mirror of
https://github.com/elastic/kibana.git
synced 2025-04-25 02:09:32 -04:00
123 lines
3.3 KiB
Text
123 lines
3.3 KiB
Text
[[get-rule-api]]
|
|
== Get rule API
|
|
++++
|
|
<titleabbrev>Get rule</titleabbrev>
|
|
++++
|
|
|
|
Retrieve a rule by ID.
|
|
|
|
[NOTE]
|
|
====
|
|
For the most up-to-date API details, refer to the
|
|
{kib-repo}/tree/{branch}/x-pack/plugins/alerting/docs/openapi[open API specification].
|
|
====
|
|
|
|
[[get-rule-api-request]]
|
|
=== {api-request-title}
|
|
|
|
`GET <kibana host>:<port>/api/alerting/rule/<id>`
|
|
|
|
`GET <kibana host>:<port>/s/<space_id>/api/alerting/rule/<id>`
|
|
|
|
=== {api-prereq-title}
|
|
|
|
You must have `read` privileges for the appropriate {kib} features, depending on
|
|
the `consumer` and `rule_type_id` of the rules you're seeking. For example, the
|
|
*Management* > *Stack Rules* feature, *Analytics* > *Discover* and *{ml-app}*
|
|
features, *{observability}*, and *Security* features. To get rules associated
|
|
with the *{stack-monitor-app}* feature, use the `monitoring_user` built-in role.
|
|
|
|
For more details, refer to <<kibana-feature-privileges>>.
|
|
|
|
[[get-rule-api-params]]
|
|
=== {api-path-parms-title}
|
|
|
|
`id`::
|
|
(Required, string) The identifier of the rule to retrieve.
|
|
|
|
`space_id`::
|
|
(Optional, string) An identifier for the space. If `space_id` is not provided in
|
|
the URL, the default space is used.
|
|
|
|
[[get-rule-api-codes]]
|
|
=== {api-response-codes-title}
|
|
|
|
`200`::
|
|
Indicates a successful call.
|
|
|
|
[[get-rule-api-example]]
|
|
=== {api-examples-title}
|
|
|
|
Retrieve the rule object with the ID `41893910-6bca-11eb-9e0d-85d233e3ee35`:
|
|
|
|
[source,sh]
|
|
--------------------------------------------------
|
|
GET api/alerting/rule/41893910-6bca-11eb-9e0d-85d233e3ee35
|
|
--------------------------------------------------
|
|
// KIBANA
|
|
|
|
The API returns the following:
|
|
|
|
[source,sh]
|
|
--------------------------------------------------
|
|
{
|
|
"id":"31697a40-7b36-11ed-aa79-f742c05329b2",
|
|
"consumer":"alerts",
|
|
"tags":["cpu"],
|
|
"name":"my alert",
|
|
"enabled":true,
|
|
"throttle":null,
|
|
"schedule":{
|
|
"interval":"1m"
|
|
},
|
|
"params":{
|
|
"aggType":"avg",
|
|
"termSize":6,
|
|
"thresholdComparator":">",
|
|
"timeWindowSize":5,
|
|
"timeWindowUnit":"m",
|
|
"groupBy":"top",
|
|
"threshold":[1000],
|
|
"index":["test-index"],
|
|
"timeField":"@timestamp",
|
|
"aggField":"sheet.version",
|
|
"termField":"name.keyword"
|
|
},
|
|
"rule_type_id":".index-threshold",
|
|
"created_by":"elastic",
|
|
"updated_by":"elastic",
|
|
"created_at":"2022-12-13T22:33:41.163Z",
|
|
"updated_at":"2022-12-13T22:33:41.163Z",
|
|
"api_key_owner":"elastic",
|
|
"notify_when":"onActionGroupChange",
|
|
"muted_alert_ids":[],
|
|
"mute_all":false,
|
|
"scheduled_task_id":"31697a40-7b36-11ed-aa79-f742c05329b2",
|
|
"execution_status":{
|
|
"status":"ok",
|
|
"last_execution_date":"2022-12-13T22:33:44.388Z",
|
|
"last_duration":83
|
|
},
|
|
"actions":[{
|
|
"group":"threshold met",
|
|
"id":"1007a0c0-7a6e-11ed-89d5-abec321c0def",
|
|
"params":{
|
|
"level":"info",
|
|
"message":"Rule {{rule.name}} is active for group {{context.group}}:\n\n- Value: {{context.value}}\n- Conditions Met: {{context.conditions}} over {{rule.params.timeWindowSize}}{{rule.params.timeWindowUnit}}\n- Timestamp: {{context.date}}"
|
|
},
|
|
"connector_type_id":".server-log"
|
|
}],
|
|
"last_run":{
|
|
"alerts_count":{
|
|
"new":0,
|
|
"ignored":0,
|
|
"recovered":0,
|
|
"active":0
|
|
},
|
|
"outcome_msg":null,
|
|
"warning":null,
|
|
"outcome":"succeeded"
|
|
},
|
|
"next_run":"2022-12-13T22:34:44.314Z"
|
|
}
|
|
--------------------------------------------------
|