In this page:

Table of Contents

excludeclass

minLevelmaxLevel	1
maxLevelminLevel	1
include
outline	false
indent
exclude
style	disc
type	list
printable	true
class

Status
colour Green
title GET
Retrieve all Alerts

Expand

title	/op/api/v2/alerts/{{productView}}

Description:

This API retrieves all alerts.

Required Roles:

One of the following:

A custom role that allows access to “View Alerts”.
The OpDashAdminRole builtin role.
The OpDashPowerUserRole builtin role.

URI:

/op/api/v2/alerts/{{productView}}

Request:

The request should use the

Status

colour	Green
title	GET

method with the following URL parameters:

Name	Required/Optional	Description	Type	Available Options
productView	Required	The product view.	String	APIC IDG

Successful Response:

The response includes the following fields in its resultelement:

Name	Description	Type	Available Options
alerts		Array of Element
alerts[].id	The ID of the alert.	Long
alerts[].isSystemHealthMetric	Whether or not the alert is a metric.	Boolean
alerts[].isActive	Whether or not the alert will be scheduled for execution.	Boolean
alerts[].name	The alert name.	String
alerts[].description	Text description of the alert’s definition.	String
alerts[].productView	The product view assigned to the alert.	String	IDG APIC
alerts[].indexSets	Which OpenSearch index sets will be queried (according to product view).	String (Comma separated)	See Index Sets.
alerts[].documentType	Which OpenSearch document types will be queried (according to product view)	String	See Document type.
alerts[].jsonQuery	An OpenSearch query.	String (JSON)
alerts[].jsonParameters	Key-Value Pairs to Replace Values within the Query (JSON).	String (JSON)
alerts[].schedule	The scheduling definition using a simplified version of the Cron scheduling format.	String	format: sec min hour day month weekday year
alerts[].recipients	A list of email addresses the alert will be emailed to.	Array of Strings
alerts[].filtersParameters	Alert filters (according to product type and document type). Provided as Key-Value Pairs, where: The key is the filter name and the value is the filter value. The key is the filter operator ( filter name + `Op` ) and the value is the operator ( eq / ne / gt / gte / lte / lt).	Element	See Alert Filters.
alerts[].serviceNameFieldOverride	Apply the service filter value to a specific Store field. You may leave this field empty unless otherwise advised.	String
alerts[].lastUpdateTimeInMillis	Time the alert was created.	Long
alerts[].lastUpdateUserName	The user who created the alert.	String
alerts[].isPublishToMail	Whether or not an email will be sent.	Boolean
alerts[].isPublishToSyslog	Whether or not a syslog message will be sent.	Boolean
alerts[].isPublishToMailWs	Whether or not an email will be sent via webservice.	Boolean
alerts[].errorThreshold	If the alert value exceeds the error threshold value, the alert is assigned with a severity of error.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
alerts[].warningThreshold	If the alert value exceeds the warning threshold value, the alert is assigned with a severity of warning.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
alerts[].warningDamagePoints	The amount of damage points that are assigned for this alert if the alert has a severity of warning. When a specific device has only alerts in a warning severity, and the accumulated damage points of these alerts exceed its Damage Points Threshold, the device transitions into an error state in the System Health dashboard.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
alerts[].alertType	Type of the alert query.	String	Frequency Flatline Any List
alerts[].comparator	The comparator used to compare between the OpenSearch query result and the error threshold.	String	Equals NotEquels GreaterThan GreaterThanOrEquals LessThan LessThanOrEquals In NotIn Each alert type supports different comparators, for further details see Operators
alerts[].apiReference	Unique alert UUID.	String
alerts[].valueFieldName	The field name which field value is compared to the list of values.	String	Only applicable for alert type "List" and “Frequency“
alerts[].listOfValues	For alert type “Frequency“, is is a delimited final result list which will force the result to include only specific values. Missing values will be added with 0 fetched documents (thus allowing the user to identify missing values such as unused services). For alert type “List”, it is a delimited blacklist or a whitelist of values.	String	Only applicable for alert type "List" and “Frequency“
alerts[].listDelimiter	The delimiter used to delimit the list of values.	String	Only applicable for alert type "List" and “Frequency“
alerts[].investigateUri	The investigate link displays the data that triggered each alert in DPOD Web Console.	String
alerts[].aggregationNamesToIgnore	Aggregation names to ignore in results.	String (Comma separated)

Example:

Code Block

{
    "resultCode": "SUCCESS",
    "resultMessage": "Alerts retrieved successfully",
    "result": {
        "alerts": [
            {
                "id": 26,
                "isSystemHealthMetric": false,
                "isActive": false,
                "name": "API Error Message Count Alert",
                "description": "Alert when more than 10 API trans. ended with a specific error message",
                "productView": "APIC",
                "indexSets": "apic-log",
                "documentType": "APIC_LOGICAL_TRANS",
                "jsonQuery": "{\"query\":{\"bool\":{\"must\":{\"match_all\":{}},\"filter\":{\"bool\":{\"must\":[{\"term\":{\"documentType\":{\"value\":27}}},{\"match_phrase\":{\"errorMessage\":\"$messageTextSubstring\"}},{\"terms\":{\"recordType\":[\"R4\"]}},{\"bool\":{\"should\":[{\"term\":{\"recordCounter\":{\"value\":\"1\"}}},{\"bool\":{\"must_not\":[{\"exists\":{\"field\":\"recordCounter\"}}]}}],\"minimum_should_match\":\"1\"}}]}}}},\"aggs\":{\"API\":{\"terms\":{\"field\":\"apiName\",\"size\":1000,\"shard_size\":10000,\"order\":{\"_count\":\"desc\"}}}},\"size\":0}",
                "jsonParameters": "{\"messageTextSubstring\":\"Failed to establish a backside connection\"}",
                "schedule": "",
                "recipients": [],
                "filtersParameters": {
                    "timeRangeType": "recent",
                    "timeRangePeriod": "600000"
                },
                "lastUpdateTimeInMillis": 1719389034455,
                "lastUpdateUserName": "Installer",
                "isPublishToMail": false,
                "isPublishToSyslog": false,
                "isPublishToMailWs": false,
                "errorThreshold": 10.0,
                "alertType": "Frequency",
                "comparator": "GreaterThan",
                "apiReference": "EDBD6F2B-A576-4619-AC63-2594A10F7EC6",
                "investigateUri": "apicTransactions:-apicApiNameOp:eq-apicApiName:${result:API}-errorMessageOp:eq-errorMessage:${parameter:messageTextSubstring}"
            },
            { .....}

...

Expand

title	/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}

Description:

This API retrieves a specific alert.

Required Roles:

One of the following:

A custom role that allows access to “View Alerts”.
The OpDashAdminRole builtin role.
The OpDashPowerUserRole builtin role.

URI:

/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}

Request:

The request should use the

Status

colour	Green
title	GET

method with the following URL parameters:

Name	Required/Optional	Description	Type	Available Options
productView	Required	The product view.	String	APIC IDG
alertApiReferenceId	Required	The alert UUID.	String

Successful Response:

The response includes the following fields in its resultelement:

Name	Description	Type	Available Options
id	The ID of the alert.	Long
isSystemHealthMetric	Whether or not the alert is a metric.	Boolean
isActive	Whether or not the alert will be scheduled for execution.	Boolean
name	The alert name.	String
description	Text description of the alert’s definition.	String
productView	The product view assigned to the alert.	String	IDG APIC
indexSets	Which OpenSearch index sets will be queried (according to product view).	String (Comma separated)	See Index Sets.
documentType	Which OpenSearch document types will be queried (according to product view)	String	See Document type.
jsonQuery	An OpenSearch query.	String (JSON)
jsonParameters	Key-Value Pairs to Replace Values within the Query (JSON).	String (JSON)
schedule	The scheduling definition using a simplified version of the Cron scheduling format.	String	format: sec min hour day month weekday year
recipients	A list of email addresses the alert will be emailed to.	Array of Strings
filtersParameters	Alert filters (according to product type and document type). Provided as Key-Value Pairs, where: The key is the filter name and the value is the filter value. The key is the filter operator ( filter name + `Op` ) and the value is the operator ( eq / ne / gt / gte / lte / lt).	Element	See Alert Filters.
serviceNameFieldOverride	Apply the service filter value to a specific Store field. You may leave this field empty unless otherwise advised.	String
lastUpdateTimeInMillis	Time the alert was created.	Long
lastUpdateUserName	The user who created the alert.	String
isPublishToMail	Whether or not an email will be sent.	Boolean
isPublishToSyslog	Whether or not a syslog message will be sent.	Boolean
isPublishToMailWs	Whether or not an email will be sent via webservice.	Boolean
errorThreshold	If the alert value exceeds the error threshold value, the alert is assigned with a severity of error.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
warningThreshold	If the alert value exceeds the warning threshold value, the alert is assigned with a severity of warning.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
warningDamagePoints	The amount of damage points that are assigned for this alert if the alert has a severity of warning. When a specific device has only alerts in a warning severity, and the accumulated damage points of these alerts exceed its Damage Points Threshold, the device transitions into an error state in the System Health dashboard.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
alertType	Type of the alert query.	String	Frequency Flatline Any List
comparator	The comparator used to compare between the OpenSearch query result and the error threshold.	String	Equals NotEquels GreaterThan GreaterThanOrEquals LessThan LessThanOrEquals In NotIn Each alert type supports different comparators, for further details see Operators
apiReference	Unique alert UUID.	String
valueFieldName	The field name which field value is compared to the list of values.	String	Only applicable for alert type "List" and “Frequency“
listOfValues	For alert type “Frequency“, is is a delimited final result list which will force the result to include only specific values. Missing values will be added with 0 fetched documents (thus allowing the user to identify missing values such as unused services). For alert type “List”, it is a delimited blacklist or a whitelist of values.	String	Only applicable for alert type "List" and “Frequency“
listDelimiter	The delimiter used to delimit the list of values.	String	Only applicable for alert type "List" and “Frequency“
investigateUri	The investigate link displays the data that triggered each alert in DPOD Web Console.	String
aggregationNamesToIgnore	Aggregation names to ignore in results.	String (Comma separated)

Example:

Code Block

{
    "resultCode": "SUCCESS",
    "resultMessage": "Alert retrieved successfully",
    "result": {
        "id": 41,
        "isSystemHealthMetric": false,
        "isActive": false,
        "name": "API Error Message Count Alert Copy",
        "description": "Alert when more than 10 API trans. ended with a specific error message",
        "productView": "APIC",
        "indexSets": "apic-log",
        "documentType": "APIC_LOGICAL_TRANS",
        "jsonQuery": "{\"query\":{\"bool\":{\"must\":{\"match_all\":{}},\"filter\":{\"bool\":{\"must\":[{\"term\":{\"documentType\":{\"value\":27}}},{\"match_phrase\":{\"errorMessage\":\"$messageTextSubstring\"}},{\"terms\":{\"recordType\":[\"R4\"]}},{\"bool\":{\"should\":[{\"term\":{\"recordCounter\":{\"value\":\"1\"}}},{\"bool\":{\"must_not\":[{\"exists\":{\"field\":\"recordCounter\"}}]}}],\"minimum_should_match\":\"1\"}}]}}}},\"aggs\":{\"API\":{\"terms\":{\"field\":\"apiName\",\"size\":1000,\"shard_size\":10000,\"order\":{\"_count\":\"desc\"}}}},\"size\":0}",
        "jsonParameters": "{\"messageTextSubstring\":\"Failed to establish a backside connection\"}",
        "schedule": "",
        "recipients": [],
        "filtersParameters": {
            "timeRangeType": "recent",
            "timeRangePeriod": "600000"
        },
        "lastUpdateTimeInMillis": 1727695016120,
        "lastUpdateUserName": "admin",
        "isPublishToMail": false,
        "isPublishToSyslog": false,
        "isPublishToMailWs": false,
        "errorThreshold": 10.0,
        "alertType": "Frequency",
        "comparator": "GreaterThan",
        "apiReference": "938F0930-5E5F-4775-BFA3-312662C37FB1",
        "investigateUri": "apicTransactions:-apicApiNameOp:eq-apicApiName:${result:API}-errorMessageOp:eq-errorMessage:${parameter:messageTextSubstring}"
    }
}

...

Expand

title	/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}/executeAsync

Description:

This API executes a specific alert.

Required Roles:

One of the following:

A custom role that allows access to “View Alerts”.
The OpDashAdminRole builtin role.
The OpDashPowerUserRole builtin role.

URI:

/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}/executeAsync

Request:

The request should use the

Status

colour	Yellow
title	POST

method with the following URL parameters:

Name	Required/Optional	Description	Type	Available Options
productView	Required	The product view.	String	APIC IDG
alertApiReferenceId	Required	The alert UUID.	String

The request should use the

Status

colour	Yellow
title	POST

method with the following fields in its body:

Name

Required/Optional

Description

Type

Available Options

recipients

Required

A list of email addresses the alert will be emailed to.

Array of Strings

filtersParameters

Required

Alert filters (according to product type and document type).
Provided as Key-Value Pairs, where:

The key is the filter name and the value is the filter value.
The key is the filter operator ( filter name + Op ) and the value is the operator ( eq / ne / gt / gte / lte / lt).

Element

See Alert Filters.

Example:

Code Block
{ "recipients": [ "test@com" ], "filtersParameters": { "timeRangeType": "recent", "timeRangePeriod": "86400000", "deviceName": "idg_10_5_0_a" } }

Successful Response:

The response includes the following fields in its resultelement:

Name	Description	Type	Available Options
executionId	The alert execution ID.	Long

Example:

Code Block
{ "resultCode": "SUCCESS", "resultMessage": "Alert executed successfully", "result": { "executionId": 233974 } }

...

Expand

title	/op/api/v2/alertexecution/{{productView}}/{{executionId}}

Description:

This API retrieves execution details for a specific alert execution.

Required Roles:

One of the following:

A custom role that allows access to “View Alerts”.
The OpDashAdminRole builtin role.
The OpDashPowerUserRole builtin role.

URI:

/op/api/v2/alertexecution/{{productView}}/{{executionId}}

Request:

The request should use the

Status

colour	Green
title	GET

method with the following URL parameters:

Name	Required/Optional	Description	Type	Available Options
productView	Required	The product view.	String	APIC IDG
executionId	Required	The alert execution ID.	String

Successful Response:

The response includes the following fields in its resultelement:

Name	Description	Type	Available Options
executionId	The alert execution ID.	Long
filters	Alert filters (according to product type and document type). Provided as Key-Value Pairs, where: The key is the filter name and the value is the filter value. The key is the filter operator ( filter name + `Op` ) and the value is the operator ( eq / ne / gt / gte / lte / lt).	String	See Alert Filters.
executingUserName	The user who executed this alert execution.	String
status	Alert execution status.	String	Requested Pending Executing OK Error
requestTimeInMillis	Request time in milliseconds.	Long
pendingTimeInMillis	Pending time in milliseconds.	Long
executionTimeInMillis	Execution time in milliseconds.	Long
completionTimeInMillis	Completion time in milliseconds.	Long
message	The message that indicates whether there are any alerts.	String	"Execution finished with no alerts." "Execution finished with X alerts."

Example:

Code Block

{
    "resultCode": "SUCCESS",
    "resultMessage": "Alert retrieved successfully",
    "result": {
        "executionId": 233987,
        "filters": "-timeRangeType:custom-timeRangeStart:1727706457898-timeRangeEnd:1727706757898",
        "executingUserName": "admin",
        "status": "OK",
        "requestTimeInMillis": 1727706772894,
        "executionTimeInMillis": 1727706774237,
        "completionTimeInMillis": 1727706774276,
        "message": "Execution finished with 2 alerts."
    }
}

...

Expand

title	/op/api/v2/alertexecution/{{productView}}/{{executionId}}/download

Description:

This API downloads an alert execution result by its execution ID.

Required Roles:

One of the following:

A custom role that allows access to “View Alerts”.
The OpDashAdminRole builtin role.
The OpDashPowerUserRole builtin role.

URI:

/op/api/v2/alertexecution/{{productView}}/{{executionId}}/download

Request:

The request should use the

Status

colour	Green
title	GET

method with the following URL parameters:

Name	Required/Optional	Description	Type	Available Options
productView	Required	The product view.	String	APIC IDG
executionId	Required	The alert execution ID.	String

Successful Response:

The response content type is application/octet-stream and includes the alert execution result file content as its body.
To open the alert execution result file, save the response content as a file with an extension of .json and open the file.
The Content-Disposition response header value includes a suggested file name (e.g.: attachment; filename=alert-<alert name + "-" + execution ID>.json).

...

Expand

title	/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}/duplicate

Description:

This API duplicates a specific alert.

Required Roles:

One of the following:

A custom role that allows access to “Edit Alerts”.
The OpDashAdminRole builtin role.

URI:

/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}/duplicate

Request:

The request should use the

Status

colour	Yellow
title	POST

method with the following URL parameters:

Name	Required/Optional	Description	Type	Available Options
productView	Required	The product view.	String	APIC IDG
alertApiReferenceId	Required	The alert UUID.	String

Successful Response:

The response includes the following fields in its resultelement:

Name	Description	Type	Available Options
id	The ID of the alert.	Long
isSystemHealthMetric	Whether or not the alert is a metric.	Boolean
isActive	Whether or not the alert will be scheduled for execution.	Boolean
name	The alert name.	String
description	Text description of the alert’s definition.	String
productView	The product view assigned to the alert.	String	IDG APIC
indexSets	Which OpenSearch index sets will be queried (according to product view).	String (Comma separated)	See Index Sets.
documentType	Which OpenSearch document types will be queried (according to product view)	String	See Document type.
jsonQuery	An OpenSearch query.	String (JSON)
jsonParameters	Key-Value Pairs to Replace Values within the Query (JSON).	String (JSON)
schedule	The scheduling definition using a simplified version of the Cron scheduling format.	String	format: sec min hour day month weekday year
recipients	A list of email addresses the alert will be emailed to.	Array of Strings
filtersParameters	Alert filters (according to product type and document type). Provided as Key-Value Pairs, where: The key is the filter name and the value is the filter value. The key is the filter operator ( filter name + `Op` ) and the value is the operator ( eq / ne / gt / gte / lte / lt).	Element	See Alert Filters.
serviceNameFieldOverride	Apply the service filter value to a specific Store field. You may leave this field empty unless otherwise advised.	String
lastUpdateTimeInMillis	Time the alert was created.	Long
lastUpdateUserName	The user who created the alert.	String
isPublishToMail	Whether or not an email will be sent.	Boolean
isPublishToSyslog	Whether or not a syslog message will be sent.	Boolean
isPublishToMailWs	Whether or not an email will be sent via webservice.	Boolean
errorThreshold	If the alert value exceeds the error threshold value, the alert is assigned with a severity of error.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
warningThreshold	If the alert value exceeds the warning threshold value, the alert is assigned with a severity of warning.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
warningDamagePoints	The amount of damage points that are assigned for this alert if the alert has a severity of warning. When a specific device has only alerts in a warning severity, and the accumulated damage points of these alerts exceed its Damage Points Threshold, the device transitions into an error state in the System Health dashboard.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
alertType	Type of the alert query.	String	Frequency Flatline Any List
comparator	The comparator used to compare between the OpenSearch query result and the error threshold.	String	Equals NotEquels GreaterThan GreaterThanOrEquals LessThan LessThanOrEquals In NotIn Each alert type supports different comparators, for further details see Operators
apiReference	Unique alert UUID.	String
valueFieldName	The field name which field value is compared to the list of values.	String	Only applicable for alert type "List" and “Frequency“
listOfValues	For alert type “Frequency“, is is a delimited final result list which will force the result to include only specific values. Missing values will be added with 0 fetched documents (thus allowing the user to identify missing values such as unused services). For alert type “List”, it is a delimited blacklist or a whitelist of values.	String	Only applicable for alert type "List" and “Frequency“
listDelimiter	The delimiter used to delimit the list of values.	String	Only applicable for alert type "List" and “Frequency“
investigateUri	The investigate link displays the data that triggered each alert in DPOD Web Console.	String
aggregationNamesToIgnore	Aggregation names to ignore in results.	String (Comma separated)

Example:

Code Block

{
    "resultCode": "SUCCESS",
    "resultMessage": "Alert duplicated successfully",
    "result": {
        "id": 46,
        "isSystemHealthMetric": false,
        "isActive": false,
        "name": "This_is_automationAbc Copy",
        "description": "This_is_automationAbc",
        "productView": "APIC",
        "indexSets": "wdp-device-resources",
        "documentType": "WDP_DEVICE_RESOURCES",
        "jsonQuery": "{\"query\": {\"bool\": {\"must\": {\"match_all\": {}},\"filter\": {}}},\"aggs\": {\"Device\": {\"terms\": {\"field\":\"deviceName\",\"size\": 1000,\"shard_size\": 10000,\"order\": {\"MaxCpu\":\"desc\"}},\"aggs\": {\"MaxCpu\": {\"max\": {\"field\":\"usedCPUInPercentage\"}}}}},\"size\": 0}",
        "jsonParameters": "",
        "schedule": "",
        "recipients": [],
        "filtersParameters": {
            "timeRangeType": "recent",
            "timeRangePeriod": "86400000"
        },
        "lastUpdateTimeInMillis": 1727703918363,
        "lastUpdateUserName": "admin",
        "isPublishToMail": false,
        "isPublishToSyslog": false,
        "isPublishToMailWs": false,
        "errorThreshold": 15.0,
        "alertType": "Flatline",
        "comparator": "GreaterThanOrEquals",
        "apiReference": "917309E7-8FB4-4912-BF36-2782CDF6427F",
        "investigateUri": ""
    }
}

Status
colour Yellow
title POST
Add an

...

Alert

Expand

title	/op/api/v2/alerts/{{productView}}

Description:

This API adds an alert.

Required Roles:

One of the following:

A custom role that allows access to “Edit Alerts”.
The OpDashAdminRole builtin role.

URI:

/op/api/v2/alerts/{{productView}}

Request:

The request should use the

Status

colour	Yellow
title	POST

method with the following URL parameters:

Name	Required / Optional	Description	Type	Available Options
productView	Required	The product view.	String	APIC IDG

The request should use the

Status

colour	Yellow
title	POST

method with the following fields in its body:

Name	Required / Optional	Description	Type	Available Options
isSystemHealthMetric	Required	Whether or not the alert is a metric.	Boolean
isActive	Required	Whether or not the alert will be scheduled for execution.	Boolean
name	Required	The alert name.	String
description	Required	Text description of the alert’s definition.	String
productView	Required	The product view assigned to the alert.	String	IDG APIC
indexSets	Required	Which OpenSearch index sets will be queried (according to product view).	String (Comma separated)	See Index Sets.
documentType	Required	Which OpenSearch document types will be queried (according to product view)	String	See Document type.
jsonQuery	Required	An OpenSearch query.	String (JSON)
jsonParameters	Required	Key-Value Pairs to Replace Values within the Query (JSON).	String (JSON)
schedule	Required	The scheduling definition using a simplified version of the Cron scheduling format.	String	format: sec min hour day month weekday year
recipients	Required	A list of email addresses the alert will be emailed to.	Array of Strings
filtersParameters	Required	Alert filters (according to product type and document type). Provided as Key-Value Pairs, where: The key is the filter name and the value is the filter value. The key is the filter operator ( filter name + `Op` ) and the value is the operator ( eq / ne / gt / gte / lte / lt).	Element	See Alert Filters.
serviceNameFieldOverride	Optional	Apply the service filter value to a specific Store field. You may leave this field empty unless otherwise advised.	String
isPublishToMail	Required	Whether or not an email will be sent.	Boolean
isPublishToSyslog	Required	Whether or not a syslog message will be sent.	Boolean
isPublishToMailWs	Required	Whether or not an email will be sent via webservice.	Boolean
errorThreshold	Required	If the alert value exceeds the error threshold value, the alert is assigned with a severity of error.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
warningThreshold	Optional	If the alert value exceeds the warning threshold value, the alert is assigned with a severity of warning.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
warningDamagePoints	Optional	The amount of damage points that are assigned for this alert if the alert has a severity of warning. When a specific device has only alerts in a warning severity, and the accumulated damage points of these alerts exceed its Damage Points Threshold, the device transitions into an error state in the System Health dashboard.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
alertType	Required	Type of the alert query.	String	Frequency Flatline Any List
comparator	Required	The comparator used to compare between the OpenSearch query result and the error threshold.	String	Equals NotEquels GreaterThan GreaterThanOrEquals LessThan LessThanOrEquals In NotIn Each alert type supports different comparators, for further details see Operators
valueFieldName	Optional	The field name which field value is compared to the list of values.	String	Only applicable for alert type "List" and “Frequency“
listOfValues	Optional	For alert type “Frequency“, is is a delimited final result list which will force the result to include only specific values. Missing values will be added with 0 fetched documents (thus allowing the user to identify missing values such as unused services). For alert type “List”, it is a delimited blacklist or a whitelist of values.	String	Only applicable for alert type "List" and “Frequency“
listDelimiter	Optional	The delimiter used to delimit the list of values.	String	Only applicable for alert type "List" and “Frequency“
investigateUri	Required	The investigate link displays the data that triggered each alert in DPOD Web Console.	String
aggregationNamesToIgnore	Optional	Aggregation names to ignore in results.	String (Comma separated)

Example:

Code Block

{
    "isSystemHealthMetric": false,
    "isActive": false,
    "name": "This_is_automation",
    "description": "This_is_automation",
    "productView": "APIC",
    "indexSets": "wdp-device-resources",
    "documentType": "WDP_DEVICE_RESOURCES",
    "jsonQuery": "{\"query\": {\"bool\": {\"must\": {\"match_all\": {}},\"filter\": {}}},\"aggs\": {\"Device\": {\"terms\": {\"field\":\"deviceName\",\"size\": 1000,\"shard_size\": 10000,\"order\": {\"MaxCpu\":\"desc\"}},\"aggs\": {\"MaxCpu\": {\"max\": {\"field\":\"usedCPUInPercentage\"}}}}},\"size\": 0}",
    "jsonParameters": "",
    "schedule": "",
    "recipients": [],
    "filtersParameters": {
        "timeRangeType": "recent",
        "timeRangePeriod": "86400000"
    },
    "isPublishToMail": false,
    "isPublishToSyslog": false,
    "isPublishToMailWs": false,
    "errorThreshold": 10.0,
    "alertType": "Flatline",
    "comparator": "GreaterThanOrEquals",
    "investigateUri": ""
}

Successful Response:

The response includes the following fields in its resultelement:

Name	Description	Type
id	The ID of the alert.	Long
isSystemHealthMetric	See the description in the request above.
isActive	See the description in the request above.
name	See the description in the request above.
description	See the description in the request above.
productView	See the description in the request above.
indexSets	See the description in the request above.
documentType	See the description in the request above.
jsonQuery	See the description in the request above.
jsonParameters	See the description in the request above.
schedule	See the description in the request above.
recipients	See the description in the request above.
filtersParameters	See the description in the request above.
serviceNameFieldOverride	See the description in the request above.
lastUpdateTimeInMillis	Time the alert was created.	Long
lastUpdateUserName	The user who created the alert.	String
isPublishToMail	See the description in the request above.
isPublishToSyslog	See the description in the request above.
isPublishToMailWs	See the description in the request above.
errorThreshold	See the description in the request above.
warningThreshold	See the description in the request above.
warningDamagePoints	See the description in the request above.
alertType	See the description in the request above.
comparator	See the description in the request above.
apiReference	Unique alert UUID.	String
valueFieldName	See the description in the request above.
listOfValues	See the description in the request above.
listDelimiter	See the description in the request above.
investigateUri	See the description in the request above.
aggregationNamesToIgnore	See the description in the request above.

Example:

Code Block

{
    "resultCode": "SUCCESS",
    "resultMessage": "Alert added successfully",
    "result": {
        "id": 45,
        "isSystemHealthMetric": false,
        "isActive": false,
        "name": "This_is_automation",
        "description": "This_is_automation",
        "productView": "APIC",
        "indexSets": "wdp-device-resources",
        "documentType": "WDP_DEVICE_RESOURCES",
        "jsonQuery": "{\"query\": {\"bool\": {\"must\": {\"match_all\": {}},\"filter\": {}}},\"aggs\": {\"Device\": {\"terms\": {\"field\":\"deviceName\",\"size\": 1000,\"shard_size\": 10000,\"order\": {\"MaxCpu\":\"desc\"}},\"aggs\": {\"MaxCpu\": {\"max\": {\"field\":\"usedCPUInPercentage\"}}}}},\"size\": 0}",
        "jsonParameters": "",
        "schedule": "",
        "recipients": [],
        "filtersParameters": {
            "timeRangeType": "recent",
            "timeRangePeriod": "86400000"
        },
        "lastUpdateTimeInMillis": 1727702667601,
        "lastUpdateUserName": "admin",
        "isPublishToMail": false,
        "isPublishToSyslog": false,
        "isPublishToMailWs": false,
        "errorThreshold": 10.0,
        "alertType": "Flatline",
        "comparator": "GreaterThanOrEquals",
        "apiReference": "BE159C79-EEF9-4C9C-AADE-BDE515FBCAF2",
        "investigateUri": ""
    }
}

...

Expand

title	/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}

Description:

This API edits a specific alert.

Required Roles:

One of the following:

A custom role that allows access to “Edit Alerts”.
The OpDashAdminRole builtin role.

URI:

/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}

Request:

The request should use the

Status

colour	Blue
title	PUT

method with the following URL parameters:

Name	Required/Optional	Description	Type	Available Options
productView	Required	The product view.	String	APIC IDG
alertApiReferenceId	Required	The alert UUID.	String

The request should use the

Status

colour	Blue
title	PUT

method with the following fields in its body:

Name	Required / Optional	Description	Type	Available Options
isSystemHealthMetric	Required	Whether or not the alert is a metric.	Boolean
isActive	Required	Whether or not the alert will be scheduled for execution.	Boolean
name	Required	The alert name.	String
description	Required	Text description of the alert’s definition.	String
productView	Required	The product view assigned to the alert.	String	IDG APIC
indexSets	Required	Which OpenSearch index sets will be queried (according to product view).	String (Comma separated)	See Index Sets.
documentType	Required	Which OpenSearch document types will be queried (according to product view)	String	See Document type.
jsonQuery	Required	An OpenSearch query.	String (JSON)
jsonParameters	Required	Key-Value Pairs to Replace Values within the Query (JSON).	String (JSON)
schedule	Required	The scheduling definition using a simplified version of the Cron scheduling format.	String	format: sec min hour day month weekday year
recipients	Required	A list of email addresses the alert will be emailed to.	Array of Strings
filtersParameters	Required	Alert filters (according to product type and document type). Provided as Key-Value Pairs, where: The key is the filter name and the value is the filter value. The key is the filter operator ( filter name + `Op` ) and the value is the operator ( eq / ne / gt / gte / lte / lt).	Element	See Alert Filters.
serviceNameFieldOverride	Optional	Apply the service filter value to a specific Store field. You may leave this field empty unless otherwise advised.	String
isPublishToMail	Required	Whether or not an email will be sent.	Boolean
isPublishToSyslog	Required	Whether or not a syslog message will be sent.	Boolean
isPublishToMailWs	Required	Whether or not an email will be sent via webservice.	Boolean
errorThreshold	Required	If the alert value exceeds the error threshold value, the alert is assigned with a severity of error.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
warningThreshold	Optional	If the alert value exceeds the warning threshold value, the alert is assigned with a severity of warning.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
warningDamagePoints	Optional	The amount of damage points that are assigned for this alert if the alert has a severity of warning. When a specific device has only alerts in a warning severity, and the accumulated damage points of these alerts exceed its Damage Points Threshold, the device transitions into an error state in the System Health dashboard.	Double	Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line)
alertType	Required	Type of the alert query.	String	Frequency Flatline Any List
comparator	Required	The comparator used to compare between the OpenSearch query result and the error threshold.	String	Equals NotEquels GreaterThan GreaterThanOrEquals LessThan LessThanOrEquals In NotIn Each alert type supports different comparators, for further details see Operators
valueFieldName	Optional	The field name which field value is compared to the list of values.	String	Only applicable for alert type "List" and “Frequency“
listOfValues	Optional	For alert type “Frequency“, is is a delimited final result list which will force the result to include only specific values. Missing values will be added with 0 fetched documents (thus allowing the user to identify missing values such as unused services). For alert type “List”, it is a delimited blacklist or a whitelist of values.	String	Only applicable for alert type "List" and “Frequency“
listDelimiter	Optional	The delimiter used to delimit the list of values.	String	Only applicable for alert type "List" and “Frequency“
investigateUri	Required	The investigate link displays the data that triggered each alert in DPOD Web Console.	String
aggregationNamesToIgnore	Optional	Aggregation names to ignore in results.	String (Comma separated)

Example:

Code Block

{
    "isSystemHealthMetric": false,
    "isActive": false,
    "name": "This_is_automationAbc",
    "description": "This_is_automationAbc",
    "productView": "APIC",
    "indexSets": "wdp-device-resources",
    "documentType": "WDP_DEVICE_RESOURCES",
    "jsonQuery": "{\"query\": {\"bool\": {\"must\": {\"match_all\": {}},\"filter\": {}}},\"aggs\": {\"Device\": {\"terms\": {\"field\":\"deviceName\",\"size\": 1000,\"shard_size\": 10000,\"order\": {\"MaxCpu\":\"desc\"}},\"aggs\": {\"MaxCpu\": {\"max\": {\"field\":\"usedCPUInPercentage\"}}}}},\"size\": 0}",
    "jsonParameters": "",
    "schedule": "",
    "recipients": [],
    "filtersParameters": {
        "timeRangeType": "recent",
        "timeRangePeriod": "86400000"
    },
    "isPublishToMail": false,
    "isPublishToSyslog": true,
    "isPublishToMailWs": false,
    "errorThreshold": 15.0,
    "alertType": "Flatline",
    "comparator": "GreaterThanOrEquals",
    "investigateUri": ""
}

Successful Response:

The response includes the following fields in its resultelement:

Name	Description	Type
id	The ID of the alert.	Long
isSystemHealthMetric	See the description in the request above.
isActive	See the description in the request above.
name	See the description in the request above.
description	See the description in the request above.
productView	See the description in the request above.
indexSets	See the description in the request above.
documentType	See the description in the request above.
jsonQuery	See the description in the request above.
jsonParameters	See the description in the request above.
schedule	See the description in the request above.
recipients	See the description in the request above.
filtersParameters	See the description in the request above.
serviceNameFieldOverride	See the description in the request above.
lastUpdateTimeInMillis	Time the alert was created.	Long
lastUpdateUserName	The user who created the alert.	String
isPublishToMail	See the description in the request above.
isPublishToSyslog	See the description in the request above.
isPublishToMailWs	See the description in the request above.
errorThreshold	See the description in the request above.
warningThreshold	See the description in the request above.
warningDamagePoints	See the description in the request above.
alertType	See the description in the request above.
comparator	See the description in the request above.
apiReference	Unique alert UUID.	String
valueFieldName	See the description in the request above.
listOfValues	See the description in the request above.
listDelimiter	See the description in the request above.
investigateUri	See the description in the request above.
aggregationNamesToIgnore	See the description in the request above.

Example:

Code Block

{
    "resultCode": "SUCCESS",
    "resultMessage": "Alert updated successfully",
    "result": {
        "id": 45,
        "isSystemHealthMetric": false,
        "isActive": false,
        "name": "This_is_automationAbc",
        "description": "This_is_automationAbc",
        "productView": "APIC",
        "indexSets": "wdp-device-resources",
        "documentType": "WDP_DEVICE_RESOURCES",
        "jsonQuery": "{\"query\": {\"bool\": {\"must\": {\"match_all\": {}},\"filter\": {}}},\"aggs\": {\"Device\": {\"terms\": {\"field\":\"deviceName\",\"size\": 1000,\"shard_size\": 10000,\"order\": {\"MaxCpu\":\"desc\"}},\"aggs\": {\"MaxCpu\": {\"max\": {\"field\":\"usedCPUInPercentage\"}}}}},\"size\": 0}",
        "jsonParameters": "",
        "schedule": "",
        "recipients": [],
        "filtersParameters": {
            "timeRangeType": "recent",
            "timeRangePeriod": "86400000"
        },
        "lastUpdateTimeInMillis": 1727703635726,
        "lastUpdateUserName": "admin",
        "isPublishToMail": false,
        "isPublishToSyslog": true,
        "isPublishToMailWs": false,
        "errorThreshold": 15.0,
        "alertType": "Flatline",
        "comparator": "GreaterThanOrEquals",
        "apiReference": "BE159C79-EEF9-4C9C-AADE-BDE515FBCAF2",
        "investigateUri": ""
    }
}

...

Expand

title	/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}

Description:

This API deletes a specific alert.

Required Roles:

One of the following:

A custom role that allows access to “Edit Alerts”.
The OpDashAdminRole builtin role.

URI:

/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}

Request:

The request should use the

Status

colour	Red
title	DELETE

method with the following URL parameters:

Name	Required/Optional	Description	Type	Available Options
productView	Required	The product view.	String	APIC IDG
alertApiReferenceId	Required	The alert UUID.	String

Successful Response:

Example:

Code Block
{ "resultCode": "SUCCESS", "resultMessage": "Alert deleted successfully" }

...

Page Comparison

Versions Compared

Old Version 2

New Version 3

Key

StatuscolourGreentitleGET Retrieve all Alerts

Description:

Required Roles:

URI:

Request:

Successful Response:

Description:

Required Roles:

URI:

Request:

Successful Response:

Description:

Required Roles:

URI:

Request:

Successful Response:

Description:

Required Roles:

URI:

Request:

Successful Response:

Description:

Required Roles:

URI:

Request:

Successful Response:

Description:

Required Roles:

URI:

Request:

Successful Response:

StatuscolourYellowtitlePOST Add an

Alert

Description:

Required Roles:

URI:

Request:

Successful Response:

Description:

Required Roles:

URI:

Request:

Successful Response:

Description:

Required Roles:

URI:

Request:

Successful Response:

Status
colour Green
title GET
Retrieve all Alerts

Status
colour Yellow
title POST
Add an