POST /api/v2/alerts/close
The target correlator must be running.
Access: General administrator, Tenant administrator, Tier 2 analyst, Tier 1 analyst, Junior analyst, Interaction with NCIRCC, Access to CII.
Request body
Format: JSON
Name |
Data type |
Mandatory |
Description |
Value example |
id |
string |
Yes |
Alert ID |
00000000-0000-0000-0000-000000000000 |
reason |
string |
Yes |
Reason for closing the alert |
responded, incorrect data, incorrect correlation rule |
Response
HTTP code: 204
Possible errors
HTTP code |
Description |
message field value |
details field value |
400 |
Alert ID is not specified |
id required |
- |
400 |
The reason for closing the alert is not specified |
reason required |
- |
400 |
Invalid value of the "reason" parameter |
invalid reason |
- |
403 |
The user does not have the required role in the alert tenant |
access denied |
- |
404 |
Alert not found |
alert not found |
- |
406 |
Alert tenant disabled |
tenant disabled |
- |
406 |
Alert already closed |
alert already closed |
- |
500 |
Any other internal errors |
variable |
variable |