create_case_insight

Related Concepts: Insights

This function creates a case insight.

create_case_insight(triggered_by, title, content, entity_identifier, severity, insight_type, additional_data, additional_data_type, additional_data_title)

Parameters

Param Name	Param Type	Possible Values	Comments	Mandatory Parameter
triggered_by	string	Virustotal, XForce	The triggered by value is the name of the integration.	Yes
title	string	insight title	Enriched by Virustotal.	Yes
content	string	Insight Message	Insight message to display.	Yes
entity_identifier	string	1.1.1.1, siemplify.co	entity identifier.	Yes
severity	int	0, 1 or 2	0=info, 1 = warning, 2 = error	Yes
insight_type	int	0 or 1	0 = general, 1 = Entity	Yes
additional_data	Dictionary	{“checked against”: “VT”, “malicious”: “No”}	Additional data to be added to the case insight.	No
additional_data_type	string	dict	type of the additional_data like list, dict or string.	No
additional_data_title	String	VT Check	Suitable title for the additional_data	No

Return Type

Boolean

Example

Sample Code

from SiemplifyAction import SiemplifyAction 
siemplify = SiemplifyAction() 
siemplify.create_case_insight(triggered_by, title, content, entity_identifier, severity, insight_type, additional_data, additional_data_type, additional_data_title)

Result Behavior

Creates the insight for case with defined data. 
True if case insight is created otherwise False.

Result Value

True/False

Welcome to

Chronicle SOAR Product Documentation

create_case_insight

Parameters

Return Type

Example

Sample Code

Result Behavior

Result Value

SDK

Welcome to

Chronicle SOAR Product Documentation

create_case_insight

Parameters

Return Type

Example

Sample Code

Result Behavior

Result Value

SDK

Suggested articles