Get a file

POST /api/endpoint/action/get_file

Get a file from an endpoint.

application/json; Elastic-Api-Version=2023-10-31

Body Required

  • agent_type string

    Values are endpoint, sentinel_one, or crowdstrike.

  • alert_ids array[string]

    A string that is not empty and does not contain only whitespace

    At least 1 element. Minimum length of each is 1. Format of each should match the following pattern: ^(?! *$).+$.

  • case_ids array[string]

    Case IDs to be updated (cannot contain empty strings)

    At least 1 element. Minimum length of each is 1.

  • comment string

    Optional comment

  • endpoint_ids array[string] Required

    List of endpoint IDs (cannot contain empty strings)

    At least 1 element. Minimum length of each is 1.

  • parameters object Required
    Hide parameters attribute Show parameters attribute object

Responses

  • 200 application/json; Elastic-Api-Version=2023-10-31

    OK
POST /api/endpoint/action/get_file 
curl \
 -X POST https://localhost:5601/api/endpoint/action/get_file \
 -H "Content-Type: application/json; Elastic-Api-Version=2023-10-31"
Request examples 
{
  "agent_type": "endpoint",
  "alert_ids": [
    "string"
  ],
  "case_ids": [
    "string"
  ],
  "comment": "string",
  "endpoint_ids": [
    "string"
  ],
  "parameters": {
    "path": "string"
  }
}
Response examples (200) 
{}