Action API

The Notifier API was renamed to the Action API. However, in the actual API, no renaming has been done so far.

The endpoints displayed on this page, except for Test Action, are deprecated starting with version 1.23 of Humio. These endpoints will remain operational for some time, but users are encouraged to use instead the corresponding queries and mutations found in our GraphQL API.

List Actions

GET /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers

Example:

curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers \
     -H "Authorization: Bearer $TOKEN"

Get Action by ID

GET /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/$ID

Example:

curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers/GXso4uF2EawsVyvtr2Q6DbtlWNPKwtOj \
    -H "Authorization: Bearer $TOKEN"

Create Action

POST /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers

Params:

  • name — string
  • entity — string — EmailNotifier, HumioRepoNotifier, OpsGenieNotifier, PagerDutyNotifier, SlackNotifier, SlackPostMessageNotifier, VictorOpsNotifier, WebHookNotifier
  • properties:
    • EmailNotifier:
      • recipients — array — array of email address strings
      • subjectTemplate — string
      • bodyTemplate — string
      • useProxy — boolean
    • HumioRepoNotifier:
      • ingestToken — string
    • OpsGenieNotifier:
      • apiUrl — string
      • genieKey — string
      • useProxy — boolean
    • PagerDutyNotifier:
      • severity — string — critical, error, warning, info
      • routingKey — string
      • useProxy — boolean
    • SlackNotifier:
      • url — string
      • fields — map(string, string)
      • useProxy — boolean
    • SlackPostMessageNotifier:
      • apiToken — string
      • channels — array — array of Slack channel strings
      • fields — map(string, string)
      • useProxy — boolean
    • VictorOpsNotifier:
      • messageType — string
      • notifyUrl — string
      • useProxy — boolean
    • WebHookNotifier:
      • url — string
      • method — string — GET, HEAD, OPTIONS, PATCH, POST, PUT
      • headers — map(string, string)
      • bodyTemplate — string
      • ignoreSSL — boolean
      • useProxy — boolean

Example:

curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers \
    -X POST \
    -H "Content-Type: application/json" \
    -H "Authorization: Bearer $TOKEN" \
    -d '{"name":"test", "entity": "WebHookNotifier", "properties": {"url":"http://example.com", "method":"POST", "headers": {"Content-Type":"application/json"}, "bodyTemplate":"{\n  \"repository\": \"{repo_name}\",\n  \"timestamp\": \"{alert_triggered_timestamp}\",\n  \"alert\": {\n    \"name\": \"{alert_name}\",\n    \"description\": \"{alert_description}\",\n    \"query\": {\n      \"queryString\": \"{query_string} \",\n      \"end\": \"{query_time_end}\",\n      \"start\": \"{query_time_start}\"\n    },\n    \"notifierID\": \"{alert_notifier_id}\",\n    \"id\": \"{alert_id}\"\n },\n  \"warnings\": \"{warnings}\",\n  \"events\": {events},\n  \"numberOfEvents\": {event_count}\n}",
    "ignoreSSL":true, "useProxy":true}}'

Update Action

PUT /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/$ID

Params:

  • name — string
  • entity — string — EmailNotifier, HumioRepoNotifier, OpsGenieNotifier, PagerDutyNotifier, SlackNotifier, SlackPostMessageNotifier, VictorOpsNotifier, WebHookNotifier
  • properties:
    • EmailNotifier:
      • recipients — array — array of email address strings
      • subjectTemplate — string
      • bodyTemplate — string
      • useProxy — boolean
    • HumioRepoNotifier:
      • ingestToken — string
    • OpsGenieNotifier:
      • apiUrl — string
      • genieKey — string
      • useProxy — boolean
    • PagerDutyNotifier:
      • severity — string — critical, error, warning, info
      • routingKey — string
      • useProxy — boolean
    • SlackNotifier:
      • url — string
      • fields — map(string, string)
      • useProxy — boolean
    • SlackPostMessageNotifier:
      • apiToken — string
      • channels — array — array of Slack channel strings
      • fields — map(string, string)
      • useProxy — boolean
    • VictorOpsNotifier:
      • messageType — string
      • notifyUrl — string
      • useProxy — boolean
    • WebHookNotifier:
      • url — string
      • method — string — GET, HEAD, OPTIONS, PATCH, POST, PUT
      • headers — map(string, string)
      • bodyTemplate — string
      • ignoreSSL — boolean
      • useProxy — boolean

Example:

curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers/GXso4uF2EawsVyvtr2Q6DbtlWNPKwtOj \
    -X PUT \
    -H "Content-Type: application/json" \
    -H "Authorization: Bearer $TOKEN" \
    -d '{"name":"test", "entity": "WebHookNotifier", "properties": {"url":"http://example.com", "method":"POST", "headers": {"Content-Type":"application/json"}, "bodyTemplate":"{\n  \"repository\": \"{repo_name}\",\n  \"timestamp\": \"{alert_triggered_timestamp}\",\n  \"alert\": {\n    \"name\": \"{alert_name}\",\n    \"description\": \"{alert_description}\",\n    \"query\": {\n      \"queryString\": \"{query_string} \",\n      \"end\": \"{query_time_end}\",\n      \"start\": \"{query_time_start}\"\n    },\n    \"notifierID\": \"{alert_notifier_id}\",\n    \"id\": \"{alert_id}\"\n },\n  \"warnings\": \"{warnings}\",\n  \"events\": {events},\n  \"numberOfEvents\": {event_count}\n}",
    "ignoreSSL":true, "useProxy":true}}'

Delete Action

DELETE /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/$ID

Example:

curl http://$YOUR_HUMIO_URL/api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/GXso4uF2EawsVyvtr2Q6DbtlWNPKwtOj \
    -X DELETE \
    -H "Authorization: Bearer $TOKEN"

Test Action

POST /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/$ID/test

Params:

  • alertName — string
  • events — array — array of Humio log events

Example:

curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers/GXso4uF2EawsVyvtr2Q6DbtlWNPKwtOj/test \
    -X POST \
    -H "Content-Type: application/json" \
    -H "Authorization: Bearer $TOKEN" \
    -d '{"alertName":"testAlertName", events: [{"@timestamp": 0, "@timezone": "Z", "#host": "TestHost"}]}'