Adding Alert Rules
Last updated - 07 July, 2023
You can use LogicMonitor REST API v3 to add alert rules. You must authenticate yourself before making the API request.
URI: POST /setting/alert/rules
| Parameter | Type | Description |
datapoint | String | The datapoint configured to match with the alert rule. It supports glob expression that match with any characters. Example – “datapoint” : “*” |
instance | String | The instance configured to match with the alert rule. It supports glob expression that match with any characters. Example – “instance” : “*” |
devices | String Array | The device name and service name configured to match with the alert rule. Example – “devices” : [ “Cisco Router” ] |
escalatingChainId | Integer | (Mandatory) The escalation chain ID associated with the alert rule. Example – “escalatingChainId” : 7 |
resourceProperties | JSON Array | The resource property filter list that includes resource property name and value. |
sendAnomalySuppressedAlert | Boolean | (Mandatory) To send anomaly suppressed alert, set the value as true, else set it as false. |
priority | Integer | (Mandatory) The priority associated with the alert rule. Example – "priority" : 3 |
suppressAlertAckSdt | Boolean | Indicates whether or not status notifications for acknowledgements and SDTs should be sent to the alert rule. Example – “suppressAlertAckSdt” : false |
datasource | String | The datasource configured to match with the alert rule. Example – “datasource” : “Port-” |
suppressAlertClear | Boolean | Indicates whether or not alert clear notifications should be sent to the alert rule. Example – “suppressAlertClear” : true |
name | String | (Mandatory) The name of the alert rule. Example – “name” : ”Warning” |
levelStr | String | The alert severity level configured to match with the alert rule. The acceptable values are: All, Warn, Error, and Critical. Example – “levelStr”: ”All” |
deviceGroups | String Array | The device groups and service groups configured to match with the alert rule. Example – “deviceGroups” : [ “Devices by Type” ] |
escalationInterval | Integer | The escalation interval (in minutes) associated with the alert rule. Example – “escalationInterval” : 15 |
The following Python script adds a rule ‘DBAlerts’ with priority 1000 that applies to all alerts for MYSQL DataSources (any DataSource with MYSQL in the name) across all groups and devices.
#!/bin/env python
import requests
import json
import hashlib
import base64
import time
import hmac
import getpass
#Account Info: LogicMonitor recommends to NEVER hardcode the credentials. Instead, retrieve the values from a secure storage.
#Note: The below is provided for illustration purposes only.
AccessId = getpass.getpass("Enter your AccessId: ")
AccessKey = getpass.getpass("Enter your AccessKey: ")
Company = 'apiAccount'
##Request Info
httpVerb ='POST'
resourcePath = '/setting/alert/rules'
queryParams =''
data = '{"name":"DBAlerts","priority":1000,"datasource":"*MYSQL*","instance":"*","datapoint":"*","escalationInterval":15,"escalatingChainId":1}'
#Construct URL
url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath +queryParams
#Get current time in milliseconds
epoch = str(int(time.time() * 1000))
#Concatenate Request details
requestVars = httpVerb + epoch + data + resourcePath
#Construct signature
digest = hmac.new(
AccessKey.encode('utf-8'),
msg=requestVars.encode('utf-8'),
digestmod=hashlib.sha256).hexdigest()
signature = base64.b64encode(digest.encode('utf-8')).decode('utf-8')
# Construct headers
auth = 'LMv1 ' + AccessId + ':' + str(signature) + ':' + epoch
headers = {'Content-Type':'application/json','Authorization':auth,'X-Version':3}
# Make request
response = requests.post(url, data=data, headers=headers)
# Print status and body of response
print('Response Status:',response.status_code)
print('Response Body:',response.content)Python 3
