Bulk update Panther alerts
Action ID:tools.panther.bulk_update_alerts
Update multiple Panther alerts at once.
Secrets
Required secrets:panther: required valuesPANTHER_API_KEY.
Input fields
List of alert IDs to update.
Panther API URL (e.g. https://api.runpanther.net).
User ID to assign the alerts to.Default:
null.New status for the alerts.Default:
null.Create Panther query
Action ID:tools.panther.create_query
Create a new saved query in Panther.
Secrets
Required secrets:panther: required valuesPANTHER_API_KEY.
Input fields
Panther API URL (e.g. https://api.runpanther.net).
Name of the saved query.
SQL query to save. Must be valid SQL, not PantherFlow.
Description of the query.Default:
null.Schedule configuration for the query.Default:
null.Delete Panther query
Action ID:tools.panther.delete_query
Delete a saved query from Panther.
Secrets
Required secrets:panther: required valuesPANTHER_API_KEY.
Input fields
Panther API URL (e.g. https://api.runpanther.net).
The unique identifier of the saved query.
Execute Panther query
Action ID:tools.panther.execute_query
Execute a saved query in Panther.
Secrets
Required secrets:panther: required valuesPANTHER_API_KEY.
Input fields
Panther API URL (e.g. https://api.runpanther.net).
The unique identifier of the saved query.
Parameters to pass to the query.Default:
null.Get Panther alert
Action ID:tools.panther.get_alert
Get a single alert from Panther by ID.
Secrets
Required secrets:panther: required valuesPANTHER_API_KEY.
Input fields
The unique identifier of the alert.
Panther API URL (e.g. https://api.runpanther.net).
Get Panther query
Action ID:tools.panther.get_query
Get a saved query from Panther by ID.
Secrets
Required secrets:panther: required valuesPANTHER_API_KEY.
Input fields
Panther API URL (e.g. https://api.runpanther.net).
The unique identifier of the saved query.
List Panther alerts
Action ID:tools.panther.list_alerts
List alerts from Panther with optional filters.
Secrets
Required secrets:panther: required valuesPANTHER_API_KEY.
Input fields
Panther API URL (e.g. https://api.runpanther.net).
Pagination cursor for next page.Default:
null.Maximum number of alerts to return.Default:
null.Filter by alert severity.Default:
null.Filter by alert status.Default:
null.List Panther queries
Action ID:tools.panther.list_queries
List saved queries from Panther.
Secrets
Required secrets:panther: required valuesPANTHER_API_KEY.
Input fields
Panther API URL (e.g. https://api.runpanther.net).
Pagination cursor for next page.Default:
null.Maximum number of queries to return.Default:
null.Update Panther alert
Action ID:tools.panther.update_alert
Update a Panther alert’s status or assignee.
Secrets
Required secrets:panther: required valuesPANTHER_API_KEY.
Input fields
The unique identifier of the alert.
Panther API URL (e.g. https://api.runpanther.net).
User ID to assign the alert to.Default:
null.New status for the alert.Default:
null.Update Panther query
Action ID:tools.panther.update_query
Update a saved query in Panther.
Secrets
Required secrets:panther: required valuesPANTHER_API_KEY.
Input fields
Panther API URL (e.g. https://api.runpanther.net).
The unique identifier of the saved query.
New description for the query.Default:
null.New name for the query.Default:
null.New schedule configuration for the query.Default:
null.New SQL query. Must be valid SQL.Default:
null.