Cyware Orchestrate

Create Detection Notes

This action creates detection notes in Vectra AI.

Download PCAP Report

This action downloads the PCAP report of a specific detection using the detection ID.

Generic Action

This is a generic action used to transcend the actions implemented by making a request to any endpoint.

Get Account Details

This action is used to get details of a specific account using the account ID.

Get Detection Details

This action retrieves the details of a detection.

Get Detection Events

This action retrieves the detection events in Vectra AI.

Get Detection Notes

This action retrieves the detection notes associated with the detection ID.

Get Entity Details

This action retrieves the entity details using the entity ID.

Get Host Details

This action retrieves the host details using the host ID.

List Accounts

This action lists all accounts in the Vectra AI server.

List All Detections

This action lists all detections in Vectra AI.

List Entities

This action lists all entities in Vectra AI.

List Groups

This action lists all groups in Vectra AI.

List Hosts

This action lists all hosts in Vectra AI.

Base URL 

Enter the base URL to connect to the Vectra API server.

Text

Required

Client ID 

Enter the client ID to connect to the Vectra API server.

Text

Required

Client Secret 

Enter the client secret to connect to the Vectra API server.

Password

Required

Verify 

Select the SSL/TLS certification status.

Boolean

Optional

Timeout 

Enter the timeout value in seconds. This is the number of seconds that requests will wait to establish a connection with Vectra AI.

Integer

Optional

Available range:

15-120 seconds

default value: 

15 seconds

Note

Enter the note to be created.

Example:

'this is a test note'

Text

Required

Detection ID

Enter the detection ID to create the detection notes.

Text

Required

Detection ID

Enter the detection ID to download the PCAP report.

Text

Required

Method

Enter the HTTP method to make.

Text

Required

Endpoint

Enter the endpoint to make the request.

Example:

/api/v2/detections

Text

Required

Query Params

Enter the query parameters to pass to the API.

Key Value

Optional

Payload

Enter the payload to pass to the API.

Any

Optional

Extra Fields

Enter the extra fields to pass to the API.

Key Value

Optional

Account ID

Enter the account ID to get the specific account details.

Text

Required

Detection ID

Enter the detection ID to get the detection details.

Text

Required

Filters

Enter the extra parameters to pass to the api.

Example:

{'page': 1, 'page_size': 10, 'status': 'active'}

Key Value

Optional

Detection ID

Enter the detection ID to get the detection notes.

Text

Required

Entity ID 

Enter the entity ID to get the entity details

Text

Required

Host ID

Enter the host ID to get the specific host details.

Text

Required

Filters 

Enter the extra parameters to pass to the API.

Example:

{'page': 1, 'page_size': 10}

Key Value

Optional

Filters

Enter the extra parameters to pass to the API.

Example:

{'page': 1, 'page_size': 10, 'status': 'active'}

Key Value

Optional

Filters

Enter the extra parameters to pass to the API.

Example:

{'page': 1, 'page_size': 10, 'status': 'active'}

Key Value

Optional

Filters

Enter the extra parameters to pass to the API.

Example:

{'page': 1, 'page_size': 10, 'status': 'active'}

Key Value

Optional

Filters

Enter the extra parameters to pass to the API.

Example:

{'page': 1, 'page_size': 10, 'status': 'active'}

Key Value

Optional