Hi,
Is there a way where I can get the below details of an investigation in one API call?
Event type - OK
Event description - OK
Priority-
Disposition-
Assignee - OK
Affected Asset-
Affected User-
Evidence-
Date of event (Date detected) - OK
Date it was escalated for investigation (if diff from date of event) - OK
Status - OK
Date resolved(the timestamp it was change to “closed” status)-
Resolution taken (Notes/Comment)-
My current API can only pull in the details with “OK” sign above based off the IDR API v1 (ref:https://help.rapid7.com/insightidr/en-us/api/v1/docs.html#tag/Investigations/operation/listInvestigations)
I do know that Priority and Disposition is available in API v2 but I can’t use it since the fields for Alert Type is in API v1.
Hope to get some help if its possible.
Best Regards!