The incident aggregates endpoints return aggregations for incidents (by policies/users/status).
Incident Aggregates
(id:incident aggregates)
agg
resource
The aggregates object
info
integer
Number of info severity incidents
total
integer
Overall number of incidents
warning
integer
Number of warning severity incidents
critical
integer
Number of critical severity incidents
alert
integer
Number of alert severity incidents
id
string
The id of the policy/status/user
name
string
The name of the policy/status/user
created_after
Filter based on incidents created after a given date
vendor
Filter based on the platform (i.e. google, salesforce, etc)
order
Order based on the severity (at this time only descending severity is supported)
Incident Aggregates for Policies
[/incidents/aggregates/policies]
List incident aggregates policies [GET]
Response 200 (application/json)
[
{
"agg": {
"info": 34,
"total": 1247,
"warning": 0,
"critical": 770,
"alert": 443
},
"id": "G8qz0vb49V",
"name": "Social Security Number"
},
{
"agg": {
"info": 1,
"total": 1,
"warning": 0,
"critical": 0,
"alert": 0
},
"id": "RObzYGd4AL",
"name": "Report Export"
},
{
"agg": {
"info": 2549,
"total": 2549,
"warning": 0,
"critical": 0,
"alert": 0
},
"id": "GbO4Q6lxLp",
"name": "Custom Regex"
},
{
"agg": {
"info": 0,
"total": 11,
"warning": 11,
"critical": 0,
"alert": 0
},
"id": "rNP3DKdzBy",
"name": "Risky Access Scopes"
},
{
"agg": {
"info": 0,
"total": 2,
"warning": 0,
"critical": 2,
"alert": 0
},
"id": "oLZ48JWzev",
"name": "policy for salesforce"
}
]
incident aggregates for users
[/incidents/aggregates/users]
List incident aggregates users [GET]
Response 200 (application/json)
[
{
"agg": {
"info": 134,
"total": 2049,
"warning": 1913,
"critical": 2,
"alert": 0
},
"id": "[email protected]",
"name": "[email protected]"
},
{
"agg": {
"info": 929,
"total": 1414,
"warning": 5,
"critical": 11,
"alert": 469
},
"id": "[email protected]",
"name": "[email protected]"
},
{
"agg": {
"info": 70,
"total": 423,
"warning": 39,
"critical": 279,
"alert": 35
},
"id": "[email protected]",
"name": "[email protected]"
},
{
"agg": {
"info": 55,
"total": 110,
"warning": 35,
"critical": 20,
"alert": 0
},
"id": "[email protected]",
"name": "[email protected]"
},
{
"agg": {
"info": 53,
"total": 111,
"warning": 37,
"critical": 21,
"alert": 0
},
"id": "[email protected]",
"name": "[email protected]"
}
]
Response 200 (application/json)
[
{
"agg": {
"info": 134,
"total": 2049,
"warning": 1913,
"critical": 2,
"alert": 0
},
"id": "[email protected]",
"name": "[email protected]"
},
{
"agg": {
"info": 929,
"total": 1414,
"warning": 5,
"critical": 11,
"alert": 469
},
"id": "[email protected]",
"name": "[email protected]"
},
{
"agg": {
"info": 70,
"total": 423,
"warning": 39,
"critical": 279,
"alert": 35
},
"id": "[email protected]",
"name": "[email protected]"
},
{
"agg": {
"info": 55,
"total": 110,
"warning": 35,
"critical": 20,
"alert": 0
},
"id": "[email protected]",
"name": "[email protected]"
},
{
"agg": {
"info": 53,
"total": 111,
"warning": 37,
"critical": 21,
"alert": 0
},
"id": "[email protected]",
"name": "[email protected]"
}
]
Response 200 (application/json)
[
{
"agg": {
"info": 1433,
"total": 1433,
"warning": 0,
"critical": 0,
"alert": 0
},
"id": "IN PROGRESS",
"name": "IN PROGRESS"
},
{
"agg": {
"info": 1154,
"total": 3295,
"warning": 822,
"critical": 776,
"alert": 543
},
"id": "NEW",
"name": "NEW"
}
]
Updated 2 years ago