Skip to main content
Update the incident details of an alert.

Parameters

ParameterDescription
Alert IDsA list of alerts IDs to update their analyst verdict.
New Incident StatusThe new incident status.
Options: 
in_progress
resolved
unresolved

Example Output

{
	"data": {
		"affected": 2
	}
}

Workflow Library Example

Update Incident Details of an Alert with Sentinelone and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop
I