Isolate an endpoint
Isolate an endpoint from the network. The endpoint remains isolated until it's released.
POST /api/endpoint/action/isolate
curl \
-X POST https://localhost:5601/api/endpoint/action/isolate \
-H "Content-Type: application/json; Elastic-Api-Version=2023-10-31"
Request examples
{
"body": {
"agent_type": "endpoint",
"alert_ids": [
"string"
],
"case_ids": [
"string"
],
"comment": "string",
"endpoint_ids": [
"string"
],
"parameters": {}
}
}
Response examples (200)
{}