Did you ever find out an answer for this question? Thanks,
Harsha.

I was not very clear on the Question. I can see the Notable details on the Incident Review screen, What I want is to get these details using a REST API or other calls. ie Notable events details and related events using an API with sid as the input parameter

I presume, you are referring to Enterprise Security App.

You may click notable event, then click arrow on far left. You will get below details including event_id, event_hash, domain, urgency etc.

Description:

The system 10.11.36.20 has failed sshd authentication 44 times using 38 username(s) against 1 target(s) in the last hour
Additional Fields Value Action

Application sshd

Source 10.11.36.20

Source Business Unit americas

Source Category pci

splunk

Source City Pleasanton

Source Country USA

Source IP Address 10.11.36.20

Source Expected true

Source Latitude 37.694452

Source Longitude -121.894461

Source Owner Bill_williams

Source PCI Domain trust

Source Requires Antivirus false

Source Should Time Synchronize true

Source Should Update true

Correlation Search:
Access - Excessive Failed Logins - Rule
History:
View all review activity for this Notable Event
Contributing Events:

View all login failures by system 10.11.36.20 for the application sshd

Event Details:
event_id es1-ap.demo.splunk.com@@notable@@d3a7697a3a20234151c5ab8669716857

event_hash d3a7697a3a20234151c5ab8669716857

eventtype nix-all-logs

suppress_src

notable

A notable event is a Splunk term. Whenever underlying correlation search comes positive, it will generate a notable event.
You can see correlation search that triggered notable event.