List incidents with associated components for the incident register

GET

/v1/incidents

• Production
• Staging
• Local

Parameters

Query Parameters

id

array | null

title_contains

string | null

description_contains

string | null

free_text

string | null

severity

array | null

Allowed values: SEV-5 SEV-4 SEV-3 SEV-2 SEV-1

status

array | null

Allowed values: New In Progress Review Closed

source

array | null

assigned_to

array | null

threat_objectives

array | null

Allowed values: Sabotage Data Disclosure Extortion Customer Targeting Resource Hijacking Fraud

created_date

array | null

updated_date

array | null

detected_date

array | null

occurred_date

array | null

responded_date

array | null

contained_date

array | null

due_date

array | null

expected_date

array | null

opened_by

array | null

tags

array | null

page

integer | null format: int64

page_size

integer | null format: int64

order_by

string | null

Responses

200

List incidents

object

incidents

required

Array<object>

Core incident information for a view

object

comment_count

required

integer format: int64

incident

required

Relationship, core incident information

object

assigned_to

One of:

null

null

object

A User with all properties returned from the database

object

email

required

string

first_name

required

string

icon

string | null format: image/png

Example

https://picsum.photos/200

id

required

string format: uuid

last_name

required

string

contained_date

string | null format: date-time

created_date

required

string format: date-time

description

required

string

detected_date

required

string format: date-time

id

required

string

Example

INC-00001

occurred_date

string | null format: date-time

opened_by

One of:

null

null

object

A User with all properties returned from the database

object

email

required

string

first_name

required

string

icon

string | null format: image/png

Example

https://picsum.photos/200

id

required

string format: uuid

last_name

required

string

responded_date

string | null format: date-time

severity

One of:

null

null

string

string

Allowed values: SEV-5 SEV-4 SEV-3 SEV-2 SEV-1

severity_reasoning

string | null

source

string | null

status

required

The status of an incident

string

Allowed values: New In Progress Review Closed

title

required

string

updated_date

required

string format: date-time

risk_associations

required

Array<string>

tags

required

Array<object>

object

content

required

string

creator_id

required

string format: uuid

id

required

string format: uuid

org_id

string | null format: uuid

threat_objectives

required

Array<object>

A relational struct that has a threat objective type and its relevancy to a risk.

object

created_date

The time that this relation was mutated

string | null format: date-time

relevance

One of:

null

null

string

The relevancy of the threat objective to the risk. Typically a value of 1, or 2. While the relevancy is null the the database, implementations of retrieving this from postgres should ignore null values.

string

Allowed values: Moderate Substantial

threat_objective

required

The threat objective type

string

Allowed values: Sabotage Data Disclosure Extortion Customer Targeting Resource Hijacking Fraud

total

required

integer