| get_external_input_jobsA | Retrieve Arcanna External Input Jobs.
An Arcanna External Input Job refers to a job where the user's API Key is configured on the input integration, enabling data to be sent via HTTP calls.
Use this tool only when:
- 1. The user intends to send data to Arcanna
Example user query: "I want to start pushing/send data to Arcanna. What jobs can I use?"
- 2. The user specifically requests jobs configured with an external API Key
Example user query: "Can you show me the jobs that use an external API key input?"
DO NOT use this tool outside the specific scenarios described. If you're unsure, ask the user for clarification before proceeding.
DO NOT use this tool if the user is requesting a generic job retrieval, such as:
- 1. "What are the available jobs?"
- 2. "What jobs are in Arcanna?"
- 3. "List the jobs."
- 4. "Show the jobs."
In such cases, use a different tool designed for general job listing instead.
Returns:
--------
list
A list of dictionaries, each representing job details with the following keys:
- job_id (int): Unique identifier for the job.
- category (str): Category of the job.
- title (str): Title or name of the job.
- status (str): Current status of the job (e.g., ENABLED - the job is ingesting events. DISABLED - the job is stopped.
READY_TO_SELECT_FEATURES - user must select decision points. etc.).
- retrain_state (str): State of the retraining process.
- retrain_msg (str): Message providing details about the retraining process.
- labels (list of str): List of decision labels associated with the job.
- features (list of str): List of decision points used in the job.
- processed_documents_count (int): Number of events processed.
- feedback_documents_count (int): Number of events that received feedback.
- last_processed_timestamp (str): Timestamp of the last processed event.
- last_feedback_timestamp (str): Timestamp of the last received feedback.
- last_train_start_timestamp (str): Timestamp when the last training started.
- last_train_finished_timestamp (str): Timestamp when the last training finished.
- invalid (bool): Indicates whether the job is invalid (True/False).
|
| send_event_to_external_input_jobA | Send a JSON event payload for Arcanna to provide a decision on. Arcanna will generate a new internal ID for the event.
In case of an internal server error, do not use any other tool, ask the user how he would like to continue,
Parameters:
-----------
job_id : int
Unique identifier for the external input job.
event : dict
A raw dictionary containing event/alert/incident data.
Returns:
--------
dict
A dictionary containing event tracking details with the following keys:
- event_id (str): Unique identifier for the event.
- job_id (int): Unique identifier of the job where the event has been sent to.
- ingest_timestamp (str): Timestamp when the data was ingested.
- status (str): Status that tells if the event has been sent to ingestion successfully
- error_message (str): Error details in case of failure; empty if successful.
|
| send_event_with_id_to_external_input_jobA | Send a JSON security alert/incident/event to Arcanna for ingestion.
Parameters:
-----------
job_id : int
Unique identifier for the external input job.
event : dict
A raw dictionary containing event/alert/incident data.
event_id: str
Unique identifier for the event.
Returns:
--------
dict
A dictionary containing event tracking details with the following keys:
- event_id (str): Unique identifier for the event.
- job_id (int): Unique identifier of the job where the event has been sent to.
- ingest_timestamp (str): Timestamp when the data was ingested.
- status (str): Status that tells if the event has been sent to ingestion successfully
- error_message (str): Error details in case of failure; empty if successful.
|
| health_check_input_serverA | Health check of Arcanna Input API Server.
Returns:
--------
dict
- status (bool): If false, the server is up an running but API key is invalid. If true, api key is also
authorized
|