Palo Alto Networks · Example Payload

Cortex Xdr Api Incident Example

Incident malware monitoring analysis policy on incident monitoring updated on under.

Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR

Cortex Xdr Api Incident Example is an example object payload from Palo Alto Networks, with 21 top-level fields. It illustrates the shape of data this provider's APIs accept or return.

Top-level fields

incident_idincident_namedescriptionstatusseverityassigned_user_mailassigned_user_pretty_namealert_countlow_severity_alert_countmed_severity_alert_counthigh_severity_alert_countcritical_severity_alert_countuser_counthost_countcreation_timemodification_timedetection_timestarredxdr_urlrule_based_scoremanual_score

Example Payload

Raw ↑ 
{
  "incident_id": "421546",
  "incident_name": "Remote Agent 53",
  "description": "Incident malware monitoring analysis policy on incident monitoring updated on under.",
  "status": "new",
  "severity": "informational",
  "assigned_user_mail": "jane.doe@example.com",
  "assigned_user_pretty_name": "Carlos Garcia",
  "alert_count": 162,
  "low_severity_alert_count": 666,
  "med_severity_alert_count": 687,
  "high_severity_alert_count": 54,
  "critical_severity_alert_count": 770,
  "user_count": 24,
  "host_count": 938,
  "creation_time": 1718153645993,
  "modification_time": 1716251227327,
  "detection_time": 1727971500063,
  "starred": false,
  "xdr_url": "https://portal.acme-systems.org/path/b91277",
  "rule_based_score": 956,
  "manual_score": 990
}