Table of Contents

Action API

The Notifier API was renamed to the Action API. However, in the actual API, no renaming has been done so far.

List Actions

GET /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers

Example:

curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers \
     -H "Authorization: Bearer $TOKEN"

Get Action by ID

GET /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/$ID

Example:

curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers/GXso4uF2EawsVyvtr2Q6DbtlWNPKwtOj \
    -H "Authorization: Bearer $TOKEN"

Create Action

POST /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers

Params:

  • name — string
  • entity — string — EmailNotifier, HumioRepoNotifier, OpsGenieNotifier, PagerDutyNotifier, SlackNotifier, SlackPostMessageNotifier, VictorOpsNotifier, WebHookNotifier
  • properties:
    • EmailNotifier:
      • recipients — array — array of email address strings
      • subjectTemplate — string
      • bodyTemplate — string
      • useProxy — boolean
    • HumioRepoNotifier:
      • ingestToken — string
    • OpsGenieNotifier:
      • apiUrl — string
      • genieKey — string
      • useProxy — boolean
    • PagerDutyNotifier:
      • severity — string — critical, error, warning, info
      • routingKey — string
      • useProxy — boolean
    • SlackNotifier:
      • url — string
      • fields — map(string, string)
      • useProxy — boolean
    • SlackPostMessageNotifier:
      • apiToken — string
      • channels — array — array of Slack channel strings
      • fields — map(string, string)
      • useProxy — boolean
    • VictorOpsNotifier:
      • messageType — string
      • notifyUrl — string
      • useProxy — boolean
    • WebHookNotifier:
      • url — string
      • method — string — GET, HEAD, OPTIONS, PATCH, POST, PUT
      • headers — map(string, string)
      • bodyTemplate — string
      • ignoreSSL — boolean
      • useProxy — boolean

Example:

curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers \
    -X POST \
    -H "Content-Type: application/json" \
    -H "Authorization: Bearer $TOKEN" \
    -d '{"name":"test", "entity": "WebHookNotifier", "properties": {"url":"http://example.com", "method":"POST", "headers": {"Content-Type":"application/json"}, "bodyTemplate":"{\n  \"repository\": \"{repo_name}\",\n  \"timestamp\": \"{alert_triggered_timestamp}\",\n  \"alert\": {\n    \"name\": \"{alert_name}\",\n    \"description\": \"{alert_description}\",\n    \"query\": {\n      \"queryString\": \"{query_string} \",\n      \"end\": \"{query_time_end}\",\n      \"start\": \"{query_time_start}\"\n    },\n    \"notifierID\": \"{alert_notifier_id}\",\n    \"id\": \"{alert_id}\"\n },\n  \"warnings\": \"{warnings}\",\n  \"events\": {events},\n  \"numberOfEvents\": {event_count}\n}",
    "ignoreSSL":true, "useProxy":true}}'

Update Action

PUT /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/$ID

Params:

  • name — string
  • entity — string — EmailNotifier, HumioRepoNotifier, OpsGenieNotifier, PagerDutyNotifier, SlackNotifier, SlackPostMessageNotifier, VictorOpsNotifier, WebHookNotifier
  • properties:
    • EmailNotifier:
      • recipients — array — array of email address strings
      • subjectTemplate — string
      • bodyTemplate — string
      • useProxy — boolean
    • HumioRepoNotifier:
      • ingestToken — string
    • OpsGenieNotifier:
      • apiUrl — string
      • genieKey — string
      • useProxy — boolean
    • PagerDutyNotifier:
      • severity — string — critical, error, warning, info
      • routingKey — string
      • useProxy — boolean
    • SlackNotifier:
      • url — string
      • fields — map(string, string)
      • useProxy — boolean
    • SlackPostMessageNotifier:
      • apiToken — string
      • channels — array — array of Slack channel strings
      • fields — map(string, string)
      • useProxy — boolean
    • VictorOpsNotifier:
      • messageType — string
      • notifyUrl — string
      • useProxy — boolean
    • WebHookNotifier:
      • url — string
      • method — string — GET, HEAD, OPTIONS, PATCH, POST, PUT
      • headers — map(string, string)
      • bodyTemplate — string
      • ignoreSSL — boolean
      • useProxy — boolean

Example:

curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers/GXso4uF2EawsVyvtr2Q6DbtlWNPKwtOj \
    -X PUT \
    -H "Content-Type: application/json" \
    -H "Authorization: Bearer $TOKEN" \
    -d '{"name":"test", "entity": "WebHookNotifier", "properties": {"url":"http://example.com", "method":"POST", "headers": {"Content-Type":"application/json"}, "bodyTemplate":"{\n  \"repository\": \"{repo_name}\",\n  \"timestamp\": \"{alert_triggered_timestamp}\",\n  \"alert\": {\n    \"name\": \"{alert_name}\",\n    \"description\": \"{alert_description}\",\n    \"query\": {\n      \"queryString\": \"{query_string} \",\n      \"end\": \"{query_time_end}\",\n      \"start\": \"{query_time_start}\"\n    },\n    \"notifierID\": \"{alert_notifier_id}\",\n    \"id\": \"{alert_id}\"\n },\n  \"warnings\": \"{warnings}\",\n  \"events\": {events},\n  \"numberOfEvents\": {event_count}\n}",
    "ignoreSSL":true, "useProxy":true}}'

Delete Action

DELETE /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/$ID

Example:

curl http://$YOUR_HUMIO_URL/api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/GXso4uF2EawsVyvtr2Q6DbtlWNPKwtOj \
    -X DELETE \
    -H "Authorization: Bearer $TOKEN"

Test Action

POST /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/$ID/test

Params:

  • alertName — string
  • events — array — array of Humio log events

Example:

curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers/GXso4uF2EawsVyvtr2Q6DbtlWNPKwtOj/test \
    -X POST \
    -H "Content-Type: application/json" \
    -H "Authorization: Bearer $TOKEN" \
    -d '{"alertName":"testAlertName", events: [{"@timestamp": 0, "@timezone": "Z", "#host": "TestHost"}]}'