list_alert_comments

Retrieve comments for a specific alert ID in Panther's security monitoring platform. Returns details like comment text, creator, timestamp, and format, supporting up to 25 entries by default.

Instructions

Get all comments for a specific Panther alert by ID.

Args:
    alert_id: The ID of the alert to get comments for
    limit: Maximum number of comments to return (default: 25)

Returns:
    Dict containing:
    - success: Boolean indicating if the request was successful
    - comments: List of comments if successful, each containing:
        - id: The comment ID
        - body: The comment text
        - createdAt: Timestamp when the comment was created
        - createdBy: Information about the user who created the comment
        - format: The format of the comment (HTML or PLAIN_TEXT or JSON_SCHEMA)
    - message: Error message if unsuccessful

Input Schema

Name	Required	Description	Default
`alert_id`	Yes
`limit`	No

Input Schema (JSON Schema)

{
  "properties": {
    "alert_id": {
      "title": "Alert Id",
      "type": "string"
    },
    "limit": {
      "default": 25,
      "title": "Limit",
      "type": "integer"
    }
  },
  "required": [
    "alert_id"
  ],
  "type": "object"
}

Panther MCP Server

list_alert_comments

Instructions

Input Schema

Input Schema (JSON Schema)

Other Tools from Panther MCP Server

Related Tools

MCP directory API