Invoke Collection Investigation Package

description initiates the collection of an investigation package from a machine identified by its id in microsoft defender endpoint url /api/machines/{{id}}/collectinvestigationpackage method post inputs path parameters (object) – required id (string) – required json body (object) comment (string) output example \[ { "status code" 405, "response headers" { "date" "thu, 04 may 2023 18 07 32 gmt", "content length" "0", "connection" "keep alive", "allow" "post", "strict transport security" "max age=15724800; includesubdomains" }, "reason" "method not allowed", "response text" "" } ] output parameters status code (number) reason (string) response text (string) response headers header type date string content length string connection string allow string strict transport security string