SOLVED

Azure Sentinel REST API update existing incident - version conflict error

Occasional Contributor

Attempting to close an existing incident  using PUT REST Api for create /update incident:

 
using this request body
 
{
  properties: {
    severity: "High",
     "classification""Undetermined",
     "classificationComment""No longer in error state",
    status: "Closed",
    title: "Incident Title"
  }
}
 
returns this response, how do we handle versions on PUT?
 
{
    "error": {
        "code""Conflict",
        "message""Newer version of resource '73.......ba8' exists. Data was not saved"
    }
}




2 Replies
best response confirmed by baddeacs (Occasional Contributor)
Solution
You need to retrieve and provide the 'etag' value in your put request.

So you need to do a get for the incident first, retrieve the 'etag' property from there and then provide the etag value in your new request