/
Create Incident

Create Incident

Feb 25, 2025

 

This functionality is not available with the legacy Barracuda Email Protection Advanced plan. All other Email Protection Plans, including all current Email Protection Plans have this functionality. To upgrade to one of these plans, contact your Barracuda Networks Sales Representative.

Creates an incident for a Microsoft 365 tenant.

Endpoint

POST /beta/accounts/{accountId}/forensics/{tenantId}/incident

Parameters

Name

Type

Required

Description

Name

Type

Required

Description

Path Parameters

accountId 

string

*

The Barracuda Cloud Control account ID obtained from the Get Accounts API.

tenantId 

string

*

The Microsoft 365 tenant ID obtained from the Get Tenants API.

Request Body

Content type: application/json

Name

Description

Type

Name

Description

Type

remediationActions 

The remediation actions for an incident.

Entry

Description

Type

enableContinuousRemediation

Whether continuous remediation is enabled for this incident. Message action must be set to DELETE or NONE.

boolean

messageAction

The action taken on emails that match the incident search criteria.

Possible values : NONE, DELETE, QUARANTINE

string

notify

Whether a warning email alert is sent to the affected users.

boolean

sendSummary 

Whether an incident summary is sent to your security team for tracking purposes.

boolean

searchCriteria

The email search criteria used to find emails that will become the basis of a new incident.

Entry

Description

Type

attachmentName

The email attachment name search query.

string

emailSubject

The email subject search query.

string

includeQuarantined

Whether the search should include quarantined emails.

boolean

includeSent

Whether the search should include sent emails.

boolean

sender

The email sender search query.

Entry

Description

Type

displayName

The sender name search query.

string

email

The email address or domain name search query.

string



timeframe

How far back the incident email search extends, in hours.

minimum: 1
maximum: 720

integer

Response Codes

Code

Description

Code

Description

200

OK

401

Unauthorized: There is a missing or incorrect API token in header or the client did not have permission to access the requested resource.

Contact Us
Barracuda Campus
Barracuda Support