[SIEM][CASE] IBM Resilient Connector #63377
Labels
enhancement
New value added to drive a business result
Meta
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
v7.9.0
Feature:
Notes:
Fields (IBM to SIEM):
IBM Resilient REST API:
https://server/rest/orgs/<org_id>
. Defaulthttps://app.resilientsystems.com/rest/orgs/<org_id>
https://<host>/#incidents/<incident_id>
text_content_output_format=always_text&handle_format=names
/incidents
- Get all incidents/incidents/<incident_id>
- Get incident by id/incidents
- Create incident/incidents/<incident_id>
- Patch incident by idYou need to get the API handle key (principle ID for an api key) by GET(Basic auth is sufficient). Basic auth: api_key, api_secrethttps://server/rest/session
https://server/rest/session
. Body: email, password. The response contains:csrf_token
that has to be sent asX-sess-id
header and a cookie (JSESSIONID
).409 Conflict
(DB-level conflict)The text was updated successfully, but these errors were encountered: