Hi Kunal,
The way I would handle this in function code would be to use the resilient client to access the artifact endpoint, search through the artifact properties to find which artifacts you want to add to the next incident. Please consult the REST API when making these calls (Double check with curl's and edit endpoint strings for your need) to confirm the expected behaviour, this is not meant to be a complete code, just a logical schema:
res_client = self.rest_client()
incident_str = '/incidents/{incident_id}/'.format(incident_id=incident_id)
artifact_str = '/incidents/{incident_id}/artifacts'.format(incident_id=incident_id)
add_incident_str = '/orgs/{org_id}/incidents'.format(org_id=org_id)
content = res_client.get(incident_str)
art_content = res_client.get(artifact_str)
"""Search artifacts for what you want"""
if art_content[i]['properties'][0]['name'] in ('source', 'destination', '<your criteria>'):
details_payload.add(i, art_content[i])
log.info("Artifact added ".format(art_content[i]))
new_incident = res_client.post(add_incident_str)
new_inc_response = res_client.post('/incidents/{incident_id}/artifacts'.format(new_incident['id']), body=details_payload)
"""send back payload"""
results = payload.done(success=True, content=new_inc_response)
------------------------------
Sean OGorman
------------------------------
Original Message:
Sent: Tue January 14, 2020 12:40 PM
From: Kunal Matthews
Subject: Resilient - Create an Incident without emailmessage.createnewincident function
I am currently trying to create new incidents from artifacts that are already part of an incident. Are there other ways to create incidents in the post-process script, backend (FunctionComponent) or in a Script?
------------------------------
Kunal Matthews
------------------------------