I'm currently using the below to get all closed cases within our SOAR platform -
closed_cases = siemplify.get_cases_ids_by_filter("CLOSE", sort_by="CLOSE_TIME")
Hi @samryanturner could you please try to create new Python Action in IDE and try the following code:
from SiemplifyAction import SiemplifyAction
from SiemplifyUtils import unix_now, convert_unixtime_to_datetime, output_handler
from ScriptResult import EXECUTION_STATE_COMPLETED, EXECUTION_STATE_FAILED,EXECUTION_STATE_TIMEDOUT
@output_handler
def main():
siemplify = SiemplifyAction()
cases = siemplify.get_cases_ids_by_filter(status="CLOSE",sort_by="CLOSE_TIME")
print(cases)
status = EXECUTION_STATE_COMPLETED # used to flag back to siemplify system, the action final status
output_message = "output message :" # human readable message, showed in UI as the action result
result_value = True # Set a simple result value, used for playbook if\\else and placeholders.
siemplify.LOGGER.info("\\n status: {}\\n result_value: {}\\n output_message: {}".format(status,result_value, output_message))
siemplify.end(output_message, result_value, status)
if __name__ == "__main__":
main()
It worked for me:
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.