Fortinet black logo

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Integration API Guide

Update Incident Attributes

This API enables you to update certain incident attributes.

Release Added

5.2.5

Methodology REST API based: Caller makes an HTTPS request with an input JSON containing the updated incident attributes
Request URLhttps://<FortiSIEM_Supervisor_IP>/phoenix
/rest/incident/external

Input CredentialsUser name and password of Super account or Organization specific account
Input JSONContentType: application/json

RequestPayload:{"incidentId":"1","comments":"XYZ","incidentStatus":
"3","externalTicketType":"MEDIUM","externalTicketId":
"1111","externalTicketState":"CLOSED",
"externalAssignedUser":"ABC"}


  • incidentId – Incident ID for the incident to be updated
  • comments – Any comments
  • incidentStatus – 0 (Active), 1 (Auto Cleared), 2 (Manually Cleared), or 3 (System Cleared)
  • externalTicketType – Low, Medium, or High
  • externalTicketId – External Ticket ID
  • externalTicketState – New, Assigned, In Progress, or Closed
  • externalAssignedUser – External Assigned User
Output HTTP status code

Refer to Example Usage to get the list of monitored devices and attributes.

Update Incident Attributes

This API enables you to update certain incident attributes.

Release Added

5.2.5

Methodology REST API based: Caller makes an HTTPS request with an input JSON containing the updated incident attributes
Request URLhttps://<FortiSIEM_Supervisor_IP>/phoenix
/rest/incident/external

Input CredentialsUser name and password of Super account or Organization specific account
Input JSONContentType: application/json

RequestPayload:{"incidentId":"1","comments":"XYZ","incidentStatus":
"3","externalTicketType":"MEDIUM","externalTicketId":
"1111","externalTicketState":"CLOSED",
"externalAssignedUser":"ABC"}


  • incidentId – Incident ID for the incident to be updated
  • comments – Any comments
  • incidentStatus – 0 (Active), 1 (Auto Cleared), 2 (Manually Cleared), or 3 (System Cleared)
  • externalTicketType – Low, Medium, or High
  • externalTicketId – External Ticket ID
  • externalTicketState – New, Assigned, In Progress, or Closed
  • externalAssignedUser – External Assigned User
Output HTTP status code

Refer to Example Usage to get the list of monitored devices and attributes.