Update Incident
The Patch Incident API updates an existing incident (based on incident ID).
Parameters
| Parameter | Description |
|---|---|
| Assignee ID | ID of the entity assigned to this incident. |
| Incident ID | Unique ID of the incident. |
| Severity | The severity of the incident (Low, Medium, High or Critical). |
| Status | The status of the incident (Open, InProgress, WaitingForInput, or Closed). |
Example Output
{
"data": {
"apps": [],
"assignee": {
"userEmail": "Email",
"userFirstName": "First Name",
"userId": "Unique ID",
"userLastName": "Last Name"
},
"assigneeId": "Unique id of assignee.",
"category": "An enumeration.",
"compliance": [],
"createdAt": "The date the incident was first reported.",
"description": "Description",
"entities": [],
"id": "Unique id",
"isResolved": false,
"policy": {
"id": "Unique id of policy.",
"name": "Name of policy.",
"templateId": "Template ID"
},
"policyId": "Unique id of policy.",
"recommendation": "Recommendation",
"severity": "An enumeration.",
"status": "An enumeration.",
"tactics": [],
"techniques": [],
"updatedAt": "The date the incident was last updated.",
"url": "URL"
}
}
Workflow Library Example
Update Incident with Authomize and Send Results Via Email
Preview this Workflow on desktop