Skip to content

Cases

class _incydr_sdk.cases.client.CasesV1(parent)

Client for /v1/cases endpoints.

Usage example:

>>> import incydr
>>> client = incydr.Client(**kwargs)
>>> client.cases.v1.get_case(23)
add_file_events_to_case(self, case_number, event_ids)

Attach file events to a case.

Parameters:

  • case_number: int Unique numeric identifier for the case.
  • event_ids: str | List[str] A string or list of strings representing the eventId(s) to attach to the case.

Returns: A requests.Response indicating success.

create(self, name, subject=None, assignee=None, description=None, findings=None)

Create a case.

Parameters:

  • name: str (required) The unique name given to the case.
  • subject: str The user UID of the subject being investigated in this case.
  • assignee: str The user UID of the administrator assigned to investigate the case.
  • findings: str Markdown formatted text summarizing the findings for a case.
  • description: str Brief description providing context for a case.

Returns: A Case object representing the newly created case.

delete(self, case_number)

Delete a case.

Parameters:

  • case_number int | Case Unique numeric identifier for the case or a Case object.

Usage example:

>>> client.cases.v1.delete(23)
<Response [204]>

# Alternatively:
>>> case = client.cases.v1.get_case(23)
>>> client.cases.v1.delete(case)

Returns: A requests.Response indicating success.

delete_file_event_from_case(self, case_number, event_id)

Remove file events from a case.

Parameters:

  • case_number: int Unique numeric identifier for the case.
  • event_id: str Unique identifier of event to remove from the case.

Returns: A requests.Response indicating success.

download_file_event_csv(self, case_number, target_folder)

Downloads all file event data for a case in CSV format to specified target folder.

Parameters

  • case_number: int Unique numeric identifier for the case.
  • target_folder: Path | str A string or pathlib.Path object that represents the folder which the CSV will be saved to.

Returns: A pathlib.Path object representing location of the downloaded CSV.

download_file_for_event(self, case_number, event_id, target_folder)

Download the source file (if captured) from a file event attached to a case.

Parameters

  • case_number: int Unique numeric identifier for the case.
  • event_id: str Unique identifier for event to download.
  • target_folder: Path | str A string or pathlib.Path object that represents the folder which the file will be saved to.

Returns: A pathlib.Path object representing location of the downloaded file.

download_full_case_zip(self, case_number, target_folder, include_files=True, include_summary=True, include_file_events=True)

Downloads full export of case in ZIP format to specified target folder.

Parameters

  • case_number: int Unique numeric identifier for the case.
  • target_folder: Path | str A string or pathlib.Path object that represents the folder which the ZIP will be saved to.
  • include_files: bool Include source files (if they are available) in the .zip. default=True
  • include_summary: bool Include summary PDF in the .zip. default=True
  • include_file_events: bool Include file events .csv in the .zip. default=True

Returns: A pathlib.Path object representing location of the downloaded ZIP.

download_summary_pdf(self, case_number, target_folder)

Downloads a summary of a case in PDF format to specified target folder.

Parameters

  • case_number: int Unique numeric identifier for the case.
  • target_folder: Path | str A string or pathlib.Path object that represents the folder which the PDF will be saved to.

Returns: A pathlib.Path object representing location of the downloaded PDF.

get_case(self, case_number)

Get a single case.

Parameters:

  • case_number: int Unique numeric identifier for the case.

Returns: A Case object representing the case.

get_file_event_detail(self, case_number, event_id)

Get the full detail for a given file event attached to a case.

Parameters

  • case_number: int Unique numeric identifier for the case.
  • event_id: str Unique identifier for event associated with case.

Returns: A FileEventV2 object representing the file event.

get_file_events(self, case_number, page_num=1, page_size=None)

Get abbreviated details for file events attached to a case.

Parameters

  • case_number: int - Unique numeric identifier for the case.
  • page_num: int - Page number for results, starting at 1.
  • page_size: int - Max number of results to return for a page. Defaults to client's page_size setting.

Returns: A CaseFileEvents object containing the associated file events.

get_page(self, assignee=None, created_at=None, is_assigned=None, last_modified_by=None, name=None, status=None, page_num=1, page_size=None, sort_dir=, sort_key=)

Get a page of cases.

Filter results by passing appropriate parameters:

Parameters:

  • assignee: str - User UID of an assignee of a case on which to filter.
  • created_at: Tuple[datetime, datetime] - Filter cases created between the supplied start and end times.
  • is_assigned: bool - Filter cases with an assignee (True) or without (False).
  • last_modified_by: str - User UID of the user who most recently modified the case.
  • name: str - Name of a case on which to filter; will include partial matches.
  • status: CaseStatus - One or more case statuses on which to filter. Available values: OPEN, CLOSED
  • page_num: int - Page number for results, starting at 1.
  • page_size: int - Max number of results to return for a page. Defaults to client's page_size setting.
  • sort_dir: SortDirection - The direction on which to sort the response, based on the corresponding key.
  • sort_key: SortKeys - One or more values on which the response will be sorted.

Returns: A CasesPage object.

iter_all(self, assignee=None, created_at=None, is_assigned=None, last_modified_by=None, name=None, status=None, page_size=None, sort_dir=, sort_key=)

Iterate over all cases.

Accepts the same parameters as .get_page() excepting page_num.

Returns: A generator yielding individual Case objects.

update(self, case)

Updates a case. Valid updatable fields: name, assignee, description, findings, subject, status

Parameters

  • case: Case The modified case object.

Usage example:

>>> case = client.cases.v1.get_case(23)
>>> case.name = "Updated name"
>>> client.cases.v1.update(case)

Returns: A Case object with updated values from server.