sophos-central-alerts - Pinkfish - AI Agents & Workflows for Getting Work Done

Server path: /sophos-central-alerts | Type: Application | PCID required: Yes

Tools

Tool	Description
`sophos-central-alerts_acknowledge_alert`	Take action on an alert
`sophos-central-alerts_create_case`	Create investigation case
`sophos-central-alerts_delete_case`	Delete case
`sophos-central-alerts_get_alert`	Get alert details
`sophos-central-alerts_get_case`	Get case details
`sophos-central-alerts_get_case_mitre_attack_summary`	Get MITRE ATT&CK summary
`sophos-central-alerts_get_who_am_i`	Get caller identity and tenant information
`sophos-central-alerts_list_alerts`	List alerts
`sophos-central-alerts_list_case_detections`	List case detections
`sophos-central-alerts_list_case_impacted_entities`	List impacted entities
`sophos-central-alerts_list_cases`	List investigation cases
`sophos-central-alerts_search_alerts`	Search alerts
`sophos-central-alerts_update_case`	Update case

sophos-central-alerts_acknowledge_alert

Take action on an alert Parameters:

Parameter	Type	Required	Default	Description
`alertId`	string	Yes	—	Alert ID
`action`	string	Yes	—	Action to perform (e.g., acknowledge)
`message`	string	No	—	Optional message for the action

Show inputSchema

{
  "type": "object",
  "properties": {
    "PCID": {
      "type": "string",
      "description": "Pink Connect ID for the authenticated connection"
    },
    "alertId": {
      "type": "string",
      "description": "Alert ID"
    },
    "action": {
      "type": "string",
      "description": "Action to perform (e.g., acknowledge)"
    },
    "message": {
      "type": "string",
      "description": "Optional message for the action"
    }
  },
  "required": [
    "PCID",
    "alertId",
    "action"
  ]
}

sophos-central-alerts_create_case

Create investigation case Parameters:

Parameter	Type	Required	Default	Description
`assignee`	string	No	—	Assignee ID
`initialDetectionId`	string	No	—	Initial detection ID to link
`name`	string	Yes	—	Case name
`overview`	string	No	—	Case overview
`severity`	string	Yes	—	Case severity
`status`	string	Yes	—	Case status
`type`	string	Yes	—	Case type

Show inputSchema

{
  "type": "object",
  "properties": {
    "PCID": {
      "type": "string",
      "description": "Pink Connect ID for the authenticated connection"
    },
    "assignee": {
      "type": "string",
      "description": "Assignee ID"
    },
    "initialDetectionId": {
      "type": "string",
      "description": "Initial detection ID to link"
    },
    "name": {
      "type": "string",
      "description": "Case name"
    },
    "overview": {
      "type": "string",
      "description": "Case overview"
    },
    "severity": {
      "type": "string",
      "description": "Case severity",
      "enum": [
        "informational",
        "low",
        "medium",
        "high",
        "critical"
      ]
    },
    "status": {
      "type": "string",
      "description": "Case status",
      "enum": [
        "new",
        "investigating",
        "closing",
        "closed"
      ]
    },
    "type": {
      "type": "string",
      "description": "Case type"
    }
  },
  "required": [
    "PCID",
    "name",
    "severity",
    "status",
    "type"
  ]
}

sophos-central-alerts_delete_case

Delete case Parameters:

Parameter	Type	Required	Default	Description
`caseId`	string	Yes	—	Case ID

Show inputSchema

{
  "type": "object",
  "properties": {
    "PCID": {
      "type": "string",
      "description": "Pink Connect ID for the authenticated connection"
    },
    "caseId": {
      "type": "string",
      "description": "Case ID"
    }
  },
  "required": [
    "PCID",
    "caseId"
  ]
}

sophos-central-alerts_get_alert

Get alert details Parameters:

Parameter	Type	Required	Default	Description
`alertId`	string	Yes	—	Alert ID

Show inputSchema

{
  "type": "object",
  "properties": {
    "PCID": {
      "type": "string",
      "description": "Pink Connect ID for the authenticated connection"
    },
    "alertId": {
      "type": "string",
      "description": "Alert ID"
    }
  },
  "required": [
    "PCID",
    "alertId"
  ]
}

sophos-central-alerts_get_case

Get case details Parameters:

Parameter	Type	Required	Default	Description
`caseId`	string	Yes	—	Case ID

Show inputSchema

{
  "type": "object",
  "properties": {
    "PCID": {
      "type": "string",
      "description": "Pink Connect ID for the authenticated connection"
    },
    "caseId": {
      "type": "string",
      "description": "Case ID"
    }
  },
  "required": [
    "PCID",
    "caseId"
  ]
}

sophos-central-alerts_get_case_mitre_attack_summary

Get MITRE ATT&CK summary Parameters:

Parameter	Type	Required	Default	Description
`caseId`	string	Yes	—	Case ID

Show inputSchema

{
  "type": "object",
  "properties": {
    "PCID": {
      "type": "string",
      "description": "Pink Connect ID for the authenticated connection"
    },
    "caseId": {
      "type": "string",
      "description": "Case ID"
    }
  },
  "required": [
    "PCID",
    "caseId"
  ]
}

sophos-central-alerts_get_who_am_i

Get caller identity and tenant information

Show inputSchema

{
  "type": "object",
  "properties": {
    "PCID": {
      "type": "string",
      "description": "Pink Connect ID for the authenticated connection"
    }
  },
  "required": [
    "PCID"
  ]
}

sophos-central-alerts_list_alerts

List alerts Parameters:

Parameter	Type	Required	Default	Description
`pageSize`	integer	No	—	Number of items per page
`page`	integer	No	—	Page number
`severity`	string	No	—	Filter by severity
`category`	string	No	—	Filter by category
`product`	string	No	—	Filter by product
`from`	string	No	—	Filter alerts from this timestamp

Show inputSchema

{
  "type": "object",
  "properties": {
    "PCID": {
      "type": "string",
      "description": "Pink Connect ID for the authenticated connection"
    },
    "pageSize": {
      "type": "integer",
      "description": "Number of items per page"
    },
    "page": {
      "type": "integer",
      "description": "Page number"
    },
    "severity": {
      "type": "string",
      "description": "Filter by severity",
      "enum": [
        "low",
        "medium",
        "high"
      ]
    },
    "category": {
      "type": "string",
      "description": "Filter by category"
    },
    "product": {
      "type": "string",
      "description": "Filter by product"
    },
    "from": {
      "type": "string",
      "description": "Filter alerts from this timestamp"
    }
  },
  "required": [
    "PCID"
  ]
}

sophos-central-alerts_list_case_detections

List case detections Parameters:

Parameter	Type	Required	Default	Description
`caseId`	string	Yes	—	Case ID
`pageSize`	integer	No	—	Items per page
`page`	integer	No	—	Page number

Show inputSchema

{
  "type": "object",
  "properties": {
    "PCID": {
      "type": "string",
      "description": "Pink Connect ID for the authenticated connection"
    },
    "caseId": {
      "type": "string",
      "description": "Case ID"
    },
    "pageSize": {
      "type": "integer",
      "description": "Items per page"
    },
    "page": {
      "type": "integer",
      "description": "Page number"
    }
  },
  "required": [
    "PCID",
    "caseId"
  ]
}

sophos-central-alerts_list_case_impacted_entities

List impacted entities Parameters:

Parameter	Type	Required	Default	Description
`caseId`	string	Yes	—	Case ID
`pageSize`	integer	No	—	Items per page
`page`	integer	No	—	Page number

Show inputSchema

{
  "type": "object",
  "properties": {
    "PCID": {
      "type": "string",
      "description": "Pink Connect ID for the authenticated connection"
    },
    "caseId": {
      "type": "string",
      "description": "Case ID"
    },
    "pageSize": {
      "type": "integer",
      "description": "Items per page"
    },
    "page": {
      "type": "integer",
      "description": "Page number"
    }
  },
  "required": [
    "PCID",
    "caseId"
  ]
}

sophos-central-alerts_list_cases

List investigation cases Parameters:

Parameter	Type	Required	Default	Description
`pageSize`	integer	No	—	Number of items per page (1-50)
`page`	integer	No	—	Page number

Show inputSchema

{
  "type": "object",
  "properties": {
    "PCID": {
      "type": "string",
      "description": "Pink Connect ID for the authenticated connection"
    },
    "pageSize": {
      "type": "integer",
      "description": "Number of items per page (1-50)"
    },
    "page": {
      "type": "integer",
      "description": "Page number"
    }
  },
  "required": [
    "PCID"
  ]
}

sophos-central-alerts_search_alerts

Search alerts Parameters:

Parameter	Type	Required	Default	Description
`filter`	object	No	—	Filter criteria as key-value pairs
`pageSize`	integer	No	—	Number of items per page
`pageTotal`	boolean	No	—	Include total count
`sort`	string[]	No	—	Sort fields (e.g., [‘-raisedAt’] for descending)

Show inputSchema

{
  "type": "object",
  "properties": {
    "PCID": {
      "type": "string",
      "description": "Pink Connect ID for the authenticated connection"
    },
    "filter": {
      "type": "object",
      "description": "Filter criteria as key-value pairs"
    },
    "pageSize": {
      "type": "integer",
      "description": "Number of items per page"
    },
    "pageTotal": {
      "type": "boolean",
      "description": "Include total count"
    },
    "sort": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "description": "Sort fields (e.g., ['-raisedAt'] for descending)"
    }
  },
  "required": [
    "PCID"
  ]
}

sophos-central-alerts_update_case

Update case Parameters:

Parameter	Type	Required	Default	Description
`caseId`	string	Yes	—	Case ID
`assignee`	string	No	—	Updated assignee
`name`	string	No	—	Updated name
`overview`	string	No	—	Updated overview
`severity`	string	No	—	Updated severity
`status`	string	No	—	Updated status

Show inputSchema

{
  "type": "object",
  "properties": {
    "PCID": {
      "type": "string",
      "description": "Pink Connect ID for the authenticated connection"
    },
    "caseId": {
      "type": "string",
      "description": "Case ID"
    },
    "assignee": {
      "type": "string",
      "description": "Updated assignee"
    },
    "name": {
      "type": "string",
      "description": "Updated name"
    },
    "overview": {
      "type": "string",
      "description": "Updated overview"
    },
    "severity": {
      "type": "string",
      "description": "Updated severity",
      "enum": [
        "informational",
        "low",
        "medium",
        "high",
        "critical"
      ]
    },
    "status": {
      "type": "string",
      "description": "Updated status",
      "enum": [
        "new",
        "investigating",
        "closing",
        "closed"
      ]
    }
  },
  "required": [
    "PCID",
    "caseId"
  ]
}

​Tools

​sophos-central-alerts_acknowledge_alert

​sophos-central-alerts_create_case

​sophos-central-alerts_delete_case

​sophos-central-alerts_get_alert

​sophos-central-alerts_get_case

​sophos-central-alerts_get_case_mitre_attack_summary

​sophos-central-alerts_get_who_am_i

​sophos-central-alerts_list_alerts

​sophos-central-alerts_list_case_detections

​sophos-central-alerts_list_case_impacted_entities

​sophos-central-alerts_list_cases

​sophos-central-alerts_search_alerts

​sophos-central-alerts_update_case

Tools

sophos-central-alerts_acknowledge_alert

sophos-central-alerts_create_case

sophos-central-alerts_delete_case

sophos-central-alerts_get_alert

sophos-central-alerts_get_case

sophos-central-alerts_get_case_mitre_attack_summary

sophos-central-alerts_get_who_am_i

sophos-central-alerts_list_alerts

sophos-central-alerts_list_case_detections

sophos-central-alerts_list_case_impacted_entities

sophos-central-alerts_list_cases

sophos-central-alerts_search_alerts

sophos-central-alerts_update_case