Search Alerts by ID
GET/search/alert
Returns search data that can be used to investigate the alert with the specified ID.
This request returns data for only the following types of alerts:
- Anomaly alerts
- Network alerts
Request
Query Parameters
alertId stringrequired
Alert ID
Responses
- 200
- 404
success
- application/json; charset=UTF-8
- Schema
- Example (from schema)
Schema
- Array [
- ]
- Array [
- ]
groupBy string[]
Group By
filters object[]
View Order
name string
Name
value string
Value
operator string
Possible values: [=]
Operator
timeGranularity string
Time Granularity
alertId string
Alert ID
cloudType string
Possible values: [aws, azure, gcp, alibaba_cloud, oci]
Cloud Type
id string
Search ID
name string
Search Name
description string
Search Description
searchType string
Possible values: [network, audit_event, config, asset]
Search Type
asyncResultUrl string
Async Result Url
saved boolean
Search Exists
timeRange objectrequired
Model for TimeRangeConfig
type string
Possible values: [relative]
Time type
value object
Model for RelativeTimeDuration
unit string
Possible values: [minute, hour, day, week, month, year]
Time unit
amount int32
Number of time units
query stringrequired
RQL Query
cursor int32
Cursor
data object[]
object
default boolean
async boolean
true = Is Async
{
"groupBy": [
"string"
],
"filters": [
{
"name": "string",
"value": "string",
"operator": "="
}
],
"timeGranularity": "string",
"alertId": "string",
"cloudType": "aws",
"id": "string",
"name": "string",
"description": "string",
"searchType": "network",
"asyncResultUrl": "/search/config/jobs/2df49d4f72e842b582b123bc2b7826b3/download",
"saved": true,
"timeRange": {
"type": "relative",
"value": {
"unit": "minute",
"amount": 0
}
},
"query": "string",
"cursor": 0,
"data": [
{}
],
"default": true,
"async": true
}
not_found
Loading...