Console
    Contact Us Start free

    Investigation

    Represents the aggregated state of an investigation such as categorization, severity, and status. Can be expanded to include analyst assignment details and more.

    JSON representation 
     { 
 "comments" 
 : 
 [ 
 string 
 ] 
 , 
 "verdict" 
 : 
 enum (  Verdict 
 
) 
 , 
 "reputation" 
 : 
 enum (  Reputation 
 
) 
 , 
 "severity_score" 
 : 
 integer 
 , 
 "status" 
 : 
 enum (  Status 
 
) 
 , 
 "priority" 
 : 
 enum (  Priority 
 
) 
 , 
 "root_cause" 
 : 
 string 
 , 
 "reason" 
 : 
 enum (  Reason 
 
) 
 , 
 "risk_score" 
 : 
 integer 
 }
    Fields
    comments[]

    string

    Comment added by the Analyst.
    verdict

    enum ( Verdict )

    Describes reason a finding investigation was resolved.
    reputation

    enum ( Reputation )

    Describes whether a finding was useful or not-useful.
    severity_score

    integer ( uint32 format)

    Severity score for a finding set by an analyst.
    status

    enum ( Status )

    Describes the workflow status of a finding.
    priority

    enum ( Priority )

    Priority of the Alert or Finding set by analyst.
    root_cause

    string

    Root cause of the Alert or Finding set by analyst.
    reason

    enum ( Reason )

    Reason for closing the Case or Alert.
    risk_score

    integer ( uint32 format)

    Risk score for a finding set by an analyst.
    Design a Mobile Site
    View Site in Mobile | Classic
    Share by: