Skip to content

New-S1Note

SYNOPSIS

Create notes for SentinelOne threats based on specified filters.

SYNTAX

New-S1Note [-Filter] <String> [-FilterValue] <String[]> [-Data] <String> [<CommonParameters>]

DESCRIPTION

This function creates notes for SentinelOne threats based on the provided filters. It allows filtering by agent IDs, incident statuses, and more.

EXAMPLES

EXAMPLE 1

New-S1Note -Filter 'agentIds' -FilterValue '12345' -Data 'This is a test note.'

Creates a note for the specified agent ID with the provided data.

EXAMPLE 2

New-S1Note -Filter 'incidentStatusesNin' -FilterValue 'resolved' -Data 'This is a test note.'

Creates a note for threats with incident statuses not equal to 'resolved' with the provided data.

PARAMETERS

-Filter

The filter to be applied for creating notes. Valid values are 'agentIds', 'incidentStatusesNin', or 'ids'.

Type: String
Parameter Sets: (All)
Aliases:

Required: True
Position: 1
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-FilterValue

The value to be used for the specified filter.

Type: String[]
Parameter Sets: (All)
Aliases:

Required: True
Position: 2
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Data

The data to be included in the note.

Type: String
Parameter Sets: (All)
Aliases:

Required: True
Position: 3
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

INPUTS

OUTPUTS

NOTES