03-08-2023 06:42 AM
Hello all,
I have MySQL DB to collect data from different projects/products and using Metabase to create dashboards. I would like to import all incidents into MySQL DB from XSOAR. Is there any integration can do it directly or I have to write python code to retrieve all incidents through XSOAR API?
If API is the only option, should I use "Search incidents by filter" to get all incidents from XSOAR?
{
"filter" : {
"fromDate" : "2023-01-01T00:00:00Z"
}
}
POST /incidents/search
Best Regards,
K
03-08-2023 11:18 AM
You can use the ExportIncidentsToCSV automation from the common scripts pack, which will write the file to the war room.
If you want to export using the API, look at the /incident/batch/exportTo/Csv endpoint, which is the same one the above automation uses.
I wouldn't recommend trying to export ALL incidents at once, but rather batch it by day or week to keep the results small.
03-08-2023 05:56 PM - edited 03-08-2023 06:00 PM
What I would like to do is to retrieve the incidents details in below screenshot into MySQL DB column id, name, type, severity, status, owner, roles, playbook, occurred, sla, etc. Once all incidents are imported into MySQL DB, I may create a script to retrieve the new incident and update the incident with the status "active" only.
I will look at "ExportIncidentsToCSV" and see if I can parse the details into MySQL DB, thanks.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
