changeIncidentStatus

This method changes the status of an incident.

Important

You must have a license that includes access to incidents to use this method.

Parameters

Parameter	Type	Optional	Description
`type`	String	No	The type of the target incident. Possible values: `incidents`: Endpoint incident from GravityZone Control Center. `extendedIncidents`: Organization incident from GravityZone Control Center.
`incidentId`	String	No	The ID of the incident, obtained from the Event Push details. The value corresponds to the `incident_id` parameter from New Incident and New extended incident event types. Tip You can get the ID of a specific incident form GravityZone Control Center by following these steps: Log in to GravityZone Control Center. Go to the Incidents page and locate the incident you want to change the status for. Select the menu item on the right side of the table on the row of the target incident. Select View events and alerts. A new browser window is open with the details of the incident. The incident ID is included in the URL of the page. Example https://cloudgz.gravityzone.bitdefender.com/#!/xdr/events/65dc39197a4a51fb2b7f15ee
`status`	Integer	No	The status to be assigned to the incident. Possible values: `1`: Open `2`: Investigating `3`: Closed: Confirmed incident `4`: Closed: False positive

Parameter

Type

Optional

Description

type

String

The type of the target incident.

Possible values:

incidents: Endpoint incident from GravityZone Control Center.
extendedIncidents: Organization incident from GravityZone Control Center.

incidentId

String

The ID of the incident, obtained from the Event Push details.

The value corresponds to the incident_id parameter from New Incident and New extended incident event types.

Tip

You can get the ID of a specific incident form GravityZone Control Center by following these steps:

Log in to GravityZone Control Center.
Go to the Incidents page and locate the incident you want to change the status for.
Select the menu item on the right side of the table on the row of the target incident.
Select View events and alerts.
A new browser window is open with the details of the incident. The incident ID is included in the URL of the page.
Example
```
https://cloudgz.gravityzone.bitdefender.com/#!/xdr/events/65dc39197a4a51fb2b7f15ee
```

status

Integer

The status to be assigned to the incident.

Possible values:

1: Open
2: Investigating
3: Closed: Confirmed incident
4: Closed: False positive

General parameters

These are common parameters, available across all public API methods:

Parameter	Description	Included in request	Type	Values
`id`	This parameter adds an identifier to the request, linking it to its corresponding response. The target replies with the same value in the response, allowing easy call tracking.	Mandatory	String	No additional requirements. Example "id": "ad12cb61-52b3-4209-a87a-93a8530d91cb"
`method`	The name of the method you are using to send the request.	Mandatory	String	Must be a valid method name. Example "method": "methodName"
`jsonrpc`	The version of JSON-RPC used by the request and the response.	Mandatory	String	The only possible value is `2.0`. Example "jsonrpc": "2.0"
`params`	An object containing the configuration of the request.	Mandatory	Object	No additional requirements. Example "params": {...}

Return value

This method returns a Boolean which is true if the status of the targeted incident is changed successfully.

Note

This method will still return a true value if the target incident already had the specified status assigned prior to your request.
The status of the #DEMO incident cannot be modified. If you send an API request using its ID, the response will return false.

Example

Request:

{
    "params": {
        "type": "incidents",
        "incidentId": "6245af36b6503a00d07a4e53",
        "status": 1
    },
    "jsonrpc": "2.0",
    "method": "changeIncidentStatus",
    "id": "0df7568c-59c1-48e0-a31b-18d83e6d9810"
}

Response:

{
    "id": "0df7568c-59c1-48e0-a31b-18d83e6d9810",
    "jsonrpc": "2.0",
    "result": true
}

In this section: