Update Offense
Update an offense.
External Documentation
To learn more, visit the QRadar documentation.
Parameters
| Parameter | Description |
|---|---|
| Assign to | A user to assign the offense to. |
| Closing Reason ID | The ID of a closing reason. You must provide a valid closingreasonid when you close an offense. |
| Offense ID | The ID of the offense to update. |
| Status | The new status for the offense. Set to one of: OPEN, HIDDEN, CLOSED. When the status of an offense is being set to CLOSED, a valid closingreasonid must be provided. To hide an offense, use the HIDDEN status. To show a previously hidden offense, use the OPEN status. |
Workflow Library Example
Update Offense with Qradar and Send Results Via Email
Preview this Workflow on desktop