Add Alert Rules
Last updated - 23 July, 2025
In this article
Overview
You can use LogicMonitor’s REST API to programmatically add alert rules. As with all of our API calls, authentication is required.
Request Information
HTTP Method: POST
URI: /setting/alert/rules
Request parameters: You can POST the following properties for alert rules.
| Property | Description | Required? | Type | Example |
| name | The name of the alert rule | Yes | String | “name”:”prodDBErrors” |
| priority | The priority associated with the alert rule | Yes | Integer | “priority”:100 |
| levelStr | The alert severity levels the alert rule is configured to match. Possible values are All | Warn | Error | Critical | No. Defaults to “All” | String | “levelStr”:”All” |
| devices | The device names and service names the alert rule is configured to match | No. Defaults to * for all devices | JSON Array | “devices” : [ “prod*” ] |
| deviceGroups | The device groups and service groups the alert rule is configured to match | No. Defaults to * for all groups. | JSON Array | “deviceGroups” : [ “Production*” ] |
| datasource | The datasource the alert rule is configured to match | Yes | String | “datasource” : “*SQL*” |
| instance | The instance the alert rule is configured to match | Yes | String | “instance” : “*” |
| datapoint | The datapoint the alert rule is configured to match | Yes | String | “datapoint” : “*” |
| escalationInterval | The escalation interval associated with the alert rule, in minutes | Yes | Integer | “escalationInterval” : 15 |
| escalatingChainId | The id of the escalation chain associated with the alert rule | Yes | Integer | “escalatingChainId” : 12 |
| suppressAlertClear | Whether or not alert clear notifications should be sent to the alert rule | No. Defaults to false. | Boolean | “suppressAlertClear” : true |
| suppressAlertAckSdt | Whether or not status notifications for acknowledgements and SDTs should be sent to the alert rule | No. Defaults to false | Boolean | “suppressAlertAckSdt” : false |
Example
The following example adds a rule ‘DBAlerts’ with priority 1000 that applies to all alerts for SQL DataSources (any DataSource with SQL in the name) across all groups, all devices.
#!/bin/env python
import requests
import json
import hashlib
import base64
import time
import hmac
#Account Info
AccessId ='API-ACCESS-ID'
AccessKey ='API-ACCESS-KEY'
Company = 'api'
##Request Info
httpVerb ='POST'
resourcePath = '/setting/alert/rules'
queryParams =''
data = '{"name":"DBAlerts","priority":1000,"datasource":"*MYSQL*","instance":"*","datapoint":"*","escalationInterval":15,"escalatingChainId":1}'
#Construct URL
url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath +queryParams
#Get current time in milliseconds
epoch = str(int(time.time() * 1000))
#Concatenate Request details
requestVars = httpVerb + epoch + data + resourcePath
# Construct signature
hmac1 = hmac.new(AccessKey.encode(),msg=requestVars.encode(),digestmod=hashlib.sha256).hexdigest()
signature = base64.b64encode(hmac1.encode())
# Construct headers
auth = 'LMv1 ' + AccessId + ':' + signature.decode() + ':' + epoch
headers = {'Content-Type':'application/json','Authorization':auth}
# Make request
response = requests.post(url, data=data, headers=headers)
# Print status and body of response
print('Response Status:',response.status_code)
print('Response Body:',response.content)Python 3