Build incident and alert filters to limit the results of your GET requests
Many of the GET requests for the Alerts APIs support the ability to filter your results. Refer to the following sections for information on how to find filter options and construct filters.
Before you begin, refer to Request requirements and Manage API keys to view general information on using these APIs and obtaining an API key.
Find available fields their operations and operators
To view the list of fields that you can filter, submit a GET request using this URL:
https://api.moogsoft.ai/v2/alerts/columns
Here is an example using cURL:
curl \ -k "https://api.moogsoft.ai/v1/alerts/columns" \ -H "Content-Type: application/json" \ -H 'apiKey: ' \
This command returns all columns, supported type
operations, and applicable type
operators for those columns.
For example:
"fields": [ { "colId": "id", "headerName": "id", "cellRenderer": "linkRenderer", "sortable": true, "hide": false, "validValues": null, "operations": [ "=", ">", ">=", "!=", "<", "<=", "in", "not in" ], "filterOptions": { "type": "numeric", "operators": [ "equals", "greaterThan", "greaterThanOrEqual", "notEqual", "lessThan", "lessThanOrEqual", "inRange" ], "setValues": null } }, { "colId": "class", "headerName": "class", "cellRenderer": "linkRenderer", "sortable": true, "hide": true, "validValues": null, "operations": [ "=", "!=", "in", "not in" ], "filterOptions": { "type": "string", "operators": [ "contains", "notContains", "equals", "notEqual" ], "setValues": null } }, ... ]
Columns
You can filter your alerts using the returned column names. Column (field) names are identified by the colId
parameter.
In the previous example, the two columns displayed are class
and id
.
Operators
The operators for logical evaluation (true
or false
) supported for each column are located under filterOptions
.
In the example show above, the available operators for class are contains
, notContains
, equals
, notEqual
.
Operations
The operations for arithmetic supported for each column are located under operations
.
In the example above, the available operations for class
are =
(equals), !=
(not equal to), in
, and not in
.
Type
Also included under filterOptions
is the type
field, which is used with operations. You will need this value when querying the alerts API directly.
Query the Alerts API
Use this API endpoint: https://api.moogsoft.ai/v1/alerts when retrieving a list of filtered alerts as it accepts query parameters.
For example:
https://api.moogsoft.ai/v1/alerts?limit=100&start=0&jsonFilter={“status”:{“values”:[“open”, ”in progress”, “resolved”],”filterType”:”set”}}&keyword=”moo”
The parameters used In this example are as follows:
start
: The point in the list of returned values to start. This setting is useful for pagination.
limit
: The number of alerts to return as part of the request.
jsonFilter
: The filter (which, in the UI, would be generated from the grid).
keyword
: A plain text keyword which will be used to match values from across all fields in the alert records.
Construct the jsonFilter
jsonFilter
The jsonFilter
parameter is in the format of a JSON object. Within that object, you can include multiple fields to filter on. The keys of the object are the fields that a filter is being run against.
You can create single- and multi-clause filters
Single-clause filter
The following example shows a single-clause filter (a filter on one field). Data is filtered using the status
column where the value is "open" or "in progress."
jsonFilter={“status”:{“values”:[“open”,”in progress”], “filterType”:”set”}}
The status
and severity
fields are arrays (enumerated sets) of values, and so the filterType
for arrays is set
. This means that the values appear inside the square brackets and are ORed together (in this example, return matching alerts where status
is open or in progress). For most other fields like class
, the type
field is the operator and filter is the value to filter on.