List alerts by source

Retrieve an aggregated list of alert counts by source across tenants.

Query Parameters

agg_by string
Must be tenant. Using the query parameter returns all the aggregated responses for the current parent tenant and its child tenants. If not used, the results for just the current tenant are returned.
Example: tenant

Header Parameters

X-PANW-Region string
Must be one of the following: de, americas, europe, uk, sg, ca, jp, au, in. Returns details from the Cortex Data Lake (CDL) region specified. If no region is specified, the default response is americas CDL region.
Example: americas

application/json

Request Body

filter object

Alert count filter. Consists of a required operator and an array of rules objects.

operator string required

Must be AND.

rules object[]

See AlertRule and TimeFilter.

anyOf

AlertRule

TimeFilter

---

operator string

Filter operator that is one of the example values and is run on the property field

property string

Filter operator that is one of the example values and is run on the property field.

values string[]

Filter property value

operator string

Filter operator that is one of the example values and is run on the property field

property string

Filter property field that is one of the example values

values string[]

Filter property value

properties object[] required
List of property json objects
Array [
alias string
property string
Alert count property fields will be returned in the API response. See AlertProperty.
]

Responses

• 200
• 400
• 500

---

Success

application/json

Schema

Alerts Count By Source

---

Schema

any

[
  {
    "mu_count": 10,
    "rn_count": 10,
    "sc_count": 10,
    "total_count": 10
  }
]

Bad Request

Server Error

Loading...