API docs by Redocly

CISO Assistant API — Incidents (0.7.0)

Download OpenAPI specification:

CISO Assistant - API Documentation for automating all your GRC needs

incidents

incidents_list

Override the list method to inject optimized data into the serializer context.

Authorizations:
knoxApiToken
query Parameters
assets
Array of strings <uuid> [ items <uuid > ]
detection
Array of strings or null
Items Enum: "externally_detected" "internally_detected"
  • internally_detected - Internal
  • externally_detected - External
entities
Array of strings <uuid> [ items <uuid > ]
filtering_labels
Array of strings <uuid> [ items <uuid > ]
folder
Array of strings <uuid> [ items <uuid > ]
id
Array of strings <uuid> [ items <uuid > ]

Multiple values may be separated by commas.

limit
integer

Number of results to return per page.

offset
integer

The initial index from which to return the results.

ordering
string

Which field to use when ordering the results.

owners
Array of strings <uuid> [ items <uuid > ]
qualifications
Array of strings <uuid> [ items <uuid > ]
search
string

A search term.

severity
Array of integers
Items Enum: 1 2 3 4 5 6
  • 1 - Critical
  • 2 - Major
  • 3 - Moderate
  • 4 - Minor
  • 5 - Low
  • 6 - unknown
status
Array of strings
Items Enum: "closed" "dismissed" "new" "ongoing" "resolved"
  • new - New
  • ongoing - Ongoing
  • resolved - Resolved
  • closed - Closed
  • dismissed - Dismissed

Responses

Response samples

Content type
application/json
{
  • "count": 123,
  • "next": "http://api.example.org/accounts/?offset=400&limit=100",
  • "previous": "http://api.example.org/accounts/?offset=200&limit=100",
  • "results": [
    ]
}

incidents_create

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken
Request Body schema:
required
name
required
string <= 200 characters
description
string or null
ref_id
string (Reference ID) <= 100 characters
status
string (IncidentWriteStatusEnum)
Enum: "new" "ongoing" "resolved" "closed" "dismissed"
  • new - New
  • ongoing - Ongoing
  • resolved - Resolved
  • closed - Closed
  • dismissed - Dismissed
severity
integer [ 0 .. 9223372036854776000 ]
Enum: 1 2 3 4 5 6
  • 1 - Critical
  • 2 - Major
  • 3 - Moderate
  • 4 - Minor
  • 5 - Low
  • 6 - unknown
reported_at
string or null <date-time>
(DetectionEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
link
string or null <= 2048 characters
is_published
boolean (Published)
folder
string <uuid>
filtering_labels
Array of strings <uuid> (Labels) [ items <uuid > ]
threats
Array of strings <uuid> [ items <uuid > ]
owners
Array of strings <uuid> (Owner) [ items <uuid > ]
assets
Array of strings <uuid> [ items <uuid > ]
qualifications
Array of strings <uuid> [ items <uuid > ]
entities
Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Content type
{
  • "name": "string",
  • "description": "string",
  • "ref_id": "string",
  • "status": "new",
  • "severity": 1,
  • "reported_at": "2019-08-24T14:15:22Z",
  • "detection": "internally_detected",
  • "link": "string",
  • "is_published": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "filtering_labels": [
    ],
  • "threats": [
    ],
  • "owners": [
    ],
  • "assets": [
    ],
  • "qualifications": [
    ],
  • "entities": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "description": "string",
  • "ref_id": "string",
  • "status": "new",
  • "severity": 1,
  • "reported_at": "2019-08-24T14:15:22Z",
  • "detection": "internally_detected",
  • "link": "string",
  • "is_published": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "filtering_labels": [
    ],
  • "threats": [
    ],
  • "owners": [
    ],
  • "assets": [
    ],
  • "qualifications": [
    ],
  • "entities": [
    ]
}

incidents_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Incident.

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "path": "string",
  • "threats": [
    ],
  • "owners": [
    ],
  • "assets": [
    ],
  • "qualifications": [
    ],
  • "entities": [
    ],
  • "severity": "string",
  • "status": "string",
  • "detection": "string",
  • "folder": "string",
  • "filtering_labels": [
    ],
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "name": "string",
  • "description": "string",
  • "ref_id": "string",
  • "reported_at": "2019-08-24T14:15:22Z",
  • "link": "string",
  • "is_published": true
}

incidents_update

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Incident.

Request Body schema:
required
name
required
string <= 200 characters
description
string or null
ref_id
string (Reference ID) <= 100 characters
status
string (IncidentWriteStatusEnum)
Enum: "new" "ongoing" "resolved" "closed" "dismissed"
  • new - New
  • ongoing - Ongoing
  • resolved - Resolved
  • closed - Closed
  • dismissed - Dismissed
severity
integer [ 0 .. 9223372036854776000 ]
Enum: 1 2 3 4 5 6
  • 1 - Critical
  • 2 - Major
  • 3 - Moderate
  • 4 - Minor
  • 5 - Low
  • 6 - unknown
reported_at
string or null <date-time>
(DetectionEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
link
string or null <= 2048 characters
is_published
boolean (Published)
folder
string <uuid>
filtering_labels
Array of strings <uuid> (Labels) [ items <uuid > ]
threats
Array of strings <uuid> [ items <uuid > ]
owners
Array of strings <uuid> (Owner) [ items <uuid > ]
assets
Array of strings <uuid> [ items <uuid > ]
qualifications
Array of strings <uuid> [ items <uuid > ]
entities
Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Content type
{
  • "name": "string",
  • "description": "string",
  • "ref_id": "string",
  • "status": "new",
  • "severity": 1,
  • "reported_at": "2019-08-24T14:15:22Z",
  • "detection": "internally_detected",
  • "link": "string",
  • "is_published": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "filtering_labels": [
    ],
  • "threats": [
    ],
  • "owners": [
    ],
  • "assets": [
    ],
  • "qualifications": [
    ],
  • "entities": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "description": "string",
  • "ref_id": "string",
  • "status": "new",
  • "severity": 1,
  • "reported_at": "2019-08-24T14:15:22Z",
  • "detection": "internally_detected",
  • "link": "string",
  • "is_published": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "filtering_labels": [
    ],
  • "threats": [
    ],
  • "owners": [
    ],
  • "assets": [
    ],
  • "qualifications": [
    ],
  • "entities": [
    ]
}

incidents_partial_update

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Incident.

Request Body schema:
name
string <= 200 characters
description
string or null
ref_id
string (Reference ID) <= 100 characters
status
string (IncidentWriteStatusEnum)
Enum: "new" "ongoing" "resolved" "closed" "dismissed"
  • new - New
  • ongoing - Ongoing
  • resolved - Resolved
  • closed - Closed
  • dismissed - Dismissed
severity
integer [ 0 .. 9223372036854776000 ]
Enum: 1 2 3 4 5 6
  • 1 - Critical
  • 2 - Major
  • 3 - Moderate
  • 4 - Minor
  • 5 - Low
  • 6 - unknown
reported_at
string or null <date-time>
(DetectionEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
link
string or null <= 2048 characters
is_published
boolean (Published)
folder
string <uuid>
filtering_labels
Array of strings <uuid> (Labels) [ items <uuid > ]
threats
Array of strings <uuid> [ items <uuid > ]
owners
Array of strings <uuid> (Owner) [ items <uuid > ]
assets
Array of strings <uuid> [ items <uuid > ]
qualifications
Array of strings <uuid> [ items <uuid > ]
entities
Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Content type
{
  • "name": "string",
  • "description": "string",
  • "ref_id": "string",
  • "status": "new",
  • "severity": 1,
  • "reported_at": "2019-08-24T14:15:22Z",
  • "detection": "internally_detected",
  • "link": "string",
  • "is_published": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "filtering_labels": [
    ],
  • "threats": [
    ],
  • "owners": [
    ],
  • "assets": [
    ],
  • "qualifications": [
    ],
  • "entities": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "description": "string",
  • "ref_id": "string",
  • "status": "new",
  • "severity": 1,
  • "reported_at": "2019-08-24T14:15:22Z",
  • "detection": "internally_detected",
  • "link": "string",
  • "is_published": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "filtering_labels": [
    ],
  • "threats": [
    ],
  • "owners": [
    ],
  • "assets": [
    ],
  • "qualifications": [
    ],
  • "entities": [
    ]
}

incidents_destroy

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Incident.

Responses

incidents_cascade_info_retrieve

Cascade preview:

  • deleted: objects actually deleted by cascade
  • affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)
Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Incident.

Responses

incidents_md_retrieve

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Incident.

Responses

incidents_object_retrieve

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Incident.

Responses

incidents_pdf_retrieve

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Incident.

Responses

incidents_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:
knoxApiToken

Responses

incidents_detection_retrieve

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken

Responses

incidents_detection_breakdown_retrieve

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken

Responses

incidents_export_csv_retrieve

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken

Responses

incidents_export_xlsx_retrieve

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken

Responses

incidents_monthly_metrics_retrieve

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken

Responses

incidents_qualifications_breakdown_retrieve

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken

Responses

incidents_severity_retrieve

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken

Responses

incidents_severity_breakdown_retrieve

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken

Responses

incidents_status_retrieve

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken

Responses

incidents_summary_stats_retrieve

Generic export mixin for CSV/XLSX exports. ViewSets define export_config with fields, formatting, and query optimization hints.

Authorizations:
knoxApiToken

Responses