List alerts by source

POST 
/mt/monitor/v1/agg/alerts/list

Retrieve an aggregated list of alert counts by source across tenants.

Request

Query Parameters

agg_by string
Must be tenant. Using the query parameter returns all the aggregated responses for the current parent tenant and its child tenants. If not used, the results for just the current tenant are returned.
Example: tenant

Header Parameters

X-PANW-Region string
Must be one of the following: de, americas, europe, uk, sg, ca, jp, au, in. Returns details from the Cortex Data Lake (CDL) region specified. If no region is specified, the default response is americas CDL region.
Example: americas

application/json

Body

filter objectrequired
Alert count filter. Consists of a required operator and an array of rules objects.
operator stringrequired
Must be AND.
rules object[]
See AlertRule and TimeFilter.
anyOf
AlertRule
Array [
operator string
Filter operator that is one of the example values and is run on the property field
property string
Filter operator that is one of the example values and is run on the property field.
values string[]
Filter property value
]
TimeFilter
Array [
operator string
Filter operator that is one of the example values and is run on the property field
property string
Filter property field that is one of the example values
values string[]
Filter property value
]
properties object[]required
List of property json objects
Array [
alias string
property string
Alert count property fields will be returned in the API response. See AlertProperty.
]

Responses

200

Success

application/json

Schema

Schema

any

Alerts Count By Source

[
  {
    "mu_count": 10,
    "rn_count": 10,
    "sc_count": 10,
    "total_count": 10
  }
]

400

Bad Request

500

Server Error

Loading...