Issue with "Securonix" in @site/docs/reference/integrations/securonix.md

[hfondse]

Currently we are ingesting alerts from Securonix into XSOAR but we have no method to close the incidents on Securonix from xsoar. There is a command to issue an action onto an incident that we can possibly use but we don't know what the arguments are to close the incident. We have tried multiple options by guessing but with no success.

securonix-perform-action-on-incident action=????

Can we please have the arguments to close a specific incident so that we can build it into our playbooks?

Describe the problem

• Page: Securonix
• Source: https://github.com/demisto/content/blob/master//Packs/Securonix/Integrations/Securonix/README.md

Screenshots

Environment

• OS: [e.g. Windows]
• Browser: [e.g. chrome, safari, firefox..]
• Browser Version:

Suggested fix

[welcome[bot]]

Hi and welcome to our Content Developer Docs project! Thanks and congrats for opening your very first issue. If you know the fix, you may also submit a PR to fix the issue if you like!

[Itay4]

@bakatzir can you please assist here?

[bakatzir]

@hfondse The actions available on an incident are per the workflow the incident is associated to. I would run securonix-get-incident-workflow on the incident first. then securonix-get-incident-available-actions. IIRC, in the default workflow, an unassigned incident can not be closed directly, and it has to be assigned first. That said, every customer has it is own unique workflows.