Skip to main content

getAlertDetails

A Graze API GET request that returns details, such as the description or severity, of an alert.

Back to Graze API EndPoint Reference.

Request arguments

Endpoint getAlertDetails takes the following request arguments:

Name

Type

Required

Description

auth_token

String

Yes

A valid auth_token returned from the authenticate request. Alternatively, basic authenticate headers can be used in place of this parameter. See the authenticate endpoint for more information and usage examples.

alert_id

Number

Yes

Alert ID.

Response

Endpoint getAlertDetails returns the following response:

Successful requests return a JSON object which contains alert details from the following:

Name

Type

Description

active_sitn_list

Number list

A list of Situation IDs of the active Situations to which this alert belongs.

agent

String

Agent name associated with this alert. *

agent_location

String

Agent location associated with this alert. *

alert_id

Number

Alert ID.

class

String

Class associated with this alert. *

count

Number

Number of times that this alert has occurred.

custom_info

JSON object

A JSON object containing the custom information.

description

String

Description associated with this alert. *

entropy

Number

Entropy value of the alert, the measure of probability that an alert will arrive in the system at any given time. This is a value between 0 (very certain) and 1 (very uncertain).

external_id

String

External ID associated with this alert. *

first_event_time

Number

Timestamp (in Unix epoch time) of the first occurrence of the alert.

int_last_event_time

Number

Internal Moogsoft Onprem timestamp (in Unix epoch time) of the last occurrence of this alert.

last_event_time

Number

Timestamp (in Unix epoch time) of the last occurrence of this alert.

last_state_change

Number

Timestamp (in Unix epoch time) of the last state change of this alert.

manager

String

Manager name associated with this alert. *

owner

Number

ID of the user that this alert is assigned to.

severity

Number

signature

String

Unique alert identifier.

significance

Number

Significance of the alert as an integer:

  • 0 = Collateral

  • 1 = Related

  • 2 = Impacting

  • 3 = Causal

source

String

Source associated with this alert. *

source_id

String

Source ID associated with the alert. *

state

Number

Indicates the lifecycle state of the alert.

type

String

Type associated with this alert. *

* = These details are derived from the input event text field, via the LAMs.

Examples

The following examples demonstrate typical use of endpoint getAlertDetails:

Request example

Example cURL request to return the details for alert ID 3968:

curl -G -u graze:graze -k -v "https://localhost/graze/v1/getAlertDetails" --data-urlencode "alert_id=3968"

Response example

Example response returning the details of alert ID 3968:

{
   "active_sitn_list":[1], 
   "agent":"TestBed",
   "agent_location":"localhost",
   "alert_id":3968,
   "class":"WebMon",
   "count":2,
   "custom_info":null,
   "description":"Web Server HTTPD is DOWN",
   "external_id":"12345",
   "first_event_time":1416307126,
   "int_last_event_time":1416307188,
   "last_event_time":1416307131,
   "last_state_change":1416307144,
   "manager":"WebMon",
   "owner":2, 
   "severity":0,
   "signature":"SIG:Web Server Down Trap:xldn1458pap:10",
   "significance":3,
   "source":"xldn1458pap",
   "source_id":"xldn1458pap",
   "state":9, 
   "type":"HTTPDDown"
}