Create¶

POST /api/v1/alert_policy/add

Overview¶

Create an Alert Strategy

Body Request Parameters¶

Parameter Name	Type	Required	Description
name	string	Y	Alert strategy name Allow empty: False
desc	string		Description Allow empty: False Allow empty string: True Max length: 256
openPermissionSet	boolean		Enable custom permission configuration, (default false: not enabled), when enabled, the operation permissions of this rule are based on permissionSet Allow empty: False
permissionSet	array		Operation permission configuration, can configure (roles (except owner), member uuid, team uuid) Example: ['wsAdmin', 'acnt_xxxx', 'group_yyyy'] Allow empty: False
ruleTimezone	str	Y	Alert strategy timezone Example: Asia/Shanghai Allow empty: False
alertOpt	json		Alert settings Allow empty: False
alertOpt.alertType	string		Alert strategy notification type, level(status)/member(member), default is level Allow empty: False Optional values: ['status', 'member']
alertOpt.alertTarget	array		Trigger actions, note the parameter processing of trigger time Example: [{'name': 'Notification Configuration1', 'targets': [{'to': ['acnt_xxxx32'], 'status': 'critical', 'tags': {'pod_name': ['coredns-7769b554cf-w95fk']}, 'upgradeTargets': [{'to': ['acnt_xxxx32'], 'duration': 600}, {'to': ['group_xxxx32'], 'duration': 6000}]}], 'crontabDuration': 600, 'crontab': '0 9 * * 0,1,2,3,4'}, {'name': 'Notification Configuration2', 'targets': [{'status': 'error', 'to': ['group_xxxx32'], 'upgradeTargets': [{'to': ['acnt_xxxx32'], 'duration': 600}, {'to': ['group_xxxx32'], 'duration': 6000}]}], 'customDateUUIDs': ['ndate_xxxx32'], 'customStartTime': '09:30:10', 'crontabDuration': 600}] Allow empty: False
alertOpt.silentTimeout	integer	Y	Alert settings Allow empty: False
alertOpt.aggInterval	integer	Y	Alert aggregation interval, in seconds, 0 means no aggregation Allow empty: False $minValue: 0 $maxValue: 1800
alertOpt.aggFields	array		Aggregation field list, keep empty list [] to indicate "Aggregation rule: all", df_monitor_checker_id: monitor/intelligent inspection/SLO, df_dimension_tags: detection dimension, df_label: label, CLUSTER: intelligent aggregation Example: ['CLUSTER'] Allow empty: False
alertOpt.aggLabels	array		Label value list for label-based aggregation, will only take effect if df_label is specified in aggFields Allow empty: False
alertOpt.aggClusterFields	array		Field list for intelligent aggregation, will only take effect if CLUSTER is specified in aggFields, optional values "df_title": title, "df_message": content Example: ['df_title'] Allow empty: False

Parameter Supplementary Description¶

Data Description.

1. alertOpt Parameter Description

Parameter Name	type	Required	Description
name	string	Required	Rule name
desc	string		Description
type	string	Required	Checker type
ruleTimezone	string	Required	Alert strategy timezone (new parameter added in 2024-01-31 iteration)
alertOpt	Dict	Required	Alert settings
alertOpt[#].silentTimeout	integer	Required	How long the same alert will not be sent again (i.e., silence time), in seconds/s, 0 means permanent
alertOpt[#].aggInterval	integer		Alert aggregation interval, in seconds, 0 means no aggregation, in seconds/s range [0,1800]
alertOpt[#].aggFields	array		Aggregation field list, keep empty list [] to indicate "Aggregation rule: all", df_monitor_checker_id: monitor/intelligent inspection/SLO, df_dimension_tags: detection dimension, df_label: label, CLUSTER: intelligent aggregation
alertOpt[#].aggLabels	array		Label value list for label-based aggregation, will only take effect if df_label is specified in aggFields
alertOpt[#].aggClusterFields	array		Field list for intelligent aggregation, will only take effect if CLUSTER is specified in aggFields, optional values "df_title": title, "df_message": content
alertOpt[#].alertTarget	Array[Dict]		Alert actions
alertOpt[#].alertType	string		Alert strategy notification type, level(status)/member(member), default is level, new in 2024-11-06 iteration
openPermissionSet	boolean		Whether to enable custom permission configuration, default false , new in 2024-11-06 iteration
permissionSet	array		Operation permission configuration , new in 2024-11-06 iteration

2. When the alert strategy is of type level, alertOpt.alertTarget parameter description

key	Type	Required	Description
name	string		Configuration name
targets	Array[dict]	Required	Notification object configuration (note the position of this field when the alert strategy is of type level/member)
crontab	String		When selecting a repeating time period, start Crontab (Crontab syntax)
crontabDuration	integer		When selecting a repeating time, duration from Crontab start (seconds)
customDateUUIDs	Array[String]		When selecting a custom time, custom notification date UUID list , example: ['ndate_xxxx32', 'ndate_xxxx32'], custom notification date reference (monitoring - alert strategy - custom notification date, interface)
customStartTime	String		When selecting a custom time, daily start time, format: HHss
customDuration	integer		When selecting a custom time period, duration from customStartTime custom start time (seconds)

3. When the alert strategy is of type member, alertOpt.alertTarget parameter description

key	Type	Required	Description
name	string		Configuration name
crontab	String		When selecting a repeating time period, start Crontab (Crontab syntax)
crontabDuration	integer		When selecting a repeating time, duration from Crontab start (seconds)
customDateUUIDs	Array[String]		When selecting a custom time, custom notification date UUID list , example: ['ndate_xxxx32', 'ndate_xxxx32'], custom notification date reference (monitoring - alert strategy - custom notification date, interface)
customStartTime	String		When selecting a custom time, daily start time, format: HHss
customDuration	integer		When selecting a custom time period, duration from customStartTime custom start time (seconds)
alertInfo	Array[dict]	Required	When the member type alert strategy notification related information configuration new in 2024-11-27 iteration

4. When the alert strategy is of type member, alertOpt.alertTarget.alertInfo parameter description

key	Type	Required	Description
name	string		Configuration name
targets	Array[dict]	Required	Notification object configuration (note the position of this field when the alert strategy is of type level/member)
filterString	string		When alertType is member, use this field, filter condition original string ,new in 2024-11-27 iteration
memberInfo	array		When alertType is member, use this field (team UUID member UUID), example: [`group_xxxx`,`acnt_xxxx`], new in 2024-11-27 iteration

5. Time Configuration Related Description

If selecting a repeating time period, crontab, crontabDuration fields are required parameters
If selecting a custom time period, customDateUUIDs, customDuration, customStartTime fields are required parameters
If selecting other times, crontab, crontabDuration, customDateUUIDs, customStartTime, customDuration are not required
Note: Each alert strategy will have a notification rule for other times, i.e., without time configuration is the fallback notification object

6. Notification Object Field targets Description

When alertType is status, targets position alertOpt.alertTarget.targets
When alertType is member, targets position alertOpt.alertTarget.alertInfo.targets
targets is a list, internal elements are dict, internal field description as follows

key	Type	Required	Description
to	Array[String]	Required	Notification object/member/team, example: [`group_xxxx`,`acnt_xxxx`,`notify_xxxx`]. (When alertType is member, only notification objects and fixed fields email, sms(saas version supports sms) can be selected, example: [`email`,`notify_xxxx`], new in 2024-11-06 iteration)
status	Enum	Required	The status value of the event that needs to send an alert (multiple statuses can be separated by commas, all means all). Non-security monitoring type status values: `critical`,`error`,`warning`,`nodata`,`info`. Security monitoring type status values: `critical`, `high`, `medium`, `low`, `info` (new in 2025-05-14 iteration security monitoring enum values)
df_source	Enum		When status needs to be security monitoring status, df_source must be specified as security, default not passed means non-security monitoring status (new in 2025-05-14 iteration)
upgradeTargets	Array		Each alert configuration status upgrade notification
tags	dict		Filter conditions
filterString	dict		Filter condition original string can replace tags, filterString has higher priority than tags, new in 2024-11-27 iteration

7. Notification Object Field upgradeTargets Description

When alertType is status, targets position alertOpt.alertTarget.targets.upgradeTargets
When alertType is member, targets position alertOpt.alertTarget.alertInfo.targets.upgradeTargets
upgradeTargets is a list, internal elements are dict, internal field description as follows

key	Type	Required	Description
to	Array[String]	Required	Notification object/member/team, example: [`group_xxxx`,`acnt_xxxx`,`notify_xxxx`]. (When alertType is member, only members and teams can be selected, new in 2024-11-06 iteration)
duration	integer		Duration, continuous generation of events of this level status triggers upgrade notification
toWay	Array[String]		When alertType is member(member) type, only notification objects and fixed fields email, sms(saas version supports sms) can be selected, example: [`email`,`notify_xxxx`], new in 2024-11-06 iteration

8. Operation Permission Configuration Parameter Description

Parameter Name	type	Description
openPermissionSet	boolean	Whether to enable custom permission configuration, default false
permissionSet	array	Operation permission configuration

**permissionSet, openPermissionSet field description (new in 2024-06-26 iteration fields): **

When openPermissionSet is enabled, only workspace owners and roles, teams, members belonging to the permissionSet configuration can edit/enable/disable/delete
When openPermissionSet is disabled (default), then delete/enable/disable/edit permissions follow the original interface edit/enable/disable/delete permissions

permissionSet field can configure, role UUID(wsAdmin,general, readOnly, role_xxxxx ), team UUID(group_yyyy), member UUID(acnt_xxx) permissionSet field example:

  ["wsAdmin", "general", "group_yyyy", "acnt_xxxx"]

Request Example¶

curl 'https://openapi.truewatch.com/api/v1/alert_policy/add' \
-H 'DF-API-KEY: <DF-API-KEY>' \
-H 'Content-Type: application/json;charset=UTF-8' \
--data-raw '{"name":"jj_test","ruleTimezone":"Asia/Shanghai","alertOpt":{"alertTarget":[{"name":"Notification Configuration1","targets":[{"status":"critical","tags":{"pod_name":["coredns-7769b554cf-w95fk"]},"to":["acnt_xxxx32"]}],"crontabDuration":600,"crontab":"0 9 * * 0,1,2,3,4"},{"name":"Notification Configuration2","targets":[{"status":"error","to":["group_xxxx32"]}],"customDateUUIDs":["ndate_xxxx32"],"customStartTime":"09:30:10","customDuration":600},{"targets":[{"status":"warning","to":["notify_xxxx32"]}]}],"silentTimeout":21600,"aggInterval":120,"aggFields":["df_monitor_checker_id"]}}' \
--compressed

Response¶

{
    "code": 200,
    "content": {
        "alertOpt": {
            "aggFields": [
                "df_monitor_checker_id"
            ],
            "aggInterval": 120,
            "alertTarget": [
                {
                    "crontab": "0 9 * * 0,1,2,3,4",
                    "crontabDuration": 600,
                    "name": "Notification Configuration1",
                    "targets": [
                        {
                            "status": "critical",
                            "tags": {
                                "pod_name": [
                                    "coredns-7769b554cf-w95fk"
                                ]
                            },
                            "to": [
                                "acnt_xxxx32"
                            ]
                        }
                    ]
                },
                {
                    "customDateUUIDs": [
                        "ndate_xxxx32"
                    ],
                    "customDuration": 600,
                    "customStartTime": "09:30:10",
                    "name": "Notification Configuration2",
                    "targets": [
                        {
                            "status": "error",
                            "to": [
                                "group_xxxx32"
                            ]
                        }
                    ]
                },
                {
                    "targets": [
                        {
                            "status": "warning",
                            "to": [
                                "notify_xxxx32"
                            ]
                        }
                    ]
                }
            ],
            "silentTimeout": 21600
        },
        "createAt": 1719373984,
        "creator": "wsak_xxxx32",
        "declaration": {
            "asd": "aa,bb,cc,1,True",
            "asdasd": "dawdawd",
            "business": "aaa",
            "fawf": "afawf",
            "organization": "64fe7b4062f74d0007b46676"
        },
        "deleteAt": -1,
        "id": null,
        "name": "jj_test",
        "ruleTimezone": "Asia/Shanghai",
        "score": 0,
        "status": 0,
        "updateAt": 1719373984,
        "updator": "wsak_xxxx32",
        "uuid": "altpl_xxxx32",
        "workspaceUUID": "wksp_xxxx32"
    },
    "errorCode": "",
    "message": "",
    "success": true,
    "traceId": "TRACE-148B6846-6180-4594-BD26-8A2077F0E911"
}