Reference: API Gateway examples for Threat Response

For additional API Gateway example syntax, see Tanium API Gateway User Guide: Reference: Filter syntax and Tanium API Gateway User Guide: Reference: API Gateway examples.

Threat Response example

The following mutation requires Threat Response and assigns the Resolved status to a Threat Response alert.

ClosedAssign Resolved status to an alert (mutation.threatResponseAlertResolve)

Assign Resolved status to alert

The following request assigns the Resolved status to the Threat Response alert matching the GUID.

Copy
mutation cresolveTHRAlert ($guid: ID){
  threatResponseAlertResolve (ref: {guid: $guid}) {
    resolved 
    guid 
    error 
  }
}

Include the GUID variable in the QUERY VARIABLES panel or in your variables dictionary:

Copy
{
  "guid": "12345678-90ab-cdef-1234-567890abcdef"
}

Example response:

Copy
{
  "data" : {
    "threatResponseAlertResolve" : {
      "resolved" : true,
      "guid" : "12345678-90ab-cdef-1234-567890abcdef",
      "error" : null
    }
  }
}