Get cases for an alert Technical preview
You must have read
privileges for the Cases feature in the Management, Observability, or Security section of the Kibana feature privileges, depending on the owner of the cases you're seeking.
Path parameters
-
An identifier for the alert.
Query parameters
-
owner string | array[string]
A filter to limit the response to a specific set of applications. If this parameter is omitted, the response contains information about all the cases that the user has access to read.
GET
/api/cases/alerts/{alertId}
curl \
-X GET https://localhost:5601/api/cases/alerts/09f0c261e39e36351d75995b78bb83673774d1bc2cca9df2d15f0e5c0a99a540
Response examples (200)
[
{
"id": "06116b80-e1c3-11ec-be9b-9b1838238ee6",
"title": "security_case"
}
]
Response examples (401)
{
"error": "Unauthorized",
"message": "string",
"statusCode": 401
}