Help Center/ SecMaster/ API Reference/ Security Analysis V2 APIs/ Alert Rule Template Management/ Viewing an Alert Rule Template
Updated on 2025-10-29 GMT+08:00
Online Debugging
CLI Examples
View PDF
Share

Viewing an Alert Rule Template

Function

This API is used to view an alert rule template.

Calling Method

For details, see Calling APIs.

URI

GET /v2/{project_id}/workspaces/{workspace_id}/siem/alert-rules/templates/{template_id}

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Definition

Project ID, which is used to specify the project that a resource belongs to. You can query the resources of a project by project ID. You can obtain the project ID from the API or console. Obtaining the Project ID

Constraints

N/A

Range

N/A

Default Value

N/A

workspace_id

Yes

String

Workspace ID.

template_id

Yes

String

Alert rule template ID.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Definition

User token. You can obtain it by calling the IAM API for obtaining a user token. The user token is the value of X-Subject-Token in the response header. Obtaining a User Token

Constraints

N/A

Range

N/A

Default Value

N/A

Response Parameters

Status code: 200

Table 3 Response body parameters

Parameter

Type

Description

accumulated_times

Integer

Accumulated times.

create_by

String

UUID

create_time

Integer

Timestamp, in ms.

cu_quota_amount

Number

Amount

description

String

Alert rule template description.

environment

String

Definition

Environment type.

  • PROD: production environment

  • TEST: test environment

Constraints

N/A

Range

  • PROD

  • TEST

Default Value

N/A

job_mode

String

Definition

Job mode.

  • STREAMING: streaming processing

  • BATCH: batch processing

  • SEARCH: retrieval

Constraints

N/A

Range

  • STREAMING

  • BATCH

  • SEARCH

Default Value

N/A

job_mode_setting

IsapJobModeSettingVo object

Job mode settings.

job_output_setting

IsapJobOutputSetting object

Job output settings.

process_error

String

Definition

Processing error.

  • NONE

Constraints

N/A

Range

  • NONE

Default Value

N/A

process_status

String

Definition

Handling status.

  • COMPLETED: completed

  • CREATING: being created

  • UPDATING: being updated

  • ENABLING: being enabled

  • DISABLING: being disabled

  • DELETING: being deleted

  • CREATE_FAILED: creation failed

  • UPDATE_FAILED: update failed

  • ENABLE_FAILED: enabling failed

  • DISABLE_FAILED: disabling failed

  • DELETE_FAILED: deletion failed

  • RECOVERING: being recovered

Constraints

N/A

Range

  • COMPLETED

  • CREATING

  • UPDATING

  • ENABLING

  • DISABLING

  • DELETING

  • CREATE_FAILED

  • UPDATE_FAILED

  • ENABLE_FAILED

  • DISABLE_FAILED

  • DELETE_FAILED

  • RECOVERING

Default Value

N/A

query_type

String

Definition

Query type.

  • SQL: SQL query

  • CBSL: CBSL query

Constraints

N/A

Range

  • SQL

  • CBSL

Default Value

N/A

script

String

Script.

status

String

Definition

Status.

  • ENABLED

  • DISABLED

Constraints

N/A

Range

  • ENABLED

  • DISABLED

Default Value

N/A

table_name

String

Table name.

template_id

String

UUID

template_name

String

Template Name

triggers

Array of Trigger objects

Trigger array.

update_by

String

UUID

update_time

Integer

Timestamp, in ms.
Table 4 IsapJobModeSettingVo

Parameter

Type

Description

batch_overtime_interval

Integer

Time

batch_overtime_unit

String

Definition

Time unit.

  • MINUTE

  • HOUR

  • DAY

  • MONTH: month

Constraints

N/A

Range

  • MINUTE

  • HOUR

  • DAY

  • MONTH

Default Value

N/A

batch_frequency_interval

Integer

Time

batch_frequency_unit

String

Definition

Time unit.

  • MINUTE

  • HOUR

  • DAY

  • MONTH: month

Constraints

N/A

Range

  • MINUTE

  • HOUR

  • DAY

  • MONTH

Default Value

N/A

streaming_state_ttl_interval

Integer

Time

streaming_state_ttl_unit

String

Definition

Time unit.

  • MINUTE

  • HOUR

  • DAY

  • MONTH: month

Constraints

N/A

Range

  • MINUTE

  • HOUR

  • DAY

  • MONTH

Default Value

N/A

streaming_checkpoint_ttl_interval

Integer

Time

streaming_checkpoint_ttl_unit

String

Definition

Time unit.

  • MINUTE

  • HOUR

  • DAY

  • MONTH: month

Constraints

N/A

Range

  • MINUTE

  • HOUR

  • DAY

  • MONTH

Default Value

N/A

streaming_startup_mode

String

Definition

Job startup mode.

  • UPGRADE: startup in upgrade mode

  • REFRESH_NEW: startup in refresh mode

Constraints

N/A

Range

  • UPGRADE

  • REFRESH_NEW

Default Value

N/A

batch_overtime_strategy_interval

Integer

Time

batch_overtime_strategy_unit

String

Definition

Time unit.

  • MINUTE

  • HOUR

  • DAY

  • MONTH: month

Constraints

N/A

Range

  • MINUTE

  • HOUR

  • DAY

  • MONTH

Default Value

N/A

search_delay_interval

Integer

Time

search_delay_unit

String

Definition

Time unit.

  • MINUTE

  • HOUR

  • DAY

  • MONTH: month

Constraints

N/A

Range

  • MINUTE

  • HOUR

  • DAY

  • MONTH

Default Value

N/A

search_frequency_interval

Integer

Time

search_frequency_unit

String

Definition

Time unit.

  • MINUTE

  • HOUR

  • DAY

  • MONTH: month

Constraints

N/A

Range

  • MINUTE

  • HOUR

  • DAY

  • MONTH

Default Value

N/A

search_overtime_interval

Integer

Time

search_overtime_unit

String

Definition

Time unit.

  • MINUTE

  • HOUR

  • DAY

  • MONTH: month

Constraints

N/A

Range

  • MINUTE

  • HOUR

  • DAY

  • MONTH

Default Value

N/A

search_period_interval

Integer

Time

search_period_unit

String

Definition

Time unit.

  • MINUTE

  • HOUR

  • DAY

  • MONTH: month

Constraints

N/A

Range

  • MINUTE

  • HOUR

  • DAY

  • MONTH

Default Value

N/A

search_table_id

String

UUID

search_table_name

String

Table name.
Table 5 IsapJobOutputSetting

Parameter

Type

Description

alert_custom_properties

Map<String,String>

Map<String,String>

alert_description

String

Alert description.

alert_grouping

Boolean

Group flag.

alert_mapping

Map<String,String>

Map<String,String>

alert_name

String

Alert name.

alert_remediation

String

Alert handling suggestion.

alert_severity

String

Definition

Alert severity.

  • TIPS: informational

  • LOW: low risk

  • MEDIUM: medium risk

  • HIGH: high risk

  • FATAL: critical

Constraints

N/A

Range

  • TIPS

  • LOW

  • MEDIUM

  • HIGH

  • FATAL

Default Value

N/A

alert_suppression

Boolean

Suppression flag.

alert_type

Map<String,String>

Map<String,String>

entity_extraction

Map<String,String>

Map<String,String>

field_mapping

Map<String,String>

Map<String,String>
Table 6 Trigger

Parameter

Type

Description

accumulated_times

Integer

Accumulated times.

expression

String

Expression

job_id

String

UUID

mode

String

Definition

Mode.

  • COUNT: counting

Constraints

N/A

Range

  • COUNT

Default Value

N/A

operator

String

Definition

Operator type.

  • GT: greater than

  • LT: less than

  • EQ: equal to

  • NE: not equal to

Constraints

N/A

Range

  • GT

  • LT

  • EQ

  • NE

Default Value

N/A

severity

String

Definition

Alert severity.

  • TIPS: informational

  • LOW: low risk

  • MEDIUM: medium risk

  • HIGH: high risk

  • FATAL: critical

Constraints

N/A

Range

  • TIPS

  • LOW

  • MEDIUM

  • HIGH

  • FATAL

Default Value

N/A

Example Requests

None

Example Responses

None

SDK Sample Code

The SDK sample code is as follows.

Java

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.secmaster.v2.region.SecMasterRegion;
import com.huaweicloud.sdk.secmaster.v2.*;
import com.huaweicloud.sdk.secmaster.v2.model.*;


public class ShowAlertRuleTemplateSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        SecMasterClient client = SecMasterClient.newBuilder()
                .withCredential(auth)
                .withRegion(SecMasterRegion.valueOf("<YOUR REGION>"))
                .build();
        ShowAlertRuleTemplateRequest request = new ShowAlertRuleTemplateRequest();
        request.withWorkspaceId("{workspace_id}");
        request.withTemplateId("{template_id}");
        try {
            ShowAlertRuleTemplateResponse response = client.showAlertRuleTemplate(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

Python

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdksecmaster.v2.region.secmaster_region import SecMasterRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdksecmaster.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = SecMasterClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(SecMasterRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = ShowAlertRuleTemplateRequest()
        request.workspace_id = "{workspace_id}"
        request.template_id = "{template_id}"
        response = client.show_alert_rule_template(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

Go

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
 
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    secmaster "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := secmaster.NewSecMasterClient(
        secmaster.SecMasterClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.ShowAlertRuleTemplateRequest{}
	request.WorkspaceId = "{workspace_id}"
	request.TemplateId = "{template_id}"
	response, err := client.ShowAlertRuleTemplate(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

More

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code

Description

200

Success

Error Codes

See Error Codes.