Root parameters
The following parameters are shown in the request. For examples of requests, see Request examples for the Update Incidents API.
Name | Required/ Optional | Supported | Valid values |
---|---|---|---|
type | Required | INCIDENTS, DISCOVERY | INCIDENTS, DISCOVERY |
action_type | Required | INCIDENTS, DISCOVERY |
STATUS SEVERITY, ASSIGN_TO, ADD_COMMENT TAG RELEASE (not supported for DISCOVERY) FALSE_POSITIVE |
value |
Required Optional (ADD_COM MENT, RELEASE) |
INCIDENTS, DISCOVERY |
STATUS: NEW, IN_PROCESS, CLOSE, FALSE_POSITIVE, ESCALATED, custom status SEVERITY: HIGH, MEDIUM, LOW ASSIGN_TO: admin name to be assigned to TAG: tag name (maximum 100 chars) FALSE_POSITIVE: 1 (ignore), 0 (include) |
comment |
Optional Required for ADD_COM MENT |
INCIDENTS, DISCOVERY |
Supported for the following actions: ADD_COMMENT ASSIGN_TO TAG RELEASE (not supported for DISCOVERY) FALSE_POSITIVE |
scan_partitions |
Optional (default value is NONE) |
INCIDENTS (relevant only if incident_keys is populated) |
Parameter to identify if partition_index was provided on each event key. ALL: Scans all partitions to get incidents and fetches their partition_index that is required for an update. NONE: Assumes partition_index is provided. If partition_index is missing on any key, then an exception is thrown. LAST_ACTIVE: Sets last 2 partitions and sends update with them. If the incident is not located on those 2 partitions, then update does not execute. |
event_ids | Required when update by event ids | INCIDENTS, DISCOVERY |
Array of the Event IDs to be updated. If event_ids is provided, then it is required to perform a lookup for incidents by event ID to get incident_id and partition_index. Currently, there is no API to avoid searching over all partitions. The number of provided IDs is limited to 1,000. Error code 400 is returned if violated. |
incident_keys | Required when update by incident keys | INCIDENTS, DISCOVERY |
Array of Incident Key objects on which the action should be performed. The number of provided IDs is limited to 1,000. Error code 400 is returned if violated. |