Skip to main content
Skip table of contents

Set Incident Fields In Bulk‎

POST /Command/SetIncidentFieldsInBulk

Updates fields for multiple incidents with specified values in a JSON object.

Request

Authentication: API keys or JSON web tokens (JWT)

Body Parameters

Parameter Name

Type

Required/Optional

Description

Username

string

Required

The username of your D3 SOAR account.

Site

string

Required

The D3 SOAR site to run the remote command.

Input

array<JSON Object>

Optional

A JSON array of incidents with fields to be updated. Fields could be Title, SiteName, IncidentType, Status, SeverityName, Disposition, Tags, DueDate, Description, IncidentCategory, DateEnded, Owner, DateOccurred and CustomFields. Date format: yyyy-mm-dd hh:mm:ss.

READER NOTE

For Date/Time parameter Input, all times and timestamps must follow the format: yyyy-mm-dd hh:mm:ss .

  • e.g. May 15, 2024, 2:32 PM should be written as 2024-05-15 14:32:00.

Body Sample Data

application/json
CODE 
{
  "Username": "Admin",
  "Site": "Security Operations",
  "CommandParams": {
    "Input": [
      {
        "IncidentNumber": "20221116-6",
        "Input": {
          "Title": "Incident title",
          "SiteName": "test123site",
          "IncidentType": "test",
          "Status": "Closed",
          "SeverityName": "medium",
          "Disposition": "No Action",
          "Tags": "MyTag, MyTag2",
          "Description": "This is for updating incident",
          "DueDate": "2021-08-01 12:00:00",
          "IncidentCategory": "Access",
          "DateEnded": "2021-08-02 12:00:00",
          "Owner": "firstname lastname",
          "DateOccurred": "2021-08-02 12:00:00",
          "CustomAge": "30",
          "CustomSpecialField": "some special text"
        }
      },
      {
        "IncidentNumber": "20221116-7",
        "Input": {
          "Title": "Incident title",
          "SiteName": "test123site",
          "IncidentType": "test",
          "Status": "Closed",
          "SeverityName": "medium",
          "Disposition": "No Action",
          "Tags": "MyTag, MyTag2",
          "Description": "This is for updating incident",
          "DueDate": "2021-08-01 12:00:00",
          "IncidentCategory": "Access",
          "DateEnded": "2021-08-02 12:00:00",
          "Owner": "firstname lastname",
          "DateOccurred": "2021-08-02 12:00:00",
          "CustomAge": "30",
          "CustomSpecialField": "some special text"
        }
      }
    ]
  }
}

Response

200 OK

application/json

Field Name

Type

Description

error

string

The error message if the API request has failed.

returnData

string

The return data from the API request.

contextData

array<JSON Object>

The context data from the API request.

CODE 
{
    "error": "",
    "returnData": "Successful",
    "contextData": [
        {
            "Incident Number": "20221116-6",
            "Content": {
                "Title": "Incident title",
                "SiteName": "test123site",
                "IncidentType": "test",
                "Status": "Closed",
                "SeverityName": "medium",
                "Disposition": "No Action",
                "Tags": "MyTag, MyTag2",
                "Description": "This is for updating incident",
                "DueDate": "2021-08-01 12:00:00",
                "IncidentCategory": "Access",
                "DateEnded": "2021-08-02 12:00:00",
                "Owner": "firstname lastname",
                "DateOccurred": "2021-08-02 12:00:00",
                "CustomAge": "30",
                "CustomSpecialField": "some special text"
            }
        },
        {
            "Incident Number": "20221116-7",
            "Content": {
                "Title": "Incident title",
                "SiteName": "test123site",
                "IncidentType": "test",
                "Status": "Closed",
                "SeverityName": "medium",
                "Disposition": "No Action",
                "Tags": "MyTag, MyTag2",
                "Description": "This is for updating incident",
                "DueDate": "2021-08-01 12:00:00",
                "IncidentCategory": "Access",
                "DateEnded": "2021-08-02 12:00:00",
                "Owner": "firstname lastname",
                "DateOccurred": "2021-08-02 12:00:00",
                "CustomAge": "30",
                "CustomSpecialField": "some special text"
            }
        }
    ]
}

401 Unauthorized

application/json

Response Fields

Field Name

Type

Description

Error

string

A error message when the API request fails.

Sample Data

CODE 
{"Error": "Invalid authentication key."}

429 TooManyRequests

application/json

Response Fields

Field Name

Type

Description

Error

string

A error message when the API request fails.

Sample Data

CODE 
{"Error": "The request exceeds rate limits or is otherwise blocked by rate limiting policies."}

500 InternalServerError

application/json

Response Fields

Field Name

Type

Description

Error

string

A error message when the API request fails.

Sample Data

CODE 
{"Error": "Unexpected Error."}
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close