POST
/
api
/
v1
/
events
/
{event_id}
/
actions
/
block
{
  "action_id": "action_abc123",
  "network_policy_id": "policy_xyz789",
  "scope": "global",
  "status": "applied"
}
Blocks network traffic described in the event by creating an appropriate network policy rule at the specified scope level. The event must contain network destination information (IP or domain).
Requires Bearer token authentication

Path Parameters

event_id
string
required
ID of the event to block (UUID format)

Request Body

scope
string
required
The scope level at which the blocking rule is applied based on agent contextOptions: “global”, “repository”, “workflow”, “cluster”, “namespace”, “node”
reason
string
required
Reason for the blocking action

Example

curl -X POST "https://api.garnet.ai/v1/events/550e8400-e29b-41d4-a716-446655440000/actions/block" \
  -H "Authorization: Bearer $GARNET_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "scope": "global",
    "reason": "Confirmed malicious domain based on threat intelligence"
  }'

Response

action_id
string
Unique identifier for the performed action
network_policy_id
string
ID of the created network policy rule
scope
string
The scope at which the rule was applied
status
string
Action status
{
  "action_id": "action_abc123",
  "network_policy_id": "policy_xyz789",
  "scope": "global",
  "status": "applied"
}

Error Examples

{
  "error": "Event not found"
}

{
  "error": "Event has no network destination information"
}