Create Incident

POST

Creates an incident.

Request

This endpoint expects an object.
custom_schema_specobjectRequired

Requested custom schemas described abstractly. Every provided schema’s custom field must be specified, otherwise a bad request error is returned. If a new custom schema specifier is provided, then it will be added to the work, otherwise if a custom schema is omitted from the specifier, it remains unmodified.

external_source_dataobjectRequired
impactobjectRequired
stageobjectRequired

Create object for stage.

staged_infoobjectRequired

Create object for staged_info.

sync_metadataobjectRequired
titlestringRequiredformat: "text"

Title of the incident.

acknowledged_datestringOptionalformat: "date-time"

Timestamp when the incident was acknowledged.

applies_to_partslist of stringsOptional

Parts to which the incident is applicable to.

artifactslist of stringsOptional

Artifacts attached to the incident.

bodystringOptionalformat: "text"

Body of the incident.

custom_fieldsobjectOptional

Application-defined custom fields.

identified_datestringOptionalformat: "date-time"

Time when the incident was identified/reported.

mitigated_datestringOptionalformat: "date-time"

Timestamp when the incident was mitigated.

owned_bylist of stringsOptional

User IDs of the users that own the incident.

pialist of stringsOptional

The article ids of the Post-Incident Analysis(PIA) of the incident.

playbookslist of stringsOptional

The article ids of the playbook(s) associated with the incident.

related_docslist of stringsOptional

The article ids of other documents associated with the incident.

reported_bylongOptional

The entity that first reported the incident.

severitylongOptional

Severity of the incident.

stage_validation_optionslist of enumsOptional
Allowed values: allow_non_start

The type of stage validations options when creating an incident.

tagslist of objectsOptional

Tags associated with the object.

target_close_datestringOptionalformat: "date-time"

Timestamp when the incident is expected to be resolved.

sourcelongOptionalDeprecated

Source of where the incident was created. Only sys users and service accounts are supposed to set this field.

Response

Success.

incidentobject
Delete Incident
Built with