List alerts by source
Retrieve an aggregated list of alert counts by source across tenants.
Query Parameters
- agg_by string
Must be
tenant. Using the query parameter returns all the aggregated responses for the current parent tenant and its child tenants. If not used, the results for just the current tenant are returned.Example: tenant
Header Parameters
- X-PANW-Region string
Must be one of the following:
de,americas,europe,uk,sg,ca,jp,au,in. Returns details from the Cortex Data Lake (CDL) region specified. If no region is specified, the default response isamericasCDL region.Example: americas
- application/json
Request Body
filter object
Alert count filter. Consists of a required operator and an array of rules objects.
operator string requiredMust be
AND.rules object[]
See AlertRule and TimeFilter.
- anyOf
- AlertRule
- TimeFilter
Array [operator stringFilter operator that is one of the example values and is run on the property field
property stringFilter operator that is one of the example values and is run on the property field.
values string[]Filter property value
]Array [operator stringFilter operator that is one of the example values and is run on the property field
property stringFilter property field that is one of the example values
values string[]Filter property value
]Array [object]properties object[] required
List of property json objects
Array [alias stringproperty stringAlert count property fields will be returned in the API response. See AlertProperty.
]
- 200
- 400
- 500
Success
- application/json
- Schema
- Alerts Count By Source
Schema
- any
[
{
"mu_count": 10,
"rn_count": 10,
"sc_count": 10,
"total_count": 10
}
]
Bad Request
Server Error