List Alert Remediation Commands

POST 
/alert/remediation

Generates and returns a list of remediation commands for the specified alerts and policies. Data returned for a successful call include fully constructed commands for remediation.

This request requires the following filter request body parameters:

• filter.timeRange.type
• filter.timeRange.value

The rest of the filter parameters are ignored.

Request

application/json; charset=UTF-8

Body

required

Model for AlertsLookupKey

alerts string[]

List of alert IDs. One or more alert IDs associated with a single policy are required if no policies are specified. If a policy is specified, then all the alerts specified must belong to that policy.

filter objectrequired

Model for Filter

detailed boolean

Detailed

fields string[]

Array of specific fields to return

filters object[]

Filtering parameters.

For filter names, refer to List Filters API.

For filter values, refer to List filter suggestions.

The only exception is resource.tagv2 filter name, provide filter value for it in the following format: "{"key":"'CustomerTagKey'","value":"'CustomerTagValue'"}"

Array [

name string

Name

operator string

Possible values: [=]

Operator

value string

Value

]

groupBy string[]

For asset or data inventory only. Group returned items by cloud.type, cloud.service, cloud.region, cloud.account, and/or resource.type

limit number

Maximum number of items to return. When data is paginated, maximum number of items per page.The maximum cannot exceed 10,000. The default is 10,000.

offset number

The number of items to skip before selecting items to return. Default is zero

pageToken string

Setting this pagination Token to the nextPageToken from a response object returns the next page of data

sortBy string[]

Array of sort properties. Append :asc or :desc to the key to sort by ascending or descending order respectively. Example sort properties are id:asc and timestamp:desc

timeRange object

See the Time Range Model for details.

oneOf

RelativeTimeRangeConfigModel

relativeTimeType string

Possible values: [BACKWARD, FORWARD]

Direction in which to count time. Default = BACKWARD

type string

value objectrequired

Model for RelativeTimeDuration

amount int32

Number of time units

unit string

Possible values: [minute, hour, day, week, month, year]

Time unit

AbsoluteTimeRangeConfigModel

type string

value objectrequired

Model for Time

endTime int64

End timestamp

startTime int64

Start timestamp

ToNowTimeRangeConfigModel

value string

Possible values: [MINUTE, HOUR, DAY, WEEK, MONTH, YEAR, EPOCH, LOGIN]

Time range object

policies string[]

List of policy IDs. A single policy ID is required if no alerts are specified.

Responses

200

successful operation

application/json; charset=UTF-8

Schema

Schema

alertIdVsCliScript object
Map of alert ID to CLI script
property name* string
cliDescription string

CLI script description

cliScript string

CLI script to resolve an alert

scriptImpact string

CLI script impact

Example (from schema)

{
  "alertIdVsCliScript": {},
  "cliDescription": "string",
  "cliScript": "string",
  "scriptImpact": "string"
}

400

invalid_parameter_value / bad_request / cannot_remediate_multiple_policy_alerts

405

remediation_unavailable

Loading...