disable_detection
Disable specific security detections by setting 'enabled' to false on Panther MCP Server. Requires Manage Rules or Manage Policies permissions. Useful for managing rules and policies efficiently.
Instructions
Disable a Panther detection by setting enabled to false.
Permissions:{'any_of': ['Manage Rules', 'Manage Policies']}
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| detection_id | Yes | The ID of the detection to disable | |
| detection_type | No | Type of detection to disable. Valid options: rules, scheduled_rules, simple_rules, or policies. | rules |
Input Schema (JSON Schema)
{
"properties": {
"detection_id": {
"description": "The ID of the detection to disable",
"examples": [
"AWS.Suspicious.S3.Activity",
"GCP.K8S.Privileged.Pod.Created"
],
"title": "Detection Id",
"type": "string"
},
"detection_type": {
"default": "rules",
"description": "Type of detection to disable. Valid options: rules, scheduled_rules, simple_rules, or policies.",
"examples": [
"rules",
"scheduled_rules",
"simple_rules",
"policies"
],
"title": "Detection Type",
"type": "string"
}
},
"required": [
"detection_id"
],
"type": "object"
}