getAlertIds
A Graze API GET request that returns the total number of alerts, and a list of the alert IDs, for a specified alert filter and a limit.
Note
Take special care when using endpoint getAlertIds. Overuse of this
endpoint can have a negative impact on the backend datastore.
Back to Graze API EndPoint Reference.
Request arguments
Endpoint getAlertIds takes the following request arguments:
|
Name |
Type |
Required |
Description |
|---|---|---|---|
|
|
String |
Yes |
A valid |
|
|
String |
A JSON or SQL-like filter that alerts must match to be returned. See Filter Search Data for more information on creating SQL-like filters. |
|
|
|
Number |
Maximum number of alert IDs to return. |
Response
Endpoint getAlertIds returns the following response:
Successful requests return a JSON object which contains alert details from the following:
|
Name |
Type |
Description |
|---|---|---|
|
|
Number |
Total number of alerts, or unique alerts. |
|
|
Number list |
A list of alert IDs. |
Examples
The following examples demonstrate typical use of endpoint getAlertIds:
Request example
Example cURL request to return the first 20 alert IDs that satisfy the filter where the agent is not SYSLOG and the description matches "AUTH-SERVICE":
curl -G -u graze:graze -k -v "https://localhost/graze/v1/getAlertIds" --data-urlencode 'query=agent!=SYSLOG and description matches "AUTH-SERVICE"' --data-urlencode 'limit=20'
Response example
Example response returning the first 20 alert IDs:
{
"total_alerts":20,
"alert_ids":[78,234,737,1253,1459,1733,2166,2653,2855,3133,3414,3538,3729,3905,3991,4110,4160,4536,4692,4701]
}