IMPORTANT: No additional bug fixes or documentation updates will be released for this version.
Set default SIEM UI connector
editSet default SIEM UI connector
editSets the default connector in the SIEM UI.
Connectors are used to interface with external systems. You can only call this method after you have created a connector (see Create connector). After a connector has been created and assigned, call Create or update an external incident to send cases to the external system.
You can also set the default connector in the SIEM UI for each case individually (see Update case).
Request URL
editPOST <kibana host>:<port>/api/cases/configure
Request body
editA JSON object with these fields:
| Name | Type | Description | Required |
|---|---|---|---|
|
String |
The connector ID. |
Yes |
|
String |
The connector name. |
Yes |
|
String |
Determines whether a case is automatically closed in the SIEM app when it is pushed to ServiceNow. Valid values are:
|
Yes |
Call Find connectors to retrieve connector IDs and names.
Example request
editPOST api/cases/configure
{
"connector_id": "61787f53-4eee-4741-8df6-8fe84fa616f7",
"closure_type": "close-by-user",
"connector_name": "ServiceNow"
}
Response code
edit-
200 - Indicates a successful call.
Example response
edit{
"connector_id": "61787f53-4eee-4741-8df6-8fe84fa616f7",
"closure_type": "close-by-user",
"connector_name": "ServiceNow",
"created_at": "2020-03-30T13:31:38.083Z",
"created_by": {
"email": "moneypenny@hms.gov.uk",
"full_name": "Ms Moneypenny",
"username": "moneypenny"
},
"updated_at": null,
"updated_by": null,
"version": "WzE3NywxXQ=="
}