Updated on 2024-12-13 GMT+08:00

Enabling an Alert Rule

Function

Enable alert rule

Calling Method

For details, see Calling APIs.

URI

POST /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/enable

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID. Project ID.

workspace_id

Yes

String

Workspace ID. Workspace ID.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token. You can obtain the token by calling the IAM API used to obtain a user token. Token of an IAM user. To obtain it, call the corresponding IAM API.

Table 3 Request body parameters

Parameter

Mandatory

Type

Description

[items]

Yes

Array of strings

EnableAlertRuleRequestBody

Response Parameters

Status code: 200

Table 4 Response header parameters

Parameter

Type

Description

X-request-id

String

This field is the request ID number for task tracking. Format is request_uuid-timestamp-hostname.

Table 5 Response body parameters

Parameter

Type

Description

fail_list

Array of AlertRule objects

Alert rule ID.

success_list

Array of AlertRule objects

Alert rule ID.

Table 6 AlertRule

Parameter

Type

Description

rule_id

String

Alert rule ID.

pipe_id

String

Pipeline ID.Pipe ID.

pipe_name

String

Data pipeline name.Pipe name.

create_by

String

Created by. Created by.

create_time

Long

Creation time. Create time.

update_by

String

Updated by. Update by.

update_time

Long

Update time. Update time.

delete_time

Long

The deletion time. Delete time.

rule_name

String

Alert rule name.

query

String

Query.

query_type

String

SQL query syntax. Query type. SQL.

status

String

Status. The options are as follows - Enabled - Disabled

severity

String

Severity. The options are as follows - Tips - Low - Medium - High - FATAL.

custom_properties

Map<String,String>

Custom extension information. Custom properties.

event_grouping

Boolean

Alert group. Alert group.

schedule

Schedule object

Schedule Rule.

triggers

Array of AlertRuleTrigger objects

Alert triggering rules. Alert triggers.

Table 7 Schedule

Parameter

Type

Description

frequency_interval

Integer

Scheduling interval. Frequency interval.

frequency_unit

String

The unit of the scheduling interval. The value can be minute, hour, or day. Frequency unit. MINUTE, HOUR, DAY.

period_interval

Integer

Time window interval. Period interval.

period_unit

String

Time Window unit. The value can be minute, hour, or day. Period unit. MINUTE, HOUR, DAY.

delay_interval

Integer

The delay interval. Delay interval

overtime_interval

Integer

Timeout interval. Overtime interval

Table 8 AlertRuleTrigger

Parameter

Type

Description

mode

String

Number of modes. Mode. COUNT.

operator

String

Operator, which can be equal to, not equal to, greater than, or less than. operator. EQ equal, NE not equal, GT greater than, LT less than.

expression

String

expression

severity

String

Severity. The options are as follows - Tips - Low - Medium - High - FATAL.

accumulated_times

Integer

accumulated_times

Status code: 400

Table 9 Response header parameters

Parameter

Type

Description

X-request-id

String

This field is the request ID number for task tracking. Format is request_uuid-timestamp-hostname.

Example Requests

Enabling rule 123123

[ "123123" ]

Example Responses

Status code: 200

Success

{
  "fail_list" : [ ],
  "success_list" : [ ]
}

SDK Sample Code

The SDK sample code is as follows.

Enabling rule 123123

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.secmaster.v2.region.SecMasterRegion;
import com.huaweicloud.sdk.secmaster.v2.*;
import com.huaweicloud.sdk.secmaster.v2.model.*;

import java.util.List;
import java.util.ArrayList;

public class EnableAlertRuleSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        SecMasterClient client = SecMasterClient.newBuilder()
                .withCredential(auth)
                .withRegion(SecMasterRegion.valueOf("<YOUR REGION>"))
                .build();
        EnableAlertRuleRequest request = new EnableAlertRuleRequest();
        request.withWorkspaceId("{workspace_id}");
        List<String> listbodyBody = new ArrayList<>();
        listbodyBody.add("123123");
        request.withBody(listbodyBody);
        try {
            EnableAlertRuleResponse response = client.enableAlertRule(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

Enabling rule 123123

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdksecmaster.v2.region.secmaster_region import SecMasterRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdksecmaster.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = SecMasterClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(SecMasterRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = EnableAlertRuleRequest()
        request.workspace_id = "{workspace_id}"
        listBodybody = [
            "123123"
        ]
        request.body = listBodybody
        response = client.enable_alert_rule(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

Enabling rule 123123

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    secmaster "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := secmaster.NewSecMasterClient(
        secmaster.SecMasterClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.EnableAlertRuleRequest{}
	request.WorkspaceId = "{workspace_id}"
	var listBodybody = []string{
        "123123",
    }
	request.Body = &listBodybody
	response, err := client.EnableAlertRule(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code

Description

200

Success

400

Bad Request

Error Codes

See Error Codes.