Skedler-Alerts Integration Using REST APIs

Modified on Wed, 2 May, 2018 at 8:30 AM

Introduction

This document describes the REST API for Skedler-Alerts v3.5


For Skedler Alerts 3.4.x and below, please follow the Skedler-Alerts Integration Using REST APIs v3.4.x and below guide.


Note: Please note that these APIs are not supported in Skedler-Alerts v3.2 or below. 


To use a REST API, your application will make an HTTP or CURL request and parse the response. The response format is JSON.


Your methods will be the standard HTTP methods like GET, PUT, POST and DELETE. Because the REST API is based on open standards, you can use any web development language to access the API.

  

With REST API you can,

  • configure the settings like email, webhook, timezone, and index-pattern for scheduling alerts
  • create / update / delete alerts
  • schedule an alert
  • setup alert actions
  • clone an existing alert rule
  • snooze / unsnooze an alert


Overview

  • Settings API
  • Alerts API


API Details

  1. Settings API
  2. Alerts API


How to call REST API

Skedler-Alerts REST API supports standard HTTP/CURL along with basic authentication


This example shows using of CURL without basic authentication,



Configuring Email settings - 


Set email configuration - 



Set proxy details - 


Create / update webhook - 

Note - username and password is required for basic authentication type



Settings API

Save configuration settings

Content
Description
Title        
Save configuration settings
URL
api/settings/configureSettings
Method
POST
URL Params
None
Basic Authorization
Usename : [string]
Password: [string]
Data Params
{
"emailconfig": {
"service": [string] -[ 'others','Gmail','SES','SES-US-EAST-1','SES-US-WEST-2','SES-EU-WEST-1'],
"host": [string] ,
"port": [numeric] - [1 - 65535],
"ssl": [boolean] - true/false,
"from": [string] - email format,
},
"timezone": [string],
"indices": [array of strings],
"proxyDetails": {
"protocol": [string] - ['tcp,'http','https'],
"proxyType": [string] - ['noProxy','autoProxy','manualProxy'],
"proxyIP": [string],
"port": [sting of number] - [1 - 65535],
}
}

Example
{
"emailconfig": {
"service": "others",
"host": "pro.turbo-smtp.com",
 "port": 25,
 "ssl": true,
 "from": "[email protected]"
},
"timezone": "Asia/Kolkota"
"indices": ['data*','.data_'],
"proxyDetails": {
"protocol": "http",
"proxyType": "manualProxy",
"proxyIP": "10.200.20.1",
"port":"25"
}
}
Success Response
{"status": "success"}
Error Response
{
 "status": "error",
 "errorMessage": <errormessage>
}
Sample call
curl -H  "Content-Type:application/json"  http://<your_skedler_server>:<your_skedler_port>/api/settings/configureSettings -X POST -d <Data Params>
Note


Get all settings detail

Content

Description

Title    
 Get all settings detail
URL
api/settings/getsettings
Method
GET
URL Params
None
Basic Authorization
None
Data Params
None
Success Response
{
“status”:”success”,
"data":{
    "timezone": "Asia/Calcutta",
    "proxyDetails": {
      "proxyType": "noProxy",
    },
    "indexDetails": {
        "indices": [
            ".data*"
        ],
        "schedule": {
            "type": "hourly",
            "interval": 15,
            "startMinute": 22,
            "startHour": 22
        }
    },
    "emailDetails": {
"emailconfig": {
 "host": "pro.turbo-smtp.com",
 "port": 25,
 "ssl": true,
 "from": "[email protected]",
 "password":"U2FsdGVkX199hwv8ZWM9e4TPa47PpHrvLxsLvzhlNos="
 }
    },    "webhookDetails": [        {            "type": "none",            "name": "sample",            "webhookUrl": "https://hooks.slack.com/services/seadef23Defg"        }    ]}}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/settings/getsettings
Note
-


Set email configuration

Content

Description

Title
 set email configuration
URL
api/settings/setemail
Method
POST
URL Params
None
Basic Authorization
Usename : [string]
Password: [string]
Data Params
{
"emailenable": [boolean] - true/false,
"emailconfig": {
"service": [string] -[ 'others','Gmail','SES','SES-US-EAST-1','SES-US-WEST-2','SES-EU-WEST-1'],
"host": [string] ,
"port": [numeric] - [1 - 65535],
"ssl": [boolean] - true/false,
"from": [string] - email format,
}
}

Example:

To turn On the email setting
1. service - "Others"
{
"emailconfig": {
"service": "others",
"host": "pro.turbo-smtp.com",
 "port": 25,
 "ssl": true,
 "from": "[email protected]"
}
}
username and password in basic authorisation

2. service - "Gmail"
{
"emailconfig": {
"service": "Gmail",
"from": "[email protected]"
}
}
username and password in basic authorisation


3. service - 'SES','SES-US-EAST-1','SES-US-WEST-2','SES-EU-WEST-1'
{
"emailconfig": {
"service": "SES",
"from": "[email protected]"
}
}
username and password in basic authorisation

To turn Off the email setting
{
"emailenable":false
}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" http://<your_skedler_server>:<your_skedler_port>/api/settings/setemail -X POST -d <Data Params>
Note


Test email settings

Content

Description

Title
Test email
URL
api/settings/testemail
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
"emailTo":[string] - email format
}
Example:
{
"emailTo":"sample@abc.com"
}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST  http://<your_skedler_server>:<your_skedler_port>/api/settings/testemail -d <Data Params>
Note


Set timezone configuration

Content

Description

Title

set timezone 

Url
api/settings/settimezone
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
"timezone":[string]
}
Example:
{
"timezone":"Asia/Calcutta"
}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/settimezone -d <Data Params>
Note


Set proxy details

Content

Description

Title
set proxy
Url
api/settings/setproxy
Method
POST
URL Params
None
Basic Authorization
Usename : [string]
Password: [string]
Data Params
{
"proxyDetails": {
"protocol": [string] - ['tcp,'http','https'],
"proxyType": [string] - ['noProxy','autoProxy','manualProxy'],
"proxyIP": [string],
"port": [sting of number] - [1 - 65535],
}
}
Example:
1. proxyType - "manualProxy"
{
"proxyDetails": {
"protocol": "http",
"proxyType": "manualProxy",
"proxyIP": "10.200.20.1",
"port":"25"
}
}
username and password in basic authorisation

2. proxyType - "noProxy"
{
"proxyDetails": {
"proxyType": "noProxy"
}
}

3. proxyType - "autoProxy"
{
"proxyDetails": {
"proxyType": "autoProxy"
}
}

Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/setproxy -d <Data Params>
Note


Set index pattern configuration

Content

Description

Title
set index pattern
Url
api/settings/setindexpattern
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
"indices": [array of strings]
}

Example:
{
"indices": [".data*"]
}

Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/setindexpattern -d <Data Params>
Note


Scheduling index pattern

Content

Description

Title
schedule for index pattern
Url
api/settings/ scheduleindexpattern 
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
"scheduleIndex" [boolean] - true/false,
"schedule": {
            "type": [string] - ["hourly","daily","weekly"],
            "interval": [number] - for hourly - [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23]  - for daily [1, 2, 3, 4, 5, 6, 7, 8,                                                                  9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31],
            "startMinute": [number] -  [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32,                                                         33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59],
            "startHour": [number] - [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23],
            "days":[string of array] - ["monday", "tuesday", "wednesday", "thursday", "friday", "saturday", "sunday"]
    }
}

Example:

To turn ON the index pattern settings
1. type - "hourly" / "daily"
{
"schedule": {
            "type": "hourly" / "daily",
            "interval": 15,
            "startMinute": 22,
            "startHour": 22
    }
}

2. type - "weekly"
{
"schedule": {
            "type": "weekly",
            "startMinute": 22,
            "startHour": 22,
            "days":["monday","tuesday"]
    }
}

To turn OFF the index pattern settings
{
    "scheduleIndex":false
}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/scheduleindexpattern -d <Data Params>
Note


Delete index pattern

Content

Description

Title
delete index pattern
Url
api/settings/deleteindexpattern
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
"indices": [array of strings]
}

Example:
{
"indices": [".data*"]
}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/deleteindexpattern -d <Data Params>
Note


Create Webhook

Content

Description

Title
create webhook
Url
api/settings/createwebhook
Method
POST
URL Params
None
Basic Authorization
Usename : [string]
Password: [string]
Data Params
There are the type of webhook:-
  1. none
  2. basic
  3. Oauth - oauth1.0
  4. {

    "webhookDetails":{

    "type":[string],

    "name":[string],

    "webhookUrl":[string]

    }

    }

  5. {

    "webhookDetails":{

    "type":[string],

    "name":[string],

    "webhookUrl":[string],

    username and password in basic authorisation

    }

    }

  6. {

    "webhookDetails":{

    "type":[string],

    "name":[string],

    "webhookUrl":[string],

    "clientId" :[string],

    "clientSecretKey" :[string],

    "userTokenKey" : [string],

    "userSecretKey" : [string],

    "requestTokenUrl" : [string],

    "accessTokenUrl": [string]

    }

    }


Example:
1. type - "none"{"webhookDetails":{"type":"none","name":"sample","webhookUrl":"http://testwebhookurl.com/test"}}2. type - "basic"{"webhookDetails":{"type":"none","name":"sample","webhookUrl":"http://testwebhookurl.com/test"}}username and password in basic authorisation3. type - "oauth1.0"{"webhookDetails":{"type":"oauth1.0","name":"sample","webhookUrl":"http://testwebhookurl.com/test""clientId" : "xxxxxxxxxxxxxxxxx","clientSecretKey" : "xxxxxxxxxxxxxxxxx","userTokenKey" : "xxxxxxxxxxxxxxxxxx","userSecretKey" : "xxxxxxxxxxxxxxxxxx","requestTokenUrl" : "http://testwebhookurl.com/test""accessTokenUrl": "http://testwebhookurl.com/test"}}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/createwebhook -d <Data Params>
Note


Update Webhook

Content

Description

Title
update webhook
Url
api/settings/updatewebhook
Method
POST
URL Params
None
Basic Authorization
Usename : [string]
Password: [string]
Data Params
There are the type of webhook:-
  1. none
  2. basic
  3. Oauth - oauth1.0
  4. {

    "webhookDetails":{

    "type":[string],

    "name":[string],

    "webhookUrl":[string]

    }

    }

  5. {

    "webhookDetails":{

    "type":[string],

    "name":[string],

    "webhookUrl":[string],

    username and password in basic authorisation

    }

    }

  6. {

    "webhookDetails":{

    "type":[string],

    "name":[string],

    "webhookUrl":[string],

    "clientId" :[string],

    "clientSecretKey" :[string],

    "userTokenKey" : [string],

    "userSecretKey" : [string],

    "requestTokenUrl" : [string],

    "accessTokenUrl": [string]

    }

    }


Example:
1. type - "none"{"webhookDetails":{"type":"none","name":"sample","webhookUrl":"http://testwebhookurl.com/test"}}2. type - "basic"{"webhookDetails":{"type":"none","name":"sample","webhookUrl":"http://testwebhookurl.com/test"}}username and password in basic authorisation3. type - "oauth1.0"{"webhookDetails":{"type":"oauth1.0","name":"sample","webhookUrl":"http://testwebhookurl.com/test","clientId" : "xxxxxxxxxxxxxxxxx","clientSecretKey" : "xxxxxxxxxxxxxxxxx","userTokenKey" : "xxxxxxxxxxxxxxxxxx","userSecretKey" : "xxxxxxxxxxxxxxxxxx","requestTokenUrl" : "http://testwebhookurl.com/test","accessTokenUrl": "http://testwebhookurl.com/test"}}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/updatewebhook -d <Data Params>
Note


Delete Webhook

Content

Description

Title
delete webhook
Url
api/settings/deletewebhook
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
"name": [string] (or) "id": [string]
}

Example:

{
"name":"sample" (or) "id":"As23Frtg"
}

Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/deletewebhook -d <Data Params>
Note



Test Webhook

Content

Description

Title
test webhook
Url
api/settings/testwebhook 
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
"name" : [string] (or) "id": [string],
"key":[string],
"value": [string]
}

Example:
{
"name":"sample webhook" (or) "id":"As23Frtg",
"key":"text",
"value":"test webhook"
}

Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/settings/testwebhook  -d <Data Params>
Note


List Webhook

Content

Description

Title
list all webhook details
Url
api/settings/getallwebhooks

Method
GET
URL Params
None
Basic Authorization
None
Data Params
None
Success Response
{
“status”:”success”
"data":[
        {
            "type": "oauth1.0",
            "name": "alert_test",
            "webhookUrl": "http://testwebhookurl.com/test",
            "clientId": "xxxxxxxxxxxxxxxxx",
            "clientSecretKey": "xxxxxxxxxxxxxxxxx",
            "userTokenKey": "xxxxxxxxxxxxxxxxx",
            "userSecretKey": "xxxxxxxxxxxxxxxxx",
            "accessTokenUrl": "http://testwebhookurl.com/test",
            "requestTokenUrl": "http://testwebhookurl.com/test"
        },
        {
            "type": "none",
            "name": "test",
            "webhookUrl": "http://testwebhookurl.com/test"
        },
        {
            "type": "basic",
            "name": "sample",
            "webhookUrl":"http://testwebhookurl.com/test",
            "username": "sample",
            "password": "password"
        }
    ]
}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/settings/getallwebhooks 
Note


Set folderPath

Content

Description

Title
Set folderPath
URL
api/settings/setFolderPath
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
"folderPath":[string] - user defined folderPath
}
Example:
{
"folderPath":"/opt/alerts"
}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST  http://<your_skedler_server>:<your_skedler_port>/api/settings/setFolderPath -d <Data Params>
Note


Alert API


Create alert

Content

Description

Title
create alert
Url
api/alert/createalert
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
 "alertName": [string],
"alertType": [string] - critical / information /warning,
"elasticIndexPattern": [string] -   valid index pattern configured in index-pattern settings,
"timeField": [string] - valid timefield that exists for the given elasticIndexPattern,
"elasticIndexType": [string] -  type for the given elasticIndexPattern ,
"alertTags": [array] - user defined tags,
"ruleType": [string] - threshold / repeatedvalue / newvalue / spike,
"keywordSearch":[string] - text to find matching keyword,
"aggregationCondition": {
"term": [string] -  field which exists under given elasticIndexPattern ( term is not mandatory for aggregation "count" ),
"aggregation":[string] - count / avg / min / max / sum,
"condition": [string] - ['>' / '<' / '<=' /  '>=' / '=='],
"value": [number]
},
"queryFilter": [{
"term": [string] - field which exists under given elasticIndexPattern,
"queryCondition": [string] - mustBe / mustNotBe /shouldBe ,
"filterCondition": [string] - ['>' / '<' / '<=' /  '>=' / '=='],
"value": [string] - [number] - [date(dd/mm/yyyy)] - depends on the term
}],
"groupByFields": [array of string] -  field in form of array of string,
"searchFields":[array of string] -  field in form of array of string,
"orderSize": [number],
"orderBy": [string] - desc / asc,
"compareToValue": [number],
"compareToCondition": [string] -  ['>' / '<' / '<=' /  '>=' ],
"previousTimeWindow": {
"type": [string] - minutes / hourly /daily /weekly /monthly /yearly,
"from": [number],
"to": [number]
},
"timeWindow": {
"type":[string] - minutes / hourly /daily /weekly /monthly /yearly,
"from": [number]
}
}

Example:
1. For ruleType - "threshold"
{
"alertName": "sample",
"alertType": "critical",
"elasticIndexPattern": ".data*",
"timeField": "Timestamp",
"elasticIndexType": "",
"alertTags":["mail"],
"ruleType": "threshold",
"aggregationCondition": {
"term": "age",
"aggregation": "avg",
"condition": ">",
"value": 10
},
"queryFilter": [{
"term": "IP",
"queryCondition": "mustBe",
"filterCondition": "==",
"value": "sas"
},
{
"term": "IP",
"queryCondition": "mustBe",
"filterCondition": "==",
"value": "sas"
}
],
"groupByFields": ["IP", "age"],
"orderSize": 10,
"orderBy": "asc",
"timeWindow": {
"type": "hourly",
"from": 2
}
}

2. For ruleType - "spike"
{
 "alertName": "sample",
"alertType": "critical",
"elasticIndexPattern": ".data*",
"timeField": "Timestamp",
"elasticIndexType": "",
"alertTags":["mail"],
"ruleType": "spike",
"aggregationCondition": {
"term": "age",
"aggregation": "avg",
"condition": ">",
"value": 10
},
"queryFilter": [{
"term": "IP",
"queryCondition": "mustBe",
"filterCondition": "==",
"value": "10.200.1.3"
}],
"groupByFields": ["IP", "age"],
"orderSize": 10,
"orderBy": "asc",
"compareToValue": 10,
"compareToCondition": ">",
"previousTimeWindow": {
"type": "hourly",
"from": 2,
"to": 1
},
"timeWindow": {
"type": "hourly",
"from": 2
}
}

3. For ruleType - "newvalue / repeatedvalue"
{
"alertName": "sample",
"alertType": "critical",
"elasticIndexPattern": ".data*",
"timeField": "Timestamp",
"elasticIndexType": "",
"alertTags":["mail"],
"ruleType": "newvalue",
"aggregationCondition": {
"term": "age",
"aggregation": "count",
"condition": ">",
"value": 10
},
"excludeTimewindow": false,
"queryFilter": [{
"term": "IP",
"queryCondition": "mustBe",
"filterCondition": "==",
"value": "10.200.1.3"
}, {
"term": "IP",
"queryCondition": "mustBe",
"filterCondition": "==",
"value": "10.200.1.3"
}],
"groupByFields": ["IP", "age"],
"orderSize": 10,
"orderBy": "asc",
"searchFields": ["IP"],
"previousTimeWindow": {
"type": "hourly",
"from": 2,
"to": 1
},
"timeWindow": {
"type": "hourly",
"from": 2
}
}

Single stretch alert creation
{
 "alertName": "sample",
 "alertType": "critical",
 "elasticIndexPattern": ".net*",
 "timeField": "Timestamp",
 "elasticIndexType": "",
"alertTags":["mail"],
 "ruleType": "threshold",
 "aggregationCondition": {
  "term": "age",
  "aggregation": "avg",
  "condition": ">",
  "value": 10
 },
 "queryFilter": [{
   "term": "IP",
   "queryCondition": "mustBe",
   "filterCondition": "==",
   "value": "TAB"
  },
  {
   "term": "IP",
   "queryCondition": "mustBe",
   "filterCondition": "==",
   "value": "LAP"
  }
 ],

 "groupByFields": ["IP"],
 "orderSize": 10,
 "orderBy": "asc",
 "timeWindow": {
  "type": "hourly",
  "from": 2
 },
 "schedule": {
  "type": "seconds",
  "interval": "5",
  "startMinute": "15",
  "startHour": "10"
 },
 "actions": {
"emailTo": {
   "to": ["[email protected]"],
   "cc": ["[email protected]"],
   "subject": "${AlertName}",
   "message": "hi Checkout the alert.Thanks",
   "includeJson": true,
   "includeCsv" : true,
   "notificationFields": ["IP"]
  },
  "webhook": {
     "webhookName": "webhook",
       "message": {
         "key": "text",
         "value": "message"
   }
  },
  "elasticIndex": {
   "index": "indexname",
   "notificationFields": ["IP"]
  }
 }
}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/createalert -d <Data Params>
Note


Update alert

Content

Description

Title
update alert
Url
api/alert/updatealert
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
 "alertName": [string] - alertname (or) "id":[string] - alert id,
"alertType": [string] - critical / information /warning,
"elasticIndexPattern": [string] -   valid index pattern configured in index-pattern settings,
"timeField": [string] - valid timefield that exists for the given elasticIndexPattern,
"elasticIndexType": [string] -  type for the given elasticIndexPattern ,
"alertTags": [array] - user defined tags,
"ruleType": [string] - threshold / repeatedvalue / newvalue / spike,
"keywordSearch":[string] - text to find matching keyword,
"aggregationCondition": {
"term": [string] -  field which exists under given elasticIndexPattern ( term is not mandatory for aggregation "count" ),
"aggregation":[string] - count / avg / min / max / sum,
"condition": [string] - ['>' / '<' / '<=' /  '>=' / '=='],
"value": [number]
},
"queryFilter": [{
"term": [string] - field which exists under given elasticIndexPattern,
"queryCondition": [string] - mustBe / mustNotBe /shouldBe ,
"filterCondition": [string] - ['>' / '<' / '<=' /  '>=' / '=='],
"value": [string] - [number] - [date(dd/mm/yyyy)] - depends on the term
}],
"groupByFields": [array of string] -  field in form of array of string,
"searchFields":[array of string] -  field in form of array of string,
"orderSize": [number],
"orderBy": [string] - desc / asc,
"compareToValue": [number],
"compareToCondition": [string] -  ['>' / '<' / '<=' /  '>=' ],
"previousTimeWindow": {
"type": [string] - minutes / hourly /daily /weekly /monthly /yearly,
"from": [number],
"to": [number]
},
"timeWindow": {
"type":[string] - minutes / hourly /daily /weekly /monthly /yearly,
"from": [number]
}
}

Example:
1. For ruleType - "threshold"
{
"alertName": "sample",
"alertType": "critical",
"elasticIndexPattern": ".data*",
"timeField": "Timestamp",
"elasticIndexType": "",
"alertTags":["mail"],
"ruleType": "threshold",
"aggregationCondition": {
"term": "",
"aggregation": "count",
"condition": ">=",
"value": 8
},
"queryFilter": [{
"term": "age",
"queryCondition": "mustBe",
"filterCondition": ">",
"value": 10
}
],
"groupByFields": ["IP"],
"orderSize": 5,
"orderBy": "desc",
"timeWindow": {
"type": "hourly",
"from": 2
}
}

2. For ruleType - "spike"
{
 "alertName": "sample",
"alertType": "critical",
"elasticIndexPattern": ".data*",
"timeField": "Timestamp",
"elasticIndexType": "",
"alertTags":["mail"],
"ruleType": "spike",
"aggregationCondition": {
"term": "age",
"aggregation": "sum",
"condition": ">",
"value": 10
},
"queryFilter": [{
"term": "IP",
"queryCondition": "mustBe",
"filterCondition": "==",
"value": "10.200.1.3"
}, {
"term": "age",
"queryCondition": "mustNotBe",
"filterCondition": ">=",
"value": 9
}],
"groupByFields": [],
"orderSize": 15,
"orderBy": "asc",
"compareToValue": 10,
"compareToCondition": ">",
"previousTimeWindow": {
"type": "hourly",
"from": 8,
"to": 1
},
"timeWindow": {
"type": "hourly",
"from": 2
}
}

3. For ruleType - "newvalue / repeatedvalue"
{
"alertName": "sample",
"alertType": "critical",
"elasticIndexPattern": ".data*",
"timeField": "Timestamp",
"elasticIndexType": "",
"alertTags":["mail"],
"ruleType": "newvalue",
"aggregationCondition": {
"term": "age",
"aggregation": "count",
"condition": ">",
"value": 10
},
"excludeTimewindow": false,
"queryFilter": [{
"term": "IP",
"queryCondition": "mustBe",
"filterCondition": "==",
"value": "10.200.1.3"
}, {
"term": "IP",
"queryCondition": "mustBe",
"filterCondition": "==",
"value": "10.200.1.3"
}],
"groupByFields": ["IP", "age"],
"orderSize": 10,
"orderBy": "asc",
"searchFields": ["IP"],
"previousTimeWindow": {
"type": "hourly",
"from": 2,
"to": 1
},
"timeWindow": {
"type": "hourly",
"from": 2
}
}

single stretch updation:
{
 "alertName": "sample",
 "alertType": "critical",
 "elasticIndexPattern": ".net*",
 "timeField": "Timestamp",
 "elasticIndexType": "",
"alertTags":["mail"],
 "ruleType": "threshold",
 "aggregationCondition": {
  "term": "age",
  "aggregation": "avg",
  "condition": ">",
  "value": 10
 },
 "queryFilter": [{
   "term": "age",
   "queryCondition": "mustBe",
   "filterCondition": "==",
   "value": 10
  }
 ],

 "groupByFields": ["IP"],
 "orderSize": 10,
 "orderBy": "asc",
 "timeWindow": {
  "type": "hourly",
  "from": 2
 },
"enableSchedule":false,
 "actions": {
  "webhook": {
     "webhookName": "webhook",
       "message": {
         "key": "text",
         "value": "message"
   }
  }
}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/updatealert -d <Data Params>
Note


Mail now

Content

Description

Title
Mail now
Url
api/alert/mailNow
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
 "alertName": [string],
"alertType": [string] - critical / information /warning,
"elasticIndexPattern": [string] -   valid index pattern configured in index-pattern settings,
"timeField": [string] - valid timefield that exists for the given elasticIndexPattern,
"elasticIndexType": [string] -  type for the given elasticIndexPattern ,
"alertTags": [array] - user defined tags,
"ruleType": [string] - threshold / repeatedvalue / newvalue / spike,
"keywordSearch":[string] - text to find matching keyword,
"aggregationCondition": {
"term": [string] -  field which exists under given elasticIndexPattern ( term is not mandatory for aggregation "count" ),
"aggregation":[string] - count / avg / min / max / sum,
"condition": [string] - ['>' / '<' / '<=' /  '>=' / '=='],
"value": [number]
},
"queryFilter": [{
"term": [string] - field which exists under given elasticIndexPattern,
"queryCondition": [string] - mustBe / mustNotBe /shouldBe ,
"filterCondition": [string] - ['>' / '<' / '<=' /  '>=' / '=='],
"value": [string] - [number] - [date(dd/mm/yyyy)] - depends on the term
}],
"groupByFields": [array of string] -  field in form of array of string,
"searchFields":[array of string] -  field in form of array of string,
"orderSize": [number],
"orderBy": [string] - desc / asc,
"compareToValue": [number],
"compareToCondition": [string] -  ['>' / '<' / '<=' /  '>=' ],
"previousTimeWindow": {
"type": [string] - minutes / hourly /daily /weekly /monthly /yearly,
"from": [number],
"to": [number]
},
"timeWindow": {
"type":[string] - minutes / hourly /daily /weekly /monthly /yearly,
"from": [number]
},
"emailTo": {
"to": [array of string] - email format,
"cc": [array of string] - email format,
"subject": [string],
"message": [string],
"notificationFields":[string of array],
"includeCsv": [boolean],
"includeJson": [boolean]
}
}

Example:
{
 "alertName": "sample",
 "alertType": "critical",
 "elasticIndexPattern": ".net*",
 "timeField": "Timestamp",
 "elasticIndexType": "",
 "alertTags":["mail"],
 "ruleType": "threshold",
 "aggregationCondition": {
  "term": "age",
  "aggregation": "avg",
  "condition": ">",
  "value": 10
 },
 "queryFilter": [{
   "term": "IP",
   "queryCondition": "mustBe",
   "filterCondition": "==",
   "value": "TAB"
  },
  {
   "term": "IP",
   "queryCondition": "mustBe",
   "filterCondition": "==",
   "value": "LAP"
  }
 ],

 "groupByFields": ["IP"],
 "orderSize": 10,
 "orderBy": "asc",
 "timeWindow": {
  "type": "hourly",
  "from": 2
 },
"emailTo": {
   "to": ["[email protected]"],
   "cc": ["[email protected]"],
   "subject": "${AlertName}",
   "message": "hi Checkout the alert.Thanks",
   "includeJson": true,
   "includeCsv" : true,
   "notificationFields": ["IP"]
  }
}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/mailNow -d <Data Params>
Note


 Webhook now

Content

Description

Title
Webhook now
Url
api/alert/webhookNow
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
 "alertName": [string],
"alertType": [string] - critical / information /warning,
"elasticIndexPattern": [string] -   valid index pattern configured in index-pattern settings,
"timeField": [string] - valid timefield that exists for the given elasticIndexPattern,
"elasticIndexType": [string] -  type for the given elasticIndexPattern ,
"alertTags": [array] - user defined tags,
"ruleType": [string] - threshold / repeatedvalue / newvalue / spike,
"keywordSearch":[string] - text to find matching keyword,
"aggregationCondition": {
"term": [string] -  field which exists under given elasticIndexPattern ( term is not mandatory for aggregation "count" ),
"aggregation":[string] - count / avg / min / max / sum,
"condition": [string] - ['>' / '<' / '<=' /  '>=' / '=='],
"value": [number]
},
"queryFilter": [{
"term": [string] - field which exists under given elasticIndexPattern,
"queryCondition": [string] - mustBe / mustNotBe /shouldBe ,
"filterCondition": [string] - ['>' / '<' / '<=' /  '>=' / '=='],
"value": [string] - [number] - [date(dd/mm/yyyy)] - depends on the term
}],
"groupByFields": [array of string] -  field in form of array of string,
"searchFields":[array of string] -  field in form of array of string,
"orderSize": [number],
"orderBy": [string] - desc / asc,
"compareToValue": [number],
"compareToCondition": [string] -  ['>' / '<' / '<=' /  '>=' ],
"previousTimeWindow": {
"type": [string] - minutes / hourly /daily /weekly /monthly /yearly,
"from": [number],
"to": [number]
},
"timeWindow": {
"type":[string] - minutes / hourly /daily /weekly /monthly /yearly,
"from": [number]
},
"webhook": {
"webhookName": [string],
"message":{
"key":[string],
"value":[string]
},
"payload":{
"key":[string],
"value":[string of array]
},
webhookData:{
"key":[string],
"value":[string]
}
}
}

Example:
{
 "alertName": "sample",
 "alertType": "critical",
 "elasticIndexPattern": ".net*",
 "timeField": "Timestamp",
 "elasticIndexType": "",
 "alertTags":["mail"],
 "ruleType": "threshold",
 "aggregationCondition": {
  "term": "age",
  "aggregation": "avg",
  "condition": ">",
  "value": 10
 },
 "queryFilter": [{
   "term": "IP",
   "queryCondition": "mustBe",
   "filterCondition": "==",
   "value": "TAB"
  },
  {
   "term": "IP",
   "queryCondition": "mustBe",
   "filterCondition": "==",
   "value": "LAP"
  }
 ],

 "groupByFields": ["IP"],
 "orderSize": 10,
 "orderBy": "asc",
 "timeWindow": {
  "type": "hourly",
  "from": 2
 },
"webhook": {
     "webhookName": "webhook",
       "message": {
         "key": "text",
         "value": "message"
   }
  }
}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/webhookNow -d <Data Params>
Note


Delete alert

Content

Description

Title
delete alert
Url
api/alert/deletealert
Method
POST
URL Params
None
Basic Authorization
None
Data Params
[
{
"name":[string] (or) "id":[string]
}
]

Example:
single delete
[{
"name":"sample alert" (or) "id":"ASEF344ndjh"
}]

Multiple Delete
[
{
"name":"sample alert" (or) "id":"ASEF344ndjh"
},
{
"name":"alert" (or) "id":"DEFUI84DSa"
},
{
"name":"test" (or) "id":"IERNju6SdE"
}
]
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/deletealert -d <Data Params>
note


Clone alert

Content

Description

Title
clone alert
Url
api/alert/clonealert
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
"name":[string] (or) "id":[string],
"cloneName":[string]
}

Example:
{
"name":"sample" (or) "id":"AdErgf34",
"cloneName":"test"
}

Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/clonealert -d <Data Params>
Note


Schedule an alert

Content

Description

Title
schedule an alert
Url
api/alert/setschedule
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
"name":[string] - alert name (or) "id":[string] - alert id
"scheduleIndex" [boolean] - true/false,
"schedule": {
            "type": [string] - ["seconds","minutes","hourly","daily","weekly"],
            "interval": [number] -  [1 - 99],
            "startMinute": [number] -  [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,                                                         32,  33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59],
            "startHour": [number] - [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23],
            "days":[string of array] - ["monday", "tuesday", "wednesday", "thursday", "friday", "saturday", "sunday"]
    }
}


Example:
To turn On schedule for alert
1. "type": "seconds" / "minutes" / "hourly" / "daily"
{
"name":"sample",
"schedule":{
"type": "seconds" / "minutes" / "hourly" / "daily",
"interval":15,
"startMinute": 15,
"startHour": 10
}
}

2. "type": "weekly"
{
"name":"sample",
"schedule":{
"type": "weekly",
"startMinute": 34,
"startHour": 9,
"days": ["friday", "saturday", "sunday"]
}
}

To turn OFF schedule for alert
{
    "name":"sample",
    "scheduleIndex":false
}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/setschedule -d <Data Params>
Note


Setup alert actions

Content

Description

Title
setup alert action
Url
api/alert/setaction
Method
POST
URL Params
None
Basic Authorization
None
Data Params
 {
"name":[string] - alert name (or) "id":[string] - alert id,
"enableAction": [boolean] - true/false,
"actions": {
"emailTo": {
"to": [array of string] - email format,
"cc": [array of string] - email format,
"subject": [string],
"message": [string],
"notificationFields":[string of array],
"includeCsv": [boolean],
"includeJson": [boolean]
},
"webhook": {
"webhookName": [string],
"message":{
"key":[string],
"value":[string]
},
"payload":{
"key":[string],
"value":[string of array]
},
webhookData:{
"key":[string],
"value":[string]
}
},
"elasticIndex": {
"index": ".alert*",
"notificationFields":[string of array]
}
}

Example:

To trun ON the actions in alert
{
"name":"sample" (or) "id":"AEDfg546Gt",
"actions": {
"emailTo": {
"to": ["sample@abc.com"],
"cc": ["sample@abc.com"],
"subject": "alert report",
"message": "hi, Checkout the alert. Thanks",
"includeCsv" : true,
"includeJson": true
},
"webhook": {
"webhookName": "sampleWebhook"
},
"elasticIndex": {
"index": ".alert*"
}
}

To trun OFF the actions in alert
{
"name":"sample" (or) "id":"AEDfg546Gt",
"enableAction":false
}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/setaction -d <Data Params>
Note


Snooze alert

Content

Description

Title
snooze alert
Url
api/alert/setsnooze
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
"name":[string] - alert name (or) "id":[string] - alert id,
"snoozeDetails":{
    "type":[string] - minutes/hours/days/weeks/months/years,
    "interval": [number],
    "forever": [boolean] - true/false
 }
}

Example:
To snooze alert with interval
{
"name":"sample" (or) "id":"AEDGY45Rgtstg",
"snoozeDetails":{
    "type":"minutes",
    "interval": 10
 }
}

To snooze alert forever
{
"name":"sample" (or) "id":"AEDGY45Rgtstg",
"snoozeDetails":{
    "forever":true
 }
}
Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/setsnooze -d <Data Params>
Note


Unsnooze alert

Content

Description

Title
unsnooze alert
Url
api/alert/unsnooze
Method
POST
URL Params
None
Basic Authorization
None
Data Params
{
"name":[string] - alert name (or) "id":[string] - alert id,
}

Example:{
"name":"sample" (or) "id":"AdErgf34",
}

Success Response
{“status”:”success”}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Content-Type:application/json" -X POST http://<your_skedler_server>:<your_skedler_port>/api/alert/unsnooze -d <Data Params>
Note


Get an alert details

Content

Description

Title
get an alert details
Url
api/alert/getalert?name=sample   (or)  api/alert/getalert?id=AED56TgyeR4

Method
GET
URL Params
None
Basic Authorization
None
Data Params
None
Success Response
{
“status”:”success”,
"data":[
    {
        "alertName": "sample",
        "alertType": "critical",
        "elasticIndexPattern": ".net*",
        "elasticIndexType": "",
        "timeField": "Timestamp",
        "schedule": {
            "type": "seconds",
            "interval": 5,
            "startMinute": 15,
            "startHour": 10
        },
        "actions": {
            "webhook": {
                "message": {
                    "key": "text",
                    "value": "webhook"
                },
                "webhookName": "sample_webhook",
                "webhookData": [],
                "includeResult": false,
                "payload": {
                    "key": "",
                    "value": []
                }
            },
            "elasticIndex": {
                "index": "indexname",
                "notificationFields": [
                    "IP"
                ]
            }
        },
        "ruleType": "threshold",
        "timeWindow": {
            "type": "hourly",
            "from": 2
        },
        "queryFilter": [
            {
                "term": "IP",
                "queryCondition": "mustBe",
                "filterCondition": "==",
                "value": "TAB"
            }
        ],
        "aggregationCondition": {
            "term": "age",
            "aggregation": "avg",
            "condition": ">",
            "value": 10
        },
        "keywordSearch": "*",
        "groupByFields": [
            "IP",
            "age"
        ],
        "orderBy": "asc",
        "orderSize": 10,
        "excludeTimewindow": false
    }
]
}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/alert/getalert?name=sample
curl -H "Accept:application/json" -X GET  http://<your_skedler_server>:<your_skedler_port>/api/alert/getalert?id=AdErgf34 
Note


Get all alert details

Content

Description

Title
get all alert details
Url
api/alert/getallalerts
Method
GET
URL Params
None
Basic Authorization
None
Data Params
None
Success Response
{
“status”:”success”,
"data":[
{
            "alertName": "test",
            "alertType": "critical",
            "elasticIndexPattern": ".net*",
            "elasticIndexType": "",
            "timeField": "HistoricTimestamp",
            "schedule": {
                "type": "minutes",
                "interval": 1,
                "startMinute": 4,
                "startHour": 18
            },
            "enableAction":false,
            "actions": {},
            "ruleType": "threshold",
            "timeWindow": {
                "type": "minutes",
                "from": 15
            },
            "queryFilter": [],
            "aggregationCondition": {
                "term": "",
                "aggregation": "count",
                "condition": ">",
                "value": 0
            },
            "keywordSearch": "*",
            "groupByFields": [],
            "orderBy": "desc",
            "orderSize": 5,
            "excludeTimewindow": false
        },
    {
        "alertName": "sample",
        "alertType": "critical",
        "elasticIndexPattern": ".net*",
        "elasticIndexType": "",
        "timeField": "Timestamp",
        "schedule": {
            "type": "seconds",
            "interval": 5,
            "startMinute": 15,
            "startHour": 10
        },
        "actions": {
            "webhook": {
                "message": {
                    "key": "text",
                    "value": "webhook"
                },
                "webhookName": "sample_webhook",
                "webhookData": [],
                "includeResult": false,
                "payload": {
                    "key": "",
                    "value": []
                }
            },
            "elasticIndex": {
                "index": "indexname",
                "notificationFields": [
                    "IP"
                ]
            }
        },
        "ruleType": "threshold",
        "timeWindow": {
            "type": "hourly",
            "from": 2
        },
        "queryFilter": [
            {
                "term": "IP",
                "queryCondition": "mustBe",
                "filterCondition": "==",
                "value": "TAB"
            }
        ],
        "aggregationCondition": {
            "term": "age",
            "aggregation": "avg",
            "condition": ">",
            "value": 10
        },
        "keywordSearch": "*",
        "groupByFields": [
            "IP",
            "age"
        ],
        "orderBy": "asc",
        "orderSize": 10,
        "excludeTimewindow": false
    }
]
}
Error Response
{
“status”:”error”,
“errorMessage”: <errorMessage>
}
Sample Call
curl -H "Accept:application/json" -X GET http://<your_skedler_server>:<your_skedler_port>/api/alert/getallalerts 
Note









Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article