Rest API – Notifications
Overview
The REST API allows you to work with Notifications in FireScope SPM. Specifically, you can:
- Retrieve
- Create or Update
- Delete
Retrieve
To retrieve the current information about a Notification in SPM, send unique query parameters in a GET request to the following URL:
http://[IP address]:38050/web_services/notifications?account=[Account name]&name=[Notification name]
Example:
http://localhost:38050/web_services/...=notification1
Note: Don’t forget to change the domain name (localhost) and query parameter values (account, and name) to match your environment and data.
A JSON response will be returned similar in structure to the payload for the Create or Update.
Query Parameter Descriptions
Parameter | Description | Type | Required |
account | The SPM account | String | Yes |
name | Name of the Notification | String | Yes |
Create or Update
To create or update a Notification, POST a JSON document with the appropriate information to the following URL:
http://[IP address]:38050/web_services/notifications
Note: Don’t forget to change the domain name (localhost) to match your environment and data.
Use the following example as a guide.
{
"account_id" : "firescope",
"name" : "Event Def Severity Notification",
"created_by" : "Admin",
"status" : 0,
"type" : 1,
"filters" : [{
"filtertype" : 4,
"operator" : 5,
"value" : {"edge_device" : "edge1", "ci" : "VMWare", "eventdef" : "Ping"}
},{
"filtertype" : 2,
"operator" : 0,
"value" : "5"
}],
"procedures" : [{
"content_type" : 0,
"longdata" : "{CI}:{IPADDRESS}:{EVENT.NAME}:{STATUS}",
"object" : 0,
"objectid" : {"users" : "bryancan"},
"proceduretype" : 0,
"shortdata" : "{CI}:{EVENT.NAME}:{STATUS}"
}, {
"content_type" : 0,
"longdata" : "{CI}:{IPADDRESS}:{EVENT.NAME}:{STATUS}",
"object" : 1,
"objectid" : {"usrgrp" : "FireScope administrators"},
"proceduretype" : 0,
"shortdata" : "{CI}:{EVENT.NAME}:{STATUS}"
}],
"usrgrp" : ["Database administrators", "FireScope administrators", "Guests"]
}
Property Descriptions
Property | Description | Type | Default | Required |
account_id | The name of the SPM account. | String | Yes | |
created_by | The user name of the person who created this notification. | String | Yes | |
name | The unique name of the notification. | String | Yes | |
status | Status of the Notification:0 = Enabled1 = Disabled | Number | 0 | Yes |
type | The type of boolean logic to apply to the filters:1 – AND2 – OR | Number | 1 | Yes |
usrgrp | The list of associated user groups. | String[] | No | |
procedures | PropertyDescriptionTypeDefaultRequired 0 = text/plain1 = text/htmlNumber0Yes, if Message typelongdataA macro-filled text field whose values depends upon the type.For messages, this field represents the message body.For remote commands, this field represents the actual command to executeFor ServiceNow, this field represents the ticket comment to add.String Yesobject0 = Single User1 = User GroupNumber0Yes, if Message typeobjectidUnique key to a user or a user group, depending upon ‘object’ enumeration.e.g. {“users” : “Admin”} or {“usrgrp” : “Administrators”}Object Yes, if Message typeproceduretype0 = Message1 = Remote Command8 = ServiceNow Incident ProcessingNumber0YesshortdataA macro-filled text field whose values depends upon the type.For messages, this field represents the message subject.For ServiceNow, this field represents the comment description.String Yes, except for Remote Commands |
Object[] | Yes | |
filters PropertyDescriptionTypeDefaultRequiredfiltertypeThe category of filteringNumber0YesoperatorWhich operation should be applied to the valueNumber0YesvalueA context dependent value depending upon the filter type. See ‘Value Format’ column of table below.Object Yes |
Possible values for filtertype and value fields: Filter TypeDefinitionValue FormatExample Value0Logical GroupUnique key for a logical group”Database Servers”1Configuration ItemUnique key for a CI{“edge_device” : “edge1”, “ci” : “VMWare”}2Event Definition (ED)Unique key for an ED{“edge_device” : “edge1”, “ci” : “VMWare”, “eventdef” : “Ping Status”}3ED/AED/Policy NameSupports name for all 3 types”Ping Status”4Event Definition Severity”0″ = Not Classified”1″ = Information”2″ = Average”3″ = Warning”4″ = High”5″ = Major”0″5Event Definition Value”0″ = OK”1″ = Failed”0″6Time Period “1502206054”13Aggregate Event Definition (AED)Unique key for an AED{“logicalgroup” : “Database Servers”, “aed” : “aed1”}14PolicyUnique key for a policy{“servicegroup”: “CRM”, “policy” : “policy1”}15Event Definition NameName of an ED. Can match multiple”Ping Status”16Aggregate Event Definition NameName of an AED. Can match multiple”aed1″17Policy NameName of a policy. Can match multiple”policy1″Operator of the Notification OperatorDefinition0Equals1Not equals2Like3Not like4Between5Greater than or equal6Less than or equal7Not between |
Object[] | Yes |
Delete
To delete a Notification, send an HTTP DELETE request with the same query parameters as the GET request.
See the Retrieve for the URL format and query parameter descriptions.