acquire_baseline
Assign a baseline acquisition task to specific endpoints for digital forensics and incident response, associating it with a case ID.
Instructions
Assign a baseline acquisition task to specific endpoints
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| caseId | Yes | The case ID to associate the baseline acquisition with | |
| filter | Yes | Filter object to specify which assets to acquire baseline from |