- Created by Meytal Ben-Tzvi, last modified by Sara Weisz on Sept 30, 2024
You are viewing an old version of this page. View the current version.
Compare with Current View Page History
« Previous Version 3 Current »
In this page:
GET Retrieve all Alerts
Description:
This API retrieves all alerts.
Required Roles:
One of the following:
A custom role that allows access to “View Alerts”.
The OpDashAdminRole builtin role.
The OpDashPowerUserRole builtin role.
URI:
/op/api/v2/alerts/{{productView}}
Request:
The request should use the GET method with the following URL parameters:
Name | Required/Optional | Description | Type | Available Options |
---|---|---|---|---|
productView | Required | The product view. | String |
|
Successful Response:
The response includes the following fields in its result
element:
Name | Description | Type | Available Options |
---|---|---|---|
alerts |
| Array of Element |
|
alerts[].id | The ID of the alert. | Long |
|
alerts[].isSystemHealthMetric | Whether or not the alert is a metric. | Boolean |
|
alerts[].isActive | Whether or not the alert will be scheduled for execution. | Boolean |
|
alerts[].name | The alert name. | String |
|
alerts[].description | Text description of the alert’s definition. | String |
|
alerts[].productView | The product view assigned to the alert. | String |
|
alerts[].indexSets | Which OpenSearch index sets will be queried (according to product view). | String (Comma separated) | See Index Sets. |
alerts[].documentType | Which OpenSearch document types will be queried (according to product view) | String | See Document type. |
alerts[].jsonQuery | An OpenSearch query. | String (JSON) |
|
alerts[].jsonParameters | Key-Value Pairs to Replace Values within the Query (JSON). | String (JSON) |
|
alerts[].schedule | The scheduling definition using a simplified version of the Cron scheduling format. | String | format: sec min hour day month weekday year |
alerts[].recipients | A list of email addresses the alert will be emailed to. | Array of Strings |
|
alerts[].filtersParameters | Alert filters (according to product type and document type).
| Element | See Alert Filters. |
alerts[].serviceNameFieldOverride | Apply the service filter value to a specific Store field. You may leave this field empty unless otherwise advised. | String |
|
alerts[].lastUpdateTimeInMillis | Time the alert was created. | Long |
|
alerts[].lastUpdateUserName | The user who created the alert. | String |
|
alerts[].isPublishToMail | Whether or not an email will be sent. | Boolean |
|
alerts[].isPublishToSyslog | Whether or not a syslog message will be sent. | Boolean |
|
alerts[].isPublishToMailWs | Whether or not an email will be sent via webservice. | Boolean |
|
alerts[].errorThreshold | If the alert value exceeds the error threshold value, the alert is assigned with a severity of error. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
alerts[].warningThreshold | If the alert value exceeds the warning threshold value, the alert is assigned with a severity of warning. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
alerts[].warningDamagePoints | The amount of damage points that are assigned for this alert if the alert has a severity of warning. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
alerts[].alertType | Type of the alert query. | String |
|
alerts[].comparator | The comparator used to compare between the OpenSearch query result and the error threshold. | String |
|
alerts[].apiReference | Unique alert UUID. | String |
|
alerts[].valueFieldName | The field name which field value is compared to the list of values. | String | Only applicable for alert type "List" and “Frequency“ |
alerts[].listOfValues | For alert type “Frequency“, is is a delimited final result list which will force the result to include only specific values. Missing values will be added with 0 fetched documents (thus allowing the user to identify missing values such as unused services). | String | Only applicable for alert type "List" and “Frequency“ |
alerts[].listDelimiter | The delimiter used to delimit the list of values. | String | Only applicable for alert type "List" and “Frequency“ |
alerts[].investigateUri | The investigate link displays the data that triggered each alert in DPOD Web Console. | String |
|
alerts[].aggregationNamesToIgnore | Aggregation names to ignore in results. | String (Comma separated) |
|
Example:
{ "resultCode": "SUCCESS", "resultMessage": "Alerts retrieved successfully", "result": { "alerts": [ { "id": 26, "isSystemHealthMetric": false, "isActive": false, "name": "API Error Message Count Alert", "description": "Alert when more than 10 API trans. ended with a specific error message", "productView": "APIC", "indexSets": "apic-log", "documentType": "APIC_LOGICAL_TRANS", "jsonQuery": "{\"query\":{\"bool\":{\"must\":{\"match_all\":{}},\"filter\":{\"bool\":{\"must\":[{\"term\":{\"documentType\":{\"value\":27}}},{\"match_phrase\":{\"errorMessage\":\"$messageTextSubstring\"}},{\"terms\":{\"recordType\":[\"R4\"]}},{\"bool\":{\"should\":[{\"term\":{\"recordCounter\":{\"value\":\"1\"}}},{\"bool\":{\"must_not\":[{\"exists\":{\"field\":\"recordCounter\"}}]}}],\"minimum_should_match\":\"1\"}}]}}}},\"aggs\":{\"API\":{\"terms\":{\"field\":\"apiName\",\"size\":1000,\"shard_size\":10000,\"order\":{\"_count\":\"desc\"}}}},\"size\":0}", "jsonParameters": "{\"messageTextSubstring\":\"Failed to establish a backside connection\"}", "schedule": "", "recipients": [], "filtersParameters": { "timeRangeType": "recent", "timeRangePeriod": "600000" }, "lastUpdateTimeInMillis": 1719389034455, "lastUpdateUserName": "Installer", "isPublishToMail": false, "isPublishToSyslog": false, "isPublishToMailWs": false, "errorThreshold": 10.0, "alertType": "Frequency", "comparator": "GreaterThan", "apiReference": "EDBD6F2B-A576-4619-AC63-2594A10F7EC6", "investigateUri": "apicTransactions:-apicApiNameOp:eq-apicApiName:${result:API}-errorMessageOp:eq-errorMessage:${parameter:messageTextSubstring}" }, { .....}
GET Get an Alert
Description:
This API retrieves a specific alert.
Required Roles:
One of the following:
A custom role that allows access to “View Alerts”.
The OpDashAdminRole builtin role.
The OpDashPowerUserRole builtin role.
URI:
/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}
Request:
The request should use the GET method with the following URL parameters:
Name | Required/Optional | Description | Type | Available Options |
---|---|---|---|---|
productView | Required | The product view. | String |
|
alertApiReferenceId | Required | The alert UUID. | String |
|
Successful Response:
The response includes the following fields in its result
element:
Name | Description | Type | Available Options |
---|---|---|---|
id | The ID of the alert. | Long |
|
isSystemHealthMetric | Whether or not the alert is a metric. | Boolean |
|
isActive | Whether or not the alert will be scheduled for execution. | Boolean |
|
name | The alert name. | String |
|
description | Text description of the alert’s definition. | String |
|
productView | The product view assigned to the alert. | String |
|
indexSets | Which OpenSearch index sets will be queried (according to product view). | String (Comma separated) | See Index Sets. |
documentType | Which OpenSearch document types will be queried (according to product view) | String | See Document type. |
jsonQuery | An OpenSearch query. | String (JSON) |
|
jsonParameters | Key-Value Pairs to Replace Values within the Query (JSON). | String (JSON) |
|
schedule | The scheduling definition using a simplified version of the Cron scheduling format. | String | format: sec min hour day month weekday year |
recipients | A list of email addresses the alert will be emailed to. | Array of Strings |
|
filtersParameters | Alert filters (according to product type and document type).
| Element | See Alert Filters. |
serviceNameFieldOverride | Apply the service filter value to a specific Store field. You may leave this field empty unless otherwise advised. | String |
|
lastUpdateTimeInMillis | Time the alert was created. | Long |
|
lastUpdateUserName | The user who created the alert. | String |
|
isPublishToMail | Whether or not an email will be sent. | Boolean |
|
isPublishToSyslog | Whether or not a syslog message will be sent. | Boolean |
|
isPublishToMailWs | Whether or not an email will be sent via webservice. | Boolean |
|
errorThreshold | If the alert value exceeds the error threshold value, the alert is assigned with a severity of error. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
warningThreshold | If the alert value exceeds the warning threshold value, the alert is assigned with a severity of warning. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
warningDamagePoints | The amount of damage points that are assigned for this alert if the alert has a severity of warning. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
alertType | Type of the alert query. | String |
|
comparator | The comparator used to compare between the OpenSearch query result and the error threshold. | String |
|
apiReference | Unique alert UUID. | String |
|
valueFieldName | The field name which field value is compared to the list of values. | String | Only applicable for alert type "List" and “Frequency“ |
listOfValues | For alert type “Frequency“, is is a delimited final result list which will force the result to include only specific values. Missing values will be added with 0 fetched documents (thus allowing the user to identify missing values such as unused services). | String | Only applicable for alert type "List" and “Frequency“ |
listDelimiter | The delimiter used to delimit the list of values. | String | Only applicable for alert type "List" and “Frequency“ |
investigateUri | The investigate link displays the data that triggered each alert in DPOD Web Console. | String |
|
aggregationNamesToIgnore | Aggregation names to ignore in results. | String (Comma separated) |
|
Example:
{ "resultCode": "SUCCESS", "resultMessage": "Alert retrieved successfully", "result": { "id": 41, "isSystemHealthMetric": false, "isActive": false, "name": "API Error Message Count Alert Copy", "description": "Alert when more than 10 API trans. ended with a specific error message", "productView": "APIC", "indexSets": "apic-log", "documentType": "APIC_LOGICAL_TRANS", "jsonQuery": "{\"query\":{\"bool\":{\"must\":{\"match_all\":{}},\"filter\":{\"bool\":{\"must\":[{\"term\":{\"documentType\":{\"value\":27}}},{\"match_phrase\":{\"errorMessage\":\"$messageTextSubstring\"}},{\"terms\":{\"recordType\":[\"R4\"]}},{\"bool\":{\"should\":[{\"term\":{\"recordCounter\":{\"value\":\"1\"}}},{\"bool\":{\"must_not\":[{\"exists\":{\"field\":\"recordCounter\"}}]}}],\"minimum_should_match\":\"1\"}}]}}}},\"aggs\":{\"API\":{\"terms\":{\"field\":\"apiName\",\"size\":1000,\"shard_size\":10000,\"order\":{\"_count\":\"desc\"}}}},\"size\":0}", "jsonParameters": "{\"messageTextSubstring\":\"Failed to establish a backside connection\"}", "schedule": "", "recipients": [], "filtersParameters": { "timeRangeType": "recent", "timeRangePeriod": "600000" }, "lastUpdateTimeInMillis": 1727695016120, "lastUpdateUserName": "admin", "isPublishToMail": false, "isPublishToSyslog": false, "isPublishToMailWs": false, "errorThreshold": 10.0, "alertType": "Frequency", "comparator": "GreaterThan", "apiReference": "938F0930-5E5F-4775-BFA3-312662C37FB1", "investigateUri": "apicTransactions:-apicApiNameOp:eq-apicApiName:${result:API}-errorMessageOp:eq-errorMessage:${parameter:messageTextSubstring}" } }
POST Execute (Async) an Alert
Description:
This API executes a specific alert.
Required Roles:
One of the following:
A custom role that allows access to “View Alerts”.
The OpDashAdminRole builtin role.
The OpDashPowerUserRole builtin role.
URI:
/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}/executeAsync
Request:
The request should use the POST method with the following URL parameters:
Name | Required/Optional | Description | Type | Available Options |
---|---|---|---|---|
productView | Required | The product view. | String |
|
alertApiReferenceId | Required | The alert UUID. | String |
|
The request should use the POST method with the following fields in its body:
Name | Required/Optional | Description | Type | Available Options |
---|---|---|---|---|
recipients | Required | A list of email addresses the alert will be emailed to. | Array of Strings |
|
filtersParameters | Required | Alert filters (according to product type and document type).
| Element | See Alert Filters. |
Example:
{ "recipients": [ "test@com" ], "filtersParameters": { "timeRangeType": "recent", "timeRangePeriod": "86400000", "deviceName": "idg_10_5_0_a" } }
Successful Response:
The response includes the following fields in its result
element:
Name | Description | Type | Available Options |
---|---|---|---|
executionId | The alert execution ID. | Long |
|
Example:
{ "resultCode": "SUCCESS", "resultMessage": "Alert executed successfully", "result": { "executionId": 233974 } }
GET Get an Alert Execution
Description:
This API retrieves execution details for a specific alert execution.
Required Roles:
One of the following:
A custom role that allows access to “View Alerts”.
The OpDashAdminRole builtin role.
The OpDashPowerUserRole builtin role.
URI:
/op/api/v2/alertexecution/{{productView}}/{{executionId}}
Request:
The request should use the GET method with the following URL parameters:
Name | Required/Optional | Description | Type | Available Options |
---|---|---|---|---|
productView | Required | The product view. | String |
|
executionId | Required | The alert execution ID. | String |
|
Successful Response:
The response includes the following fields in its result
element:
Name | Description | Type | Available Options |
---|---|---|---|
executionId | The alert execution ID. | Long |
|
filters | Alert filters (according to product type and document type).
| String | See Alert Filters. |
executingUserName | The user who executed this alert execution. | String |
|
status | Alert execution status. | String |
|
requestTimeInMillis | Request time in milliseconds. | Long |
|
pendingTimeInMillis | Pending time in milliseconds. | Long |
|
executionTimeInMillis | Execution time in milliseconds. | Long |
|
completionTimeInMillis | Completion time in milliseconds. | Long |
|
message | The message that indicates whether there are any alerts. | String |
|
Example:
{ "resultCode": "SUCCESS", "resultMessage": "Alert retrieved successfully", "result": { "executionId": 233987, "filters": "-timeRangeType:custom-timeRangeStart:1727706457898-timeRangeEnd:1727706757898", "executingUserName": "admin", "status": "OK", "requestTimeInMillis": 1727706772894, "executionTimeInMillis": 1727706774237, "completionTimeInMillis": 1727706774276, "message": "Execution finished with 2 alerts." } }
GET Download Alert Execution
Description:
This API downloads an alert execution result by its execution ID.
Required Roles:
One of the following:
A custom role that allows access to “View Alerts”.
The OpDashAdminRole builtin role.
The OpDashPowerUserRole builtin role.
URI:
/op/api/v2/alertexecution/{{productView}}/{{executionId}}/download
Request:
The request should use the GET method with the following URL parameters:
Name | Required/Optional | Description | Type | Available Options |
---|---|---|---|---|
productView | Required | The product view. | String |
|
executionId | Required | The alert execution ID. | String |
|
Successful Response:
The response content type is application/octet-stream
and includes the alert execution result file content as its body.
To open the alert execution result file, save the response content as a file with an extension of .json
and open the file.
The Content-Disposition
response header value includes a suggested file name (e.g.: attachment; filename=alert-<alert name + "-" + execution ID>.json
).
POST Duplicate an Alert
Description:
This API duplicates a specific alert.
Required Roles:
One of the following:
A custom role that allows access to “Edit Alerts”.
The OpDashAdminRole builtin role.
URI:
/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}/duplicate
Request:
The request should use the POST method with the following URL parameters:
Name | Required/Optional | Description | Type | Available Options |
---|---|---|---|---|
productView | Required | The product view. | String |
|
alertApiReferenceId | Required | The alert UUID. | String |
|
Successful Response:
The response includes the following fields in its result
element:
Name | Description | Type | Available Options |
---|---|---|---|
id | The ID of the alert. | Long |
|
isSystemHealthMetric | Whether or not the alert is a metric. | Boolean |
|
isActive | Whether or not the alert will be scheduled for execution. | Boolean |
|
name | The alert name. | String |
|
description | Text description of the alert’s definition. | String |
|
productView | The product view assigned to the alert. | String |
|
indexSets | Which OpenSearch index sets will be queried (according to product view). | String (Comma separated) | See Index Sets. |
documentType | Which OpenSearch document types will be queried (according to product view) | String | See Document type. |
jsonQuery | An OpenSearch query. | String (JSON) |
|
jsonParameters | Key-Value Pairs to Replace Values within the Query (JSON). | String (JSON) |
|
schedule | The scheduling definition using a simplified version of the Cron scheduling format. | String | format: sec min hour day month weekday year |
recipients | A list of email addresses the alert will be emailed to. | Array of Strings |
|
filtersParameters | Alert filters (according to product type and document type).
| Element | See Alert Filters. |
serviceNameFieldOverride | Apply the service filter value to a specific Store field. You may leave this field empty unless otherwise advised. | String |
|
lastUpdateTimeInMillis | Time the alert was created. | Long |
|
lastUpdateUserName | The user who created the alert. | String |
|
isPublishToMail | Whether or not an email will be sent. | Boolean |
|
isPublishToSyslog | Whether or not a syslog message will be sent. | Boolean |
|
isPublishToMailWs | Whether or not an email will be sent via webservice. | Boolean |
|
errorThreshold | If the alert value exceeds the error threshold value, the alert is assigned with a severity of error. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
warningThreshold | If the alert value exceeds the warning threshold value, the alert is assigned with a severity of warning. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
warningDamagePoints | The amount of damage points that are assigned for this alert if the alert has a severity of warning. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
alertType | Type of the alert query. | String |
|
comparator | The comparator used to compare between the OpenSearch query result and the error threshold. | String |
|
apiReference | Unique alert UUID. | String |
|
valueFieldName | The field name which field value is compared to the list of values. | String | Only applicable for alert type "List" and “Frequency“ |
listOfValues | For alert type “Frequency“, is is a delimited final result list which will force the result to include only specific values. Missing values will be added with 0 fetched documents (thus allowing the user to identify missing values such as unused services). | String | Only applicable for alert type "List" and “Frequency“ |
listDelimiter | The delimiter used to delimit the list of values. | String | Only applicable for alert type "List" and “Frequency“ |
investigateUri | The investigate link displays the data that triggered each alert in DPOD Web Console. | String |
|
aggregationNamesToIgnore | Aggregation names to ignore in results. | String (Comma separated) |
|
Example:
{ "resultCode": "SUCCESS", "resultMessage": "Alert duplicated successfully", "result": { "id": 46, "isSystemHealthMetric": false, "isActive": false, "name": "This_is_automationAbc Copy", "description": "This_is_automationAbc", "productView": "APIC", "indexSets": "wdp-device-resources", "documentType": "WDP_DEVICE_RESOURCES", "jsonQuery": "{\"query\": {\"bool\": {\"must\": {\"match_all\": {}},\"filter\": {}}},\"aggs\": {\"Device\": {\"terms\": {\"field\":\"deviceName\",\"size\": 1000,\"shard_size\": 10000,\"order\": {\"MaxCpu\":\"desc\"}},\"aggs\": {\"MaxCpu\": {\"max\": {\"field\":\"usedCPUInPercentage\"}}}}},\"size\": 0}", "jsonParameters": "", "schedule": "", "recipients": [], "filtersParameters": { "timeRangeType": "recent", "timeRangePeriod": "86400000" }, "lastUpdateTimeInMillis": 1727703918363, "lastUpdateUserName": "admin", "isPublishToMail": false, "isPublishToSyslog": false, "isPublishToMailWs": false, "errorThreshold": 15.0, "alertType": "Flatline", "comparator": "GreaterThanOrEquals", "apiReference": "917309E7-8FB4-4912-BF36-2782CDF6427F", "investigateUri": "" } }
POST Add an Alert
Description:
This API adds an alert.
Required Roles:
One of the following:
A custom role that allows access to “Edit Alerts”.
The OpDashAdminRole builtin role.
URI:
/op/api/v2/alerts/{{productView}}
Request:
The request should use the POST method with the following URL parameters:
Name | Required / Optional | Description | Type | Available Options |
---|---|---|---|---|
productView | Required | The product view. | String |
|
The request should use the POST method with the following fields in its body:
Name | Required / Optional | Description | Type | Available Options |
---|---|---|---|---|
isSystemHealthMetric | Required | Whether or not the alert is a metric. | Boolean |
|
isActive | Required | Whether or not the alert will be scheduled for execution. | Boolean |
|
name | Required | The alert name. | String |
|
description | Required | Text description of the alert’s definition. | String |
|
productView | Required | The product view assigned to the alert. | String |
|
indexSets | Required | Which OpenSearch index sets will be queried (according to product view). | String (Comma separated) | See Index Sets. |
documentType | Required | Which OpenSearch document types will be queried (according to product view) | String | See Document type. |
jsonQuery | Required | An OpenSearch query. | String (JSON) |
|
jsonParameters | Required | Key-Value Pairs to Replace Values within the Query (JSON). | String (JSON) |
|
schedule | Required | The scheduling definition using a simplified version of the Cron scheduling format. | String | format: sec min hour day month weekday year |
recipients | Required | A list of email addresses the alert will be emailed to. | Array of Strings |
|
filtersParameters | Required | Alert filters (according to product type and document type).
| Element | See Alert Filters. |
serviceNameFieldOverride | Optional | Apply the service filter value to a specific Store field. You may leave this field empty unless otherwise advised. | String |
|
isPublishToMail | Required | Whether or not an email will be sent. | Boolean |
|
isPublishToSyslog | Required | Whether or not a syslog message will be sent. | Boolean |
|
isPublishToMailWs | Required | Whether or not an email will be sent via webservice. | Boolean |
|
errorThreshold | Required | If the alert value exceeds the error threshold value, the alert is assigned with a severity of error. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
warningThreshold | Optional | If the alert value exceeds the warning threshold value, the alert is assigned with a severity of warning. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
warningDamagePoints | Optional | The amount of damage points that are assigned for this alert if the alert has a severity of warning. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
alertType | Required | Type of the alert query. | String |
|
comparator | Required | The comparator used to compare between the OpenSearch query result and the error threshold. | String |
|
valueFieldName | Optional | The field name which field value is compared to the list of values. | String | Only applicable for alert type "List" and “Frequency“ |
listOfValues | Optional | For alert type “Frequency“, is is a delimited final result list which will force the result to include only specific values. Missing values will be added with 0 fetched documents (thus allowing the user to identify missing values such as unused services). | String | Only applicable for alert type "List" and “Frequency“ |
listDelimiter | Optional | The delimiter used to delimit the list of values. | String | Only applicable for alert type "List" and “Frequency“ |
investigateUri | Required | The investigate link displays the data that triggered each alert in DPOD Web Console. | String |
|
aggregationNamesToIgnore | Optional | Aggregation names to ignore in results. | String (Comma separated) |
|
Example:
{ "isSystemHealthMetric": false, "isActive": false, "name": "This_is_automation", "description": "This_is_automation", "productView": "APIC", "indexSets": "wdp-device-resources", "documentType": "WDP_DEVICE_RESOURCES", "jsonQuery": "{\"query\": {\"bool\": {\"must\": {\"match_all\": {}},\"filter\": {}}},\"aggs\": {\"Device\": {\"terms\": {\"field\":\"deviceName\",\"size\": 1000,\"shard_size\": 10000,\"order\": {\"MaxCpu\":\"desc\"}},\"aggs\": {\"MaxCpu\": {\"max\": {\"field\":\"usedCPUInPercentage\"}}}}},\"size\": 0}", "jsonParameters": "", "schedule": "", "recipients": [], "filtersParameters": { "timeRangeType": "recent", "timeRangePeriod": "86400000" }, "isPublishToMail": false, "isPublishToSyslog": false, "isPublishToMailWs": false, "errorThreshold": 10.0, "alertType": "Flatline", "comparator": "GreaterThanOrEquals", "investigateUri": "" }
Successful Response:
The response includes the following fields in its result
element:
Name | Description | Type | Available Options |
---|---|---|---|
id | The ID of the alert. | Long |
|
isSystemHealthMetric | See the description in the request above. | ||
isActive | See the description in the request above. | ||
name | See the description in the request above. | ||
description | See the description in the request above. | ||
productView | See the description in the request above. | ||
indexSets | See the description in the request above. | ||
documentType | See the description in the request above. | ||
jsonQuery | See the description in the request above. | ||
jsonParameters | See the description in the request above. | ||
schedule | See the description in the request above. | ||
recipients | See the description in the request above. | ||
filtersParameters | See the description in the request above. | ||
serviceNameFieldOverride | See the description in the request above. | ||
lastUpdateTimeInMillis | Time the alert was created. | Long |
|
lastUpdateUserName | The user who created the alert. | String |
|
isPublishToMail | See the description in the request above. | ||
isPublishToSyslog | See the description in the request above. | ||
isPublishToMailWs | See the description in the request above. | ||
errorThreshold | See the description in the request above. | ||
warningThreshold | See the description in the request above. | ||
warningDamagePoints | See the description in the request above. | ||
alertType | See the description in the request above. | ||
comparator | See the description in the request above. | ||
apiReference | Unique alert UUID. | String |
|
valueFieldName | See the description in the request above. | ||
listOfValues | See the description in the request above. | ||
listDelimiter | See the description in the request above. | ||
investigateUri | See the description in the request above. | ||
aggregationNamesToIgnore | See the description in the request above. |
Example:
{ "resultCode": "SUCCESS", "resultMessage": "Alert added successfully", "result": { "id": 45, "isSystemHealthMetric": false, "isActive": false, "name": "This_is_automation", "description": "This_is_automation", "productView": "APIC", "indexSets": "wdp-device-resources", "documentType": "WDP_DEVICE_RESOURCES", "jsonQuery": "{\"query\": {\"bool\": {\"must\": {\"match_all\": {}},\"filter\": {}}},\"aggs\": {\"Device\": {\"terms\": {\"field\":\"deviceName\",\"size\": 1000,\"shard_size\": 10000,\"order\": {\"MaxCpu\":\"desc\"}},\"aggs\": {\"MaxCpu\": {\"max\": {\"field\":\"usedCPUInPercentage\"}}}}},\"size\": 0}", "jsonParameters": "", "schedule": "", "recipients": [], "filtersParameters": { "timeRangeType": "recent", "timeRangePeriod": "86400000" }, "lastUpdateTimeInMillis": 1727702667601, "lastUpdateUserName": "admin", "isPublishToMail": false, "isPublishToSyslog": false, "isPublishToMailWs": false, "errorThreshold": 10.0, "alertType": "Flatline", "comparator": "GreaterThanOrEquals", "apiReference": "BE159C79-EEF9-4C9C-AADE-BDE515FBCAF2", "investigateUri": "" } }
PUT Edit an Alert
Description:
This API edits a specific alert.
Required Roles:
One of the following:
A custom role that allows access to “Edit Alerts”.
The OpDashAdminRole builtin role.
URI:
/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}
Request:
The request should use the PUT method with the following URL parameters:
Name | Required/Optional | Description | Type | Available Options |
---|---|---|---|---|
productView | Required | The product view. | String |
|
alertApiReferenceId | Required | The alert UUID. | String |
|
The request should use the PUT method with the following fields in its body:
Name | Required / Optional | Description | Type | Available Options |
---|---|---|---|---|
isSystemHealthMetric | Required | Whether or not the alert is a metric. | Boolean |
|
isActive | Required | Whether or not the alert will be scheduled for execution. | Boolean |
|
name | Required | The alert name. | String |
|
description | Required | Text description of the alert’s definition. | String |
|
productView | Required | The product view assigned to the alert. | String |
|
indexSets | Required | Which OpenSearch index sets will be queried (according to product view). | String (Comma separated) | See Index Sets. |
documentType | Required | Which OpenSearch document types will be queried (according to product view) | String | See Document type. |
jsonQuery | Required | An OpenSearch query. | String (JSON) |
|
jsonParameters | Required | Key-Value Pairs to Replace Values within the Query (JSON). | String (JSON) |
|
schedule | Required | The scheduling definition using a simplified version of the Cron scheduling format. | String | format: sec min hour day month weekday year |
recipients | Required | A list of email addresses the alert will be emailed to. | Array of Strings |
|
filtersParameters | Required | Alert filters (according to product type and document type).
| Element | See Alert Filters. |
serviceNameFieldOverride | Optional | Apply the service filter value to a specific Store field. You may leave this field empty unless otherwise advised. | String |
|
isPublishToMail | Required | Whether or not an email will be sent. | Boolean |
|
isPublishToSyslog | Required | Whether or not a syslog message will be sent. | Boolean |
|
isPublishToMailWs | Required | Whether or not an email will be sent via webservice. | Boolean |
|
errorThreshold | Required | If the alert value exceeds the error threshold value, the alert is assigned with a severity of error. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
warningThreshold | Optional | If the alert value exceeds the warning threshold value, the alert is assigned with a severity of warning. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
warningDamagePoints | Optional | The amount of damage points that are assigned for this alert if the alert has a severity of warning. | Double | Thresholds can be set only for health metrics that support thresholds (such as Frequency or Flat-Line) |
alertType | Required | Type of the alert query. | String |
|
comparator | Required | The comparator used to compare between the OpenSearch query result and the error threshold. | String |
|
valueFieldName | Optional | The field name which field value is compared to the list of values. | String | Only applicable for alert type "List" and “Frequency“ |
listOfValues | Optional | For alert type “Frequency“, is is a delimited final result list which will force the result to include only specific values. Missing values will be added with 0 fetched documents (thus allowing the user to identify missing values such as unused services). | String | Only applicable for alert type "List" and “Frequency“ |
listDelimiter | Optional | The delimiter used to delimit the list of values. | String | Only applicable for alert type "List" and “Frequency“ |
investigateUri | Required | The investigate link displays the data that triggered each alert in DPOD Web Console. | String |
|
aggregationNamesToIgnore | Optional | Aggregation names to ignore in results. | String (Comma separated) |
|
Example:
{ "isSystemHealthMetric": false, "isActive": false, "name": "This_is_automationAbc", "description": "This_is_automationAbc", "productView": "APIC", "indexSets": "wdp-device-resources", "documentType": "WDP_DEVICE_RESOURCES", "jsonQuery": "{\"query\": {\"bool\": {\"must\": {\"match_all\": {}},\"filter\": {}}},\"aggs\": {\"Device\": {\"terms\": {\"field\":\"deviceName\",\"size\": 1000,\"shard_size\": 10000,\"order\": {\"MaxCpu\":\"desc\"}},\"aggs\": {\"MaxCpu\": {\"max\": {\"field\":\"usedCPUInPercentage\"}}}}},\"size\": 0}", "jsonParameters": "", "schedule": "", "recipients": [], "filtersParameters": { "timeRangeType": "recent", "timeRangePeriod": "86400000" }, "isPublishToMail": false, "isPublishToSyslog": true, "isPublishToMailWs": false, "errorThreshold": 15.0, "alertType": "Flatline", "comparator": "GreaterThanOrEquals", "investigateUri": "" }
Successful Response:
The response includes the following fields in its result
element:
Name | Description | Type | Available Options |
---|---|---|---|
id | The ID of the alert. | Long |
|
isSystemHealthMetric | See the description in the request above. | ||
isActive | See the description in the request above. | ||
name | See the description in the request above. | ||
description | See the description in the request above. | ||
productView | See the description in the request above. | ||
indexSets | See the description in the request above. | ||
documentType | See the description in the request above. | ||
jsonQuery | See the description in the request above. | ||
jsonParameters | See the description in the request above. | ||
schedule | See the description in the request above. | ||
recipients | See the description in the request above. | ||
filtersParameters | See the description in the request above. | ||
serviceNameFieldOverride | See the description in the request above. | ||
lastUpdateTimeInMillis | Time the alert was created. | Long |
|
lastUpdateUserName | The user who created the alert. | String |
|
isPublishToMail | See the description in the request above. | ||
isPublishToSyslog | See the description in the request above. | ||
isPublishToMailWs | See the description in the request above. | ||
errorThreshold | See the description in the request above. | ||
warningThreshold | See the description in the request above. | ||
warningDamagePoints | See the description in the request above. | ||
alertType | See the description in the request above. | ||
comparator | See the description in the request above. | ||
apiReference | Unique alert UUID. | String |
|
valueFieldName | See the description in the request above. | ||
listOfValues | See the description in the request above. | ||
listDelimiter | See the description in the request above. | ||
investigateUri | See the description in the request above. | ||
aggregationNamesToIgnore | See the description in the request above. |
Example:
{ "resultCode": "SUCCESS", "resultMessage": "Alert updated successfully", "result": { "id": 45, "isSystemHealthMetric": false, "isActive": false, "name": "This_is_automationAbc", "description": "This_is_automationAbc", "productView": "APIC", "indexSets": "wdp-device-resources", "documentType": "WDP_DEVICE_RESOURCES", "jsonQuery": "{\"query\": {\"bool\": {\"must\": {\"match_all\": {}},\"filter\": {}}},\"aggs\": {\"Device\": {\"terms\": {\"field\":\"deviceName\",\"size\": 1000,\"shard_size\": 10000,\"order\": {\"MaxCpu\":\"desc\"}},\"aggs\": {\"MaxCpu\": {\"max\": {\"field\":\"usedCPUInPercentage\"}}}}},\"size\": 0}", "jsonParameters": "", "schedule": "", "recipients": [], "filtersParameters": { "timeRangeType": "recent", "timeRangePeriod": "86400000" }, "lastUpdateTimeInMillis": 1727703635726, "lastUpdateUserName": "admin", "isPublishToMail": false, "isPublishToSyslog": true, "isPublishToMailWs": false, "errorThreshold": 15.0, "alertType": "Flatline", "comparator": "GreaterThanOrEquals", "apiReference": "BE159C79-EEF9-4C9C-AADE-BDE515FBCAF2", "investigateUri": "" } }
DELETE Delete an Alert
Description:
This API deletes a specific alert.
Required Roles:
One of the following:
A custom role that allows access to “Edit Alerts”.
The OpDashAdminRole builtin role.
URI:
/op/api/v2/alert/{{productView}}/{{alertApiReferenceId}}
Request:
The request should use the DELETE method with the following URL parameters:
Name | Required/Optional | Description | Type | Available Options |
---|---|---|---|---|
productView | Required | The product view. | String |
|
alertApiReferenceId | Required | The alert UUID. | String |
|
Successful Response:
Example:
{ "resultCode": "SUCCESS", "resultMessage": "Alert deleted successfully" }
- No labels