disable_detection

Disable specific security detections by setting 'enabled' to false on Panther MCP Server. Requires Manage Rules or Manage Policies permissions. Useful for managing rules and policies efficiently.

Instructions

Disable a Panther detection by setting enabled to false.

Permissions:{'any_of': ['Manage Rules', 'Manage Policies']}

Input Schema

Name	Required	Description	Default
`detection_id`	Yes	The ID of the detection to disable
`detection_type`	No	Type of detection to disable. Valid options: rules, scheduled_rules, simple_rules, or policies.	rules

Input Schema (JSON Schema)

{
  "properties": {
    "detection_id": {
      "description": "The ID of the detection to disable",
      "examples": [
        "AWS.Suspicious.S3.Activity",
        "GCP.K8S.Privileged.Pod.Created"
      ],
      "title": "Detection Id",
      "type": "string"
    },
    "detection_type": {
      "default": "rules",
      "description": "Type of detection to disable. Valid options: rules, scheduled_rules, simple_rules, or policies.",
      "examples": [
        "rules",
        "scheduled_rules",
        "simple_rules",
        "policies"
      ],
      "title": "Detection Type",
      "type": "string"
    }
  },
  "required": [
    "detection_id"
  ],
  "type": "object"
}

Panther MCP Server

disable_detection

Instructions

Input Schema

Input Schema (JSON Schema)

Other Tools from Panther MCP Server

Related Tools

MCP directory API