Update Incident Details Of An Alert
Update the incident details of an alert.
Parameters
| Parameter | Description |
|---|---|
| Alert IDs | A list of alerts IDs to update their analyst verdict. |
| New Incident Status | The new incident status. Options: <br/>in_progress<br/>resolved<br/>unresolved<br/> |
Example Output
{
"errors": [
{
"type": "object"
}
],
"data": {
"affected": "integer"
}
}
Workflow Library Example
Update Incident Details of an Alert with Sentinelone and Send Results Via Email
Preview this Workflow on desktop