Qodex.ai

Dismiss the alerts by filter

DELETE {{base_url}}/api/alert_manager/v1/alerts

Dismisses the alerts by optional filtering parameters. Alerts will be dismissed even if they have the orphaned flag. Note that if no filter is provided all alerts within the tenant scope will be dismissed.

Request Params

KeyDatatypeRequiredDescription
idstring(Optional) Case-insensitive IDs of the alerts to return in the results.

Type: Array of String Array type description: Type: String Pattern: ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ | | query | null | | (Optional) A text to search for within planName or resourceName fields of the alerts. The search is case-insensitive.

Type: String | | severity | null | | (Optional) A filter by the alert severity.

Available operators:

  • eq - equals to the specified value: eq(warning)
  • or - equals to one of the specified values: or(warning,critical)
  • lt - less than the specified value: lt(warning)
  • gt - greater than the specified value: gt(warning)
  • le - less than or equals to the specified value: le(warning)
  • ge - greater than or equals to the specified value: ge(warning)

Type: String | | show_deleted | boolean | | (Optional) If true, dismissed alerts will be included in the response.

Type: Boolean Default: false | | show_deleted_only | boolean | | (Optional) If true, only dismissed alerts will be included in the response.

Type: Boolean Default: false | | source | null | | (Optional) A filter by the alert producer.

Type: String | | source_time_stamp | string | | (Optional) A filter by timestamp that was provided by an alert producer.

Type: String Pattern: ^([0-9]+)|(eq([0-9]+))$|(le([0-9]+))|(lt([0-9]+))|(gt([0-9]+))|(ge([0-9]+))$ | | type | string | | (Optional) A filter by list of alert types. A list of registered types can be obtained by sending a GET request to the /types endpoint.

Type: Array of Union Array type description: Type: Union May be any of:

  1. ID used in Cyber Application to uniquely identify an entity either type or instance.

Generic format - cti.<ctx>[~<ctx>]*[~(<ctx>|<uuid>)]

  • <ctx> - <vendor>.<application>.<name>.v<major>.<minor>
  • <vendor> - vendor's short code (max 50 characters)
  • <application> - application's short code (max 50 characters)
  • <name> - entity's name (max 128 characters), may include . and _ to be used for structuring
  • v<major>.<minor> - entity's version

Better regex pattern (for advanced regex processors) ^cti\.(?'ctx'[a-z][a-z0-9_]{0,49}\.[a-z][a-z0-9_]{0,49}\.[a-z][a-z0-9_.]{1,127}\.v[\d]+\.[\d]+)(~(?&ctx))*(~[0-9a-f]{8}\b-[0-9a-f]{4}\b-[0-9a-f]{4}\b-[0-9a-f]{4}\b-[0-9a-f]{12})?$

Type: String Max length: 1024 Pattern: ^cti.([a-z][a-z0-9_].[a-z][a-z0-9_].[a-z_][a-z0-9_.].v[\d]+.[\d]+)(~([a-z][a-z0-9_].[a-z][a-z0-9_].[a-z_][a-z0-9_.].v[\d]+.[\d]+))*(~[0-9a-f]{8}\b-[0-9a-f]{4}\b-[0-9a-f]{4}\b-[0-9a-f]{4}\b-[0-9a-f]{12})?$

  1. Type: String | | category | string | | (Optional) A filter by list of alert categories. A list of registered categories can be obtained by sending a GET request to the /categories endpoint.

Type: Array of Union Array type description: Type: Union May be any of:

  1. ID used in Cyber Application to uniquely identify an entity either type or instance.

Generic format - cti.<ctx>[~<ctx>]*[~(<ctx>|<uuid>)]

  • <ctx> - <vendor>.<application>.<name>.v<major>.<minor>
  • <vendor> - vendor's short code (max 50 characters)
  • <application> - application's short code (max 50 characters)
  • <name> - entity's name (max 128 characters), may include . and _ to be used for structuring
  • v<major>.<minor> - entity's version

Better regex pattern (for advanced regex processors) ^cti\.(?'ctx'[a-z][a-z0-9_]{0,49}\.[a-z][a-z0-9_]{0,49}\.[a-z][a-z0-9_.]{1,127}\.v[\d]+\.[\d]+)(~(?&ctx))*(~[0-9a-f]{8}\b-[0-9a-f]{4}\b-[0-9a-f]{4}\b-[0-9a-f]{4}\b-[0-9a-f]{12})?$

Type: String Max length: 1024 Pattern: ^cti.([a-z][a-z0-9_].[a-z][a-z0-9_].[a-z_][a-z0-9_.].v[\d]+.[\d]+)(~([a-z][a-z0-9_].[a-z][a-z0-9_].[a-z_][a-z0-9_.].v[\d]+.[\d]+))*(~[0-9a-f]{8}\b-[0-9a-f]{4}\b-[0-9a-f]{4}\b-[0-9a-f]{4}\b-[0-9a-f]{12})?$

  1. Type: String | | updated_at | string | | (Optional) A filter by date when the alert was created or dismissed.

Type: String Pattern: ^([0-9]+)|(eq([0-9]+))$|(le([0-9]+))|(lt([0-9]+))|(gt([0-9]+))|(ge([0-9]+))$ | | created_at | string | | (Optional) A filter by date when the alert was created.

Type: String Pattern: ^([0-9]+)|(eq([0-9]+))$|(le([0-9]+))|(lt([0-9]+))|(gt([0-9]+))|(ge([0-9]+))$ | | deleted_at | string | | (Optional) A filter by date when the alert was dismissed.

Type: String Pattern: ^([0-9]+)|(eq([0-9]+))$|(le([0-9]+))|(lt([0-9]+))|(gt([0-9]+))|(ge([0-9]+))$ | | planId | string | | (Optional) A filter for alerts with the specified plan IDs.

Type: Array of String Array type description: Type: String | | resourceId | string | | (Optional) A filter for alerts with the specified resource IDs.

Type: Array of String Array type description: Type: String | | planName | string | | (Optional) A filter for alerts with the specified plan names.

Type: Array of String Array type description: Type: String | | resourceName | string | | (Optional) A filter for alerts with the specified resource names.

Type: Array of String Array type description: Type: String |