Skedler-Alerts Integration Using REST APIs

Modified on Wed, 2 May, 2018 at 8:30 AM

Introduction

This document describes the REST API for Skedler-Alerts v3.5

For Skedler Alerts 3.4.x and below, please follow the Skedler-Alerts Integration Using REST APIs v3.4.x and below guide.

Note: Please note that these APIs are not supported in Skedler-Alerts v3.2 or below.

To use a REST API, your application will make an HTTP or CURL request and parse the response. The response format is JSON.

Your methods will be the standard HTTP methods like GET, PUT, POST and DELETE. Because the REST API is based on open standards, you can use any web development language to access the API.

With REST API you can,

configure the settings like email, webhook, timezone, and index-pattern for scheduling alerts
create / update / delete alerts
schedule an alert
setup alert actions
clone an existing alert rule
snooze / unsnooze an alert

Overview

Settings API
Alerts API

API Details

How to call REST API

Skedler-Alerts REST API supports standard HTTP/CURL along with basic authentication

This example shows using of CURL without basic authentication,

curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/settings/getsettings

Configuring Email settings -

curl -u < from / username >:<password> -H "Content-Type:application/json" http://<your_skedler_server>:<your_skedler_port>/api/settings/configuresettings -d <Data Params>

Set email configuration -

curl -u < from / username >:<password> -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/setemail <Data Params>

Set proxy details -

curl -u < userName >:<password> -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/setproxy <Data Params>

Create / update webhook -

curl -u <username>:<password> -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/createwebhook <Data Params> (or)
curl -u <username>:<password> -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/updatewebhook <Data Params>

Note - username and password is required for basic authentication type

Settings API

Save configuration settings

Content	Description
Title	Save configuration settings
URL	api/settings/configureSettings
Method	POST
URL Params	None
Basic Authorization	Usename : [string] Password: [string]
Data Params	{ "emailconfig": { "service": [string] -[ 'others','Gmail','SES','SES-US-EAST-1','SES-US-WEST-2','SES-EU-WEST-1'], "host": [string] , "port": [numeric] - [1 - 65535], "ssl": [boolean] - true/false, "from": [string] - email format, }, "timezone": [string], "indices": [array of strings], "proxyDetails": { "protocol": [string] - ['tcp,'http','https'], "proxyType": [string] - ['noProxy','autoProxy','manualProxy'], "proxyIP": [string], "port": [sting of number] - [1 - 65535], } } Example { "emailconfig": { "service": "others", "host": "pro.turbo-smtp.com", "port": 25, "ssl": true, "from": "skedlertest@guidanz.net" }, "timezone": "Asia/Kolkota" "indices": ['data*','.data_'], "proxyDetails": { "protocol": "http", "proxyType": "manualProxy", "proxyIP": "10.200.20.1", "port":"25" } }
Success Response	{"status": "success"}
Error Response	{ "status": "error", "errorMessage": <errormessage> }
Sample call	curl -H "Content-Type:application/json" http://<your_skedler_server>:<your_skedler_port>/api/settings/configureSettings -X POST -d <Data Params>
Note

Get all settings detail

Content	Description
Title	Get all settings detail
URL	api/settings/getsettings
Method	GET
URL Params	None
Basic Authorization	None
Data Params	None
Success Response	{ “status”:”success”, "data":{ "timezone": "Asia/Calcutta", "proxyDetails": { "proxyType": "noProxy", }, "indexDetails": { "indices": [ ".data*" ], "schedule": { "type": "hourly", "interval": 15, "startMinute": 22, "startHour": 22 } }, "emailDetails": { "emailconfig": { "host": "pro.turbo-smtp.com", "port": 25, "ssl": true, "from": "skedlertest@guidanz.net", "password":"U2FsdGVkX199hwv8ZWM9e4TPa47PpHrvLxsLvzhlNos=" } }, "webhookDetails": [ { "type": "none", "name": "sample", "webhookUrl": "https://hooks.slack.com/services/seadef23Defg" } ]}}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/settings/getsettings
Note	-

Set email configuration

Content	Description
Title	set email configuration
URL	api/settings/setemail
Method	POST
URL Params	None
Basic Authorization	Usename : [string] Password: [string]
Data Params	{ "emailenable": [boolean] - true/false, "emailconfig": { "service": [string] -[ 'others','Gmail','SES','SES-US-EAST-1','SES-US-WEST-2','SES-EU-WEST-1'], "host": [string] , "port": [numeric] - [1 - 65535], "ssl": [boolean] - true/false, "from": [string] - email format, } } Example: To turn On the email setting 1. service - "Others" { "emailconfig": { "service": "others", "host": "pro.turbo-smtp.com", "port": 25, "ssl": true, "from": "skedlertest@guidanz.net" } } username and password in basic authorisation 2. service - "Gmail" { "emailconfig": { "service": "Gmail", "from": "skedlertest@guidanz.net" } } username and password in basic authorisation 3. service - 'SES','SES-US-EAST-1','SES-US-WEST-2','SES-EU-WEST-1' { "emailconfig": { "service": "SES", "from": "skedlertest@guidanz.net" } } username and password in basic authorisation To turn Off the email setting { "emailenable":false }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" http://<your_skedler_server>:<your_skedler_port>/api/settings/setemail -X POST -d <Data Params>
Note

Test email settings

Content	Description
Title	Test email
URL	api/settings/testemail
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "emailTo":[string] - email format } Example: { "emailTo":"sample@abc.com" }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/testemail -d <Data Params>
Note

Set timezone configuration

Content	Description
Title	set timezone
Url	api/settings/settimezone
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "timezone":[string] } Example: { "timezone":"Asia/Calcutta" }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/settimezone -d <Data Params>
Note

Set proxy details

Content	Description
Title	set proxy
Url	api/settings/setproxy
Method	POST
URL Params	None
Basic Authorization	Usename : [string] Password: [string]
Data Params	{ "proxyDetails": { "protocol": [string] - ['tcp,'http','https'], "proxyType": [string] - ['noProxy','autoProxy','manualProxy'], "proxyIP": [string], "port": [sting of number] - [1 - 65535], } } Example: 1. proxyType - "manualProxy" { "proxyDetails": { "protocol": "http", "proxyType": "manualProxy", "proxyIP": "10.200.20.1", "port":"25" } } username and password in basic authorisation 2. proxyType - "noProxy" { "proxyDetails": { "proxyType": "noProxy" } } 3. proxyType - "autoProxy" { "proxyDetails": { "proxyType": "autoProxy" } }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/setproxy -d <Data Params>
Note

Set index pattern configuration

Content	Description
Title	set index pattern
Url	api/settings/setindexpattern
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "indices": [array of strings] } Example: { "indices": [".data*"] }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/setindexpattern -d <Data Params>
Note

Scheduling index pattern

Content	Description
Title	schedule for index pattern
Url	api/settings/ scheduleindexpattern
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "scheduleIndex" [boolean] - true/false, "schedule": { "type": [string] - ["hourly","daily","weekly"], "interval": [number] - for hourly - [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23] - for daily [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31], "startMinute": [number] - [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59], "startHour": [number] - [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23], "days":[string of array] - ["monday", "tuesday", "wednesday", "thursday", "friday", "saturday", "sunday"] } } Example: To turn ON the index pattern settings 1. type - "hourly" / "daily" { "schedule": { "type": "hourly" / "daily", "interval": 15, "startMinute": 22, "startHour": 22 } } 2. type - "weekly" { "schedule": { "type": "weekly", "startMinute": 22, "startHour": 22, "days":["monday","tuesday"] } } To turn OFF the index pattern settings { "scheduleIndex":false }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/scheduleindexpattern -d <Data Params>
Note

Delete index pattern

Content	Description
Title	delete index pattern
Url	api/settings/deleteindexpattern
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "indices": [array of strings] } Example: { "indices": [".data*"] }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/deleteindexpattern -d <Data Params>
Note

Create Webhook

Content	Description
Title	create webhook
Url	api/settings/createwebhook
Method	POST
URL Params	None
Basic Authorization	Usename : [string] Password: [string]
Data Params	There are the type of webhook:- none basic Oauth - oauth1.0 { "webhookDetails":{ "type":[string], "name":[string], "webhookUrl":[string] } } { "webhookDetails":{ "type":[string], "name":[string], "webhookUrl":[string], username and password in basic authorisation } } { "webhookDetails":{ "type":[string], "name":[string], "webhookUrl":[string], "clientId" :[string], "clientSecretKey" :[string], "userTokenKey" : [string], "userSecretKey" : [string], "requestTokenUrl" : [string], "accessTokenUrl": [string] } } Example:1. type - "none"{"webhookDetails":{"type":"none","name":"sample","webhookUrl":"http://testwebhookurl.com/test"}}2. type - "basic"{"webhookDetails":{"type":"none","name":"sample","webhookUrl":"http://testwebhookurl.com/test"}}username and password in basic authorisation3. type - "oauth1.0"{"webhookDetails":{"type":"oauth1.0","name":"sample","webhookUrl":"http://testwebhookurl.com/test""clientId" : "xxxxxxxxxxxxxxxxx","clientSecretKey" : "xxxxxxxxxxxxxxxxx","userTokenKey" : "xxxxxxxxxxxxxxxxxx","userSecretKey" : "xxxxxxxxxxxxxxxxxx","requestTokenUrl" : "http://testwebhookurl.com/test""accessTokenUrl": "http://testwebhookurl.com/test"}}
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/createwebhook -d <Data Params>
Note

Update Webhook

Content	Description
Title	update webhook
Url	api/settings/updatewebhook
Method	POST
URL Params	None
Basic Authorization	Usename : [string] Password: [string]
Data Params	There are the type of webhook:- none basic Oauth - oauth1.0 { "webhookDetails":{ "type":[string], "name":[string], "webhookUrl":[string] } } { "webhookDetails":{ "type":[string], "name":[string], "webhookUrl":[string], username and password in basic authorisation } } { "webhookDetails":{ "type":[string], "name":[string], "webhookUrl":[string], "clientId" :[string], "clientSecretKey" :[string], "userTokenKey" : [string], "userSecretKey" : [string], "requestTokenUrl" : [string], "accessTokenUrl": [string] } } Example:1. type - "none"{"webhookDetails":{"type":"none","name":"sample","webhookUrl":"http://testwebhookurl.com/test"}}2. type - "basic"{"webhookDetails":{"type":"none","name":"sample","webhookUrl":"http://testwebhookurl.com/test"}}username and password in basic authorisation3. type - "oauth1.0"{"webhookDetails":{"type":"oauth1.0","name":"sample","webhookUrl":"http://testwebhookurl.com/test","clientId" : "xxxxxxxxxxxxxxxxx","clientSecretKey" : "xxxxxxxxxxxxxxxxx","userTokenKey" : "xxxxxxxxxxxxxxxxxx","userSecretKey" : "xxxxxxxxxxxxxxxxxx","requestTokenUrl" : "http://testwebhookurl.com/test","accessTokenUrl": "http://testwebhookurl.com/test"}}
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/updatewebhook -d <Data Params>
Note

Delete Webhook

Content	Description
Title	delete webhook
Url	api/settings/deletewebhook
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "name": [string] (or) "id": [string] } Example: { "name":"sample" (or) "id":"As23Frtg" }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/deletewebhook -d <Data Params>
Note

Test Webhook

Content	Description
Title	test webhook
Url	api/settings/testwebhook
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "name" : [string] (or) "id": [string], "key":[string], "value": [string] } Example: { "name":"sample webhook" (or) "id":"As23Frtg", "key":"text", "value":"test webhook" }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/testwebhook -d <Data Params>
Note

List Webhook

Content	Description
Title	list all webhook details
Url	api/settings/getallwebhooks
Method	GET
URL Params	None
Basic Authorization	None
Data Params	None
Success Response	{ “status”:”success” "data":[ { "type": "oauth1.0", "name": "alert_test", "webhookUrl": "http://testwebhookurl.com/test", "clientId": "xxxxxxxxxxxxxxxxx", "clientSecretKey": "xxxxxxxxxxxxxxxxx", "userTokenKey": "xxxxxxxxxxxxxxxxx", "userSecretKey": "xxxxxxxxxxxxxxxxx", "accessTokenUrl": "http://testwebhookurl.com/test", "requestTokenUrl": "http://testwebhookurl.com/test" }, { "type": "none", "name": "test", "webhookUrl": "http://testwebhookurl.com/test" }, { "type": "basic", "name": "sample", "webhookUrl":"http://testwebhookurl.com/test", "username": "sample", "password": "password" } ] }
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/settings/getallwebhooks
Note

Set folderPath

Content	Description
Title	Set folderPath
URL	api/settings/setFolderPath
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "folderPath":[string] - user defined folderPath } Example: { "folderPath":"/opt/alerts" }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/setFolderPath -d <Data Params>
Note

Alert API

Create alert

Content	Description
Title	create alert
Url	api/alert/createalert
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "alertName": [string], "alertType": [string] - critical / information /warning, "elasticIndexPattern": [string] - valid index pattern configured in index-pattern settings, "timeField": [string] - valid timefield that exists for the given elasticIndexPattern, "elasticIndexType": [string] - type for the given elasticIndexPattern , "alertTags": [array] - user defined tags, "ruleType": [string] - threshold / repeatedvalue / newvalue / spike, "keywordSearch":[string] - text to find matching keyword, "aggregationCondition": { "term": [string] - field which exists under given elasticIndexPattern ( term is not mandatory for aggregation "count" ), "aggregation":[string] - count / avg / min / max / sum, "condition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [number] }, "queryFilter": [{ "term": [string] - field which exists under given elasticIndexPattern, "queryCondition": [string] - mustBe / mustNotBe /shouldBe , "filterCondition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [string] - [number] - [date(dd/mm/yyyy)] - depends on the term }], "groupByFields": [array of string] - field in form of array of string, "searchFields":[array of string] - field in form of array of string, "orderSize": [number], "orderBy": [string] - desc / asc, "compareToValue": [number], "compareToCondition": [string] - ['>' / '<' / '<=' / '>=' ], "previousTimeWindow": { "type": [string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number], "to": [number] }, "timeWindow": { "type":[string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number] } } Example: 1. For ruleType - "threshold" { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".data", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "threshold", "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "sas" }, { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "sas" } ], "groupByFields": ["IP", "age"], "orderSize": 10, "orderBy": "asc", "timeWindow": { "type": "hourly", "from": 2 } } 2. For ruleType - "spike"* { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".data", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "spike", "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "10.200.1.3" }], "groupByFields": ["IP", "age"], "orderSize": 10, "orderBy": "asc", "compareToValue": 10, "compareToCondition": ">", "previousTimeWindow": { "type": "hourly", "from": 2, "to": 1 }, "timeWindow": { "type": "hourly", "from": 2 } } 3. For ruleType - "newvalue / repeatedvalue"* { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".data", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "newvalue", "aggregationCondition": { "term": "age", "aggregation": "count", "condition": ">", "value": 10 }, "excludeTimewindow": false, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "10.200.1.3" }, { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "10.200.1.3" }], "groupByFields": ["IP", "age"], "orderSize": 10, "orderBy": "asc", "searchFields": ["IP"], "previousTimeWindow": { "type": "hourly", "from": 2, "to": 1 }, "timeWindow": { "type": "hourly", "from": 2 } } Single stretch alert creation* { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".net*", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "threshold", "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "TAB" }, { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "LAP" } ], "groupByFields": ["IP"], "orderSize": 10, "orderBy": "asc", "timeWindow": { "type": "hourly", "from": 2 }, "schedule": { "type": "seconds", "interval": "5", "startMinute": "15", "startHour": "10" }, "actions": { "emailTo": { "to": ["skedler@guidanz.com"], "cc": ["skedler@guidanz.com"], "subject": "${AlertName}", "message": "hi Checkout the alert.Thanks", "includeJson": true, "includeCsv" : true, "notificationFields": ["IP"] }, "webhook": { "webhookName": "webhook", "message": { "key": "text", "value": "message" } }, "elasticIndex": { "index": "indexname", "notificationFields": ["IP"] } } }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/createalert -d <Data Params>
Note

Update alert

Content	Description
Title	update alert
Url	api/alert/updatealert
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "alertName": [string] - alertname (or) "id":[string] - alert id, "alertType": [string] - critical / information /warning, "elasticIndexPattern": [string] - valid index pattern configured in index-pattern settings, "timeField": [string] - valid timefield that exists for the given elasticIndexPattern, "elasticIndexType": [string] - type for the given elasticIndexPattern , "alertTags": [array] - user defined tags, "ruleType": [string] - threshold / repeatedvalue / newvalue / spike, "keywordSearch":[string] - text to find matching keyword, "aggregationCondition": { "term": [string] - field which exists under given elasticIndexPattern ( term is not mandatory for aggregation "count" ), "aggregation":[string] - count / avg / min / max / sum, "condition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [number] }, "queryFilter": [{ "term": [string] - field which exists under given elasticIndexPattern, "queryCondition": [string] - mustBe / mustNotBe /shouldBe , "filterCondition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [string] - [number] - [date(dd/mm/yyyy)] - depends on the term }], "groupByFields": [array of string] - field in form of array of string, "searchFields":[array of string] - field in form of array of string, "orderSize": [number], "orderBy": [string] - desc / asc, "compareToValue": [number], "compareToCondition": [string] - ['>' / '<' / '<=' / '>=' ], "previousTimeWindow": { "type": [string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number], "to": [number] }, "timeWindow": { "type":[string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number] } } Example: 1. For ruleType - "threshold" { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".data", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "threshold", "aggregationCondition": { "term": "", "aggregation": "count", "condition": ">=", "value": 8 }, "queryFilter": [{ "term": "age", "queryCondition": "mustBe", "filterCondition": ">", "value": 10 } ], "groupByFields": ["IP"], "orderSize": 5, "orderBy": "desc", "timeWindow": { "type": "hourly", "from": 2 } } 2. For ruleType - "spike"* { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".data", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "spike", "aggregationCondition": { "term": "age", "aggregation": "sum", "condition": ">", "value": 10 }, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "10.200.1.3" }, { "term": "age", "queryCondition": "mustNotBe", "filterCondition": ">=", "value": 9 }], "groupByFields": [], "orderSize": 15, "orderBy": "asc", "compareToValue": 10, "compareToCondition": ">", "previousTimeWindow": { "type": "hourly", "from": 8, "to": 1 }, "timeWindow": { "type": "hourly", "from": 2 } } 3. For ruleType - "newvalue / repeatedvalue"* { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".data", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "newvalue", "aggregationCondition": { "term": "age", "aggregation": "count", "condition": ">", "value": 10 }, "excludeTimewindow": false, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "10.200.1.3" }, { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "10.200.1.3" }], "groupByFields": ["IP", "age"], "orderSize": 10, "orderBy": "asc", "searchFields": ["IP"], "previousTimeWindow": { "type": "hourly", "from": 2, "to": 1 }, "timeWindow": { "type": "hourly", "from": 2 } } single stretch updation:* { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".net*", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "threshold", "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "queryFilter": [{ "term": "age", "queryCondition": "mustBe", "filterCondition": "==", "value": 10 } ], "groupByFields": ["IP"], "orderSize": 10, "orderBy": "asc", "timeWindow": { "type": "hourly", "from": 2 }, "enableSchedule":false, "actions": { "webhook": { "webhookName": "webhook", "message": { "key": "text", "value": "message" } } }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/updatealert -d <Data Params>
Note

Mail now

Content	Description
Title	Mail now
Url	api/alert/mailNow
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "alertName": [string], "alertType": [string] - critical / information /warning, "elasticIndexPattern": [string] - valid index pattern configured in index-pattern settings, "timeField": [string] - valid timefield that exists for the given elasticIndexPattern, "elasticIndexType": [string] - type for the given elasticIndexPattern , "alertTags": [array] - user defined tags, "ruleType": [string] - threshold / repeatedvalue / newvalue / spike, "keywordSearch":[string] - text to find matching keyword, "aggregationCondition": { "term": [string] - field which exists under given elasticIndexPattern ( term is not mandatory for aggregation "count" ), "aggregation":[string] - count / avg / min / max / sum, "condition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [number] }, "queryFilter": [{ "term": [string] - field which exists under given elasticIndexPattern, "queryCondition": [string] - mustBe / mustNotBe /shouldBe , "filterCondition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [string] - [number] - [date(dd/mm/yyyy)] - depends on the term }], "groupByFields": [array of string] - field in form of array of string, "searchFields":[array of string] - field in form of array of string, "orderSize": [number], "orderBy": [string] - desc / asc, "compareToValue": [number], "compareToCondition": [string] - ['>' / '<' / '<=' / '>=' ], "previousTimeWindow": { "type": [string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number], "to": [number] }, "timeWindow": { "type":[string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number] }, "emailTo": { "to": [array of string] - email format, "cc": [array of string] - email format, "subject": [string], "message": [string], "notificationFields":[string of array], "includeCsv": [boolean], "includeJson": [boolean] } } Example: { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".net*", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "threshold", "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "TAB" }, { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "LAP" } ], "groupByFields": ["IP"], "orderSize": 10, "orderBy": "asc", "timeWindow": { "type": "hourly", "from": 2 }, "emailTo": { "to": ["skedler@guidanz.com"], "cc": ["skedler@guidanz.com"], "subject": "${AlertName}", "message": "hi Checkout the alert.Thanks", "includeJson": true, "includeCsv" : true, "notificationFields": ["IP"] } }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/mailNow -d <Data Params>
Note

Webhook now

Content	Description
Title	Webhook now
Url	api/alert/webhookNow
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "alertName": [string], "alertType": [string] - critical / information /warning, "elasticIndexPattern": [string] - valid index pattern configured in index-pattern settings, "timeField": [string] - valid timefield that exists for the given elasticIndexPattern, "elasticIndexType": [string] - type for the given elasticIndexPattern , "alertTags": [array] - user defined tags, "ruleType": [string] - threshold / repeatedvalue / newvalue / spike, "keywordSearch":[string] - text to find matching keyword, "aggregationCondition": { "term": [string] - field which exists under given elasticIndexPattern ( term is not mandatory for aggregation "count" ), "aggregation":[string] - count / avg / min / max / sum, "condition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [number] }, "queryFilter": [{ "term": [string] - field which exists under given elasticIndexPattern, "queryCondition": [string] - mustBe / mustNotBe /shouldBe , "filterCondition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [string] - [number] - [date(dd/mm/yyyy)] - depends on the term }], "groupByFields": [array of string] - field in form of array of string, "searchFields":[array of string] - field in form of array of string, "orderSize": [number], "orderBy": [string] - desc / asc, "compareToValue": [number], "compareToCondition": [string] - ['>' / '<' / '<=' / '>=' ], "previousTimeWindow": { "type": [string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number], "to": [number] }, "timeWindow": { "type":[string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number] }, "webhook": { "webhookName": [string], "message":{ "key":[string], "value":[string] }, "payload":{ "key":[string], "value":[string of array] }, webhookData:{ "key":[string], "value":[string] } } } Example: { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".net*", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "threshold", "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "TAB" }, { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "LAP" } ], "groupByFields": ["IP"], "orderSize": 10, "orderBy": "asc", "timeWindow": { "type": "hourly", "from": 2 }, "webhook": { "webhookName": "webhook", "message": { "key": "text", "value": "message" } } }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/webhookNow -d <Data Params>
Note

Delete alert

Content	Description
Title	delete alert
Url	api/alert/deletealert
Method	POST
URL Params	None
Basic Authorization	None
Data Params	[ { "name":[string] (or) "id":[string] } ] Example: single delete [{ "name":"sample alert" (or) "id":"ASEF344ndjh" }] Multiple Delete [ { "name":"sample alert" (or) "id":"ASEF344ndjh" }, { "name":"alert" (or) "id":"DEFUI84DSa" }, { "name":"test" (or) "id":"IERNju6SdE" } ]
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/deletealert -d <Data Params>
note

Clone alert

Content	Description
Title	clone alert
Url	api/alert/clonealert
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "name":[string] (or) "id":[string], "cloneName":[string] } Example: { "name":"sample" (or) "id":"AdErgf34", "cloneName":"test" }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/clonealert -d <Data Params>
Note

Schedule an alert

Content	Description
Title	schedule an alert
Url	api/alert/setschedule
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "name":[string] - alert name (or) "id":[string] - alert id "scheduleIndex" [boolean] - true/false, "schedule": { "type": [string] - ["seconds","minutes","hourly","daily","weekly"], "interval": [number] - [1 - 99], "startMinute": [number] - [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59], "startHour": [number] - [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23], "days":[string of array] - ["monday", "tuesday", "wednesday", "thursday", "friday", "saturday", "sunday"] } } Example: To turn On schedule for alert 1. "type": "seconds" / "minutes" / "hourly" / "daily" { "name":"sample", "schedule":{ "type": "seconds" / "minutes" / "hourly" / "daily", "interval":15, "startMinute": 15, "startHour": 10 } } 2. "type": "weekly" { "name":"sample", "schedule":{ "type": "weekly", "startMinute": 34, "startHour": 9, "days": ["friday", "saturday", "sunday"] } } To turn OFF schedule for alert { "name":"sample", "scheduleIndex":false }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/setschedule -d <Data Params>
Note

Setup alert actions

Content	Description
Title	setup alert action
Url	api/alert/setaction
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "name":[string] - alert name (or) "id":[string] - alert id, "enableAction": [boolean] - true/false, "actions": { "emailTo": { "to": [array of string] - email format, "cc": [array of string] - email format, "subject": [string], "message": [string], "notificationFields":[string of array], "includeCsv": [boolean], "includeJson": [boolean] }, "webhook": { "webhookName": [string], "message":{ "key":[string], "value":[string] }, "payload":{ "key":[string], "value":[string of array] }, webhookData:{ "key":[string], "value":[string] } }, "elasticIndex": { "index": ".alert", "notificationFields":[string of array] } } Example:* To trun ON the actions in alert { "name":"sample" (or) "id":"AEDfg546Gt", "actions": { "emailTo": { "to": ["sample@abc.com"], "cc": ["sample@abc.com"], "subject": "alert report", "message": "hi, Checkout the alert. Thanks", "includeCsv" : true, "includeJson": true }, "webhook": { "webhookName": "sampleWebhook" }, "elasticIndex": { "index": ".alert" } } To trun OFF the actions in alert* { "name":"sample" (or) "id":"AEDfg546Gt", "enableAction":false }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/setaction -d <Data Params>
Note

Snooze alert

Content	Description
Title	snooze alert
Url	api/alert/setsnooze
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "name":[string] - alert name (or) "id":[string] - alert id, "snoozeDetails":{ "type":[string] - minutes/hours/days/weeks/months/years, "interval": [number], "forever": [boolean] - true/false } } Example: To snooze alert with interval { "name":"sample" (or) "id":"AEDGY45Rgtstg", "snoozeDetails":{ "type":"minutes", "interval": 10 } } To snooze alert forever { "name":"sample" (or) "id":"AEDGY45Rgtstg", "snoozeDetails":{ "forever":true } }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/setsnooze -d <Data Params>
Note

Unsnooze alert

Content	Description
Title	unsnooze alert
Url	api/alert/unsnooze
Method	POST
URL Params	None
Basic Authorization	None
Data Params	{ "name":[string] - alert name (or) "id":[string] - alert id, } Example:{ "name":"sample" (or) "id":"AdErgf34", }
Success Response	{“status”:”success”}
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/unsnooze -d <Data Params>
Note

Get an alert details

Content	Description
Title	get an alert details
Url	api/alert/getalert?name=sample (or) api/alert/getalert?id=AED56TgyeR4
Method	GET
URL Params	None
Basic Authorization	None
Data Params	None
Success Response	{ “status”:”success”, "data":[ { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".net", "elasticIndexType": "", "timeField": "Timestamp", "schedule": { "type": "seconds", "interval": 5, "startMinute": 15, "startHour": 10 }, "actions": { "webhook": { "message": { "key": "text", "value": "webhook" }, "webhookName": "sample_webhook", "webhookData": [], "includeResult": false, "payload": { "key": "", "value": [] } }, "elasticIndex": { "index": "indexname", "notificationFields": [ "IP" ] } }, "ruleType": "threshold", "timeWindow": { "type": "hourly", "from": 2 }, "queryFilter": [ { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "TAB" } ], "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "keywordSearch": "", "groupByFields": [ "IP", "age" ], "orderBy": "asc", "orderSize": 10, "excludeTimewindow": false } ] }
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/alert/getalert ?name=sample curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/alert/getalert ?id=AdErgf34
Note

Get all alert details

Content	Description
Title	get all alert details
Url	api/alert/getallalerts
Method	GET
URL Params	None
Basic Authorization	None
Data Params	None
Success Response	{ “status”:”success”, "data":[ { "alertName": "test", "alertType": "critical", "elasticIndexPattern": ".net", "elasticIndexType": "", "timeField": "HistoricTimestamp", "schedule": { "type": "minutes", "interval": 1, "startMinute": 4, "startHour": 18 }, "enableAction":false, "actions": {}, "ruleType": "threshold", "timeWindow": { "type": "minutes", "from": 15 }, "queryFilter": [], "aggregationCondition": { "term": "", "aggregation": "count", "condition": ">", "value": 0 }, "keywordSearch": "", "groupByFields": [], "orderBy": "desc", "orderSize": 5, "excludeTimewindow": false }, { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".net", "elasticIndexType": "", "timeField": "Timestamp", "schedule": { "type": "seconds", "interval": 5, "startMinute": 15, "startHour": 10 }, "actions": { "webhook": { "message": { "key": "text", "value": "webhook" }, "webhookName": "sample_webhook", "webhookData": [], "includeResult": false, "payload": { "key": "", "value": [] } }, "elasticIndex": { "index": "indexname", "notificationFields": [ "IP" ] } }, "ruleType": "threshold", "timeWindow": { "type": "hourly", "from": 2 }, "queryFilter": [ { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "TAB" } ], "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "keywordSearch": "", "groupByFields": [ "IP", "age" ], "orderBy": "asc", "orderSize": 10, "excludeTimewindow": false } ] }
Error Response	{ “status”:”error”, “errorMessage”: <errorMessage> }
Sample Call	curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/alert/getallalerts
Note