Action Taken
The Action Taken tab provides you with details on the particular action performed on the threat data object. Actions can be performed on threat data objects either manually or using rules. You can view the following details about the actions taken on objects:
Actions Performed: Shows the statistics on the number of Intel Exchange or third-party actions performed.
CTIX Actions: Shows the latest Intel Exchange actions performed using rules or manually, and the timestamp of when the action was performed.
3rd Party Actions: Shows the actions performed by the configured third-party tools with the action name and timestamp.
Action Taken Details: Shows the details of the actions performed on the object. The actions performed can be manual using quick actions or automated using rules. The list of actions performed on an object is grouped under the following tabs:
CTIX-Specific Actions: Include the actions performed manually using quick actions and the CTIX-specific actions performed using rules, such as Save result Set, Manual Review, Update False Positive, and more. Each row shows the details of an action performed, such as the action name, medium (manual or rule), rule name, user who performed the action, actioned date, and the JSON response of the action.
Third-party Actions: Include the actions performed by rules using the actions provided by third-party tools that are configured in Administration > Integration Management > Internal Applications. For more information, see Internal Applications. Each row shows the details of an action performed, such as the action name, the third-party app used, the rule name, the user who performed the action, actioned date, and the action status, such as success, failed, or unknown. For more information about the status codes, see Third-Party Action Status Codes.
Note
If the exact cause of failure cannot be determined the action status shows the Unknown status.
Third-Party Action Status Codes
Success Status Codes
The success status indicates that the API request has been executed successfully and the server has fulfilled the request.
Status Code | Message | Description |
|---|---|---|
200 | OK | The request succeeded. |
201 | Created | The request succeeded and a resource was created as a result. |
202 | Accepted | The request has been received but not yet acted upon. |
203 | Non-Authoritative Information | The returned metadata is not the same as what is available from the origin server; it is collected from a local or a third-party copy. |
204 | No Content | There is no content to send for this request, but the headers may be useful. |
205 | Reset Content | The user agent to reset the document that sent this request. |
206 | Partial Content | This response code is used when the Range header is sent from the client to request only part of a resource. |
207 | Multi-Status | Conveys information about multiple resources, for situations where multiple status codes might be appropriate. |
208 | Already Reported | Used inside a response element to avoid repeatedly enumerating the internal members of multiple bindings to the same collection. |
226 | IM Used | The server has fulfilled a GET request for the resource, and the response is a representation of the result of one or more instance-manipulations applied to the current instance. |
Failed Status Codes
The success status indicates that the API request has failed and the request was not fulfilled. It can be due to Client Errors (4xx) or Server Errors (5xx).
Status Code | Message | Description |
|---|---|---|
Client error responses | ||
400 | Bad Request | The server is unable to process the request due to an error on the client's side. |
401 | Unauthorised | Authentication is required, and either has failed or has not been provided. Check your credentials and try again. |
403 | Forbidden | Access to the requested resource is forbidden. |
404 | Not Found | The requested resource could not be found on the server. |
405 | Method Not Allowed | The requested resource does not support the HTTP method used in the request. |
406 | Not Acceptable | The requested resource can only generate content that is acceptable according to the Accept headers sent in the request. |
Server error responses | ||
500 | Internal Server Error | An unexpected condition has occurred while processing the request. Try again later. |
502 | Bad Gateway | The server acting as a gateway or proxy received an invalid response from the upstream server. Try again later. |
503 | Service Unavailable | The server is unable to handle the request at this time, possibly due to overload or maintenance. Try again later. |
504 | Gateway Timeout | The server acting as a gateway or proxy did not receive a timely response from the upstream server. Try again later. |