GET /api/v1/customAlerts/rules/`{id}`

Use this method to return information about a specific custom alert rule.

Note

This REST API requires Lenovo XClarity Orchestrator v1.3 or later.

Authentication

Authentication with username and password is required.

Resource URI

GET https://{management_server_IP>/api/v1/customAlerts/rules/{id}

where {id} is the ID of the custom analytics alert. To obtain the alert ID, use GET /api/v1/customAlerts/rules.

Query parameters

None

Request body

None

Response codes

Code	Description	Comments
200	OK	The request completed successfully.

Response body

When the request is successful, the following attributes are returned. If the request fails, standard message attributes are returned (see Status messages).

Table 1. Event-based alert rules.
Attributes		Type	Description
id		String	Rule ID
alertDescription		String	Additional information to clarify the reason for the alert
alertMsg		String	Message string for the alert
alertUserAction		String	User actions that can be taken to recover from the alert
eventCode		String	Four-digit number that uniquely identifies the alert and event When an alert is raised based on a custom alert rule, an event is also raised. The same event code is used for both the active alert and the event using the format `FQXXOCAxxxxc`, where `xxxx` is the four-digit unique identifier and `c` is the severity.
criteria		Object	Criteria for raising an alert
	count	Integer	Number of times that the event must occur in the specified interval before an alert is raised
	eventID	String	ID of the event that triggers an alert
	interval	Integer	Period of time, in minutes, in which the event occurs before an alert is raised
	mode	String	Indicates whether the rule applies to a device or device group. This can be one of the following values. device. Raises an alert when the event occurs on any device. The device name is included in this alert. group. Raises an alert when the event occurs on a device in any device group. The group name is included in the alert.
description		String	Rule description
name		String	Rule name
severity		String	Alert severity (translated). This can be one of the following values. Warning. User can decide if action is needed. Critical. Action is needed immediately, and the scope is broad (perhaps an imminent outage to a critical resource will result).
severityKey		String	Alert severity key. This can be one of the following values. Warning. User can decide if action is needed. Critical. Action is needed immediately, and the scope is broad (perhaps an imminent outage to a critical resource will result).
status		String	Rule status (translated). This can be one of the following values. enabled (default) disabled
statusKey		String	Rule status key. This can be one of the following values. enabled (default) disabled
type		String	Rule type (translated). For event-based alert rules, this is always event.
typeKey		String	Rule type key. For event-based alert rules, this is always event.
_links		Object	Rule URI (see Links)

The following example is returned for an event-based rule if the request is successful.

{
   "id": "046b6c7fс0b8ac43b9db35dd6489e6dfffff",
   "alertDescription": "",
   "alertMsg": "",
   "alertUserAction": "",
   "eventCode": "FQXXOCA0001J",
   "criteria": {
      "count": 5, 
      "eventID": "FQXHMDI0107G", 
      "interval": 1440, 
      "mode": "device"
   },
   "description": "Server management fails 5 times in a 24-hour period",
   "enabled": true,
   "name": "Server managment failures",
   "severity": "Warning", 
   "severityKey": "Warning", 
   "status": "enabled",
   "statusKey": "enabled",
   "type": "event",
   "typeKey": "event",
   "_links": {
      "rel": "self",
      "uri": "/api/v1/customAlerts/rules/046b6c7fс0b8ac43b9db35dd6489e6daee91"
   }
}

Table 2. Metric-based alert rules.
Attributes		Type	Description
id		String	Rule ID
alertDescription		String	Additional information to clarify the reason for the alert
alertMsg		String	Message string for the alert
alertUserAction		String	User actions that can be taken to recover from the alert
eventCode		String	Four-digit number that uniquely identifies the alert and event When an alert is raised based on a custom alert rule, an event is also raised. The same event code is used for both the active alert and the event using the format `FQXXOCAxxxxc`, where `xxxx` is the four-digit unique identifier and `c` is the severity.
criteria		Object	Criteria for raising an alert
	operator	String	Comparison operator to use when comparing the value of metric against the specified threshold. This can be one of the following values. gt. Greater than gte. Greater than or equal to lte. Less than or equal to lt. Less than
	count	Integer	(Count mode only) Minimum amount of time, in seconds, that the limit is breached before an alert is raised
	interval	Integer	(Average and count modes only) Period of time, in seconds, in which the measurement is evaluated
	threshold	Integer	Threshold to be met for raising an alert
	metric	String	Metric for which the value is to be evaluated
	mode	String	Criteria mode. This can be one of the following values. average. Raises an alert when the average value of the metric breaches the threshold (based on the comparator) during a specific interval. For example, you can create a rule to raise an alert when the average CPU Temperature (metric) during a 24-hour period (interval) is greater than (operator) 40 degrees C (threshold). count. Raises an alert when the metric breaches the threshold (based on the comparator) a certain number of times during a specific interval. For example, you can create a rule to raise an alert when the CPU Temperature (metric) is greater than (operator) 40 degrees C (threshold) for 5 times (count) in a 24-hour period (interval). simple. Raises an alert when the metric breaches the threshold (based on the comparator). For example, you can create a rule to raise an alert when the CPU Temperature (metric) is greater than (operator) 40 degrees C (threshold).
description		String	Rule description
name		String	Rule name
severity		String	Alert severity (translated). This can be one of the following values. Warning. User can decide if action is needed. Critical. Action is needed immediately, and the scope is broad (perhaps an imminent outage to a critical resource will result).
severityKey		String	Alert severity key. This can be one of the following values. Warning. User can decide if action is needed. Critical. Action is needed immediately, and the scope is broad (perhaps an imminent outage to a critical resource will result).
status		String	Rule status (translated). This can be one of the following values. enabled (default) disabled
statusKey		String	Rule status key. This can be one of the following values. enabled (default) disabled
type		String	Rule type (translated). For event-based alert rules, this is always metric.
typeKey		String	Rule type key. For event-based alert rules, this is always metric.
_links		Object	Rule URI (see Links)

The following example is returned for a metric-based rule if the request is successful.

{
   "id": "046b6c7fс0b8ac43b9db35dd6489e6daee91",
   "alertDescription": "",
   "alertMsg": "",
   "alertUserAction": "",
   "eventCode": "FQXXOCA0002J",
   "criteria": {
      "operator": "gt", 
      "count": 5, 
      "interval": 1440, 
      "threshold": 5, 
      "metric": "CPUTemp", 
      "mode": "count"
   },
   "description": "CPU Temperature greater than 40 C for 5 times in 24-hours",
   "name": "High CPU temperatures",
   "severity": "Warning", 
   "severityKey": " Warning ", 
   "status": "enabled",
   "statusKey": " enabled ",
   "type": "metric",
   "typeKey": "metric",
   "_links": {
      "rel": "self",
      "uri": "/api/v1/customAlerts/rules/046b6c7fс0b8ac43b9db35dd6489e6daee91"
   }
}

Give documentation feedback

GET /api/v1/customAlerts/rules/{id}

Authentication​

Resource URI​

Query parameters​

Request body​

Response codes​

Response body​