Filter alerts

Build incident and alert filters to limit the results of your GET requests

Many of the GET requests for the Alerts APIs support the ability to filter your results. Refer to the following sections for information on how to find filter options and construct filters.

Before you begin, refer to Request requirements and Manage API keys to view general information on using these APIs and obtaining an API key.

Find available fields their operations and operators

To view the list of fields that you can filter, submit a GET request using this URL:
https://api.moogsoft.ai/v2/alerts/columns

Here is an example using cURL:

   curl \                                                                                                                                       
    -k "https://api.moogsoft.ai/v1/alerts/columns" \
    -H "Content-Type: application/json" \
    -H 'apiKey: ' \

This command returns all columns, supported type operations, and applicable type operators for those columns.

For example:

        "fields": [
            {
                "colId": "id",
                "headerName": "id",
                "cellRenderer": "linkRenderer",
                "sortable": true,
                "hide": false,
                "validValues": null,
                "operations": [
                    "=",
                    ">",
                    ">=",
                    "!=",
                    "<",
                    "<=",
                    "in",
                    "not in"
                ],
                "filterOptions": {
                    "type": "numeric",
                    "operators": [
                        "equals",
                        "greaterThan",
                        "greaterThanOrEqual",
                        "notEqual",
                        "lessThan",
                        "lessThanOrEqual",
                        "inRange"
                    ],
                    "setValues": null
                }
            },
            {
                "colId": "class",
                "headerName": "class",
                "cellRenderer": "linkRenderer",
                "sortable": true,
                "hide": true,
                "validValues": null,
                "operations": [
                    "=",
                    "!=",
                    "in",
                    "not in"
                ],
                "filterOptions": {
                    "type": "string",
                    "operators": [
                        "contains",
                        "notContains",
                        "equals",
                        "notEqual"
                    ],
                    "setValues": null
                }
            },
 ... ]

Columns

You can filter your alerts using the returned column names. Column (field) names are identified by the colId parameter.

In the previous example, the two columns displayed are class and id.

Operators

The operators for logical evaluation (true or false) supported for each column are located under filterOptions.

In the example show above, the available operators for class are contains, notContains, equals, notEqual.

Operations

The operations for arithmetic supported for each column are located under operations.

In the example above, the available operations for class are = (equals), != (not equal to), in, and not in.

Type

Also included under filterOptions is the type field, which is used with operations. You will need this value when querying the alerts API directly.

Query the Alerts API

Use this API endpoint: https://api.moogsoft.ai/v1/alerts when retrieving a list of filtered alerts as it accepts query parameters.

For example:

   https://api.moogsoft.ai/v1/alerts?limit=100&start=0&jsonFilter={“status”:{“values”:[“open”,
   ”in progress”, “resolved”],”filterType”:”set”}}&keyword=”moo”

The parameters used In this example are as follows:
start: The point in the list of returned values to start. This setting is useful for pagination.
limit: The number of alerts to return as part of the request.
jsonFilter: The filter (which, in the UI, would be generated from the grid).
keyword: A plain text keyword which will be used to match values from across all fields in the alert records.

Construct the jsonFilter

The jsonFilter parameter is in the format of a JSON object. Within that object, you can include multiple fields to filter on. The keys of the object are the fields that a filter is being run against.

You can create single- and multi-clause filters

Single-clause filter

The following example shows a single-clause filter (a filter on one field). Data is filtered using the status column where the value is "open" or "in progress."

  jsonFilter={“status”:{“values”:[“open”,”in progress”], “filterType”:”set”}}

The status and severity fields are arrays (enumerated sets) of values, and so the filterType for arrays is set. This means that the values appear inside the square brackets and are ORed together (in this example, return matching alerts where status is open or in progress). For most other fields like class, the type field is the operator and filter is the value to filter on.