Does anyone know if there is a way to poll a case for open alerts and then close the case if there aren't any through a playbook action?
Poll a case for open alerts and close the case through a playbook action
+2+2I solved this by creating a really simple custom action that returns the number of alerts for a case and i use that in a playbook block to either just close it if there is just one, or if more than one prompt for analyst to a) close just that alert b) close the entire case and all alerts or c) don't do anything else while you work the other alerts
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.