Skip to content

Create


POST /api/v1/alert_policy/add

Overview

Create an alert strategy

Body Request Parameters

Parameter Name Type Required Description
name string Y Alert strategy name
Allow empty: False
desc string Description
Allow empty: False
Allow empty string: True
Maximum length: 256
openPermissionSet boolean Enable custom permission configuration, (default false:not enabled), after enabling the operation permissions for this rule will be based on permissionSet
Allow empty: False
permissionSet array Operation permission configuration, can configure (role(except owner), member UUID, team UUID)
Example: ['wsAdmin', 'acnt_xxxx', 'group_yyyy']
Allow empty: False
ruleTimezone str Y Alert strategy timezone
Example: Asia/Shanghai
Allow empty: False
alertOpt json Alert settings
Allow empty: False
alertOpt.alertType string Alert strategy notification type, level(status)/member(member), default is level
Allow empty: False
Selectable values: ['status', 'member']
alertOpt.alertTarget array Trigger action, note trigger time, parameter processing
Example: [{'name': 'Notification Configuration 1', 'targets': [{'to': ['acnt_xxxx32'], 'status': 'critical', 'tags': {'pod_name': ['coredns-7769b554cf-w95fk']}, 'upgradeTargets': [{'to': ['acnt_xxxx32'], 'duration': 600}, {'to': ['group_xxxx32'], 'duration': 6000}]}], 'crontabDuration': 600, 'crontab': '0 9 * * 0,1,2,3,4'}, {'name': 'Notification Configuration 2', 'targets': [{'status': 'error', 'to': ['group_xxxx32'], 'upgradeTargets': [{'to': ['acnt_xxxx32'], 'duration': 600}, {'to': ['group_xxxx32'], 'duration': 6000}]}], 'customDateUUIDs': ['ndate_xxxx32'], 'customStartTime': '09:30:10', 'crontabDuration': 600}]
Allow empty: False
alertOpt.silentTimeout integer Y Alert settings
Allow empty: False
alertOpt.aggInterval integer Y Alert aggregation interval, unit seconds, 0 means no aggregation
Allow empty: False
$minValue: 0
$maxValue: 1800
alertOpt.aggFields array Aggregation field list, keep empty list [] means "Aggregation Rule: All", df_monitor_checker_id: monitor/intelligent inspection/SLO, df_dimension_tags: detection dimension, df_label: label, CLUSTER: intelligent aggregation
Example: ['CLUSTER']
Allow empty: False
alertOpt.aggLabels array Label value list when aggregating by labels, only effective if df_label is specified in aggFields
Allow empty: False
alertOpt.aggClusterFields array Field list for intelligent aggregation, only effective if CLUSTER is specified in aggFields, selectable values "df_title": title, "df_message": content
Example: ['df_title']
Allow empty: False

Supplementary Parameter Explanation

Data Explanation.

1. alertOpt Parameter Explanation

Parameter Name Type Required Description
name string Required Rule name
desc string Description
type string Required Checker type
ruleTimezone string Required Alert strategy timezone (added parameter on January 31, 2024)
alertOpt Dict Required Alert settings
alertOpt[#].silentTimeout integer Required How long to not repeat sending the same alert (i.e., silence time), unit seconds/s, 0 means permanent
alertOpt[#].aggInterval integer Alert aggregation interval, unit seconds, 0 means no aggregation, unit seconds/s range [0,1800]
alertOpt[#].aggFields array Aggregation field list, keep empty list [] means "Aggregation Rule: All", df_monitor_checker_id: monitor/intelligent inspection/SLO, df_dimension_tags: detection dimension, df_label: label, CLUSTER: intelligent aggregation
alertOpt[#].aggLabels array Label value list when aggregating by labels, only effective if df_label is specified in aggFields
alertOpt[#].aggClusterFields array Field list for intelligent aggregation, only effective if CLUSTER is specified in aggFields, selectable values "df_title": title, "df_message": content
alertOpt[#].alertTarget Array[Dict] Alert actions
alertOpt[#].alertType string Alert strategy notification type, level(status)/member(member), default is level, added on November 6, 2024
openPermissionSet boolean Whether to enable custom permission configuration, default false , added on November 6, 2024
permissionSet array Operation permission configuration , added on November 6, 2024

2. When the alert strategy is of type level, alertOpt.alertTarget Parameter Explanation

key Type Required Description
name string Configuration name
targets Array[dict] Required Notification object configuration (Note the position of this field when the alert strategy is of type level/member)
crontab String Select repeated time periods, start Crontab (Crontab syntax)
crontabDuration integer Select repeated time, from Crontab start, duration (seconds)
customDateUUIDs Array[String] Select custom times, custom notification date UUID list, example: ['ndate_xxxx32', 'ndate_xxxx32'], reference custom notification dates (Monitoring - Alert Strategy - Custom Notification Dates, interface)
customStartTime String Select custom times, daily start time, format: HH🇲🇲ss
customDuration integer Select custom time periods, from customStartTime custom start time, duration (seconds)

3. When the alert strategy is of type member, alertOpt.alertTarget Parameter Explanation

key Type Required Description
name string Configuration name
crontab String Select repeated time periods, start Crontab (Crontab syntax)
crontabDuration integer Select repeated time, from Crontab start, duration (seconds)
customDateUUIDs Array[String] Select custom times, custom notification date UUID list, example: ['ndate_xxxx32', 'ndate_xxxx32'], reference custom notification dates (Monitoring - Alert Strategy - Custom Notification Dates, interface)
customStartTime String Select custom times, daily start time, format: HH🇲🇲ss
customDuration integer Select custom time periods, from customStartTime custom start time, duration (seconds)
alertInfo Array[dict] Required Notification related information configuration when the alert strategy is of type member, added on November 27, 2024

4. When the alert strategy is of type member, alertOpt.alertTarget.alertInfo Parameter Explanation

key Type Required Description
name string Configuration name
targets Array[dict] Required Notification object configuration (Note the position of this field when the alert strategy is of type level/member)
filterString string When alertType is member, use this field, filter condition original string, added on November 27, 2024
memberInfo array When alertType is member, use this field (team UUID member UUID), example: [group_xxxx,acnt_xxxx], added on November 27, 2024

5. Time Configuration Related Explanations

If selecting repeated time periods, crontab, crontabDuration fields are required parameters.
If selecting custom time periods, customDateUUIDs, customDuration, customStartTime fields are required parameters.
If selecting other moments, crontab, crontabDuration, customDateUUIDs, customStartTime, customDuration do not need to be passed.
Note: Each alert strategy has a fallback notification rule for other moments, i.e., no time configuration is set for the fallback notification object.

6. Notification Object Field targets Explanation When alertType is status, targets position is alertOpt.alertTarget.targets.
When alertType is member, targets position is alertOpt.alertTarget.alertInfo.targets.
targets is a list, internal elements are dictionaries, internal field explanations as follows:

key Type Required Description
to Array[String] Required Notification objects/members/teams, example: [group_xxxx,acnt_xxxx,notify_xxxx]. (When alertType is member, only notification objects and fixed fields email, sms (saas version supports sms) can be selected, example: [email,notify_xxxx], added on November 6, 2024)
status Enum Required Status values of events that require sending alerts (multiple statuses can be separated by commas, all represents all). Non-security monitoring type status values: critical,error,warning,nodata,info. Security monitoring type status values: critical, high, medium, low, info (added security monitoring enumeration values on May 14, 2025)
df_source Enum When status needs to be security monitoring status, df_source must be specified as security, default non-passing indicates non-security monitoring status (added on May 14, 2025)
upgradeTargets Array Upgrade notifications for each alert configuration state
tags dict Filter conditions
filterString dict Original string of filter conditions can replace tags, filterString priority higher than tags, added on November 27, 2024

7. Notification Object Field upgradeTargets Explanation When alertType is status, targets position is alertOpt.alertTarget.targets.upgradeTargets.
When alertType is member, targets position is alertOpt.alertTarget.alertInfo.targets.upgradeTargets.
upgradeTargets is a list, internal elements are dictionaries, internal field explanations as follows:

key Type Required Description
to Array[String] Required Notification objects/members/teams, example: [group_xxxx,acnt_xxxx,notify_xxxx]. (When alertType is member, only members and teams can be selected, added on November 6, 2024)
duration integer Duration, triggers upgrade notification when the event of this level status continues to occur
toWay Array[String] When alertType is of type member, used, only notification objects and fixed fields email, sms (saas version supports sms) can be selected, example: [email,notify_xxxx], added on November 6, 2024

8. Operation Permission Configuration Parameter Explanation

Parameter Name Type Description
openPermissionSet boolean Whether to enable custom permission configuration, default false
permissionSet array Operation permission configuration

**permissionSet, openPermissionSet Field Explanation (Added fields on June 26, 2024): **

After configuring openPermissionSet to be enabled, only the space owner and roles, teams, members configured in permissionSet can perform editing/enabling/disabling/deleting operations.
After configuring openPermissionSet to be disabled (default), deletion/enabling/disabling/editing permissions follow the original interface editing/enabling/disabling/deleting permissions.

permissionSet field can be configured with role UUID(wsAdmin, general, readOnly, role_xxxxx ), team UUID(group_yyyy), member UUID(acnt_xxx) permissionSet field example: 

  ["wsAdmin", "general", "group_yyyy", "acnt_xxxx"]

Request Example

curl 'https://openapi.guance.com/api/v1/alert_policy/add' \
-H 'DF-API-KEY: <DF-API-KEY>' \
-H 'Content-Type: application/json;charset=UTF-8' \
--data-raw '{"name":"jj_test","ruleTimezone":"Asia/Shanghai","alertOpt":{"alertTarget":[{"name":"Notification Configuration 1","targets":[{"status":"critical","tags":{"pod_name":["coredns-7769b554cf-w95fk"]},"to":["acnt_xxxx32"]}],"crontabDuration":600,"crontab":"0 9 * * 0,1,2,3,4"},{"name":"Notification Configuration 2","targets":[{"status":"error","to":["group_xxxx32"]}],"customDateUUIDs":["ndate_xxxx32"],"customStartTime":"09:30:10","customDuration":600},{"targets":[{"status":"warning","to":["notify_xxxx32"]}]}],"silentTimeout":21600,"aggInterval":120,"aggFields":["df_monitor_checker_id"]}}' \
--compressed

Response

{
    "code": 200,
    "content": {
        "alertOpt": {
            "aggFields": [
                "df_monitor_checker_id"
            ],
            "aggInterval": 120,
            "alertTarget": [
                {
                    "crontab": "0 9 * * 0,1,2,3,4",
                    "crontabDuration": 600,
                    "name": "Notification Configuration 1",
                    "targets": [
                        {
                            "status": "critical",
                            "tags": {
                                "pod_name": [
                                    "coredns-7769b554cf-w95fk"
                                ]
                            },
                            "to": [
                                "acnt_xxxx32"
                            ]
                        }
                    ]
                },
                {
                    "customDateUUIDs": [
                        "ndate_xxxx32"
                    ],
                    "customDuration": 600,
                    "customStartTime": "09:30:10",
                    "name": "Notification Configuration 2",
                    "targets": [
                        {
                            "status": "error",
                            "to": [
                                "group_xxxx32"
                            ]
                        }
                    ]
                },
                {
                    "targets": [
                        {
                            "status": "warning",
                            "to": [
                                "notify_xxxx32"
                            ]
                        }
                    ]
                }
            ],
            "silentTimeout": 21600
        },
        "createAt": 1719373984,
        "creator": "wsak_xxxx32",
        "declaration": {
            "asd": "aa,bb,cc,1,True",
            "asdasd": "dawdawd",
            "business": "aaa",
            "fawf": "afawf",
            "organization": "64fe7b4062f74d0007b46676"
        },
        "deleteAt": -1,
        "id": null,
        "name": "jj_test",
        "ruleTimezone": "Asia/Shanghai",
        "score": 0,
        "status": 0,
        "updateAt": 1719373984,
        "updator": "wsak_xxxx32",
        "uuid": "altpl_xxxx32",
        "workspaceUUID": "wksp_xxxx32"
    },
    "errorCode": "",
    "message": "",
    "success": true,
    "traceId": "TRACE-148B6846-6180-4594-BD26-8A2077F0E911"
}

Feedback

Is this page helpful? ×