ListInvestigations
Lists all investigations associated with cases that the requester has access to. Investigations are performed by agents to analyze and respond to security incidents.
Request Syntax
GET /v1/cases/caseId/list-investigations?maxResults=maxResults&nextToken=nextToken HTTP/1.1
URI Request Parameters
The request uses the following URI parameters.
- caseId
-
Required element that specifies the unique identifier of the case for which to list investigations.
Length Constraints: Minimum length of 10. Maximum length of 32.
Pattern:
\d{10,32}.*Required: Yes
- maxResults
-
Optional element for ListInvestigations to limit the number of responses.
Valid Range: Minimum value of 1. Maximum value of 25.
- nextToken
-
An optional string that, if supplied, must be copied from the output of a previous call to ListInvestigations. When provided in this manner, the API fetches the next page of results.
Length Constraints: Minimum length of 0. Maximum length of 2000.
Request Body
The request does not have a request body.
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"investigationActions": [
{
"actionType": "string",
"content": "string",
"feedback": {
"comment": "string",
"submittedAt": number,
"usefulness": "string"
},
"investigationId": "string",
"lastUpdated": number,
"status": "string",
"title": "string"
}
],
"nextToken": "string"
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- investigationActions
-
A list of investigation actions associated with the returned investigations. Each action represents a specific step or activity performed during the investigation process.
Type: Array of InvestigationAction objects
- nextToken
-
An optional string that, if supplied on subsequent calls to ListInvestigations, allows the API to fetch the next page of results.
Type: String
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
- message
-
The ID of the resource which lead to the access denial.
HTTP Status Code: 403
- ConflictException
-
Returned when there is a conflict with the current state of the resource.
For UpdateResolverType, this error may occur when attempting to change an AWS-supported case to Self-managed, which is not supported.
- message
-
The exception message.
- resourceId
-
The ID of the conflicting resource.
- resourceType
-
The type of the conflicting resource.
HTTP Status Code: 409
- InternalServerException
-
- message
-
The exception message.
- retryAfterSeconds
-
The number of seconds after which to retry the request.
HTTP Status Code: 500
- InvalidTokenException
-
- message
-
The exception message.
HTTP Status Code: 423
- ResourceNotFoundException
-
- message
-
The exception message.
HTTP Status Code: 404
- SecurityIncidentResponseNotActiveException
-
- message
-
The exception message.
HTTP Status Code: 400
- ServiceQuotaExceededException
-
- message
-
The exception message.
- quotaCode
-
The code of the quota.
- resourceId
-
The ID of the requested resource which lead to the service quota exception.
- resourceType
-
The type of the requested resource which lead to the service quota exception.
- serviceCode
-
The service code of the quota.
HTTP Status Code: 402
- ThrottlingException
-
- message
-
The exception message.
- quotaCode
-
The quota code of the exception.
- retryAfterSeconds
-
The number of seconds after which to retry the request.
- serviceCode
-
The service code of the exception.
HTTP Status Code: 429
- ValidationException
-
Returned when the request contains invalid parameters.
For UpdateResolverType, this error may occur when attempting an unsupported resolver type transition.
- fieldList
-
The fields which lead to the exception.
- message
-
The exception message.
- reason
-
The reason for the exception.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
