Updating Alert Rule Details
Last updated - 23 July, 2025
You can use LogicMonitor REST API v3 to update alert rules. You must authenticate yourself before making the API request.
URI: PATCH /setting/alert/rules/{id}
URI: PUT /setting/alert/rules/{id}
| Parameter | Type | Description |
id | Integer | (Mandatory) The alert rule ID that you want to update. |
datapoint | String | The datapoint configured to match with the alert rule. It supports glob expression that match with any characters. Example – “datapoint” : “*” |
instance | String | The instance configured to match with the alert rule. It supports glob expressions that match with any characters. Example – “instance” : “*” |
devices | String Array | The device name and service name configured to match with the alert rule. Example – “devices” : [ “Cisco Router” ] |
escalatingChainId | Integer | (Mandatory) The escalation chain ID associated with the alert rule. Example – “escalatingChainId” : 5 |
resourceProperties | JSON Array | The resource property filter list that includes resource property name and value. |
sendAnomalySuppressedAlert | Boolean | (Mandatory) To send anomaly suppressed alert, set the value as true, else set it as false. |
priority | Integer | (Mandatory) The priority associated with the alert rule. Example – "priority": 4 |
suppressAlertAckSdt | Boolean | Indicates whether or not status notifications for acknowledgements and SDTs should be sent to the alert rule. Example – “suppressAlertAckSdt” : false |
datasource | String | The datasource configured to match with the alert rule. Example – “datasource” : “Port-” |
suppressAlertClear | Boolean | Indicates whether or not alert clear notifications should be sent to the alert rule. Example – “suppressAlertClear” : true |
name | String | (Mandatory) The name of the alert rule. Example – “name”: ”Warning” |
levelStr | String | The alert severity level configured to match with the alert rule. The acceptable values are: All, Warn, Error, and Critical. Example – “levelStr”: ”All” |
deviceGroups | String Array | The device groups and service groups configured to match with the alert rule. Example – “deviceGroups” : [ “Devices by Type” ] |
escalationInterval | Integer | The escalation interval (in minutes) associated with the alert rule. Example – “escalationInterval” : 20 |
The following Python script updates the alert rule ID 74 in account api.logicmonitor.com.
#!/bin/env python
import requests
import json
import hashlib
import base64
import time
import hmac
import getpass
#Account Info: LogicMonitor recommends to NEVER hardcode the credentials. Instead, retrieve the values from a secure storage.
#Note: The below is provided for illustration purposes only.
AccessId = getpass.getpass("Enter your AccessId: ")
AccessKey = getpass.getpass("Enter your AccessKey: ")
Company = 'apiAccount'
#Request Info
httpVerb ='PUT'
resourcePath = '/setting/alert/rules/74'
queryParams =''
data = '{"name":"DBAlerts","priority":500,"datasource":"*MYSQL*","instance":"*","datapoint":"*","escalationInterval":15,"escalatingChainId":1}'
#Construct URL
url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath +queryParams
#Get current time in milliseconds
epoch = str(int(time.time() * 1000))
#Concatenate Request details
requestVars = httpVerb + epoch + data + resourcePath
#Construct signature
digest = hmac.new(
AccessKey.encode('utf-8'),
msg=requestVars.encode('utf-8'),
digestmod=hashlib.sha256).hexdigest()
signature = base64.b64encode(digest.encode('utf-8')).decode('utf-8')
# Construct headers
auth = 'LMv1 ' + AccessId + ':' + str(signature) + ':' + epoch
headers = {'Content-Type':'application/json','Authorization':auth,'X-Version':3}
# Make request
response = requests.put(url, data=data, headers=headers)
# Print status and body of response
print('Response Status:',response.status_code)
print('Response Body:',response.content)Python 3
The following Python script gets the alert rule ID 74, changes its priority, and then makes a PUT request to update it in api.logicmonitor.com.
#!/bin/env python
import requests
import json
import hashlib
import base64
import time
import hmac
import getpass
#Account Info: LogicMonitor recommends to NEVER hardcode the credentials. Instead, retrieve the values from a secure storage.
#Note: The below is provided for illustration purposes only.
AccessId = getpass.getpass("Enter your AccessId: ")
AccessKey = getpass.getpass("Enter your AccessKey: ")
Company = 'apiAccount'
#Request Info
httpVerb ='GET'
resourcePath = '/setting/alert/rules/74'
queryParams =''
data = ''
#Construct URL
url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath +queryParams
#Get current time in milliseconds
epoch = str(int(time.time() * 1000))
#Concatenate Request details
requestVars = httpVerb + epoch + data + resourcePath
#Construct signature
digest = hmac.new(
AccessKey.encode('utf-8'),
msg=requestVars.encode('utf-8'),
digestmod=hashlib.sha256).hexdigest()
signature = base64.b64encode(digest.encode('utf-8')).decode('utf-8')
# Construct headers
auth = 'LMv1 ' + AccessId + ':' + str(signature) + ':' + epoch
headers = {'Content-Type':'application/json','Authorization':auth,'X-Version':3}
# Make request
response = requests.get(url, data=data, headers=headers)
#Parse response
jsonResponse = json.loads(response.content)
#Change Collector Id and add configuration object
rule = jsonResponse['data']
rule['priority'] = 50
#Request Info
httpVerb ='PUT'
resourcePath = '/setting/alert/rules/74'
queryParams =''
data = str(json.dumps(rule))
#Construct URL
url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath +queryParams
#Get current time in milliseconds
epoch = str(int(time.time() * 1000))
#Concatenate Request details
requestVars = httpVerb + epoch + data + resourcePath
#Construct signature
digest = hmac.new(
AccessKey.encode('utf-8'),
msg=requestVars.encode('utf-8'),
digestmod=hashlib.sha256).hexdigest()
signature = base64.b64encode(digest.encode('utf-8')).decode('utf-8')
# Construct headers
auth = 'LMv1 ' + AccessId + ':' + str(signature) + ':' + epoch
headers = {'Content-Type':'application/json','Authorization':auth,'X-Version':3}
# Make request
response = requests.put(url, data=data, headers=headers)
# Print status and body of response
print('Response Status:',response.status_code)
print('Response Body:',response.content)Python 3
