Edit FalconNgsCase
Modify a Falcon NGSIEM case
Requires 'Cases: Write'.
| Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
|---|---|---|---|---|---|---|---|
| Name | String | Case name | X | ||||
| Severity | String | Case severity | X | ||||
| Description | String | Case description | X | ||||
| Status | String | Case status |
newin_progressreopenedclosed
|
X | |||
| CustomField | Object[] | Objects containing 'custom_fields' properties ('id', 'values') | X | ||||
| SlaActive | Boolean | SLA status | X | ||||
| AssignedUuid | String | User identifier for case assignment | X | ||||
| RemoveUuid | Boolean | Remove assigned user from case | X | ||||
| Template | Object | Object containing case template properties ('id') | X | ||||
| Id | String | Case identifier | X | X |
Edit-FalconNgsCase [[-Name] <String>] [[-Severity] <String>] [[-Description] <String>] [[-CustomField] <Object[]>] [[-SlaActive] <Boolean>] [[-AssignedUuid] <String>] [[-RemoveUuid] <Boolean>] [-Id] <String> [-WhatIf] [-Confirm] [<CommonParameters>]Edit-FalconNgsCase [[-Status] <String>] [[-Template] <Object>] [-WhatIf] [-Confirm] [<CommonParameters>]PATCH /cases/entities/cases/v2
PUT /cases/entities/cases/v2
entities_cases_patch_v2
entities_cases_put_v2
Edit-FalconNgsCase -Name 'P2: Credential Misuse' -AssignedUuid <uuid> -Id <id>2025-09-22: PSFalcon v2.2.9
