Dismiss Events

LAST UPDATED: AUG 19, 2024

This command is a critical part of the event management workflow, allowing for systematic dismissal of events with appropriate logging, notification, and triggering of subsequent actions based on configurable parameters.

READER NOTE

Please note that this command is only applicable within a Playbook.

Implementation	System
Command Category	System Utility
Tags	EVENT EVENT MANAGEMENT

Inputs

Parameter Name	Required/Optional	Description	Sample Data
Source Event ID	Required	The source event id to be dismissed	24345
Relevant Event IDs	Optional	The relevant event id to be dismissed	CODE `[ 24328, 24327 ]`
Reason Code	Optional	The reason code that explains why the event was dismissed. The default value is 'False Positive'.	2
Dismissal Reason	Optional	The detailed description of the dismissal reason.	This is a false positive event

Output

Return Data

The returned result of this command. If some required parameters are not defined, this returned data could be empty. The returned result can be passed down directly to a subsequent command in playbooks.

SAMPLE DATA

JSON

true

Context Data

The response data from the utility command.

SAMPLE DATA

JSON

{
    "dismissedEvents": [
        {
            "eventId": 24345,
            "eventGuid": "ba551e39-7707-eb11-843a-00155dd3e941",
            "type": "Source Event"
        },
        {
            "eventId": 24327,
            "eventGuid": "bdefe22c-7707-eb11-843a-00155dd3e941",
            "type": "Relevant Event"
        },
        {
            "eventId": 24328,
            "eventGuid": "beefe22c-7707-eb11-843a-00155dd3e941",
            "type": "Relevant Event"
        }
    ]
}