Skip to main content
Update alert status by the alert ID.
External DocumentationTo learn more, visit the Devo documentation.

Parameters

ParameterDescription
IDID of the alert you want to update. Can be retrieved using the List Triggered Alerts action.
StatusNew status of the alert.

Example Output

{
	"id": 123456,
	"domain": "demo",
	"priority": 5,
	"context": "my.alert.demo.SecIntSeveralDNS",
	"category": "my.context",
	"srcPort": null,
	"srcIp": null,
	"srcHost": null,
	"dstIp": null,
	"dstPort": null,
	"dstHost": null,
	"protocol": null,
	"username": "user@devo.com",
	"application": null,
	"engine": "pilot.my.alert.demo.SecIntSeveralDNS",
	"extraData": "{\"sourceIP\":\"%2F194.140.174.171\",\"totalservers\":\"71\",\"destinationCount\":\"71.00007511654165\",\"eventdate\":\"2023-04-05+07%3A00%3A00.0\"}",
	"alertDate": null,
	"status": 100,
	"ack_status_date": null,
	"createDate": 1680681772000,
	"updateDate": 1680683709802,
	"scaled": false,
	"digest": "c80cfdff6620d2a07f757690f8137ca17635479b",
	"uniquedigest": "a63d213133dd3f7756c265ea2c712fe8c0a4fc18",
	"postAlertAction": null,
	"contextLabel": null,
	"contextSubscription": null,
	"shouldSend": false,
	"alertOwner": null,
	"fullExtraData": null,
	"alertType": null,
	"alertMitreTactics": null,
	"alertMitreTechniques": null,
	"alertPriority": null,
	"alertDefinition": null,
	"allExtraDataFields": null,
	"tags": null,
	"entities": null,
	"commentsList": null,
	"integrations": null,
	"contexto": null
}

Workflow Library Example

Update Alert Status with Devo and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop
I