Creating an Alert Rule
Function
This API is used to create an alert rule.
Calling Method
For details, see Calling APIs.
URI
POST /v2/{project_id}/workspaces/{workspace_id}/siem/alert-rules
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Definition Project ID, which is used to specify the project that a resource belongs to. You can query the resources of a project by project ID. You can obtain the project ID from the API or console. Obtaining the Project ID Constraints N/A Range N/A Default Value N/A |
|
workspace_id |
Yes |
String |
Workspace ID. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
Definition User token. You can obtain it by calling the IAM API for obtaining a user token. The user token is the value of X-Subject-Token in the response header. Obtaining a User Token Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
alert_rule_name |
Yes |
String |
Alert rule name. |
|
description |
Yes |
String |
Alert rule description. |
|
directory |
No |
String |
Directory group. |
|
script |
No |
String |
Job script. |
|
status |
Yes |
String |
Definition Job status. Constraints N/A Range Default Value N/A |
|
job_mode |
Yes |
String |
Definition Job mode. Constraints N/A Range Default Value N/A |
|
job_mode_setting |
No |
IsapJobModeSettingDto object |
Data transmission object for job mode settings. |
|
environment |
Yes |
String |
Definition Environment type. Constraints N/A Range Default Value N/A |
|
job_output_setting |
No |
IsapJobOutputSetting object |
Job output settings. |
|
output_table_id |
Yes |
String |
UUID |
|
output_table_name |
No |
String |
Table name. |
|
cu_quota_amount |
Yes |
Float |
Quantity. |
|
output_table_ids |
Yes |
Array of strings |
Output table ID list. |
|
output_table_names |
Yes |
Array of strings |
Output table name list. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
batch_overtime_interval |
No |
Integer |
Integer interval. |
|
batch_overtime_unit |
No |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
batch_frequency_interval |
No |
Integer |
Integer interval. |
|
batch_frequency_unit |
No |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
streaming_state_ttl_interval |
No |
Integer |
Integer interval. |
|
streaming_state_ttl_unit |
No |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
streaming_checkpoint_ttl_interval |
No |
Integer |
Integer interval. |
|
streaming_checkpoint_ttl_unit |
No |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
streaming_startup_mode |
No |
String |
Definition Job startup mode. Constraints N/A Range Default Value N/A |
|
batch_overtime_strategy_interval |
No |
Integer |
Integer interval. |
|
batch_overtime_strategy_unit |
No |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
search_delay_interval |
No |
Integer |
Integer interval. |
|
search_delay_unit |
No |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
search_frequency_interval |
No |
Integer |
Integer interval. |
|
search_frequency_unit |
No |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
search_overtime_interval |
No |
Integer |
Integer interval. |
|
search_overtime_unit |
No |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
search_period_interval |
No |
Integer |
Integer interval. |
|
search_period_unit |
No |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
search_table_id |
No |
String |
UUID |
|
search_table_name |
No |
String |
Table name. |
|
field_not_null_policy |
No |
String |
Definition Policy for processing non-empty fields in job tables. LOOSE STRICT Constraints N/A Value Range LOOSE STRICT Default Value LOOSE |
|
dss_id |
No |
Integer |
Long integer interval. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
alert_custom_properties |
No |
Map<String,String> |
Mapping table. |
|
alert_description |
No |
String |
Alert description. |
|
alert_grouping |
No |
Boolean |
Group flag. |
|
alert_mapping |
No |
Map<String,String> |
Mapping table. |
|
alert_name |
No |
String |
Alert name. |
|
alert_remediation |
No |
String |
Alert handling suggestion. |
|
alert_severity |
No |
String |
Definition Alert severity. Constraints N/A Range Default Value N/A |
|
alert_suppression |
No |
Boolean |
Suppression flag. |
|
alert_type |
No |
Map<String,String> |
Alert type mapping table. |
|
entity_extraction |
No |
Map<String,String> |
Extracted entity. |
|
field_mapping |
No |
Map<String,String> |
Field mapping. |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
alert_rule_id |
String |
UUID |
|
alert_rule_name |
String |
Alert rule name. |
|
script |
String |
Job script. |
|
status |
String |
Definition Job status. Constraints N/A Range Default Value N/A |
|
directory |
String |
Directory group. |
|
description |
String |
Alert rule description. |
|
job_mode |
String |
Definition Job mode. Constraints N/A Range Default Value N/A |
|
job_mode_setting |
IsapJobModeSettingVo object |
Job mode settings. |
|
job_output_setting |
AlertRuleJobSetting object |
Alert rule job settings |
|
process_status |
String |
Definition Job processing status. Constraints N/A Range Default Value N/A |
|
process_error |
String |
Definition Alert rule processing error. Constraints N/A Range Default Value N/A |
|
environment |
String |
Definition Environment type. Constraints N/A Range Default Value N/A |
|
output_table_id |
String |
UUID |
|
output_table_name |
String |
Table name. |
|
output_table_ids |
Array of strings |
Output table ID list. |
|
output_table_names |
Array of strings |
Output table name list. |
|
create_by |
String |
Creator. |
|
create_time |
Integer |
Timestamp, in ms. |
|
update_by |
String |
Updater. |
|
update_time |
Integer |
Timestamp, in ms. |
|
delete_time |
Integer |
Timestamp, in ms. |
|
Parameter |
Type |
Description |
|---|---|---|
|
batch_overtime_interval |
Integer |
Integer interval. |
|
batch_overtime_unit |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
batch_frequency_interval |
Integer |
Integer interval. |
|
batch_frequency_unit |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
streaming_state_ttl_interval |
Integer |
Integer interval. |
|
streaming_state_ttl_unit |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
streaming_checkpoint_ttl_interval |
Integer |
Integer interval. |
|
streaming_checkpoint_ttl_unit |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
streaming_startup_mode |
String |
Definition Job startup mode. Constraints N/A Range Default Value N/A |
|
batch_overtime_strategy_interval |
Integer |
Integer interval. |
|
batch_overtime_strategy_unit |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
search_delay_interval |
Integer |
Integer interval. |
|
search_delay_unit |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
search_frequency_interval |
Integer |
Integer interval. |
|
search_frequency_unit |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
search_overtime_interval |
Integer |
Integer interval. |
|
search_overtime_unit |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
search_period_interval |
Integer |
Integer interval. |
|
search_period_unit |
String |
Definition Time unit. Constraints N/A Range Default Value N/A |
|
search_table_id |
String |
UUID |
|
search_table_name |
String |
Table name. |
|
field_not_null_policy |
String |
Definition Policy for processing non-empty fields in job tables. LOOSE STRICT Constraints N/A Value Range LOOSE STRICT Default Value LOOSE |
|
Parameter |
Type |
Description |
|---|---|---|
|
alert_custom_properties |
Map<String,String> |
Custom alert attributes. |
|
alert_description |
String |
Alert description. |
|
alert_grouping |
Boolean |
Whether to group alerts. |
|
alert_mapping |
Map<String,String> |
Alert mapping. |
|
alert_name |
String |
Alert name. |
|
alert_remediation |
String |
Alert clearance. |
|
alert_severity |
String |
Definition Alert severity. Constraints N/A Range Default Value N/A |
|
alert_suppression |
Boolean |
Whether to suppress alerts. |
|
alert_type |
Map<String,String> |
Alert type. |
|
entity_extraction |
Map<String,String> |
Extracted entity. |
|
field_mapping |
Map<String,String> |
Field mapping. |
|
dict_mapping |
Array of DictMappingObject objects |
Dictionary mapping table. |
|
Parameter |
Type |
Description |
|---|---|---|
|
dest_field_name |
String |
Target field of the dictionary mapping. |
|
table_id |
String |
ID of the dimension table of the dictionary mapping object. |
|
dic_map_name |
String |
Dictionary mapping name. |
|
src_filed_name |
String |
Original field of the dictionary mapping. |
Example Requests
Create an alert rule.
https://{endpoint}/v2/{project_id}/workspaces/{workspace_id}/siem/alert-rules
{
"alert_rule_name" : "test_create_alert_rule",
"directory" : "",
"description" : "test",
"script" : "select * from security_alert limit 1",
"status" : "ENABLED",
"environment" : "PROD",
"output_table_id" : "9179fc17-2376-48d2-9db6-963141ab293c",
"output_table_ids" : [ "9179fc17-2376-48d2-9db6-963141ab293c" ],
"output_table_names" : [ "security_alert" ],
"cu_quota_amount" : 1,
"job_mode" : "BATCH",
"job_mode_setting" : {
"batch_frequency_interval" : 5,
"batch_frequency_unit" : "MINUTE",
"batch_overtime_interval" : 5,
"batch_overtime_unit" : "MINUTE",
"field_not_null_policy" : "LOOSE"
},
"job_output_setting" : {
"alert_severity" : "MEDIUM",
"alert_grouping" : true,
"alert_suppression" : false,
"field_mapping" : {
"title" : "test_alert",
"description" : "test",
"defense_type" : "Server"
},
"alert_type" : {
"id" : "9160fce3-ee04-38cd-b41d-db04c1037a58",
"name" : "Tccw",
"business_code" : "Testxxx",
"category" : "category",
"dataclass_id" : "e410ae50-43fa-343e-807a-a2a9edb8018e"
},
"entity_extraction" : { }
}
}
Example Responses
Status code: 200
Request succeeded.
{
"alert_rule_id" : "6cee978c-eced-46e0-9e58-b4712318aa73",
"alert_rule_name" : "test_create_alert_rule",
"create_by" : "c5dc81eef620481bb2f233fdcbd59868",
"create_time" : 1768544729555,
"delete_time" : 0,
"description" : "test",
"directory" : "",
"environment" : "PROD",
"job_mode" : "BATCH",
"job_mode_setting" : {
"batch_frequency_interval" : 5,
"batch_frequency_unit" : "MINUTE",
"batch_overtime_interval" : 5,
"batch_overtime_unit" : "MINUTE",
"field_not_null_policy" : "LOOSE",
"streaming_checkpoint_ttl_interval" : 5
},
"job_output_setting" : {
"alert_custom_properties" : { },
"alert_grouping" : true,
"alert_mapping" : { },
"alert_severity" : "MEDIUM",
"alert_suppression" : false,
"alert_type" : {
"name" : "Tccw",
"business_code" : "Testxxx",
"id" : "9160fce3-ee04-38cd-b41d-db04c1037a58",
"dataclass_id" : "e410ae50-43fa-343e-807a-a2a9edb8018e",
"category" : "category"
},
"entity_extraction" : { },
"field_mapping" : {
"defense_type" : "Server",
"description" : "test",
"title" : "test_alert"
}
},
"output_table_id" : "9179fc17-2376-48d2-9db6-963141ab293c",
"output_table_ids" : [ "9179fc17-2376-48d2-9db6-963141ab293c" ],
"output_table_names" : [ "security_alert" ],
"process_status" : "CREATING",
"script" : "select * from security_alert limit 1",
"status" : "ENABLED",
"update_by" : "c5dc81eef620481bb2f233fdcbd59868",
"update_time" : 1768544729327
}
SDK Sample Code
The SDK sample code is as follows.
Create an alert rule.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.secmaster.v2.region.SecMasterRegion; import com.huaweicloud.sdk.secmaster.v2.*; import com.huaweicloud.sdk.secmaster.v2.model.*; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.util.HashMap; public class CreateAlertRuleSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); SecMasterClient client = SecMasterClient.newBuilder() .withCredential(auth) .withRegion(SecMasterRegion.valueOf("<YOUR REGION>")) .build(); CreateAlertRuleRequest request = new CreateAlertRuleRequest(); request.withWorkspaceId("{workspace_id}"); CreateAlertRuleRequestBody body = new CreateAlertRuleRequestBody(); List<String> listbodyOutputTableNames = new ArrayList<>(); listbodyOutputTableNames.add("security_alert"); List<String> listbodyOutputTableIds = new ArrayList<>(); listbodyOutputTableIds.add("9179fc17-2376-48d2-9db6-963141ab293c"); Map<String, String> listJobOutputSettingFieldMapping = new HashMap<>(); listJobOutputSettingFieldMapping.put("title", "test_alert"); listJobOutputSettingFieldMapping.put("description", "test"); listJobOutputSettingFieldMapping.put("defense_type", "Server"); Map<String, String> listJobOutputSettingAlertType = new HashMap<>(); listJobOutputSettingAlertType.put("id", "9160fce3-ee04-38cd-b41d-db04c1037a58"); listJobOutputSettingAlertType.put("name", "Tccw"); listJobOutputSettingAlertType.put("business_code", "Testxxx"); listJobOutputSettingAlertType.put("category", "category"); listJobOutputSettingAlertType.put("dataclass_id", "e410ae50-43fa-343e-807a-a2a9edb8018e"); IsapJobOutputSetting jobOutputSettingbody = new IsapJobOutputSetting(); jobOutputSettingbody.withAlertGrouping(true) .withAlertSeverity(IsapJobOutputSetting.AlertSeverityEnum.fromValue("MEDIUM")) .withAlertSuppression(false) .withAlertType(listJobOutputSettingAlertType) .withFieldMapping(listJobOutputSettingFieldMapping); IsapJobModeSettingDto jobModeSettingbody = new IsapJobModeSettingDto(); jobModeSettingbody.withBatchOvertimeInterval(5) .withBatchFrequencyUnit(IsapJobModeSettingDto.BatchFrequencyUnitEnum.fromValue("MINUTE")) .withBatchFrequencyInterval(5) .withFieldNotNullPolicy(IsapJobModeSettingDto.FieldNotNullPolicyEnum.fromValue("LOOSE")) .withBatchOvertimeUnit(IsapJobModeSettingDto.BatchOvertimeUnitEnum.fromValue("MINUTE")); body.withOutputTableNames(listbodyOutputTableNames); body.withOutputTableIds(listbodyOutputTableIds); body.withCuQuotaAmount(1f); body.withOutputTableId("9179fc17-2376-48d2-9db6-963141ab293c"); body.withJobOutputSetting(jobOutputSettingbody); body.withEnvironment(CreateAlertRuleRequestBody.EnvironmentEnum.fromValue("PROD")); body.withJobModeSetting(jobModeSettingbody); body.withJobMode(CreateAlertRuleRequestBody.JobModeEnum.fromValue("BATCH")); body.withStatus(CreateAlertRuleRequestBody.StatusEnum.fromValue("ENABLED")); body.withScript("select * from security_alert limit 1"); body.withDirectory(""); body.withDescription("test"); body.withAlertRuleName("test_create_alert_rule"); request.withBody(body); try { CreateAlertRuleResponse response = client.createAlertRule(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
Create an alert rule.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdksecmaster.v2.region.secmaster_region import SecMasterRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdksecmaster.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = SecMasterClient.new_builder() \ .with_credentials(credentials) \ .with_region(SecMasterRegion.value_of("<YOUR REGION>")) \ .build() try: request = CreateAlertRuleRequest() request.workspace_id = "{workspace_id}" listOutputTableNamesbody = [ "security_alert" ] listOutputTableIdsbody = [ "9179fc17-2376-48d2-9db6-963141ab293c" ] listFieldMappingJobOutputSetting = { "title": "test_alert", "description": "test", "defense_type": "Server" } listAlertTypeJobOutputSetting = { "id": "9160fce3-ee04-38cd-b41d-db04c1037a58", "name": "Tccw", "business_code": "Testxxx", "category": "category", "dataclass_id": "e410ae50-43fa-343e-807a-a2a9edb8018e" } jobOutputSettingbody = IsapJobOutputSetting( alert_grouping=True, alert_severity="MEDIUM", alert_suppression=False, alert_type=listAlertTypeJobOutputSetting, field_mapping=listFieldMappingJobOutputSetting ) jobModeSettingbody = IsapJobModeSettingDto( batch_overtime_interval=5, batch_frequency_unit="MINUTE", batch_frequency_interval=5, field_not_null_policy="LOOSE", batch_overtime_unit="MINUTE" ) request.body = CreateAlertRuleRequestBody( output_table_names=listOutputTableNamesbody, output_table_ids=listOutputTableIdsbody, cu_quota_amount=1, output_table_id="9179fc17-2376-48d2-9db6-963141ab293c", job_output_setting=jobOutputSettingbody, environment="PROD", job_mode_setting=jobModeSettingbody, job_mode="BATCH", status="ENABLED", script="select * from security_alert limit 1", directory="", description="test", alert_rule_name="test_create_alert_rule" ) response = client.create_alert_rule(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
Create an alert rule.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" secmaster "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := secmaster.NewSecMasterClient( secmaster.SecMasterClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.CreateAlertRuleRequest{} request.WorkspaceId = "{workspace_id}" var listOutputTableNamesbody = []string{ "security_alert", } var listOutputTableIdsbody = []string{ "9179fc17-2376-48d2-9db6-963141ab293c", } var listFieldMappingJobOutputSetting = map[string]string{ "title": "test_alert", "description": "test", "defense_type": "Server", } var listAlertTypeJobOutputSetting = map[string]string{ "id": "9160fce3-ee04-38cd-b41d-db04c1037a58", "name": "Tccw", "business_code": "Testxxx", "category": "category", "dataclass_id": "e410ae50-43fa-343e-807a-a2a9edb8018e", } alertGroupingJobOutputSetting:= true alertSeverityJobOutputSetting:= model.GetIsapJobOutputSettingAlertSeverityEnum().MEDIUM alertSuppressionJobOutputSetting:= false jobOutputSettingbody := &model.IsapJobOutputSetting{ AlertGrouping: &alertGroupingJobOutputSetting, AlertSeverity: &alertSeverityJobOutputSetting, AlertSuppression: &alertSuppressionJobOutputSetting, AlertType: listAlertTypeJobOutputSetting, FieldMapping: listFieldMappingJobOutputSetting, } batchOvertimeIntervalJobModeSetting:= int32(5) batchFrequencyUnitJobModeSetting:= model.GetIsapJobModeSettingDtoBatchFrequencyUnitEnum().MINUTE batchFrequencyIntervalJobModeSetting:= int32(5) fieldNotNullPolicyJobModeSetting:= model.GetIsapJobModeSettingDtoFieldNotNullPolicyEnum().LOOSE batchOvertimeUnitJobModeSetting:= model.GetIsapJobModeSettingDtoBatchOvertimeUnitEnum().MINUTE jobModeSettingbody := &model.IsapJobModeSettingDto{ BatchOvertimeInterval: &batchOvertimeIntervalJobModeSetting, BatchFrequencyUnit: &batchFrequencyUnitJobModeSetting, BatchFrequencyInterval: &batchFrequencyIntervalJobModeSetting, FieldNotNullPolicy: &fieldNotNullPolicyJobModeSetting, BatchOvertimeUnit: &batchOvertimeUnitJobModeSetting, } environmentEnvironment:= model.GetJobEnvironmentEnvironmentEnum().PROD jobModeJobMode:= model.GetIsapJobModeJobModeEnum().BATCH statusStatus:= model.GetJobStatusStatusEnum().ENABLED scriptCreateAlertRuleRequestBody:= "select * from security_alert limit 1" directoryCreateAlertRuleRequestBody:= "" request.Body = &model.CreateAlertRuleRequestBody{ OutputTableNames: listOutputTableNamesbody, OutputTableIds: listOutputTableIdsbody, CuQuotaAmount: float32(1), OutputTableId: "9179fc17-2376-48d2-9db6-963141ab293c", JobOutputSetting: jobOutputSettingbody, Environment: &environmentEnvironment, JobModeSetting: jobModeSettingbody, JobMode: &jobModeJobMode, Status: &statusStatus, Script: &scriptCreateAlertRuleRequestBody, Directory: &directoryCreateAlertRuleRequestBody, Description: "test", AlertRuleName: "test_create_alert_rule", } response, err := client.CreateAlertRule(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Request succeeded. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
