Method: instances.findEntityAlerts

Full name: projects.locations.instances.findEntityAlerts

Get alerts for an entity. The API returns a maximum of 1000 alerts for the requested entity.

Choose a location:

GET https://chronicle.africa-south1.rep.googleapis.com/v1alpha/{instance}:findEntityAlerts

Parameters

Parameters
`instance`	`string` Required. The ID of the Instance to summarize entity for. Format: `projects/{project}/locations/{location}/instances/{instance}`

instance

string

Required. The ID of the Instance to summarize entity for. Format: projects/{project}/locations/{location}/instances/{instance}

Parameters
`timeRange`	`object (Interval)` Required. Time range to retrieve the alerts for [Inclusive start time, exclusive end time).
`pageSize (deprecated)`	`integer` Optional. Deprecated: Pagination is not supported for this API. The maximum number of alerts to return. The service may return fewer than this value. If unspecified, at most 1000 alerts will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.
`pageToken (deprecated)`	`string` Optional. Deprecated: Pagination is not supported for this API. A page token received from a previous `instances.findEntityAlerts` call. Provide this to retrieve the subsequent page.
Union parameter `id`. Identifier to find the entity. `id` can be only one of the following:
`entityId`	`string` ID of the entity.
`fieldAndValue`	`object (FieldAndValue)` Field path or type with value to identify entity.

The request body must be empty.

Response message to retrieve alerts for an entity.

If successful, the response body contains data with the following structure:

JSON representation
{ "alertCounts": [ { object (`AlertCountByRule`) } ], "hasMoreAlerts": boolean, "timeline": { object (`Timeline`) } }

Fields

Fields
`alertCounts[]`	`object (AlertCountByRule)` Rule names with alert count for each.
`hasMoreAlerts`	`boolean` Indicates if there are more alerts than the limit (1000 currently).
`timeline`	`object (Timeline)` Bucketed timeline with alert count.

alertCounts[]

Rule names with alert count for each.

hasMoreAlerts

boolean

Indicates if there are more alerts than the limit (1000 currently).

timeline

object (Timeline)

Bucketed timeline with alert count.

Requires one of the following OAuth scopes:

For more information, see the Authentication Overview.

Method: instances.findEntityAlerts Stay organized with collections Save and categorize content based on your preferences.