Group by Policy field
POST/alert/v1/aggregate
Return paginated groups with alert count based on the group by policy field, input filter along with next pagination token
Request
- application/json
Body
required
- Array [
- ]
- AbsoluteTimeRangeConfig
- FromNowTimeRangeConfig
- RelativeTimeRangeConfig
- ToNowTimeRangeConfig
filters object[]
Filtering parameters
Array of sort properties. Append :asc or :desc to the key to sort by ascending or descending order respectively. Example sort properties are id:asc and timestamp:desc
Possible values: [policy.type, policy.severity, policy.label, compliance.standard]
group by field
Maximum number of items to return. When data is paginated, maximum number of items per page.The maximum cannot exceed 500. The default is 50
Setting this pagination Token to the nextPageToken from a response object returns the next page of data
timeRange object
Possible values: [to_now,absolute,relative,from_now]
type for time range
Possible values: [epoch]
Possible values: [lastOpenStateTs, lastStatusChangeTs, lastUpdatedTs]
value object
Possible values: [to_now,absolute,relative,from_now]
type for time range
Possible values: [epoch]
Possible values: [lastOpenStateTs, lastStatusChangeTs, lastUpdatedTs]
Possible values: [minute, hour, day, week, month, year, epoch, login]
Possible values: [to_now,absolute,relative,from_now]
type for time range
Possible values: [epoch]
Possible values: [lastOpenStateTs, lastStatusChangeTs, lastUpdatedTs]
value object
Possible values: [minute, hour, day, week, month, year, epoch, login]
Possible values: [BACKWARD, FORWARD]
Possible values: [to_now,absolute,relative,from_now]
type for time range
Possible values: [epoch]
Possible values: [lastOpenStateTs, lastStatusChangeTs, lastUpdatedTs]
Possible values: [minute, hour, day, week, month, year, epoch, login]
Responses
- 200
- 400
- 4XX
Successful operation
- application/json
- Schema
- Example (from schema)
Schema
- Array [
- ]
groups object[]
group by field, for example : policy type, compliance standard etc
sum of all alert count for all policies in the group
number of policies in the group
alert count for policies with critical severity in the group
alert count for policies with high severity in the group
alert count for policies with medium severity in the group
alert count for policies with low severity in the group
alert count for policies with informational severity in the group
number of build policy
number of run policy
List of finding types
Possible values: [all, aws, azure, gcp, alibaba_cloud, oci, other, ibm]
List of cloud types
List of policy ids
countDetails object
alert count
policy count
{
"groups": [
{
"group": "string",
"totalAlerts": 0,
"totalPolicies": 0,
"criticalAlertCount": 0,
"highAlertCount": 0,
"mediumAlertCount": 0,
"lowAlertCount": 0,
"informationalAlertCount": 0,
"buildPolicyCount": 0,
"runPolicyCount": 0,
"findingTypes": [
"string"
],
"cloudTypes": [
"all"
],
"policyIds": [
"string"
]
}
],
"groupBy": "string",
"countDetails": {
"totalAlerts": 0,
"totalPolicies": 0
},
"nextPageToken": "string"
}
Bad Request
- */*
- Schema
Schema
string
Client error
- application/json
- Schema
- Example (from schema)
Schema
- Array [
- ]
errorDetails object[]
{
"timestamp": "string",
"status": 0,
"error": "string",
"errorDetails": [
{
"name": "string",
"message": "string"
}
],
"message": "string",
"path": "string"
}