Create a case

Creates a new case, sending case data in the request body.
To create a case, you MUST include the following fields: case_id, title, and created_at. The other top-level fields are optional.

If we receive a request to create a case for an case_id that already exists in our system, we will respond with a 409 error code indicating that this case cannot be created/updated. You must use the /case/update endpoint to update a case.

You can add the following objects to a case:

alertsArray[]Alerts that are associated with this case. Consists of alert_ids
eventsArray[]Transactions affiliated with the case. Consists of event_ids
entitiesArray[]Entities affiliated with the case. Consists of entity_ids

Updates to a cases's case_id are not allowed.

Follow the links for more information:

The response will consist of the following fields:

case_idStringUnique identifier of the case on your platform
previously_existedBooleanIf case (with the same case_id) already exists
Click Try It! to start a request and see the response here!