_comments | get_case_comments | Retrieve comments on the case |
get_alerts_ticket_ids_from_cases_closed_since_timestamp | NA | get_alerts_ticket_ids_from_cases_closed_since_timestamp |
|
get_similar_cases | NA | get_similar_cases | Retrieve similar cases in the system |