F5 Distributed Cloud Services API for ves.io.schema.alert

Download OpenAPI specification:Download

Alert may be generated based on the metrics or based on severity level in the logs. All alerts are scoped by tenant and namespace and tagged with the following default labels that can be used to fetch the desired alerts.

"alertname" - Name of the alert. This uniquely identifies the alert rule/configuration that generated the alert. "type" - Type of the alert. Type is used to associate alert to a configuration object or any user visible entity. For example, virtual host, virtual network, app_type, etc. "identifier" - Identifier of the alert. For virtual-network, this would be the name of the virtual-network. "severity" - Indicates the severity of the alert. Valid values are minor, major, critical.

Alert may have additional labels associated depending on the labels associated with the metric used to configure the alert rule. Alerts can be queried by specifying one or more of the above labels in the match filter. If the match filter is not specified, then all the alerts for the tenant and corresponding namespace in the request will be returned in the response.

Get Alerts

For system namespace, all the alerts for the tenant matching the filter specified in the request will be returned in the response.

query Parameters
namespace
string

x-example: "value" namespace to scope the listing of alerts. when namespace = "system", all alerts for the tenant will be returned.

inactive
boolean <boolean>

x-example: "false" If set to true, active alerts will not be returned in the response.

silenced
boolean <boolean>

x-example: "true" show silenced alerts - alerts that are muted based on the matchers configured in the alert manager.

inhibited
boolean <boolean>

x-example: "false" show inhibited alerts - alerts that are suppressed if certain other alerts are firing.

unprocessed
boolean <boolean>

x-example: "false" show unprocessed alerts.

filter
string

x-example: "{alertname="HighDiskUsage", severity="critical"}" List of matchers to filter alerts by. Filtering via label matchers follows the same syntax and semantics as Prometheus. syntax for filter := {[]} := "" := string All alerts have the following default labels: "alertname", "identifier", "type", "severity" := string := [ same as label match operators supported by prometheus - Please refer https://prometheus.io/docs/prometheus/latest/querying/basics ] When more than one matcher is specified in the filter, then alerts matching ALL the matchers will be returned.

Optional: If not specified, then all the alerts for the tenant and namespace specified in the request will be returned.

Responses

Response samples

Content type
application/json
{
  • "data": "string"
}

Get Alerts

Get alerts matching the filter for the given namespace.

path Parameters
namespace
required
string

namespace

x-example: "value" namespace to scope the listing of alerts. when namespace = "system", all alerts for the tenant will be returned.

query Parameters
inactive
boolean <boolean>

x-example: "false" If set to true, active alerts will not be returned in the response.

silenced
boolean <boolean>

x-example: "true" show silenced alerts - alerts that are muted based on the matchers configured in the alert manager.

inhibited
boolean <boolean>

x-example: "false" show inhibited alerts - alerts that are suppressed if certain other alerts are firing.

unprocessed
boolean <boolean>

x-example: "false" show unprocessed alerts.

filter
string

x-example: "{alertname="HighDiskUsage", severity="critical"}" List of matchers to filter alerts by. Filtering via label matchers follows the same syntax and semantics as Prometheus. syntax for filter := {[]} := "" := string All alerts have the following default labels: "alertname", "identifier", "type", "severity" := string := [ same as label match operators supported by prometheus - Please refer https://prometheus.io/docs/prometheus/latest/querying/basics ] When more than one matcher is specified in the filter, then alerts matching ALL the matchers will be returned.

Optional: If not specified, then all the alerts for the tenant and namespace specified in the request will be returned.

Responses

Response samples

Content type
application/json
{
  • "data": "string"
}

Get Alerts History

Get the history of alert notifications sent to the end-user between the start_time and end_time that matches the filter specified in the request.

path Parameters
namespace
required
string

namespace

x-example: "ns1" namespace to scope the listing of alerts. For "system" namespace, all alerts for the tenant will be returned.

query Parameters
filter
string

x-example: "{alertname="HighDiskUsage", severity="critical"}" List of matchers to filter alert by. syntax for filter := {[]} := "" := string All alerts have the following default labels: "alertname", "identifier", "group", "severity" := string := ["="|"!="|"="|"!"] = : Select labels that are exactly equal to the provided string != : Select labels that are not equal to the provided string. When more than one matcher is specified in the filter, then alerts matching ALL the matchers will be returned.

Optional: If not specified, then all the alerts for the tenant and namespace specified in the request will be returned.

start_time
string

x-example: "2019-09-23T12:30:11.733Z" fetch alerts whose timestamp >= start_time format: unix_timestamp|rfc 3339

Optional: If not specified, then the start_time will be evaluated to end_time-10m If end_time is not specified, then the start_time will be evaluated to -10m

end_time
string

x-example: "2019-09-24T12:30:11.733Z" fetch alerts whose timestamp <= end_time format: unix_timestamp|rfc 3339

Optional: If not specified, then the end_time will be evaluated to start_time+10m If start_time is not specified, then the end_time will be evaluated to

Responses

Response samples

Content type
application/json
{
  • "alerts": [
    ],
  • "scroll_id": "string",
  • "total_hits": "string"
}

Alerts History Aggregation

Get summary/aggregation data for alerts in the given namespace. For system namespace, all alerts for the tenant matching the query specified in the request will be considered for aggregation.

path Parameters
namespace
required
string

namespace

x-example: "ns1" namespace to scope the listing of alerts. For "system" namespace, all alerts for the tenant will be returned.

Request Body schema: application/json
required
aggs
object (aggregations)

Aggregations provide summary/analytics data over the alert response. If the number of alerts that matched the query is large and cannot be returned in a single response message, user can get helpful insights/summary using aggregations. The aggregations are key'ed by user-defined aggregation name. The response will be key'ed with the same name. Optional

end_time
string (end_time)

fetch alerts whose timestamp <= end_time format: unix_timestamp|rfc 3339

Optional: If not specified, then the end_time will be evaluated to start_time+10m If start_time is not specified, then the end_time will be evaluated to

Example: "2019-09-24T12:30:11.733Z"

Validation Rules: ves.io.schema.rules.string.query_time: true

filter
string (filter)

List of matchers to filter alert by. syntax for filter := {[]} := "" := string All alerts have the following default labels: "alertname", "identifier", "group", "severity" := string := ["="|"!="|"="|"!"] = : Select labels that are exactly equal to the provided string != : Select labels that are not equal to the provided string. When more than one matcher is specified in the filter, then alerts matching ALL the matchers will be returned.

Optional: If not specified, then all the alerts for the tenant and namespace specified in the request will be returned.

Example: "{alertname=\"HighDiskUsage\", severity=\"critical\"}"

namespace
string (namespace)

namespace to scope the listing of alerts. For "system" namespace, all alerts for the tenant will be returned.

Example: "ns1"

start_time
string (start_time)

fetch alerts whose timestamp >= start_time format: unix_timestamp|rfc 3339

Optional: If not specified, then the start_time will be evaluated to end_time-10m If end_time is not specified, then the start_time will be evaluated to -10m

Example: "2019-09-23T12:30:11.733Z"

Validation Rules: ves.io.schema.rules.string.query_time: true

Responses

Request samples

Content type
application/json
{
  • "aggs": { },
  • "end_time": "string",
  • "filter": "string",
  • "namespace": "string",
  • "start_time": "string"
}

Response samples

Content type
application/json
{
  • "aggs": { },
  • "total_hits": "string"
}

Alerts History Scroll

Scroll request is used to fetch large number of alert messages in multiple batches with each AlertsHistoryResponse containing no more than 500 alerts. To scroll through more than 500 or all alert messages, one can use the AlertsHistoryScrollRequest. Use the scroll_id returned in the AlertsHistoryResponse to fetch the next batch of alert messages and one can continue this process till the scroll_id returned in the AlertsHistoryResponse is "" which indicates no more alert messages to scroll.

path Parameters
namespace
required
string

namespace

x-example: "ns1" fetch the alerts scoped by namespace

query Parameters
scroll_id
string

x-example: "Vm9sdGVycmEgRWRnZSBQbGF0Zm9ybQ==" Long Base-64 encoded string which can be used to retrieve next batch of alert messages.

Responses

Response samples

Content type
application/json
{
  • "alerts": [
    ],
  • "scroll_id": "string",
  • "total_hits": "string"
}

Alerts History Scroll

Scroll request is used to fetch large number of alert messages in multiple batches with each AlertsHistoryResponse containing no more than 500 alerts. To scroll through more than 500 or all alert messages, one can use the AlertsHistoryScrollRequest. Use the scroll_id returned in the AlertsHistoryResponse to fetch the next batch of alert messages and one can continue this process till the scroll_id returned in the AlertsHistoryResponse is "" which indicates no more alert messages to scroll.

path Parameters
namespace
required
string

namespace

x-example: "ns1" fetch the alerts scoped by namespace

Request Body schema: application/json
required
namespace
string (namespace)

fetch the alerts scoped by namespace

Example: "ns1"

scroll_id
string (scroll_id)

Long Base-64 encoded string which can be used to retrieve next batch of alert messages.

Example: "Vm9sdGVycmEgRWRnZSBQbGF0Zm9ybQ=="

Responses

Request samples

Content type
application/json
{
  • "namespace": "string",
  • "scroll_id": "string"
}

Response samples

Content type
application/json
{
  • "alerts": [
    ],
  • "scroll_id": "string",
  • "total_hits": "string"
}