API Reference

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Security Center

Security CenterInsights

Retrieves Security Center Insights

security_center.insights.list(InsightListParams**kwargs) -> SyncV4PagePagination[Optional[InsightListResponse]]

GET/{accounts_or_zones}/{account_or_zone_id}/security-center/insights

Archives Security Center Insight

security_center.insights.dismiss(strissue_id, InsightDismissParams**kwargs) -> InsightDismissResponse

PUT/{accounts_or_zones}/{account_or_zone_id}/security-center/insights/{issue_id}/dismiss

ModelsExpand Collapse

class InsightListResponse: …

count: Optional[int]

Indicates the total number of results.

issues: Optional[List[Issue]]

id: Optional[str]

dismissed: Optional[bool]

has_extended_context: Optional[bool]

Indicates whether the insight has a large payload that requires fetching via the context endpoint.

issue_class: Optional[str]

issue_type: Optional[IssueType]

payload: Optional[IssuePayload]

detection_method: Optional[str]

Describes the method used to detect insight.

zone_tag: Optional[str]

resolve_link: Optional[str]

resolve_text: Optional[str]

severity: Optional[Literal["Low", "Moderate", "Critical"]]

One of the following:

"Low"

"Moderate"

"Critical"

since: Optional[datetime]

formatdate-time

status: Optional[Literal["active", "resolved"]]

The current status of the insight.

One of the following:

"active"

"resolved"

subject: Optional[str]

timestamp: Optional[datetime]

formatdate-time

user_classification: Optional[Literal["false_positive", "accept_risk", "other"]]

User-defined classification for the insight. Can be ‘false_positive’, ‘accept_risk’, ‘other’, or null.

One of the following:

"false_positive"

"accept_risk"

"other"

page: Optional[int]

Specifies the current page within paginated list of results.

per_page: Optional[int]

Sets the number of results per page of results.

maximum1000

minimum1

class InsightDismissResponse: …

errors: List[Error]

code: int

minimum1000

message: str

documentation_url: Optional[str]

source: Optional[ErrorSource]

pointer: Optional[str]

messages: List[Message]

code: int

minimum1000

message: str

documentation_url: Optional[str]

source: Optional[MessageSource]

pointer: Optional[str]

success: Literal[true]

Whether the API call was successful.

Security CenterInsightsClass

Retrieves Security Center Insight Counts by Class

security_center.insights.class_.get(ClassGetParams**kwargs) -> ClassGetResponse

GET/{accounts_or_zones}/{account_or_zone_id}/security-center/insights/class

ModelsExpand Collapse

List[ClassGetResponseItem]

count: Optional[int]

value: Optional[str]

Security CenterInsightsSeverity

Retrieves Security Center Insight Counts by Severity

security_center.insights.severity.get(SeverityGetParams**kwargs) -> SeverityGetResponse

GET/{accounts_or_zones}/{account_or_zone_id}/security-center/insights/severity

ModelsExpand Collapse

List[SeverityGetResponseItem]

count: Optional[int]

value: Optional[str]

Security CenterInsightsType

Retrieves Security Center Insight Counts by Type

security_center.insights.type.get(TypeGetParams**kwargs) -> TypeGetResponse

GET/{accounts_or_zones}/{account_or_zone_id}/security-center/insights/type

ModelsExpand Collapse

List[TypeGetResponseItem]

count: Optional[int]

value: Optional[str]

Security CenterInsightsAudit Logs

Retrieves account or zone Audit Log

security_center.insights.audit_logs.list(AuditLogListParams**kwargs) -> SyncCursorPagination[AuditLogListResponse]

GET/{accounts_or_zones}/{account_or_zone_id}/security-center/insights/audit-log

Retrieves Issue Audit Log

security_center.insights.audit_logs.list_by_insight(strissue_id, AuditLogListByInsightParams**kwargs) -> SyncCursorPagination[AuditLogListByInsightResponse]

GET/{accounts_or_zones}/{account_or_zone_id}/security-center/insights/{issue_id}/audit-log

ModelsExpand Collapse

class AuditLogListResponse: …

id: Optional[str]

UUIDv7 identifier for the audit log entry, time-ordered.

formatuuid

changed_at: Optional[datetime]

The timestamp when the change occurred.

formatdate-time

changed_by: Optional[str]

The actor that made the change. ‘system’ for automated changes, or a user identifier.

current_value: Optional[str]

The value of the field after the change. Null if the field was cleared.

field_changed: Optional[Literal["status", "user_classification"]]

The field that was changed.

One of the following:

"status"

"user_classification"

issue_id: Optional[str]

The ID of the insight this audit log entry relates to.

previous_value: Optional[str]

The value of the field before the change. Null if the field was not previously set.

rationale: Optional[str]

Optional rationale provided for the change.

zone_id: Optional[int]

The zone ID associated with the insight. Only present for zone-level insights.

formatint64

class AuditLogListByInsightResponse: …

id: Optional[str]

UUIDv7 identifier for the audit log entry, time-ordered.

formatuuid

changed_at: Optional[datetime]

The timestamp when the change occurred.

formatdate-time

changed_by: Optional[str]

The actor that made the change. ‘system’ for automated changes, or a user identifier.

current_value: Optional[str]

The value of the field after the change. Null if the field was cleared.

field_changed: Optional[Literal["status", "user_classification"]]

The field that was changed.

One of the following:

"status"

"user_classification"

issue_id: Optional[str]

The ID of the insight this audit log entry relates to.

previous_value: Optional[str]

The value of the field before the change. Null if the field was not previously set.

rationale: Optional[str]

Optional rationale provided for the change.

zone_id: Optional[int]

The zone ID associated with the insight. Only present for zone-level insights.

formatint64

Security CenterInsightsClassification

Updates Security Center Insight Classification

security_center.insights.classification.update(strissue_id, ClassificationUpdateParams**kwargs) -> ClassificationUpdateResponse

PATCH/{accounts_or_zones}/{account_or_zone_id}/security-center/insights/{issue_id}/classification

ModelsExpand Collapse

class ClassificationUpdateResponse: …

errors: List[Error]

code: int

minimum1000

message: str

documentation_url: Optional[str]

source: Optional[ErrorSource]

pointer: Optional[str]

messages: List[Message]

code: int

minimum1000

message: str

documentation_url: Optional[str]

source: Optional[MessageSource]

pointer: Optional[str]

success: Literal[true]

Whether the API call was successful.

Security CenterInsightsContext

Retrieves Security Center Insight Context

security_center.insights.context.get(strissue_id, ContextGetParams**kwargs) -> ContextGetResponse

GET/accounts/{account_id}/security-center/insights/{issue_id}/context

ModelsExpand Collapse

Dict[str, object]