Incident

These are the API endpoints for managing incidents, including listing, creating, updating, and deleting incidents.

End Points

POST

/api/v2/incident/{incident_id}/ticket

GET

/api/v2/incident/{incident_id}

Creates a ticket in the configured ticketing tool, such as Zendesk, ServiceDesk Plus, or Jira, for the specified incident.

Use this endpoint to escalate incidents to an external ticketing workflow, such as when an incident requires tracking or remediation through your organization's ticketing process.

Rate limit: 5 requests per minute per account.
OAuth Scope : logs360cloud.incidents.CREATE
Role : Administrator

Path Parameters

incident_id

integer

(Required)

Unique ID of the incident. It can be taken from the List Incidents API.

Headers

account_id

string

(Required)

Account ID

Request Example

headers_data = Map();
headers_data.put("account_id", "18XXXXX4");
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/incident/3000000438278/ticket"
type: POST
headers: headers_data
connection: <connection_name>
];
info response;

OkHttpClient client = new OkHttpClient();

Request request = new Request.Builder()
  .url("https://log360cloud.manageengine.com/api/v2/incident/3000000438278/ticket")
  .post(null)
  .addHeader("account_id", "18XXXXX4")
  .addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
  .build();

Response response = client.newCall(request).execute();

const options = {
  method: 'POST',
  headers: {
    account_id: '18XXXXX4',
    Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f'
  }
};

fetch('https://log360cloud.manageengine.com/api/v2/incident/3000000438278/ticket', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

import http.client

conn = http.client.HTTPSConnection("log360cloud.manageengine.com")

headers = {
    'account_id': "18XXXXX4",
    'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f"
    }

conn.request("POST", "/api/v2/incident/3000000438278/ticket", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

const http = require("https");

const options = {
  "method": "POST",
  "hostname": "log360cloud.manageengine.com",
  "port": null,
  "path": "/api/v2/incident/3000000438278/ticket",
  "headers": {
    "account_id": "18XXXXX4",
    "Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.end();

curl --request POST \
  --url https://log360cloud.manageengine.com/api/v2/incident/3000000438278/ticket \
  --header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
  --header 'account_id: 18XXXXX4'

Response Example

{
    "data": {
        "status": "success",
        "tool_name": "Zendesk",
        "message": "Incident ticket created successfully."
    }
}

{
    "error": {
        "code": "100010322",
        "title": "Bad Request",
        "detail": "Ticketing tool connection is not enabled."
    }
}

{
    "error": {
        "code": "00000101",
        "title": "Unauthorized",
        "detail": "Invalid OAuth Token"
    }
}

{
    "error": {
        "code": "10001003",
        "title": "Forbidden",
        "detail": "Insufficient permissions to create tickets."
    }
}

{
    "error": {
        "code": "100010320",
        "title": "Not Found",
        "detail": "incident_id"
    }
}

{
    "error": {
        "code": "10001029",
        "title": "Too Many Requests",
        "detail": "Rate limit exceeded. Retry after some time."
    }
}

{
    "error": {
        "code": "10001018",
        "title": "Internal Server Error",
        "detail": "Something went wrong."
    }
}

This API is used to fetch the details of a specific incident.
OAuth Scope : logs360cloud.incidents.READ
Role : Administrator, Operator

Path Parameters

incident_id

integer

(Required)

Unique ID of the incident. It can be taken from the List Incidents API.

Query Parameters

response_type

string

Determines whether the response value should be based on the client or server value. Accepted values are `client` and `server`. Default value is 'server'.

Headers

account_id

string

(Required)

Account ID

Request Example

headers_data = Map();
headers_data.put("account_id", "18XXXXX4");
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/incident/3000000438278"
type: GET
headers: headers_data
connection: <connection_name>
];
info response;

OkHttpClient client = new OkHttpClient();

Request request = new Request.Builder()
  .url("https://log360cloud.manageengine.com/api/v2/incident/3000000438278")
  .get()
  .addHeader("account_id", "18XXXXX4")
  .addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
  .build();

Response response = client.newCall(request).execute();

const options = {
  method: 'GET',
  headers: {
    account_id: '18XXXXX4',
    Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f'
  }
};

fetch('https://log360cloud.manageengine.com/api/v2/incident/3000000438278', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

import http.client

conn = http.client.HTTPSConnection("log360cloud.manageengine.com")

headers = {
    'account_id': "18XXXXX4",
    'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f"
    }

conn.request("GET", "/api/v2/incident/3000000438278", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

const http = require("https");

const options = {
  "method": "GET",
  "hostname": "log360cloud.manageengine.com",
  "port": null,
  "path": "/api/v2/incident/3000000438278",
  "headers": {
    "account_id": "18XXXXX4",
    "Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.end();

curl --request GET \
  --url https://log360cloud.manageengine.com/api/v2/incident/3000000438278 \
  --header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
  --header 'account_id: 18XXXXX4'

{
    "data": {
        "actors": [
            {
                "entity": [
                    "dev-agent"
                ]
            },
            {
                "suspect": [
                    "dev-agent\\n/a"
                ]
            }
        ],
        "notes": [
            {
                "note": "Incident occurred during server upgrade.",
                "added_by": "gokul.sn+test",
                "time": "2025-03-31 16:12:17"
            }
        ],
        "evidence": [
            {
                "severity": "information",
                "eventid": 40960,
                "incident_tab": "evidence",
                "formatted_message": "Downgrade Attacks.  Subject:   Security ID: S-1-5-21-2477490969-972611893-3386141825-500   Account Name: administrator   Domain Name: ELANEW2017   Logon ID: 0x8D71B\t9077 ",
                "type_of_evidence": "LOG",
                "_zl_timestamp": "2025-03-31 16:12:17",
                "hosttype": "windows",
                "incident_added_by": "gokul.sn+test",
                "img_class": "fw-icon fw-icn-login-user",
                "log_org_time": "2025-03-31 15:30:00",
                "source": "lsasrv",
                "message": "Downgrade Attacks.  Subject:   Security ID: S-1-5-21-2477490969-972611893-3386141825-500   Account Name: administrator   Domain Name: ELANEW2017   Logon ID: 0x8D71B\t9077 ",
                "type": "security",
                "incident_uuid": "5a98433b-ebde-4920-825e-3c00ca5f7ecc_objectidcustom_logs",
                "source_ip": "1.4.0.0",
                "hostname": "dev-agent",
                "is_threshold_incident": false,
                "log_obtained_from": "REPORT",
                "category": "downgrade attacks",
                "username": "n/a",
                "incident_time": "2025-03-31 16:12:17"
            },
            {
                "severity": "critical",
                "incident_tab": "evidence",
                "type_of_evidence": "ALERT",
                "_zl_timestamp": "2025-03-31 17:00:00",
                "incident_added_by": "gokul.sn+test",
                "log_obtained_from": "ALERT",
                "alert_id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
                "incident_uuid": "7b12345a-abcd-1234-ef56-7890abcdef01_objectidcustom_logs",
                "incident_time": "2025-03-31 17:00:00"
            }
        ],
        "activity": [
            {
                "activity": "Incident Notes Added",
                "description": "Notes added to DOS Attack Incident by gokul.sn+test.",
                "time": "2025-03-31 16:12:17"
            },
            {
                "activity": "Incident Updated",
                "description": "New evidence added to DOS Attack Incident by gokul.sn+test.",
                "time": "2025-03-31 16:12:17"
            },
            {
                "activity": "Incident Created",
                "description": "DOS Attack Incident incident has been created successfully by gokul.sn+test.",
                "time": "2025-03-31 16:12:17"
            }
        ]
    }
}

{
    "code": "00000101",
    "title": "Unauthorized",
    "detail": "Invalid OAuth Token"
}

{
    "error": {
        "code": "10001007",
        "title": "Bad Request",
        "detail": "Something went wrong."
    }
}

This API is used to create a new incident.
OAuth Scope : logs360cloud.incidents.CREATE
Role : Administrator

Arguments

name

string

(Required)

Unique name of the incident.

description

string

Description of the incident.

severity

string

Severity of the incident. Allowed values - critical, trouble, attention

status

string

Status of the incident. Allowed values - open, in_progress, closed

assignee

integer

Assignee of the incident. It can be taken from the Users metadata API.

due_date

string

Due date of the incident, in ISO 8601 date-time format.
The value must be ≥ 1970-01-01T00:00:00Z. Time zone offsets are supported.

notes

array

Notes for the incident.

evidence

array

Evidence for the incident. uuids can be taken from the search, report, alert fetch APIs.

source

string

Source of the evidence. Allowed values - search, report, alert

Request Example

parameters_data='{"field1":"value1","field2":"value2"}';
headers_data = Map();
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/incident"
type: POST
headers: headers_data
content-type: application/json
parameters: parameters_data
connection: <connection_name>
];
info response;

OkHttpClient client = new OkHttpClient();

MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}");
Request request = new Request.Builder()
  .url("https://log360cloud.manageengine.com/api/v2/incident")
  .post(body)
  .addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
  .addHeader("content-type", "application/json")
  .build();

Response response = client.newCall(request).execute();

const options = {
  method: 'POST',
  headers: {
    Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f',
    'content-type': 'application/json'
  },
  body: '{"field1":"value1","field2":"value2"}'
};

fetch('https://log360cloud.manageengine.com/api/v2/incident', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

import http.client

conn = http.client.HTTPSConnection("log360cloud.manageengine.com")

payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}"

headers = {
    'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
    'content-type': "application/json"
    }

conn.request("POST", "/api/v2/incident", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

const http = require("https");

const options = {
  "method": "POST",
  "hostname": "log360cloud.manageengine.com",
  "port": null,
  "path": "/api/v2/incident",
  "headers": {
    "Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
    "content-type": "application/json"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.write(JSON.stringify({field1: 'value1', field2: 'value2'}));
req.end();

curl --request POST \
  --url https://log360cloud.manageengine.com/api/v2/incident \
  --header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
  --header 'content-type: application/json' \
  --data '{"field1":"value1","field2":"value2"}'

{
    "name": "test",
    "description": "test description",
    "severity": "trouble",
    "status": "open",
    "assignee": -1,
    "due_date": "2027-10-03 10:30:00",
    "notes": [
        "adding a test note"
    ],
    "evidence": [
        "dd34449f-47ae-433b-94b9-7bfddba1ab0c_objectidcustom_logs"
    ],
    "source": "report"
}

{
    "data": {
        "incident_id": 3000000438284,
        "message": "Incident has been created successfully."
    }
}

{
    "code": "00000101",
    "title": "Unauthorized",
    "detail": "Invalid OAuth Token"
}

{
    "error": {
        "code": "10001007",
        "title": "Bad Request",
        "detail": "Something went wrong."
    }
}

This API is used to update an existing incident.
OAuth Scope : logs360cloud.incidents.UPDATE
Role : Administrator, Operator

Arguments

incident_id

integer

(Required)

Unique Id of the incident. It can be taken from the List Incidents API.

name

string

(Required)

Unique name of the incident.

description

string

Description of the incident.

severity

string

Severity of the incident. Allowed values - critical, trouble, attention

status

string

Status of the incident. Allowed values - open, in_progress, closed

assignee

integer

Assignee of the incident. It can be taken from the Users metadata API.

due_date

string

Due date of the incident, in ISO 8601 date-time format.
The value must be ≥ 1970-01-01T00:00:00Z. Time zone offsets are supported.

notes

array

Notes for the incident.

evidence

array

Evidence for the incident. uuids can be taken from the search, report, alert fetch APIs.

source

string

Source of the evidence. Allowed values - search, report, alert

Request Example

parameters_data='{"field1":"value1","field2":"value2"}';
headers_data = Map();
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/incident"
type: PUT
headers: headers_data
content-type: application/json
parameters: parameters_data
connection: <connection_name>
];
info response;

OkHttpClient client = new OkHttpClient();

MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}");
Request request = new Request.Builder()
  .url("https://log360cloud.manageengine.com/api/v2/incident")
  .put(body)
  .addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
  .addHeader("content-type", "application/json")
  .build();

Response response = client.newCall(request).execute();

const options = {
  method: 'PUT',
  headers: {
    Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f',
    'content-type': 'application/json'
  },
  body: '{"field1":"value1","field2":"value2"}'
};

fetch('https://log360cloud.manageengine.com/api/v2/incident', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

import http.client

conn = http.client.HTTPSConnection("log360cloud.manageengine.com")

payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}"

headers = {
    'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
    'content-type': "application/json"
    }

conn.request("PUT", "/api/v2/incident", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

const http = require("https");

const options = {
  "method": "PUT",
  "hostname": "log360cloud.manageengine.com",
  "port": null,
  "path": "/api/v2/incident",
  "headers": {
    "Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
    "content-type": "application/json"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.write(JSON.stringify({field1: 'value1', field2: 'value2'}));
req.end();

curl --request PUT \
  --url https://log360cloud.manageengine.com/api/v2/incident \
  --header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
  --header 'content-type: application/json' \
  --data '{"field1":"value1","field2":"value2"}'

{
    "incident_id": 3000000438278,
    "name": "test",
    "description": "test description",
    "severity": "trouble",
    "status": "open",
    "assignee": -1,
    "due_date": "2027-10-03 10:30:00",
    "notes": [
        "adding a test note"
    ],
    "evidence": [],
    "source": ""
}

{
    "data": {
        "message": "Incident has been updated successfully."
    }
}

{
    "code": "00000101",
    "title": "Unauthorized",
    "detail": "Invalid OAuth Token"
}

{
    "error": {
        "code": "10001007",
        "title": "Bad Request",
        "detail": "Something went wrong."
    }
}

Retrieves a list of incidents with optional filters for status, severity, and time range.

Use this endpoint to retrieve incidents, such as when building an incident dashboard or reviewing open incidents.

Rate limit: 50 requests per minute per account.
OAuth Scope : logs360cloud.incidents.READ
Role : Administrator, Operator

Query Parameters

severity

string

Filters incidents based on severity levels. Allowed values - critical, trouble, attention.

status

string

Filters incidents based on their status. Allowed values - open, in_progress, closed.

created_by

string

Filters incidents based on created users. It can be taken from the Users metadata API.

assignee

integer

Filters incidents based on assignee. It can be taken from the Users metadata API.

from

integer

The starting index of the response range.

limit

integer

The number of incidents to return in the search response.

response_type

string

Determines whether the response value should be based on the client or server value. Accepted values are `client` and `server`. Default value is 'server'.

Headers

account_id

string

(Required)

Account ID

Request Example

headers_data = Map();
headers_data.put("account_id", "18XXXXX4");
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/incident"
type: GET
headers: headers_data
connection: <connection_name>
];
info response;

OkHttpClient client = new OkHttpClient();

Request request = new Request.Builder()
  .url("https://log360cloud.manageengine.com/api/v2/incident")
  .get()
  .addHeader("account_id", "18XXXXX4")
  .addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
  .build();

Response response = client.newCall(request).execute();

const options = {
  method: 'GET',
  headers: {
    account_id: '18XXXXX4',
    Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f'
  }
};

fetch('https://log360cloud.manageengine.com/api/v2/incident', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

import http.client

conn = http.client.HTTPSConnection("log360cloud.manageengine.com")

headers = {
    'account_id': "18XXXXX4",
    'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f"
    }

conn.request("GET", "/api/v2/incident", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

const http = require("https");

const options = {
  "method": "GET",
  "hostname": "log360cloud.manageengine.com",
  "port": null,
  "path": "/api/v2/incident",
  "headers": {
    "account_id": "18XXXXX4",
    "Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.end();

curl --request GET \
  --url https://log360cloud.manageengine.com/api/v2/incident \
  --header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
  --header 'account_id: 18XXXXX4'

Response Example

{
    "data": [
        {
            "severity": "Critical",
            "created_time": "2025-03-31 16:12:10",
            "incident_id": 3000000455681,
            "assign_to": -1,
            "due_date": "2025-04-02 00:00:00",
            "incident_description": "The collection of reports with Downgrade Attacks.",
            "incident_name": "DOS Attack Incident",
            "created_by": "user001",
            "status": "Open"
        },
        "..."
    ],
    "meta": {
        "start_index": 1,
        "total_count": 2,
        "limit": 10
    }
}

{
    "error": {
        "code": "10001007",
        "title": "Bad Request",
        "detail": "Something went wrong."
    }
}

{
    "code": "00000101",
    "title": "Unauthorized",
    "detail": "Invalid OAuth Token"
}

{
    "error": {
        "code": "10001007",
        "title": "Bad Request",
        "detail": "Something went wrong."
    }
}

Delete an existing incident.
OAuth Scope : logs360cloud.incidents.DELETE
Role : Administrator, Operator

Arguments

incident_ids

array

(Required)

List of incident IDs to delete. It can be taken from the List Incidents API

Request Example

parameters_data='{"field1":"value1","field2":"value2"}';
headers_data = Map();
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/incident"
type: DELETE
headers: headers_data
content-type: application/json
parameters: parameters_data
connection: <connection_name>
];
info response;

OkHttpClient client = new OkHttpClient();

MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}");
Request request = new Request.Builder()
  .url("https://log360cloud.manageengine.com/api/v2/incident")
  .delete(body)
  .addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
  .addHeader("content-type", "application/json")
  .build();

Response response = client.newCall(request).execute();

const options = {
  method: 'DELETE',
  headers: {
    Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f',
    'content-type': 'application/json'
  },
  body: '{"field1":"value1","field2":"value2"}'
};

fetch('https://log360cloud.manageengine.com/api/v2/incident', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

import http.client

conn = http.client.HTTPSConnection("log360cloud.manageengine.com")

payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}"

headers = {
    'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
    'content-type': "application/json"
    }

conn.request("DELETE", "/api/v2/incident", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

const http = require("https");

const options = {
  "method": "DELETE",
  "hostname": "log360cloud.manageengine.com",
  "port": null,
  "path": "/api/v2/incident",
  "headers": {
    "Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
    "content-type": "application/json"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

req.write(JSON.stringify({field1: 'value1', field2: 'value2'}));
req.end();

curl --request DELETE \
  --url https://log360cloud.manageengine.com/api/v2/incident \
  --header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
  --header 'content-type: application/json' \
  --data '{"field1":"value1","field2":"value2"}'

{
    "incident_ids": [
        3000000438278
    ]
}

{
    "data": {
        "message": "Incident has been deleted successfully."
    }
}

{
    "code": "00000101",
    "title": "Unauthorized",
    "detail": "Invalid OAuth Token"
}

{
    "error": {
        "code": "10001007",
        "title": "Bad Request",
        "detail": "Something went wrong."
    }
}

Add Incident to Ticket

Path Parameters

Headers

Get Incident

Path Parameters

Query Parameters

Headers

Create Incident

Arguments

Update Incident

Arguments

List Incidents

Query Parameters

Headers

Delete Incidents

Arguments