Introduction
This document describes the REST API for Skedler-Alerts v3.5
For Skedler Alerts 3.4.x and below, please follow the Skedler-Alerts Integration Using REST APIs v3.4.x and below guide.
Note: Please note that these APIs are not supported in Skedler-Alerts v3.2 or below.
To use a REST API, your application will make an HTTP or CURL request and parse the response. The response format is JSON.
Your methods will be the standard HTTP methods like GET, PUT, POST and DELETE. Because the REST API is based on open standards, you can use any web development language to access the API.
With REST API you can,
- configure the settings like email, webhook, timezone, and index-pattern for scheduling alerts
- create / update / delete alerts
- schedule an alert
- setup alert actions
- clone an existing alert rule
- snooze / unsnooze an alert
Overview
- Settings API
- Alerts API
API Details
- Settings API
- Alerts API
How to call REST API
Skedler-Alerts REST API supports standard HTTP/CURL along with basic authentication
This example shows using of CURL without basic authentication,
- curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/settings/getsettings
Configuring Email settings -
- curl -u < from / username >:<password> -H "Content-Type:application/json" http://<your_skedler_server>:<your_skedler_port>/api/settings/configuresettings -d <Data Params>
Set email configuration -
- curl -u < from / username >:<password> -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/setemail <Data Params>
Set proxy details -
- curl -u < userName >:<password> -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/setproxy <Data Params>
Create / update webhook -
- curl -u <username>:<password> -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/createwebhook <Data Params> (or)
- curl -u <username>:<password> -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/updatewebhook <Data Params>
Note - username and password is required for basic authentication type
Settings API
Save configuration settings
Content | Description |
---|---|
Title | Save configuration settings |
URL | api/settings/configureSettings |
Method | POST |
URL Params | None |
Basic Authorization | Usename : [string] Password: [string] |
Data Params | { "emailconfig": { "service": [string] -[ 'others','Gmail','SES','SES-US-EAST-1','SES-US-WEST-2','SES-EU-WEST-1'], "host": [string] , "port": [numeric] - [1 - 65535], "ssl": [boolean] - true/false, "from": [string] - email format, }, "timezone": [string], "indices": [array of strings], "proxyDetails": { "protocol": [string] - ['tcp,'http','https'], "proxyType": [string] - ['noProxy','autoProxy','manualProxy'], "proxyIP": [string], "port": [sting of number] - [1 - 65535], } } Example { "emailconfig": { "service": "others", "host": "pro.turbo-smtp.com", "port": 25, "ssl": true, "from": "[email protected]" }, "timezone": "Asia/Kolkota" "indices": ['data*','.data_'], "proxyDetails": { "protocol": "http", "proxyType": "manualProxy", "proxyIP": "10.200.20.1", "port":"25" } } |
Success Response | {"status": "success"} |
Error Response | { "status": "error", "errorMessage": <errormessage> } |
Sample call | curl -H "Content-Type:application/json" http://<your_skedler_server>:<your_skedler_port>/api/settings/configureSettings -X POST -d <Data Params> |
Note |
Get all settings detail
Content | Description |
Title | Get all settings detail |
URL | api/settings/getsettings |
Method | GET |
URL Params | None |
Basic Authorization | None |
Data Params | None |
Success Response | { “status”:”success”, "data":{ "timezone": "Asia/Calcutta", "proxyDetails": { "proxyType": "noProxy", }, "indexDetails": { "indices": [ ".data*" ], "schedule": { "type": "hourly", "interval": 15, "startMinute": 22, "startHour": 22 } }, "emailDetails": { "emailconfig": { "host": "pro.turbo-smtp.com", "port": 25, "ssl": true, "from": "[email protected]", "password":"U2FsdGVkX199hwv8ZWM9e4TPa47PpHrvLxsLvzhlNos=" } }, "webhookDetails": [ { "type": "none", "name": "sample", "webhookUrl": "https://hooks.slack.com/services/seadef23Defg" } ]}} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/settings/getsettings |
Note | - |
Set email configuration
Content | Description |
Title | set email configuration |
URL | api/settings/setemail |
Method | POST |
URL Params | None |
Basic Authorization | Usename : [string] Password: [string] |
Data Params | { "emailenable": [boolean] - true/false, "emailconfig": { "service": [string] -[ 'others','Gmail','SES','SES-US-EAST-1','SES-US-WEST-2','SES-EU-WEST-1'], "host": [string] , "port": [numeric] - [1 - 65535], "ssl": [boolean] - true/false, "from": [string] - email format, } } Example: To turn On the email setting 1. service - "Others" { "emailconfig": { "service": "others", "host": "pro.turbo-smtp.com", "port": 25, "ssl": true, "from": "[email protected]" } } username and password in basic authorisation 2. service - "Gmail" { "emailconfig": { "service": "Gmail", "from": "[email protected]" } } username and password in basic authorisation 3. service - 'SES','SES-US-EAST-1','SES-US-WEST-2','SES-EU-WEST-1' { "emailconfig": { "service": "SES", "from": "[email protected]" } } username and password in basic authorisation To turn Off the email setting { "emailenable":false } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" http://<your_skedler_server>:<your_skedler_port>/api/settings/setemail -X POST -d <Data Params> |
Note |
Test email settings
Content | Description |
Title | Test email |
URL | api/settings/testemail |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "emailTo":[string] - email format } Example: { "emailTo":"sample@abc.com" } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/testemail -d <Data Params> |
Note |
Set timezone configuration
Content | Description |
Title | set timezone |
Url | api/settings/settimezone |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "timezone":[string] } Example: { "timezone":"Asia/Calcutta" } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/settimezone -d <Data Params> |
Note |
Set proxy details
Content | Description |
Title | set proxy |
Url | api/settings/setproxy |
Method | POST |
URL Params | None |
Basic Authorization | Usename : [string] Password: [string] |
Data Params | { "proxyDetails": { "protocol": [string] - ['tcp,'http','https'], "proxyType": [string] - ['noProxy','autoProxy','manualProxy'], "proxyIP": [string], "port": [sting of number] - [1 - 65535], } } Example: 1. proxyType - "manualProxy" { "proxyDetails": { "protocol": "http", "proxyType": "manualProxy", "proxyIP": "10.200.20.1", "port":"25" } } username and password in basic authorisation 2. proxyType - "noProxy" { "proxyDetails": { "proxyType": "noProxy" } } 3. proxyType - "autoProxy" { "proxyDetails": { "proxyType": "autoProxy" } } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/setproxy -d <Data Params> |
Note |
Set index pattern configuration
Content | Description |
Title | set index pattern |
Url | api/settings/setindexpattern |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "indices": [array of strings] } Example: { "indices": [".data*"] } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/setindexpattern -d <Data Params> |
Note |
Scheduling index pattern
Content | Description |
Title | schedule for index pattern |
Url | api/settings/ scheduleindexpattern |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "scheduleIndex" [boolean] - true/false, "schedule": { "type": [string] - ["hourly","daily","weekly"], "interval": [number] - for hourly - [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23] - for daily [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31], "startMinute": [number] - [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59], "startHour": [number] - [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23], "days":[string of array] - ["monday", "tuesday", "wednesday", "thursday", "friday", "saturday", "sunday"] } } Example: To turn ON the index pattern settings 1. type - "hourly" / "daily" { "schedule": { "type": "hourly" / "daily", "interval": 15, "startMinute": 22, "startHour": 22 } } 2. type - "weekly" { "schedule": { "type": "weekly", "startMinute": 22, "startHour": 22, "days":["monday","tuesday"] } } To turn OFF the index pattern settings { "scheduleIndex":false } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/scheduleindexpattern -d <Data Params> |
Note |
Delete index pattern
Content | Description |
Title | delete index pattern |
Url | api/settings/deleteindexpattern |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "indices": [array of strings] } Example: { "indices": [".data*"] } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/deleteindexpattern -d <Data Params> |
Note |
Create Webhook
Content | Description |
Title | create webhook |
Url | api/settings/createwebhook |
Method | POST |
URL Params | None |
Basic Authorization | Usename : [string] Password: [string] |
Data Params | There are the type of webhook:-
Example:1. type - "none"{"webhookDetails":{"type":"none","name":"sample","webhookUrl":"http://testwebhookurl.com/test"}}2. type - "basic"{"webhookDetails":{"type":"none","name":"sample","webhookUrl":"http://testwebhookurl.com/test"}}username and password in basic authorisation3. type - "oauth1.0"{"webhookDetails":{"type":"oauth1.0","name":"sample","webhookUrl":"http://testwebhookurl.com/test""clientId" : "xxxxxxxxxxxxxxxxx","clientSecretKey" : "xxxxxxxxxxxxxxxxx","userTokenKey" : "xxxxxxxxxxxxxxxxxx","userSecretKey" : "xxxxxxxxxxxxxxxxxx","requestTokenUrl" : "http://testwebhookurl.com/test""accessTokenUrl": "http://testwebhookurl.com/test"}} |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/createwebhook -d <Data Params> |
Note |
Update Webhook
Content | Description |
Title | update webhook |
Url | api/settings/updatewebhook |
Method | POST |
URL Params | None |
Basic Authorization | Usename : [string] Password: [string] |
Data Params | There are the type of webhook:-
Example:1. type - "none"{"webhookDetails":{"type":"none","name":"sample","webhookUrl":"http://testwebhookurl.com/test"}}2. type - "basic"{"webhookDetails":{"type":"none","name":"sample","webhookUrl":"http://testwebhookurl.com/test"}}username and password in basic authorisation3. type - "oauth1.0"{"webhookDetails":{"type":"oauth1.0","name":"sample","webhookUrl":"http://testwebhookurl.com/test","clientId" : "xxxxxxxxxxxxxxxxx","clientSecretKey" : "xxxxxxxxxxxxxxxxx","userTokenKey" : "xxxxxxxxxxxxxxxxxx","userSecretKey" : "xxxxxxxxxxxxxxxxxx","requestTokenUrl" : "http://testwebhookurl.com/test","accessTokenUrl": "http://testwebhookurl.com/test"}} |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/updatewebhook -d <Data Params> |
Note |
Delete Webhook
Content | Description |
Title | delete webhook |
Url | api/settings/deletewebhook |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "name": [string] (or) "id": [string] } Example: { "name":"sample" (or) "id":"As23Frtg" } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/deletewebhook -d <Data Params> |
Note |
Test Webhook
Content | Description |
Title | test webhook |
Url | api/settings/testwebhook |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "name" : [string] (or) "id": [string], "key":[string], "value": [string] } Example: { "name":"sample webhook" (or) "id":"As23Frtg", "key":"text", "value":"test webhook" } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/testwebhook -d <Data Params> |
Note |
List Webhook
Content | Description |
Title | list all webhook details |
Url | api/settings/getallwebhooks |
Method | GET |
URL Params | None |
Basic Authorization | None |
Data Params | None |
Success Response | { “status”:”success” "data":[ { "type": "oauth1.0", "name": "alert_test", "webhookUrl": "http://testwebhookurl.com/test", "clientId": "xxxxxxxxxxxxxxxxx", "clientSecretKey": "xxxxxxxxxxxxxxxxx", "userTokenKey": "xxxxxxxxxxxxxxxxx", "userSecretKey": "xxxxxxxxxxxxxxxxx", "accessTokenUrl": "http://testwebhookurl.com/test", "requestTokenUrl": "http://testwebhookurl.com/test" }, { "type": "none", "name": "test", "webhookUrl": "http://testwebhookurl.com/test" }, { "type": "basic", "name": "sample", "webhookUrl":"http://testwebhookurl.com/test", "username": "sample", "password": "password" } ] } |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/settings/getallwebhooks |
Note |
Set folderPath
Content | Description |
Title | Set folderPath |
URL | api/settings/setFolderPath |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "folderPath":[string] - user defined folderPath } Example: { "folderPath":"/opt/alerts" } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/setFolderPath -d <Data Params> |
Note |
Alert API
Content | Description |
Title | create alert |
Url | api/alert/createalert |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "alertName": [string], "alertType": [string] - critical / information /warning, "elasticIndexPattern": [string] - valid index pattern configured in index-pattern settings, "timeField": [string] - valid timefield that exists for the given elasticIndexPattern, "elasticIndexType": [string] - type for the given elasticIndexPattern , "alertTags": [array] - user defined tags, "ruleType": [string] - threshold / repeatedvalue / newvalue / spike, "keywordSearch":[string] - text to find matching keyword, "aggregationCondition": { "term": [string] - field which exists under given elasticIndexPattern ( term is not mandatory for aggregation "count" ), "aggregation":[string] - count / avg / min / max / sum, "condition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [number] }, "queryFilter": [{ "term": [string] - field which exists under given elasticIndexPattern, "queryCondition": [string] - mustBe / mustNotBe /shouldBe , "filterCondition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [string] - [number] - [date(dd/mm/yyyy)] - depends on the term }], "groupByFields": [array of string] - field in form of array of string, "searchFields":[array of string] - field in form of array of string, "orderSize": [number], "orderBy": [string] - desc / asc, "compareToValue": [number], "compareToCondition": [string] - ['>' / '<' / '<=' / '>=' ], "previousTimeWindow": { "type": [string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number], "to": [number] }, "timeWindow": { "type":[string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number] } } Example: 1. For ruleType - "threshold" { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".data*", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "threshold", "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "sas" }, { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "sas" } ], "groupByFields": ["IP", "age"], "orderSize": 10, "orderBy": "asc", "timeWindow": { "type": "hourly", "from": 2 } } 2. For ruleType - "spike" { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".data*", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "spike", "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "10.200.1.3" }], "groupByFields": ["IP", "age"], "orderSize": 10, "orderBy": "asc", "compareToValue": 10, "compareToCondition": ">", "previousTimeWindow": { "type": "hourly", "from": 2, "to": 1 }, "timeWindow": { "type": "hourly", "from": 2 } } 3. For ruleType - "newvalue / repeatedvalue" { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".data*", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "newvalue", "aggregationCondition": { "term": "age", "aggregation": "count", "condition": ">", "value": 10 }, "excludeTimewindow": false, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "10.200.1.3" }, { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "10.200.1.3" }], "groupByFields": ["IP", "age"], "orderSize": 10, "orderBy": "asc", "searchFields": ["IP"], "previousTimeWindow": { "type": "hourly", "from": 2, "to": 1 }, "timeWindow": { "type": "hourly", "from": 2 } } Single stretch alert creation { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".net*", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "threshold", "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "TAB" }, { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "LAP" } ], "groupByFields": ["IP"], "orderSize": 10, "orderBy": "asc", "timeWindow": { "type": "hourly", "from": 2 }, "schedule": { "type": "seconds", "interval": "5", "startMinute": "15", "startHour": "10" }, "actions": { "emailTo": { "to": ["[email protected]"], "cc": ["[email protected]"], "subject": "${AlertName}", "message": "hi Checkout the alert.Thanks", "includeJson": true, "includeCsv" : true, "notificationFields": ["IP"] }, "webhook": { "webhookName": "webhook", "message": { "key": "text", "value": "message" } }, "elasticIndex": { "index": "indexname", "notificationFields": ["IP"] } } } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/createalert -d <Data Params> |
Note |
Content | Description |
Title | update alert |
Url | api/alert/updatealert |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "alertName": [string] - alertname (or) "id":[string] - alert id, "alertType": [string] - critical / information /warning, "elasticIndexPattern": [string] - valid index pattern configured in index-pattern settings, "timeField": [string] - valid timefield that exists for the given elasticIndexPattern, "elasticIndexType": [string] - type for the given elasticIndexPattern , "alertTags": [array] - user defined tags, "ruleType": [string] - threshold / repeatedvalue / newvalue / spike, "keywordSearch":[string] - text to find matching keyword, "aggregationCondition": { "term": [string] - field which exists under given elasticIndexPattern ( term is not mandatory for aggregation "count" ), "aggregation":[string] - count / avg / min / max / sum, "condition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [number] }, "queryFilter": [{ "term": [string] - field which exists under given elasticIndexPattern, "queryCondition": [string] - mustBe / mustNotBe /shouldBe , "filterCondition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [string] - [number] - [date(dd/mm/yyyy)] - depends on the term }], "groupByFields": [array of string] - field in form of array of string, "searchFields":[array of string] - field in form of array of string, "orderSize": [number], "orderBy": [string] - desc / asc, "compareToValue": [number], "compareToCondition": [string] - ['>' / '<' / '<=' / '>=' ], "previousTimeWindow": { "type": [string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number], "to": [number] }, "timeWindow": { "type":[string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number] } } Example: 1. For ruleType - "threshold" { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".data*", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "threshold", "aggregationCondition": { "term": "", "aggregation": "count", "condition": ">=", "value": 8 }, "queryFilter": [{ "term": "age", "queryCondition": "mustBe", "filterCondition": ">", "value": 10 } ], "groupByFields": ["IP"], "orderSize": 5, "orderBy": "desc", "timeWindow": { "type": "hourly", "from": 2 } } 2. For ruleType - "spike" { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".data*", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "spike", "aggregationCondition": { "term": "age", "aggregation": "sum", "condition": ">", "value": 10 }, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "10.200.1.3" }, { "term": "age", "queryCondition": "mustNotBe", "filterCondition": ">=", "value": 9 }], "groupByFields": [], "orderSize": 15, "orderBy": "asc", "compareToValue": 10, "compareToCondition": ">", "previousTimeWindow": { "type": "hourly", "from": 8, "to": 1 }, "timeWindow": { "type": "hourly", "from": 2 } } 3. For ruleType - "newvalue / repeatedvalue" { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".data*", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "newvalue", "aggregationCondition": { "term": "age", "aggregation": "count", "condition": ">", "value": 10 }, "excludeTimewindow": false, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "10.200.1.3" }, { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "10.200.1.3" }], "groupByFields": ["IP", "age"], "orderSize": 10, "orderBy": "asc", "searchFields": ["IP"], "previousTimeWindow": { "type": "hourly", "from": 2, "to": 1 }, "timeWindow": { "type": "hourly", "from": 2 } } single stretch updation: { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".net*", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "threshold", "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "queryFilter": [{ "term": "age", "queryCondition": "mustBe", "filterCondition": "==", "value": 10 } ], "groupByFields": ["IP"], "orderSize": 10, "orderBy": "asc", "timeWindow": { "type": "hourly", "from": 2 }, "enableSchedule":false, "actions": { "webhook": { "webhookName": "webhook", "message": { "key": "text", "value": "message" } } } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/updatealert -d <Data Params> |
Note |
Content | Description |
Title | Mail now |
Url | api/alert/mailNow |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "alertName": [string], "alertType": [string] - critical / information /warning, "elasticIndexPattern": [string] - valid index pattern configured in index-pattern settings, "timeField": [string] - valid timefield that exists for the given elasticIndexPattern, "elasticIndexType": [string] - type for the given elasticIndexPattern , "alertTags": [array] - user defined tags, "ruleType": [string] - threshold / repeatedvalue / newvalue / spike, "keywordSearch":[string] - text to find matching keyword, "aggregationCondition": { "term": [string] - field which exists under given elasticIndexPattern ( term is not mandatory for aggregation "count" ), "aggregation":[string] - count / avg / min / max / sum, "condition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [number] }, "queryFilter": [{ "term": [string] - field which exists under given elasticIndexPattern, "queryCondition": [string] - mustBe / mustNotBe /shouldBe , "filterCondition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [string] - [number] - [date(dd/mm/yyyy)] - depends on the term }], "groupByFields": [array of string] - field in form of array of string, "searchFields":[array of string] - field in form of array of string, "orderSize": [number], "orderBy": [string] - desc / asc, "compareToValue": [number], "compareToCondition": [string] - ['>' / '<' / '<=' / '>=' ], "previousTimeWindow": { "type": [string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number], "to": [number] }, "timeWindow": { "type":[string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number] }, "emailTo": { "to": [array of string] - email format, "cc": [array of string] - email format, "subject": [string], "message": [string], "notificationFields":[string of array], "includeCsv": [boolean], "includeJson": [boolean] } } Example: { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".net*", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "threshold", "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "TAB" }, { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "LAP" } ], "groupByFields": ["IP"], "orderSize": 10, "orderBy": "asc", "timeWindow": { "type": "hourly", "from": 2 }, "emailTo": { "to": ["[email protected]"], "cc": ["[email protected]"], "subject": "${AlertName}", "message": "hi Checkout the alert.Thanks", "includeJson": true, "includeCsv" : true, "notificationFields": ["IP"] } } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/mailNow -d <Data Params> |
Note |
Content | Description |
Title | Webhook now |
Url | api/alert/webhookNow |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "alertName": [string], "alertType": [string] - critical / information /warning, "elasticIndexPattern": [string] - valid index pattern configured in index-pattern settings, "timeField": [string] - valid timefield that exists for the given elasticIndexPattern, "elasticIndexType": [string] - type for the given elasticIndexPattern , "alertTags": [array] - user defined tags, "ruleType": [string] - threshold / repeatedvalue / newvalue / spike, "keywordSearch":[string] - text to find matching keyword, "aggregationCondition": { "term": [string] - field which exists under given elasticIndexPattern ( term is not mandatory for aggregation "count" ), "aggregation":[string] - count / avg / min / max / sum, "condition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [number] }, "queryFilter": [{ "term": [string] - field which exists under given elasticIndexPattern, "queryCondition": [string] - mustBe / mustNotBe /shouldBe , "filterCondition": [string] - ['>' / '<' / '<=' / '>=' / '=='], "value": [string] - [number] - [date(dd/mm/yyyy)] - depends on the term }], "groupByFields": [array of string] - field in form of array of string, "searchFields":[array of string] - field in form of array of string, "orderSize": [number], "orderBy": [string] - desc / asc, "compareToValue": [number], "compareToCondition": [string] - ['>' / '<' / '<=' / '>=' ], "previousTimeWindow": { "type": [string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number], "to": [number] }, "timeWindow": { "type":[string] - minutes / hourly /daily /weekly /monthly /yearly, "from": [number] }, "webhook": { "webhookName": [string], "message":{ "key":[string], "value":[string] }, "payload":{ "key":[string], "value":[string of array] }, webhookData:{ "key":[string], "value":[string] } } } Example: { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".net*", "timeField": "Timestamp", "elasticIndexType": "", "alertTags":["mail"], "ruleType": "threshold", "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "queryFilter": [{ "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "TAB" }, { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "LAP" } ], "groupByFields": ["IP"], "orderSize": 10, "orderBy": "asc", "timeWindow": { "type": "hourly", "from": 2 }, "webhook": { "webhookName": "webhook", "message": { "key": "text", "value": "message" } } } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/webhookNow -d <Data Params> |
Note |
Content | Description |
Title | delete alert |
Url | api/alert/deletealert |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | [ { "name":[string] (or) "id":[string] } ] Example: single delete [{ "name":"sample alert" (or) "id":"ASEF344ndjh" }] Multiple Delete [ { "name":"sample alert" (or) "id":"ASEF344ndjh" }, { "name":"alert" (or) "id":"DEFUI84DSa" }, { "name":"test" (or) "id":"IERNju6SdE" } ] |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/deletealert -d <Data Params> |
note |
Content | Description |
Title | clone alert |
Url | api/alert/clonealert |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "name":[string] (or) "id":[string], "cloneName":[string] } Example: { "name":"sample" (or) "id":"AdErgf34", "cloneName":"test" } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/clonealert -d <Data Params> |
Note |
Content | Description |
Title | schedule an alert |
Url | api/alert/setschedule |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "name":[string] - alert name (or) "id":[string] - alert id "scheduleIndex" [boolean] - true/false, "schedule": { "type": [string] - ["seconds","minutes","hourly","daily","weekly"], "interval": [number] - [1 - 99], "startMinute": [number] - [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59], "startHour": [number] - [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23], "days":[string of array] - ["monday", "tuesday", "wednesday", "thursday", "friday", "saturday", "sunday"] } } Example: To turn On schedule for alert 1. "type": "seconds" / "minutes" / "hourly" / "daily" { "name":"sample", "schedule":{ "type": "seconds" / "minutes" / "hourly" / "daily", "interval":15, "startMinute": 15, "startHour": 10 } } 2. "type": "weekly" { "name":"sample", "schedule":{ "type": "weekly", "startMinute": 34, "startHour": 9, "days": ["friday", "saturday", "sunday"] } } To turn OFF schedule for alert { "name":"sample", "scheduleIndex":false } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/setschedule -d <Data Params> |
Note |
Content | Description |
Title | setup alert action |
Url | api/alert/setaction |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "name":[string] - alert name (or) "id":[string] - alert id, "enableAction": [boolean] - true/false, "actions": { "emailTo": { "to": [array of string] - email format, "cc": [array of string] - email format, "subject": [string], "message": [string], "notificationFields":[string of array], "includeCsv": [boolean], "includeJson": [boolean] }, "webhook": { "webhookName": [string], "message":{ "key":[string], "value":[string] }, "payload":{ "key":[string], "value":[string of array] }, webhookData:{ "key":[string], "value":[string] } }, "elasticIndex": { "index": ".alert*", "notificationFields":[string of array] } } Example: To trun ON the actions in alert { "name":"sample" (or) "id":"AEDfg546Gt", "actions": { "emailTo": { "to": ["sample@abc.com"], "cc": ["sample@abc.com"], "subject": "alert report", "message": "hi, Checkout the alert. Thanks", "includeCsv" : true, "includeJson": true }, "webhook": { "webhookName": "sampleWebhook" }, "elasticIndex": { "index": ".alert*" } } To trun OFF the actions in alert { "name":"sample" (or) "id":"AEDfg546Gt", "enableAction":false } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/setaction -d <Data Params> |
Note |
Content | Description |
Title | snooze alert |
Url | api/alert/setsnooze |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "name":[string] - alert name (or) "id":[string] - alert id, "snoozeDetails":{ "type":[string] - minutes/hours/days/weeks/months/years, "interval": [number], "forever": [boolean] - true/false } } Example: To snooze alert with interval { "name":"sample" (or) "id":"AEDGY45Rgtstg", "snoozeDetails":{ "type":"minutes", "interval": 10 } } To snooze alert forever { "name":"sample" (or) "id":"AEDGY45Rgtstg", "snoozeDetails":{ "forever":true } } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/setsnooze -d <Data Params> |
Note |
Content | Description |
Title | unsnooze alert |
Url | api/alert/unsnooze |
Method | POST |
URL Params | None |
Basic Authorization | None |
Data Params | { "name":[string] - alert name (or) "id":[string] - alert id, } Example:{ "name":"sample" (or) "id":"AdErgf34", } |
Success Response | {“status”:”success”} |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/unsnooze -d <Data Params> |
Note |
Content | Description |
Title | get an alert details |
Url | api/alert/getalert?name=sample (or) api/alert/getalert?id=AED56TgyeR4 |
Method | GET |
URL Params | None |
Basic Authorization | None |
Data Params | None |
Success Response | { “status”:”success”, "data":[ { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".net*", "elasticIndexType": "", "timeField": "Timestamp", "schedule": { "type": "seconds", "interval": 5, "startMinute": 15, "startHour": 10 }, "actions": { "webhook": { "message": { "key": "text", "value": "webhook" }, "webhookName": "sample_webhook", "webhookData": [], "includeResult": false, "payload": { "key": "", "value": [] } }, "elasticIndex": { "index": "indexname", "notificationFields": [ "IP" ] } }, "ruleType": "threshold", "timeWindow": { "type": "hourly", "from": 2 }, "queryFilter": [ { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "TAB" } ], "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "keywordSearch": "*", "groupByFields": [ "IP", "age" ], "orderBy": "asc", "orderSize": 10, "excludeTimewindow": false } ] } |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/alert/getalert?name=sample curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/alert/getalert?id=AdErgf34 |
Note |
Content | Description |
Title | get all alert details |
Url | api/alert/getallalerts |
Method | GET |
URL Params | None |
Basic Authorization | None |
Data Params | None |
Success Response | { “status”:”success”, "data":[ { "alertName": "test", "alertType": "critical", "elasticIndexPattern": ".net*", "elasticIndexType": "", "timeField": "HistoricTimestamp", "schedule": { "type": "minutes", "interval": 1, "startMinute": 4, "startHour": 18 }, "enableAction":false, "actions": {}, "ruleType": "threshold", "timeWindow": { "type": "minutes", "from": 15 }, "queryFilter": [], "aggregationCondition": { "term": "", "aggregation": "count", "condition": ">", "value": 0 }, "keywordSearch": "*", "groupByFields": [], "orderBy": "desc", "orderSize": 5, "excludeTimewindow": false }, { "alertName": "sample", "alertType": "critical", "elasticIndexPattern": ".net*", "elasticIndexType": "", "timeField": "Timestamp", "schedule": { "type": "seconds", "interval": 5, "startMinute": 15, "startHour": 10 }, "actions": { "webhook": { "message": { "key": "text", "value": "webhook" }, "webhookName": "sample_webhook", "webhookData": [], "includeResult": false, "payload": { "key": "", "value": [] } }, "elasticIndex": { "index": "indexname", "notificationFields": [ "IP" ] } }, "ruleType": "threshold", "timeWindow": { "type": "hourly", "from": 2 }, "queryFilter": [ { "term": "IP", "queryCondition": "mustBe", "filterCondition": "==", "value": "TAB" } ], "aggregationCondition": { "term": "age", "aggregation": "avg", "condition": ">", "value": 10 }, "keywordSearch": "*", "groupByFields": [ "IP", "age" ], "orderBy": "asc", "orderSize": 10, "excludeTimewindow": false } ] } |
Error Response | { “status”:”error”, “errorMessage”: <errorMessage> } |
Sample Call | curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/alert/getallalerts |
Note |
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article