Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Update Incident Attributes

This API enables you to update certain incident attributes.

Release Added

5.2.5

Methodology REST API based: Caller makes an HTTPS request with an input JSON containing the updated incident attributes
Request URL https://<FortiSIEM_Supervisor_IP>/phoenix
/rest/incident/external

Input Credentials User name and password of Super account or Organization specific account
Input JSON ContentType: application/json

RequestPayload:{"incidentId":"1","comments":"XYZ","incidentStatus":
"3","externalTicketType":"MEDIUM","externalTicketId":
"1111","externalTicketState":"CLOSED",
"externalAssignedUser":"ABC"}


  • incidentId – Incident ID for the incident to be updated
  • comments – Any comments
  • incidentStatus – 0 (Active), 1 (Auto Cleared), 2 (Manually Cleared), or 3 (System Cleared)
  • externalTicketType – Low, Medium, or High
  • externalTicketId – External Ticket ID
  • externalTicketState – New, Assigned, In Progress, or Closed
  • externalAssignedUser – External Assigned User
Output HTTP status code

Refer to Example Usage to get the list of monitored devices and attributes.

Update Incident Attributes

This API enables you to update certain incident attributes.

Release Added

5.2.5

Methodology REST API based: Caller makes an HTTPS request with an input JSON containing the updated incident attributes
Request URL https://<FortiSIEM_Supervisor_IP>/phoenix
/rest/incident/external

Input Credentials User name and password of Super account or Organization specific account
Input JSON ContentType: application/json

RequestPayload:{"incidentId":"1","comments":"XYZ","incidentStatus":
"3","externalTicketType":"MEDIUM","externalTicketId":
"1111","externalTicketState":"CLOSED",
"externalAssignedUser":"ABC"}


  • incidentId – Incident ID for the incident to be updated
  • comments – Any comments
  • incidentStatus – 0 (Active), 1 (Auto Cleared), 2 (Manually Cleared), or 3 (System Cleared)
  • externalTicketType – Low, Medium, or High
  • externalTicketId – External Ticket ID
  • externalTicketState – New, Assigned, In Progress, or Closed
  • externalAssignedUser – External Assigned User
Output HTTP status code

Refer to Example Usage to get the list of monitored devices and attributes.