Represents the aggregated state of an investigation such as categorization, severity, and status. Can be expanded to include analyst assignment details and more.
JSON representation |
---|
{ "comments": [ string ], "verdict": enum ( |
Fields | |
---|---|
comments[] |
Comment added by the Analyst. |
verdict |
Describes reason a finding investigation was resolved. |
reputation |
Describes whether a finding was useful or not-useful. |
severity_score |
Severity score for a finding set by an analyst. |
status |
Describes the workflow status of a finding. |
priority |
Priority of the Alert or Finding set by analyst. |
root_cause |
Root cause of the Alert or Finding set by analyst. |
reason |
Reason for closing the Case or Alert. |
risk_score |
Risk score for a finding set by an analyst. |