Get Incident - Blink Documentation

Get incident by ID.

External DocumentationTo learn more, visit the Splunk Observability documentation.

Parameters

Parameter	Description
Incident ID	The ID of the incident. Can be obtained from List Incidents action.

Example Output

{
	"active": false,
	"anomalyState": "ANOMALOUS",
	"detectLabel": "string",
	"detectorId": "string",
	"duration": 0,
	"events": [
		{
			"anomalyState": "ANOMALOUS",
			"detectLabel": "string",
			"detectorId": "string",
			"detectorName": "x",
			"event_annotations": {
				"<property name>": "any"
			},
			"id": "string",
			"incidentId": "string",
			"inputs": [
				{
					"dimensions": {
						"<property name>": "any"
					},
					"fragment": "string",
					"value": 0
				}
			],
			"severity": "Critical",
			"timestamp": 1557484230000
		}
	],
	"incidentId": "string",
	"linkedTeams": [
		"AbcdEf1ABCD",
		"FO1Vq3ABXYZ"
	],
	"severity": "Critical"
}

Workflow Library Example

Get Incident with Splunk Observability and Send Results Via Email

Preview this Workflow on desktop

Integrations

​Parameters

​Example Output

​Workflow Library Example

Parameters

Example Output

Workflow Library Example