Method: instances.findEntityAlerts

Full name: projects.locations.instances.findEntityAlerts

Get alerts for an entity

HTTP request

GET https://chronicle.googleapis.com/v1alpha/{instance}:findEntityAlerts

Path parameters

Parameters
instance

string

Required. The ID of the Instance to summarize entity for. Format: projects/{project}/locations/{location}/instances/{instance}

Query parameters

Parameters
timeRange

object (Interval)

Required. Time range to retrieve the alerts for [Inclusive start time, exclusive end time).
pageSize

integer

The maximum number of alerts to return. The service may return fewer than this value. If unspecified, at most 1000 alerts will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.
pageToken

string

A page token received from a previous FindEntityAlerts call. Provide this to retrieve the subsequent page.

Union parameter id.

id can be only one of the following:
entityId

string

ID of the entity.
fieldAndValue

object (FieldAndValue)

Field path or type with value to identify entity.

Request body

The request body must be empty.

Response body

Response message to retrieve alerts for an entity. NEXT TAG = 4;

If successful, the response body contains data with the following structure:

JSON representation 
{
  "alert_counts": [
    {
      object (AlertCountByRule)
    }
  ],
  "has_more_alerts": boolean,
  "timeline": {
    object (Timeline)
  }
}
Fields
alert_counts[]

object (AlertCountByRule)

Rule names with alert count for each.
has_more_alerts

boolean

Indicates if there are more alerts than the limit (1000 currently).
timeline

object (Timeline)

Bucketed timeline with alert count.

Authorization scopes

Requires the following OAuth scope:

  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.