Merge branch 'main' into huicong/updateName

Danielabom · web-flow · commit d881886a7dbc · 2024-12-24T10:05:52.000-06:00
diff --git a/api-reference/beta/api/security-incident-update.md b/api-reference/beta/api/security-incident-update.md
@@ -53,6 +53,7 @@ PATCH /security/incidents/{incidentId}
 |determination|microsoft.graph.security.alertDetermination|Specifies the determination of the incident. Possible values are: `unknown`, `apt`, `malware`, `securityPersonnel`, `securityTesting`, `unwantedSoftware`, `other`, `multiStagedAttack`, `compromisedAccount`, `phishing`, `maliciousUserActivity`, `notMalicious`, `notEnoughDataToValidate`, `confirmedUserActivity`, `lineOfBusinessApplication`, `unknownFutureValue`.|
 |displayName|String|The incident name.|
 |severity|microsoft.graph.security.alertSeverity|Indicates the possible impact on assets. The higher the severity, the bigger the impact. Typically, higher severity items require the most immediate attention. Possible values are: `unknown`, `informational`, `low`, `medium`, `high`, `unknownFutureValue`.|
+|resolvingComment|string|User input that explains the resolution of the incident and the classification choice. It contains free editable text.|
 |status|microsoft.graph.security.incidentStatus|The status of the incident. Possible values are: `active`, `resolved`, `redirected`, `unknownFutureValue`.|
 |summary|String|The overview of an attack. When applicable, the summary contains details of what occurred, impacted assets, and the type of attack.|
 
diff --git a/api-reference/v1.0/api/security-incident-update.md b/api-reference/v1.0/api/security-incident-update.md
@@ -51,6 +51,7 @@ PATCH /security/incidents/{incidentId}
 |determination|microsoft.graph.security.alertDetermination|Specifies the determination of the incident. Possible values are: `unknown`, `apt`, `malware`, `securityPersonnel`, `securityTesting`, `unwantedSoftware`, `other`, `multiStagedAttack`, `compromisedAccount`, `phishing`, `maliciousUserActivity`, `notMalicious`, `notEnoughDataToValidate`, `confirmedUserActivity`, `lineOfBusinessApplication`, `unknownFutureValue`.|
 |displayName|String|The incident name.|
 |severity|microsoft.graph.security.alertSeverity|Indicates the possible impact on assets. The higher the severity, the bigger the impact. Typically, higher severity items require the most immediate attention. Possible values are: `unknown`, `informational`, `low`, `medium`, `high`, `unknownFutureValue`.|
+|resolvingComment|string|User input that explains the resolution of the incident and the classification choice. It contains free editable text.|
 |status|microsoft.graph.security.incidentStatus|The status of the incident. Possible values are: `active`, `resolved`, `redirected`, `unknownFutureValue`.|
 |summary|String|The overview of an attack. When applicable, the summary contains details of what occurred, impacted assets, and the type of attack.|
 
diff --git a/changelog/Microsoft.DirectoryServices.json b/changelog/Microsoft.DirectoryServices.json
@@ -1,6 +1,5 @@
 {
   "changelog": [
-    ,
     {
       "ChangeList": [
         {
diff --git a/concepts/whats-new-overview.md b/concepts/whats-new-overview.md
@@ -25,7 +25,7 @@ For details about previous updates to Microsoft Graph, see [Microsoft Graph what
 
 ### Security | Alerts and incidents
 
-Enabled the **description**, **displayName**, and **severity** properties as supported properties in an [Update incident](/graph/api/resources/security-incident) request.
+Enabled the **description**, **displayName**, **resolvingComment**, and **severity** properties as supported properties in an [Update incident](/graph/api/resources/security-incident) request.
 
 ### Teamwork and communications | Shift management
 

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,5 @@`
`1`	`1`	`{`
`2`	`2`	`"changelog": [`
`3`		`- ,`
`4`	`3`	`{`
`5`	`4`	`"ChangeList": [`
`6`	`5`	`{`