Schema to use for updating and retrieving incident data from your Moogsoft instance.
{
"assignee": "[email protected]",
"classes": [ ],
"closed_on": null,
"created_at": 1618391145,
"description": " ",
"first_event_time": 1618391143,
"in_progress_on": null,
"incident_id": 90730,
"last_event_time": 1618391143,
"last_state_change": 1618394684,
"resolved_on": null,
"services": [ ],
"severity": "clear",
"status": "closed",
"superseded_by": null,
"tags": {
"jira-ticket": ["RGB-2654"],
"error-code" : ["x0F391"],
"default-sprint": ["dazzling-wright"],
"scrum-team": ["spifftacular-brainiacs"]
},
"total_alerts": 1
}
- assignee
- classes
- closed_on
- created_at
- description
- first_event_time
- in_progress_on
- incident_id
- last_event_time
- last_status_change
- Resolved On
- services
- severity
- status
- superseded_by
- tags
- total_alerts
assignee
string
Email of the current assignee.
classes
list
A list of the general performance issues that triggered the member alerts in this incident. Examples include application, network, middleware, and cloud. This list is derived from the class field in all member alerts.
closed_on
UTC timestamp
Time when the incident was closed, or NULL if it is still open.
created_at
UTC timestamp
Timestamp when the Correlation Engine created this incident.
description
string
Auto-generated description of the incident, based on the description field in the correlation definition that generated the incident.
first_event_time
UTC timestamp
Timestamp of the earliest event in this incident.
in_progress_on
UTC timestamp
Time when the incident status was set to "In Progress."
incident_id
integer
Moogsoft auto-generates this ID when it creates the incident.
last_event_time
UTC timestamp
Timestamp of the most recent event in this incident.
last_status_change
UTC timestamp
The last time a user updated the incident status or severity.
Resolved On
UTC timestamp
Time when the incident was resolved.
services
UTC timestamp
A list of all services that generated the events included in this incident. This list is derived from the service field in all member alerts.
severity
string
The incident severity equals the highest severity of any alert in that incident.
status
string
Incident status: "open", "in progress", "resolved", or "closed".
tags
JSON object
A collection of all tags from all member alerts.
total_alerts
integer
The total number of alerts in the incident.