Update Alerts

Cortex Xpanse REST API

post /public_api/v1/alerts/update_alerts/

Required license: **Cortex Xpanse Expander**

Update one or more alerts. You can update up to 100 alerts per request. Missing fields are ignored.

CURL
curl -X POST \ -H "Accept: application/json" \ -H "Content-Type: application/json" -H "authorization: {{api_key}}" -H "x-xdr-auth-id: {{api_key_id}}" \ "https://api-}/public_api/v1/alerts/update_alerts/" \ -d '{ "request_data" : "" }'
Request headers
authorization
required
String
api-key
Example: {{api_key}}
x-xdr-auth-id
required
String
api-key-id
Example: {{api_key_id}}
Request
Body
required
request_data
required
Object
(Required) A dictionary containing the API request fields. An empty dictionary returns all results.
(Required) A dictionary containing the API request fields. An empty dictionary returns all results.
alert_id_list
optional
Array of strings
update_data
required
severity
optional
String

Administrator-defined severity, one of the following:

  • critical
  • high
  • medium
  • low
  • unknown
status
optional
String

Updated alert status, one of the following:

  • resolved_-_no_longer_observed
  • new
  • resolved_-_no_risk
  • resolved_-_risk_accepted
  • under_investigation
  • resolved_-_contested_asset
  • resolved_-_remediated_automatically
  • resolved
comment
optional
String
Updated text that appears in the Resolution Comment field of the Alerts table.
Responses

Successful response

Body
reply
required
Object
alerts_ids
optional
Array of integers

Bad Request. Got an invalid JSON.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unauthorized access. User does not have the required license type to run this API.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unprocessable Entity

Body
code
optional
Integer
Error code
status
optional
String
Error name
message
optional
String
Error message
errors
optional
Object
Errors

Internal server error. A unified status for API communication type errors.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.