Search Unified Alerts
POST/v2/unified-alerts/search
Search for unified alerts based on filters.
Request
- application/json
Body
required
- Array [
- ]
filter object
How filters work: Filters are optional. We match all selected categories (AND), but will include results for any value selected within a single category (OR).
A list of alert IDs to filter by.
A list of dashboard IDs to filter by.
A list of panel IDs to filter by.
A search term to filter alerts by title. Search is case-insensitive and matches partial titles.
Possible values: [LOG_ALERT, METRIC_ALERT]
The source type of the alert.
Possible values: [INFO, LOW, MEDIUM, HIGH, SEVERE]
A list of severities to filter by.
A list of tags to filter by.
Whether to filter by enabled alerts.
A list of users who created the alerts to filter by.
A list of users who last updated the alerts to filter by.
sort object[]
Sort criteria for the search results. By field and sort direction.
Possible values: [title, severity, tags, updatedAt, createdBy, updatedBy, enabled]
The field to sort by.
Possible values: [ASC, DESC]
The sort direction.
pagination object
Default pagination is a page of 25 results. Look for the total field in the response for the number of available results overall, and use the pagination function to page through the results.
Default value: 1
If you overshoot the page number, it will return empty with no results, but it won't fail the request.
Default value: 25
Controls the number of results per page.
Responses
- 200
- 400
A list of unified alerts matching the search criteria.
- application/json
- Schema
- Example (from schema)
Schema
The total number of unified alerts matching the search criteria.
The list of unified alerts matching the search criteria.
pagination object
Default pagination is a page of 25 results. Look for the total field in the response for the number of available results overall, and use the pagination function to page through the results.
Default value: 1
If you overshoot the page number, it will return empty with no results, but it won't fail the request.
Default value: 25
Controls the number of results per page.
{
"total": 0,
"results": [
{
"id": "string",
"title": "string",
"description": "string",
"tags": [
"string"
],
"linkedPanel": {
"folderId": "string",
"dashboardId": "string",
"panelId": "string"
},
"runbook": "string",
"rca": true,
"rcaNotificationEndpointIds": [
0
],
"useAlertNotificationEndpointsForRca": true,
"recipients": {
"emails": [
"test@logz.io"
],
"recipients": [
12345
]
},
"alertConfiguration": {
"type": "LOG_ALERT",
"suppressNotificationsMinutes": 10,
"alertOutputTemplateType": "JSON",
"searchTimeFrameMinutes": 5,
"subComponents": [
{
"queryDefinition": {
"query": "error OR exception",
"filters": {
"bool": {
"must": [
{
"match_phrase": {
"Field": {
"query": "value"
}
}
}
]
}
},
"groupBy": [
"host"
],
"aggregation": {
"aggregationType": "COUNT"
}
},
"trigger": {
"operator": "GREATER_THAN",
"severityThresholdTiers": {
"MEDIUM": 10,
"HIGH": 50
}
},
"output": {
"shouldUseAllFields": true
}
}
],
"correlations": {
"correlationOperators": [
"AND"
],
"joins": [
{
"0": "host",
"1": "host"
}
]
},
"schedule": {
"cronExpression": "0 0/5 * * * ?",
"timezone": "UTC"
}
},
"enabled": true,
"createdAt": 0,
"updatedAt": 0,
"createdBy": "string",
"updatedBy": "string"
}
],
"pagination": {
"pageNumber": 1,
"pageSize": 100
}
}
Bad Request. The request body is invalid. Check response body for the problem.