How to close cases

Supported in:

You can close a case once it's resolved. There are several ways to close a case:

Close a single case from the Case top menu

  1. Drill down to a case, then click closecaseicon Close Case.
    2. closecases1
  2. In the Close Case dialog, select a valid reason and a root cause for closing the case, and enter any additional comments. These comments will be posted on the Case Wall.
    3. closecases2
  3. Click Close.

Close multiple cases at once

When you manage a high volume of cases, choose a method that matches your workflow and the number of cases you want to close.

The following guidelines are based on the approximate number of open cases in your case queue.

For a small number of cases (2-250 cases)

If you have a manageable number of cases to close (typically 2-250 cases, with the platform allowing you to close up to 50 at once from the Cases page views or the Search page), you can use these methods directly within the platform.

From the cases queue (side-by-side view)

  1. Click multipleselecticon Select multiple cases.
    2. closecases3
  2. Select the relevant cases in the Cases queue.
  3. Click format_list_bulleted Close Cases/Merge Cases and select Close Cases.
    4. closecases3
  4. In the Close Case dialog, select a valid reason and a root cause. Optionally, enter comments to post on the Case Wall.
  5. Click Close.

From the cases queue (list view)

  1. Select the relevant cases in the cases queue.
  2. Click closecaseicon Close cases located in the top right of the page.
    3. closecases6
  3. In the Close Case dialog, select a valid reason and a root cause for closing the case and enter any additional comments. These comments will be posted on the Case Wall.
  4. Click Close.

From the Search page

  1. Go to the Search page.
  2. Apply relevant filters to narrow down the cases.
  3. From the search results, select the cases you want to close.
  4. Click Menu and select Close case.
  5. In the Close Case dialog, choose a valid reason and root cause. Optionally, enter comments to post on the Case Wall. Click Close when finished.

For a medium number of cases (250-2000 cases)

For a larger, but still manageable number of cases (typically 250-2000 cases, with the API allowing deletion in blocks of 50 per request), use the following API endpoint to bulk close cases:

/api/external/v1/cases-queue/bulk-operations/ExecuteBulkCloseCase

For a large number of cases (2000+ cases)

If you need to close a large volume of cases (2000+ cases), contact Support.

Need more help? Get answers from Community members and Google SecOps professionals.