Query Alert Groups

Query Alert Groups

Example: POST /api/alerts/group/{groupingCondition}/query

Request
URI
POST
https://{api_host}/suite-api/api/alerts/group/{groupingCondition}/query
COPY
Path Parameters
string
groupingCondition
Required

The condition to be used for grouping

Possible values are : GROUP_BY_ALERT_DEFINITION, GROUP_BY_RESOURCE_KIND, GROUP_BY_CRITICALITY, GROUP_BY_TIME, GROUP_BY_SCOPE,
Query Parameters
string
adapterKind
Optional

Adapter kind to be used for grouping alerts by SCOPE

string
resourceKind
Optional

Resource kind to be used for grouping alerts by SCOPE

string
resourceNameFilter
Optional

Filter based on alert resource name (Used only in SCOPE flow)

integer
page
Optional
Constraints: default: 0

Page number from which data needs to be displayed (0-based)

integer
pageSize
Optional
Constraints: default: 1000

Expected number of entries per page

Request Body

The alertQuery criteria

alert-query of type(s) application/json
Required 
"{\n  \"compositeOperator\" : \"AND\",\n  \"alertId\" : [ ],\n  \"resource-query\" : {\n    \"name\" : [ \"Windows2017VM\", \"Windows2018VM\" ],\n    \"regex\" : [ \"\\\\\\\\S+-BNA-\\\\\\\\S+\", null ],\n    \"adapterKind\" : [ \"VMWARE\" ],\n    \"resourceKind\" : [ \"HostSystem\" ],\n    \"resourceId\" : [ \"a2f733da-31f6-4b0d-a783-fe68e688c0b4\" ],\n    \"statKeyInclusive\" : true\n  },\n  \"activeOnly\" : true,\n  \"alertTypeSubtype\" : [ ],\n  \"alertCriticality\" : [ \"CRITICAL\", \"IMMEDIATE\", \"WARNING\", \"INFORMATION\" ],\n  \"alertStatus\" : [ ],\n  \"alertImpact\" : [ ],\n  \"alertControlState\" : [ ],\n  \"startTimeRange\" : {\n    \"startTime\" : 1744473856,\n    \"endTime\" : 1744483856\n  },\n  \"includeChildrenResources\" : true,\n  \"extractOwnerName\" : false\n}"
string
compositeOperator
Optional

Operations for Composite Conditions

Possible values are : AND, OR,
array of string
alertId
Optional

Filter based on Alert identifiers

string
alertName
Optional

Filter based on Alert name using 'contains' logic

object
resource-query
Optional

Object used to lookup resources with various filtering criteria

boolean
activeOnly
Optional

Filter to return only Active alerts, if true, the query will exclude Suspended and Cancelled Alerts

array of object
alertTypeSubtype
Optional

Filter based on Alert Type

array of string
alertCriticality
Optional

Filter based on Alert Criticality

Possible values are : UNKNOWN, NONE, INFORMATION, WARNING, IMMEDIATE, CRITICAL, AUTO,
array of string
alertStatus
Optional

Filter based on the Alert Status. If looking for only active alerts combined
with other filter criteria then use the activeOnly property instead.

Possible values are : NEW, ACTIVE, UPDATED, CANCELED,
array of string
alertImpact
Optional

Filter based on the Alert Impact

array of string
alertDefinitionId
Optional

Filter based on the Alert definition id

array of string
alertControlState
Optional

Filter based on the Alert Control State

Possible values are : OPEN, ASSIGNED, SUSPENDED, SUPPRESSED,
object
startTimeRange
Optional

Filter based on matching UTC cancel time

object
updateTimeRange
Optional

Filter based on matching UTC cancel time

object
cancelTimeRange
Optional

Filter based on matching UTC cancel time

boolean
includeChildrenResources
Optional

True to include alerts generated by child resources

boolean
extractOwnerName
Optional

Indicates whether need to report alert owner's name in addition to owner's id

string
userId
Optional

Filter based on user id

string
userName
Optional

Filter based on user name using 'contains' logic

string
resourceKind
Optional

Filter based on resource kind using 'contains' logic

string
groupingCondition
Optional

Indicates the alert grouping condition

Possible values are : GROUP_BY_ALERT_DEFINITION, GROUP_BY_RESOURCE_KIND, GROUP_BY_CRITICALITY, GROUP_BY_TIME, GROUP_BY_SCOPE,
string
groupId
Optional

Filter based on alert group id

Authentication
This operation uses the following authentication methods.
Responses
200

AlertGroups of alerts matching the specified Query Spec and grouped using specified grouping-condition(Collection can be empty)

Returns alert-groups of type(s) application/json 
"{\n  \"alertGroups\" : [ {\n    \"groupId\" : \"A-id\",\n    \"groupName\" : \"A\",\n    \"alertCount\" : 5,\n    \"maxCriticalityLevel\" : 3\n  }, {\n    \"groupId\" : \"B-id\",\n    \"groupName\" : \"B\",\n    \"alertCount\" : 5,\n    \"maxCriticalityLevel\" : 3\n  } ]\n}"
object
pageInfo
Optional

Represents page information for a paged result

array of object
links
Optional

Collection of links

array of object
alertGroups
Optional

List of alert groups


500

Error occurred while retrieving the AlertGroups

Operation doesn't return any data structure

Code Samples
COPY
                    curl -X POST -H 'Authorization: <value>' -H 'Content-Type: application/json' -d '{}' https://{api_host}/suite-api/api/alerts/group/{groupingCondition}/query
On This Page
Alerts Operations
GET
Get Alert Definitions
PUT
Update Alert Definition
POST
Create Alert Definition
PUT
Enable Alert Definition In Policies
PUT
Disable Alert Definition In Policies
GET
Get Alerts
POST
Modify Alerts
GET
Get Alert Notes
POST
Add Alert Note
POST
Query Alert
POST
Query Alert Notes
POST
Query Alert Groups
POST
Query Alert Definitions
GET
Get Alert
GET
Get Alert Note
DELETE
Delete Alert Note
GET
Get Alert Types
GET
Get Alert Contributing Symptoms
GET
Get Alert Definition By Id
DELETE
Delete Alert Definition
DELETE
Delete Canceled Alerts