Update alert APIedit
Update the attributes for an existing alert.
Requestedit
PUT <kibana host>:<port>/api/alerts/alert/<id>
Path parametersedit
-
id
- (Required, string) The ID of the alert that you want to update.
Request bodyedit
-
name
- (Required, string) A name to reference and search.
-
tags
- (Optional, string array) A list of keywords to reference and search.
-
schedule
-
(Required, object) When to run this alert. Use one of the available schedule formats.
Schedule Formats.
A schedule uses a key: value format. Kibana currently supports the Interval format , which specifies the interval in seconds, minutes, hours, or days at which to execute the alert.
Example:
{ interval: "10s" }
,{ interval: "5m" }
,{ interval: "1h" }
,{ interval: "1d" }
. -
throttle
-
(Optional, string) How often this alert should fire the same actions. This will prevent the alert from sending out the same notification over and over. For example, if an alert with a
schedule
of 1 minute stays in a triggered state for 90 minutes, setting athrottle
of10m
or1h
will prevent it from sending 90 notifications during this period. -
notifyWhen
-
(Required, string) The condition for throttling the notification:
onActionGroupChange
,onActiveAlert
, oronThrottleInterval
. -
params
-
(Required, object) The parameters to pass to the alert type executor
params
value. This will also validate against the alert type params validator, if defined. -
actions
-
(Optional, object array) An array of the following action objects.
Properties of the action objects:
-
group
-
(Required, string) Grouping actions is recommended for escalations for different types of alert instances. If you don’t need this, set the value to
default
. -
id
- (Required, string) The ID of the action that saved object executes.
-
actionTypeId
- (Required, string) The id of the action type.
-
params
-
(Required, object) The map to the
params
that the action type will receive.params
are handled as Mustache templates and passed a default set of context.
-
Response codeedit
-
200
- Indicates a successful call.
Exampleedit
Update an alert with ID ac4e6b90-6be7-11eb-ba0d-9b1c1f912d74
with a different name:
$ curl -X PUT api/alerts/alert/ac4e6b90-6be7-11eb-ba0d-9b1c1f912d74 { "notifyWhen": "onActionGroupChange", "params": { "aggType": "avg", }, "schedule": { "interval": "1m" }, "actions": [], "tags": [], "name": "new name", "throttle": null, }
The API returns the following:
{ "id": "ac4e6b90-6be7-11eb-ba0d-9b1c1f912d74", "notifyWhen": "onActionGroupChange", "params": { "aggType": "avg", }, "consumer": "alerts", "alertTypeId": "test.alert.type", "schedule": { "interval": "1m" }, "actions": [], "tags": [], "name": "new name", "enabled": true, "throttle": null, "apiKeyOwner": "elastic", "createdBy": "elastic", "updatedBy": "elastic", "muteAll": false, "mutedInstanceIds": [], "updatedAt": "2021-02-10T05:37:19.086Z", "createdAt": "2021-02-10T05:37:19.086Z", "scheduledTaskId": "0b092d90-6b62-11eb-9e0d-85d233e3ee35", "executionStatus": { "lastExecutionDate": "2021-02-10T17:55:14.262Z", "status": "ok" } }