Update the incident details of an alert.

Parameters

ParameterDescription
Alert IDsA list of alerts IDs to update their analyst verdict.
New Incident StatusThe new incident status.
Options: 
in_progress
resolved
unresolved

Example Output

{
	"data": {
		"affected": 2
	}
}

Workflow Library Example

Update Incident Details of an Alert with Sentinelone and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop