Alerts API

Alerts group anomalous behavior and are informed by multi-conditional policies you select or build in CloudWisdom. Through the Alerts API, you can:

  • Get a list of alerts, filterable by properties
  • Close an alert via ID
  • Get an alert via ID

GET an Alerts List from /incidents

Use alert parameter values to filter results and get a list of exactly what you need.

View method details.

PUT Alert’s status to closed from /incidents/{id}

You can close out an alert using the incidentId found in the response body of an alert query.

View method details.

GET an Alert from /incidents/{id}

You can use an incidentId to pull all information about an alert, such as violating metrics, specific events, elements affected, and start/stop timestamps. The incidentId can be found by querying for a list of alerts.

View method details.

How to Find and Close an incident

The following is an example of how to use this API endpoint to find and close incidents.

1. Query a list of alerts using the elementName (or elementId), startDate, and isClosed parameters using the request URL. This filters your results down to only open alerts which match a given period of time for a given element.

  • elementName: ExampleName
  • startDate: 2019-12-08
  • isClosed: False
 curl -X GET --header 'Accept: application/json' ''

2. Grab all relevant incidentIds from the JSON response for alerts you wish to close.

3. Close the alerts using the{incidentId-value-here} request URL, using the incidentIds obtained from your initial query.

curl -X PUT --header 'Accept: */*' ''

You can also use the policyId obtained from the same initial query if you do not know specifically which elements have been affected.