Connectors
...
Actions
Get Incident
5 min
description retrieve detailed information and relationships for an incident by its id from microsoft graph api endpoint url /v1 0/security/incidents/{{incidentid}} method get inputs path parameters (object) – required path parameters incidentid (string) – required incident id output example \[ { "status code" 200, "response headers" { "transfer encoding" "chunked", "content type" "application/json", "content encoding" "gzip", "vary" "accept encoding", "strict transport security" "max age=31536000", "request id" "8beed643 f868 4fd0 9e15 e0db4c50383e", "client request id" "8beed643 f868 4fd0 9e15 e0db4c50383e", "x ms ags diagnostic" "{\\"serverinfo\\" {\\"datacenter\\" \\"brazil south\\",\\"slice\\" \\"e\\",\\"ring\\" \\"3\\",\\"scaleunit\\" \\"001\\",\\"roleinstance\\" \\"cp1pepf00003034\\"}}", "date" "tue, 27 dec 2022 21🕛51 gmt" }, "reason" "ok", "json body" { "@odata type" "#microsoft graph incident", "id" "2972395", "incidentweburl" "https //security microsoft com/incidents/2972395?tid=12f988bf 16f1 11af 11ab 1d7cd011db47", "redirectincidentid" null, "displayname" "multi stage incident involving initial access & command and control on multiple endpoints reported by multiple sources", "tenantid" "b3c1b5fc 828c 45fa a1e1 10d74f6d6e9c", "createddatetime" "2021 08 13t08 43 35 5533333z", "lastupdatedatetime" "2021 09 30t09 35 45 1133333z", "assignedto" "kaic\@contoso onmicrosoft com", "classification" "truepositive", "determination" "multistagedattack", "status" "active", "severity" "medium", "customtags" \[ "demo" ], "comments" \[ { "comment" "demo incident", "createdby" "davids\@contoso onmicrosoft com", "createdtime" "2021 09 30t12 07 37 2756993z" } ] } } ] output parameters status code (number) reason (string) json body (object) @odata type (string) id (string) incidentweburl (string) redirectincidentid (object) displayname (string) tenantid (string) createddatetime (string) lastupdatedatetime (string) assignedto (string) classification (string) determination (string) status (string) severity (string) customtags (array) comments (array) comment (string) createdby (string) createdtime (string) response headers header type transfer encoding string content type string content encoding string vary string strict transport security string request id string client request id string x ms ags diagnostic string date string