Add Alert Rules
Last updated on 29 June, 2022Overview
You can use LogicMonitor’s REST API to programmatically add alert rules. As with all of our API calls, authentication is required.
Request Information
HTTP Method: POST
URI: /setting/alert/rules
Request parameters: You can POST the following properties for alert rules.
| Property | Description | Required? | Type | Example |
| name | The name of the alert rule | Yes | String | “name”:”prodDBErrors” |
| priority | The priority associated with the alert rule | Yes | Integer | “priority”:100 |
| levelStr | The alert severity levels the alert rule is configured to match. Possible values are All | Warn | Error | Critical | No. Defaults to “All” | String | “levelStr”:”All” |
| devices | The device names and service names the alert rule is configured to match | No. Defaults to * for all devices | JSON Array | “devices” : [ “prod*” ] |
| deviceGroups | The device groups and service groups the alert rule is configured to match | No. Defaults to * for all groups. | JSON Array | “deviceGroups” : [ “Production*” ] |
| datasource | The datasource the alert rule is configured to match | Yes | String | “datasource” : “*SQL*” |
| instance | The instance the alert rule is configured to match | Yes | String | “instance” : “*” |
| datapoint | The datapoint the alert rule is configured to match | Yes | String | “datapoint” : “*” |
| escalationInterval | The escalation interval associated with the alert rule, in minutes | Yes | Integer | “escalationInterval” : 15 |
| escalatingChainId | The id of the escalation chain associated with the alert rule | Yes | Integer | “escalatingChainId” : 12 |
| suppressAlertClear | Whether or not alert clear notifications should be sent to the alert rule | No. Defaults to false. | Boolean | “suppressAlertClear” : true |
| suppressAlertAckSdt | Whether or not status notifications for acknowledgements and SDTs should be sent to the alert rule | No. Defaults to false | Boolean | “suppressAlertAckSdt” : false |
Example
The following example adds a rule ‘DBAlerts’ with priority 1000 that applies to all alerts for SQL DataSources (any DataSource with SQL in the name) across all groups, all devices.
#!/bin/env python
import requests
import json
import hashlib
import base64
import time
import hmac
#Account Info
AccessId ='API-ACCESS-ID'
AccessKey ='API-ACCESS-KEY'
Company = 'api'
##Request Info
httpVerb ='POST'
resourcePath = '/setting/alert/rules'
queryParams =''
data = '{"name":"DBAlerts","priority":1000,"datasource":"*MYSQL*","instance":"*","datapoint":"*","escalationInterval":15,"escalatingChainId":1}'
#Construct URL
url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath +queryParams
#Get current time in milliseconds
epoch = str(int(time.time() * 1000))
#Concatenate Request details
requestVars = httpVerb + epoch + data + resourcePath
# Construct signature
hmac1 = hmac.new(AccessKey.encode(),msg=requestVars.encode(),digestmod=hashlib.sha256).hexdigest()
signature = base64.b64encode(hmac1.encode())
# Construct headers
auth = 'LMv1 ' + AccessId + ':' + signature.decode() + ':' + epoch
headers = {'Content-Type':'application/json','Authorization':auth}
# Make request
response = requests.post(url, data=data, headers=headers)
# Print status and body of response
print('Response Status:',response.status_code)
print('Response Body:',response.content)Python 3