Deze pagina is nog niet beschikbaar in uw eigen taal. We werken er hard aan om meer taalversies toe te voegen. Bedankt voor uw steun.
Listing Alert Rules
Function
List alert rules
Calling Method
For details, see Calling APIs.
URI
GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Project ID. Project ID. |
|
workspace_id |
Yes |
String |
Workspace ID. Workspace ID. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
offset |
Yes |
Long |
The query offset. Offset. |
|
limit |
Yes |
Long |
Number of bucket groups Limit. |
|
sort_key |
No |
String |
Sorting field. Sort key |
|
sort_dir |
No |
String |
Sort direction, asc or desc. |
|
pipe_id |
No |
String |
Pipeline ID.Pipe ID. |
|
rule_name |
No |
String |
Alert rule name. |
|
rule_id |
No |
String |
Alert rule ID. |
|
status |
No |
Array of strings |
Status. The options are as follows - Enabled - Disabled |
|
severity |
No |
Array of strings |
Severity. The options are as follows - Tips - Low - Medium - High - FATAL. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
User token. You can obtain the token by calling the IAM API used to obtain a user token. Token of an IAM user. To obtain it, call the corresponding IAM API. |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
X-request-id |
String |
This field is the request ID number for task tracking. Format is request_uuid-timestamp-hostname. |
|
Parameter |
Type |
Description |
|---|---|---|
|
count |
Long |
Total number. Total count. |
|
records |
Array of AlertRule objects |
Alert models. Alert rules. |
|
Parameter |
Type |
Description |
|---|---|---|
|
rule_id |
String |
Alert rule ID. |
|
pipe_id |
String |
Pipeline ID.Pipe ID. |
|
pipe_name |
String |
Data pipeline name.Pipe name. |
|
create_by |
String |
Created by. Created by. |
|
create_time |
Long |
Creation time. Create time. |
|
update_by |
String |
Updated by. Update by. |
|
update_time |
Long |
Update time. Update time. |
|
delete_time |
Long |
The deletion time. Delete time. |
|
rule_name |
String |
Alert rule name. |
|
query |
String |
Query. |
|
query_type |
String |
SQL query syntax. Query type. SQL. |
|
status |
String |
Status. The options are as follows - Enabled - Disabled |
|
severity |
String |
Severity. The options are as follows - Tips - Low - Medium - High - FATAL. |
|
custom_properties |
Map<String,String> |
Custom extension information. Custom properties. |
|
event_grouping |
Boolean |
Alert group. Alert group. |
|
schedule |
Schedule object |
Schedule Rule. |
|
triggers |
Array of AlertRuleTrigger objects |
Alert triggering rules. Alert triggers. |
|
Parameter |
Type |
Description |
|---|---|---|
|
frequency_interval |
Integer |
Scheduling interval. Frequency interval. |
|
frequency_unit |
String |
The unit of the scheduling interval. The value can be minute, hour, or day. Frequency unit. MINUTE, HOUR, DAY. |
|
period_interval |
Integer |
Time window interval. Period interval. |
|
period_unit |
String |
Time Window unit. The value can be minute, hour, or day. Period unit. MINUTE, HOUR, DAY. |
|
delay_interval |
Integer |
The delay interval. Delay interval |
|
overtime_interval |
Integer |
Timeout interval. Overtime interval |
|
Parameter |
Type |
Description |
|---|---|---|
|
mode |
String |
Number of modes. Mode. COUNT. |
|
operator |
String |
Operator, which can be equal to, not equal to, greater than, or less than. operator. EQ equal, NE not equal, GT greater than, LT less than. |
|
expression |
String |
expression |
|
severity |
String |
Severity. The options are as follows - Tips - Low - Medium - High - FATAL. |
|
accumulated_times |
Integer |
accumulated_times |
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
X-request-id |
String |
This field is the request ID number for task tracking. Format is request_uuid-timestamp-hostname. |
Example Requests
None
Example Responses
Status code: 200
Success
{
"count" : 9223372036854776000,
"records" : [ {
"rule_id" : "443a0117-1aa4-4595-ad4a-796fad4d4950",
"pipe_id" : "772fb35b-83bc-46c9-a0b1-ebe31070a889",
"create_by" : "582dd19dd99d4505a1d7929dc943b169",
"create_time" : 1665221214,
"update_by" : "582dd19dd99d4505a1d7929dc943b169",
"update_time" : 1665221214,
"delete_time" : 0,
"rule_name" : "Alert rule",
"query" : "* | select status, count(*) as count group by status",
"query_type" : "SQL",
"status" : "ENABLED",
"severity" : "TIPS",
"custom_properties" : {
"references" : "https://localhost/references",
"maintainer" : "isap"
},
"event_grouping" : true,
"schedule" : {
"frequency_interval" : 5,
"frequency_unit" : "MINUTE",
"period_interval" : 5,
"period_unit" : "MINUTE",
"delay_interval" : 2,
"overtime_interval" : 10
},
"triggers" : [ {
"mode" : "COUNT",
"operator" : "GT",
"expression" : 10,
"severity" : "TIPS"
} ]
} ]
}Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Success |
|
400 |
Bad Request |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
