blumira-findingslisted

Use this skill when working with Blumira findings (security alerts/detections), including listing, filtering, investigating, resolving, assigning, and commenting on findings.
wyre-technology/msp-claude-plugins · ★ 28 · Data & Documents · score 80

Install: claude install-skill wyre-technology/msp-claude-plugins

# Blumira Findings ## Overview Findings are Blumira's primary security detection unit — they represent threats, suspicious activity, or policy violations detected across your environment. This skill covers the full finding lifecycle from discovery through resolution. ## Key Concepts ### Finding Statuses | Status Code | Label | Description | |-------------|-------|-------------| | 10 | Open | New, unreviewed finding | | 20 | In Progress | Under investigation | | 30 | Resolved | Closed with a resolution | ### Finding Severity Findings have severity levels (e.g., LOW, MEDIUM, HIGH, CRITICAL) that indicate the potential impact. Always triage CRITICAL and HIGH findings first. ### Resolution Types When resolving a finding, you must specify a resolution type: | Resolution Code | Label | Use When | |----------------|-------|----------| | 10 | Valid | Confirmed real threat, action was taken | | 20 | Not Applicable | Finding doesn't apply to this environment | | 30 | False Positive | Detection was incorrect | ## API Patterns ### List Findings ``` blumira_findings_list status.eq=10 # Open findings only severity.in=HIGH,CRITICAL order_by=-created # Most recent first page_size=25 ``` ### Get Finding Details ``` blumira_findings_get finding_id=<UUID> ``` ``` blumira_findings_details finding_id=<UUID> ``` The `details` endpoint returns enriched data including related context, evidence, and recommended actions. ### Resolve a Finding ``` blumira_fin