Does anyone know if there is a way to poll a case for open alerts and then close the case if there aren't any through a playbook action?
Page 1 / 1
I solved this by creating a really simple custom action that returns the number of alerts for a case and i use that in a playbook block to either just close it if there is just one, or if more than one prompt for analyst to a) close just that alert b) close the entire case and all alerts or c) don't do anything else while you work the other alerts
not sure if there is a cleaner way but doing this works for us
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.