Update a consolidated alert

Manages the specified consolidated alert. Managing a consolidated alert includes clearing the alert and adding notes to the specified consolidated alert.

Path Parameters

• id string required

  Performs the operation on the consolidated alert with the specified ID.

application/json

Request Body

• notes string required

  A record of user-provided information about the alert. The note must be less than 1024 characters in length. Adding a new note overwrites any existing notes.

• status string

  Possible values: [cleared]

  Manually clears an active alert. To clear the active alert, set the parameter to "cleared". Once an alert is cleared, the status of the alert changes from "active" to "cleared". If the alert is already in "cleared" status, this action is ignored. An alert that is in "cleared" status cannot be changed to "active" status.

Responses

• 200
• default

---

Success

application/api.clumio.consolidated-alerts=v1+json

• Schema
• Example (from schema)

---

Schema

• _etag string

  The ETag value.

• _links object

  URLs to pages related to the resource.

  _self object

  The HATEOAS link to this resource.

  href string

  The URI for the referenced operation.

  templated boolean

  Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.

  type string

  The HTTP method to be used with the "href" link for the referenced operation.

  update-consolidated-alert object

  A resource-specific HATEOAS link.

  href string

  The URI for the referenced operation.

  templated boolean

  Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.

  type string

  The HTTP method to be used with the "href" link for the referenced operation.

• active_entity_count int64

  The number of currently active individual alerts associated with the consolidated alert.

• cause string

  The issue that generated the alert. Each alert cause is associated with an alert type.

• cleared_entity_count int64

  The number of cleared individual alerts associated with the consolidated alert.

• cleared_timestamp string

  The timestamp of when the consolidated alert was cleared, if ever. Represented in RFC-3339 format. If this alert has not been cleared, this field will have a value of null. A consolidated alert goes into "cleared" status when all of its associated individual alerts are in "cleared" status or when a Clumio user manually clears it.

• details object

  Additional information about the consolidated alert.

  cause string

  A brief description of the condition that caused the alert. Examples include "Size Limit Exceeded" and "Insufficient Cloud Connector Capacity".

  type string

  The general alert category. Examples include "Policy Violated" and "Restore Failed".

• id string

  The Clumio-assigned ID of the consolidated alert.

• notes string

  A record of user-provided information about the alert.

• parent_entity object

  The entity associated with or affected by the alert.

  id string

  A system-generated ID assigned to this entity.

  type string

  Type is mostly an asset type or the type of Entity. Some examples are "restored_file", "aws_ebs_volume", etc.

  value string

  A system-generated value assigned to the entity. For example, if the primary entity type is "aws_ebs_volume", then the value is the name of the EBS.

• raised_timestamp string

  The timestamp of when the consolidated alert was initially raised. Represented in RFC-3339 format.

• severity string

  The alert severity level. Values include "error" and "warning".

• status string

  The consolidated alert status. A consolidated alert is in "active" status if one or more of its associated individual alerts is in "active" status. A consolidated alert goes into "cleared" status when all of its associated individual alerts are in "cleared" status or when a Clumio user manually clears it.

• type string

  The general alert category. An alert type may be associated with multiple alert causes. Examples of alert types include "tag_conflict" and "policy_violated". Refer to the Alert Type table for a complete list of alert types.

• updated_timestamp string

  The timestamp of when the consolidated alert was last updated. Represented in RFC-3339 format. Raising a new individual alert will update its associated consolidated alert.

{
  "_etag": "string",
  "_links": {
    "_self": {
      "href": "string",
      "templated": true,
      "type": "string"
    },
    "update-consolidated-alert": {
      "href": "string",
      "templated": true,
      "type": "string"
    }
  },
  "active_entity_count": 0,
  "cause": "string",
  "cleared_entity_count": 0,
  "cleared_timestamp": "string",
  "details": {
    "cause": "string",
    "type": "string"
  },
  "id": "string",
  "notes": "string",
  "parent_entity": {
    "id": "string",
    "type": "string",
    "value": "string"
  },
  "raised_timestamp": "string",
  "severity": "string",
  "status": "string",
  "type": "string",
  "updated_timestamp": "string"
}

Error

application/json

• Schema
• Example (from schema)

---

Schema

• errors object[]

  A list of errors encountered during runtime.

  error_code uint32

  error_message string

  The reason for the error.

{
  "errors": [
    {
      "error_code": 0,
      "error_message": "string"
    }
  ]
}

PATCH /alerts/consolidated/:id    

Authorization

Request

Click Edit to configure Base URL

https://us-west-2.api.clumio.com

Bearer Token

id — path required

Body

{
  "notes": "string",
  "status": "cleared"
}

curl -L -X PATCH 'https://us-west-2.api.clumio.com/alerts/consolidated/:id' \
-H 'Content-Type: application/json' \
-H 'Accept: application/api.clumio.consolidated-alerts=v1+json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "notes": "string",
  "status": "cleared"
}'

curl -L -X PATCH 'https://us-west-2.api.clumio.com/alerts/consolidated/:id' \
-H 'Content-Type: application/json' \
-H 'Accept: application/api.clumio.consolidated-alerts=v1+json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "notes": "string",
  "status": "cleared"
}'

curl -L -X PATCH 'https://us-west-2.api.clumio.com/alerts/consolidated/:id' \
-H 'Content-Type: application/json' \
-H 'Accept: application/api.clumio.consolidated-alerts=v1+json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "notes": "string",
  "status": "cleared"
}'

curl -L -X PATCH 'https://us-west-2.api.clumio.com/alerts/consolidated/:id' \
-H 'Content-Type: application/json' \
-H 'Accept: application/api.clumio.consolidated-alerts=v1+json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "notes": "string",
  "status": "cleared"
}'

curl -L -X PATCH 'https://us-west-2.api.clumio.com/alerts/consolidated/:id' \
-H 'Content-Type: application/json' \
-H 'Accept: application/api.clumio.consolidated-alerts=v1+json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "notes": "string",
  "status": "cleared"
}'

curl -L -X PATCH 'https://us-west-2.api.clumio.com/alerts/consolidated/:id' \
-H 'Content-Type: application/json' \
-H 'Accept: application/api.clumio.consolidated-alerts=v1+json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "notes": "string",
  "status": "cleared"
}'

curl -L -X PATCH 'https://us-west-2.api.clumio.com/alerts/consolidated/:id' \
-H 'Content-Type: application/json' \
-H 'Accept: application/api.clumio.consolidated-alerts=v1+json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "notes": "string",
  "status": "cleared"
}'