Microsoft Secure Tech Accelerator
Apr 13 2023, 07:00 AM - 12:00 PM (PDT)
Microsoft Tech Community

Azure Sentinel REST API update existing incident - version conflict error

Occasional Contributor

Attempting to close an existing incident  using PUT REST Api for create /update incident:

using this request body
  properties: {
    severity: "High",
     "classificationComment""No longer in error state",
    status: "Closed",
    title: "Incident Title"
returns this response, how do we handle versions on PUT?
    "error": {
        "message""Newer version of resource '73.......ba8' exists. Data was not saved"

2 Replies
best response confirmed by baddeacs (Occasional Contributor)
You need to retrieve and provide the 'etag' value in your put request.

So you need to do a get for the incident first, retrieve the 'etag' property from there and then provide the etag value in your new request