# Integration based Alert Details for Actions

get https://api.picussecurity.com/v1/simulations/{Id}/run/latest/threats/{ThreatId}/actions/{ActionId}/integrations/{IntegrationId}/alerts

Includes Action Name, Log Source and Alert Time.
Default limit: 100, Default offset: 0
Max limit: 1000
Same action can be used multiple times under the scope of threat where these actions are distinguished by node_id
node_id parameter can be used optionally. For the case it is not provided, first node is returned.

About

If the simulation is enriched with SIEM / EDR integrations and if any integrations contains alert configuration enabled, Integration based Alert Details for Actions endpoint returns alert list.

Example

curl --request GET \
     --url https://api.picussecurity.com/v1/simulations/6068/run/latest/threats/4241/actions/21178/integrations/134/alerts \
     --header 'Accept: application/json' \
     --header 'Authorization: Bearer access_token'

{
  "alerts": [
    {
      "alert_id": 10004,
      "name": "notepadSpawn.lnk",
      "action": "",
      "time": 1654793074718,
      "source": "PUA"
    }
  ],
  "pages": {
    "total_count": 1,
    "limit": 100,
    "offset": 0
  }
}

📘
Pagination
Default Limit: 100, Max Limit: 1000

Language

Authorization

Header

Click Try It! to start a request and see the response here!

About

Example

📘Pagination

📘
Pagination