assign_log_retrieval_task
Assign log retrieval tasks to specific endpoints by specifying endpoint IDs and organization IDs for efficient data collection in digital forensics and incident response.
Instructions
Assign a log retrieval task to specific endpoints
Input Schema
Name | Required | Description | Default |
---|---|---|---|
endpointIds | Yes | Endpoint ID(s) to retrieve logs from. Can be a single ID or an array of IDs. | |
managedStatus | No | Filter endpoints by managed status. Default is ["managed"]. | |
organizationIds | Yes | Organization ID(s) to filter endpoints by. This is REQUIRED to identify the correct endpoints. Examples: 0, "123", [0], ["123", "456"] |
Input Schema (JSON Schema)
{
"properties": {
"endpointIds": {
"description": "Endpoint ID(s) to retrieve logs from. Can be a single ID or an array of IDs.",
"oneOf": [
{
"type": "string"
},
{
"items": {
"type": "string"
},
"type": "array"
}
]
},
"managedStatus": {
"description": "Filter endpoints by managed status. Default is [\"managed\"].",
"items": {
"type": "string"
},
"type": "array"
},
"organizationIds": {
"description": "Organization ID(s) to filter endpoints by. This is REQUIRED to identify the correct endpoints. Examples: 0, \"123\", [0], [\"123\", \"456\"]",
"oneOf": [
{
"type": "number"
},
{
"type": "string"
},
{
"items": {
"oneOf": [
{
"type": "number"
},
{
"type": "string"
}
]
},
"type": "array"
}
]
}
},
"required": [
"endpointIds",
"organizationIds"
],
"type": "object"
}