Stellar Cyber · Schema

Stellar Cyber Case

A security case in the Stellar Cyber Open XDR platform representing an ongoing investigation

CybersecuritySecurityXDRSIEMSOARAI

Properties

Name Type Description
id string Unique identifier for the case
name string Display name of the security case
description string Detailed description of the case
status string Current status of the case
priority string Severity/priority level of the case
assignee string Username of the analyst assigned to the case
tenant_id string Tenant identifier for multi-tenant environments
created_at string ISO 8601 timestamp when the case was created
updated_at string ISO 8601 timestamp when the case was last updated
alert_count integer Number of alerts associated with the case
View JSON Schema on GitHub

JSON Schema

stellar-cyber-case-schema.json Raw ↑ 
{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "$id": "https://github.com/api-evangelist/stellar-cyber/blob/main/json-schema/stellar-cyber-case-schema.json",
  "title": "Stellar Cyber Case",
  "description": "A security case in the Stellar Cyber Open XDR platform representing an ongoing investigation",
  "type": "object",
  "required": ["id", "name", "status"],
  "properties": {
    "id": {
      "type": "string",
      "description": "Unique identifier for the case"
    },
    "name": {
      "type": "string",
      "description": "Display name of the security case"
    },
    "description": {
      "type": "string",
      "description": "Detailed description of the case"
    },
    "status": {
      "type": "string",
      "enum": ["open", "closed", "investigating"],
      "description": "Current status of the case"
    },
    "priority": {
      "type": "string",
      "enum": ["critical", "high", "medium", "low"],
      "description": "Severity/priority level of the case"
    },
    "assignee": {
      "type": "string",
      "description": "Username of the analyst assigned to the case"
    },
    "tenant_id": {
      "type": "string",
      "description": "Tenant identifier for multi-tenant environments"
    },
    "created_at": {
      "type": "string",
      "format": "date-time",
      "description": "ISO 8601 timestamp when the case was created"
    },
    "updated_at": {
      "type": "string",
      "format": "date-time",
      "description": "ISO 8601 timestamp when the case was last updated"
    },
    "alert_count": {
      "type": "integer",
      "minimum": 0,
      "description": "Number of alerts associated with the case"
    }
  },
  "additionalProperties": false
}