Skip to main content

Incidents service (v1)

Download OpenAPI specification:Download

CRUD

Get anomalies and incidents

query Parameters
startTimestamp
integer <int64>

Start time in epoch seconds

endTimestamp
integer <int64>

End time in epoch seconds

type
Array of strings (IncidentType)
Items Enum: "INCIDENT" "ANOMALY" "ALERT"

Type filter

status
Array of strings (IncidentStatus)
Items Enum: "OPEN" "RESOLVED"

Status filter

resolution
string

Resolution filter

category
Array of strings (IncidentCategory)
Items Enum: "PERFORMANCE" "RELIABILITY" "SECURITY" "CONFIGURATION"

Category filter

service
Array of strings

Service filter

namespace
Array of strings

Namespace filter

metric
Array of strings

Metric filter

source
Array of strings

Source filter

acknowledged
boolean

Acknowledged filter

cursor
string

Paging cursor

direction
string (PagingCommand.Direction)
Enum: "NEXT" "PREVIOUS"

Paging direction

pageSize
integer [ 1 .. 100 ]

Page size

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "paging": {
    }
}

Create or update an incident

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Request Body schema: application/json
required

JSON representation of the incident

type
required
string (IncidentType)
Enum: "INCIDENT" "ANOMALY" "ALERT"
incidentId
required
string <= 16 characters
title
required
string <= 255 characters
category
required
string (IncidentCategory)
Enum: "PERFORMANCE" "RELIABILITY" "SECURITY" "CONFIGURATION"
description
required
string <= 2000 characters
recommendation
required
string <= 2000 characters
source
required
string <= 255 characters
status
required
string (IncidentStatus)
Enum: "OPEN" "RESOLVED"
resolution
required
string <= 20 characters
required
Array of objects (Incident.Service) non-empty
metricNames
required
Array of strings
startTime
string <date-time>

Either an ISO 8601 or second timestamp format

endTime
string <date-time>

Either an ISO 8601 or second timestamp format

sourceSite
required
string <= 50 characters
severity
required
string <= 10 characters
priority
required
string <= 10 characters
required
object

Responses

Request samples

Content type
application/json
{
  • "type": "INCIDENT",
  • "incidentId": "string",
  • "title": "string",
  • "category": "PERFORMANCE",
  • "description": "string",
  • "recommendation": "string",
  • "source": "string",
  • "status": "OPEN",
  • "resolution": "string",
  • "services": [
    ],
  • "metricNames": [
    ],
  • "startTime": "2019-08-24T14:15:22Z",
  • "endTime": "2019-08-24T14:15:22Z",
  • "sourceSite": "string",
  • "severity": "string",
  • "priority": "string",
  • "metadata": { }
}

Response samples

Content type
text/plain
1

Get anomalies and incidents with facets

query Parameters
startTimestamp
integer <int64> >= 0

Start time in epoch seconds

endTimestamp
integer <int64> >= 0

End time in epoch seconds

type
Array of strings (IncidentType)
Items Enum: "INCIDENT" "ANOMALY" "ALERT"

Type filter

status
Array of strings (IncidentStatus)
Items Enum: "OPEN" "RESOLVED"

Status filter

resolution
string

Resolution filter

category
Array of strings (IncidentCategory)
Items Enum: "PERFORMANCE" "RELIABILITY" "SECURITY" "CONFIGURATION"

Category filter

service
Array of strings

Service filter

namespace
Array of strings

Namespace filter

metric
Array of strings

Metric filter

source
Array of strings

Source filter

acknowledged
boolean

Acknowledged filter

cursor
string

Paging cursor

direction
string (PagingCommand.Direction)
Enum: "NEXT" "PREVIOUS"

Paging direction

limit
integer [ 1 .. 100 ]

Maximum page size

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "paging": {
    },
  • "facets": [
    ]
}

Get anomaly or incident

path Parameters
id
required
integer <int64>
header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
{
  • "id": 0,
  • "type": "INCIDENT",
  • "incidentId": "string",
  • "title": "string",
  • "category": "PERFORMANCE",
  • "description": "string",
  • "recommendation": "string",
  • "source": "string",
  • "status": "OPEN",
  • "resolution": "string",
  • "services": [
    ],
  • "metricNames": [
    ],
  • "startTime": "2019-08-24T14:15:22Z",
  • "endTime": "2019-08-24T14:15:22Z",
  • "sourceSite": "string",
  • "severity": "string",
  • "priority": "string",
  • "metadata": { },
  • "ackTime": "2019-08-24T14:15:22Z",
  • "ackUserId": "string",
  • "ackUserEmail": "string"
}

Partially update an incident

path Parameters
id
required
integer <int64>
header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Request Body schema: application/json
required

JSON representation of the incident

title
required
string <= 255 characters
description
required
string <= 2000 characters
recommendation
required
string <= 2000 characters
status
required
string (IncidentStatus)
Enum: "OPEN" "RESOLVED"
resolution
required
string <= 20 characters
severity
required
string <= 10 characters
priority
required
string <= 10 characters

Responses

Request samples

Content type
application/json
{
  • "title": "string",
  • "description": "string",
  • "recommendation": "string",
  • "status": "OPEN",
  • "resolution": "string",
  • "severity": "string",
  • "priority": "string"
}

Response samples

Content type
application/json
{
  • "id": 0,
  • "type": "INCIDENT",
  • "incidentId": "string",
  • "title": "string",
  • "category": "PERFORMANCE",
  • "description": "string",
  • "recommendation": "string",
  • "source": "string",
  • "status": "OPEN",
  • "resolution": "string",
  • "services": [
    ],
  • "metricNames": [
    ],
  • "startTime": "2019-08-24T14:15:22Z",
  • "endTime": "2019-08-24T14:15:22Z",
  • "sourceSite": "string",
  • "severity": "string",
  • "priority": "string",
  • "metadata": { },
  • "ackTime": "2019-08-24T14:15:22Z",
  • "ackUserId": "string",
  • "ackUserEmail": "string"
}

Statistics

Get the number of incidents grouped by type in buckets in the time frame. When status filter is set to RESOLVED it will count only resolved incidents at the given time range, otherwise counts OPEN incidents in the given time range

query Parameters
timestampFrom
integer <int64> >= 0

Timestamp from in epoch seconds

timestampTo
integer <int64> >= 0

Timestamp to in epoch seconds

type
string (IncidentType)
Enum: "INCIDENT" "ANOMALY" "ALERT"

Type filter

status
string (IncidentStatus)
Enum: "OPEN" "RESOLVED"

Status filter

resolution
string

Resolution filter

buckets
integer <int32> >= 1
Default: 1

Number of buckets to returns

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Get the number of current incidents

query Parameters
status
required
string (IncidentStatus)
Enum: "OPEN" "RESOLVED"

Status filter

type
string (IncidentType)
Enum: "INCIDENT" "ANOMALY" "ALERT"

Type filter

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
{
  • "_links": { },
  • "_embedded": {
    },
  • "message": "string",
  • "logref": "string",
  • "path": "string"
}

Get the number of current incidents split by priority

query Parameters
status
required
string (IncidentStatus)
Enum: "OPEN" "RESOLVED"

Status filter

type
string (IncidentType)
Enum: "INCIDENT" "ANOMALY" "ALERT"

Type filter

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
{
  • "_links": { },
  • "_embedded": {
    },
  • "message": "string",
  • "logref": "string",
  • "path": "string"
}

Get the number of opened incidents grouped by severity in buckets in the time frame.

query Parameters
timestampFrom
integer <int64> >= 0

Timestamp from in epoch seconds

timestampTo
integer <int64> >= 0

Timestamp to in epoch seconds

buckets
integer <int32> >= 1
Default: 1

Number of buckets to return

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Get the number of incidents in the time frame

path Parameters
type
required
string (IncidentType)
Enum: "INCIDENT" "ANOMALY" "ALERT"
query Parameters
timestampFrom
integer <int64> >= 0

Start timestamp in epoch seconds

timestampTo
integer <int64> >= 0

End timestamp in epoch seconds

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
{
  • "OPEN": 12,
  • "RESOLVED": 5
}

Get services with the most number of incidents

path Parameters
type
required
string (IncidentType)
Enum: "INCIDENT" "ANOMALY" "ALERT"
query Parameters
startTimestampFrom
integer <int64> >= 0

Start time from timestamp in epoch seconds

startTimestampTo
integer <int64> >= 0

Start time to timestamp in epoch seconds

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Notes

Get incident note

path Parameters
noteId
required
integer <int64> >= 0

Note id

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
{
  • "id": 0,
  • "incidentId": 0,
  • "body": "string",
  • "createdAt": "2019-08-24T14:15:22Z"
}

Update note

path Parameters
noteId
required
integer <int64> >= 0

Note id

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Request Body schema: application/json
required

JSON representation of the incident note

body
required
string non-empty

Responses

Request samples

Content type
application/json
{
  • "body": "string"
}

Response samples

Content type
application/json
"CONTINUE"

Delete note

path Parameters
noteId
required
integer <int64> >= 0

Note id

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
"CONTINUE"

Get incident notes

path Parameters
incidentId
required
integer <int64> >= 0

Incident id

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Create note for incident

path Parameters
incidentId
required
integer <int64> >= 0

Incident id

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Request Body schema: application/json
required

JSON representation of the incident note

body
required
string non-empty

Responses

Request samples

Content type
application/json
{
  • "body": "string"
}

Response samples

Content type
application/json
{
  • "_links": { },
  • "_embedded": {
    },
  • "message": "string",
  • "logref": "string",
  • "path": "string"
}

Scan reports

Get scan report from a 3rd party tool

query Parameters
source
required
string [ 1 .. 255 ] characters
header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
{
  • "source": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "payload": "string"
}

Store a scan report from a 3rd party tool

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Request Body schema: application/json
required

JSON representation of the report

source
required
string [ 1 .. 255 ] characters
createdAt
required
string <date-time>
payload
required
string

Responses

Request samples

Content type
application/json
{
  • "source": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "payload": "string"
}

Response samples

Content type
application/json
{
  • "_links": { },
  • "_embedded": {
    },
  • "message": "string",
  • "logref": "string",
  • "path": "string"
}

Get cluster score as reported by the scanners

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
{
  • "score": 0,
  • "grade": "string"
}

Metadata

Get incident types

header Parameters
X-Scope-OrgID
string

Scope header

Api-Version
string

API version

Responses

Response samples

Content type
application/json
"INCIDENT"

Operations

Acknowledge an incident

path Parameters
id
required
integer <int64>
header Parameters
X-Scope-OrgID
string

Scope header

User-ID
string

Current user identifier

Api-Version
string

API version

Responses

Response samples

Content type
application/json
{
  • "_links": { },
  • "_embedded": {
    },
  • "message": "string",
  • "logref": "string",
  • "path": "string"
}