Retrieve information about alerts. See /api/alerts/scheme to get the scheme for additional filter parameters.

Parameters

ParameterDescription
Alert LabelsFilter by this alert_labels.
Asset Availability ZonesFilter by this asset_availability_zones.
Asset Ingress PortsFilter by this asset_ingress_ports.
Asset LabelsFilter by this asset_labels.
Asset RegionsFilter by this asset_regions.
Asset Role NamesFilter by this asset_role_names.
Asset StateFilter by this asset_state.
Asset Tags Info ListFilter by this asset_tags_info_list.
Asset TypeFilter by this asset_type.
Asset Unique IDFilter by this asset_unique_id.
Asset VpcsFilter by this asset_vpcs.
CategoryFilter by this category.
Cloud Provider IDFilter by this cloud_provider_id.
LimitLimit number of returned records, default is 1000, max is 1000.
State ScoreFilter by this state.score, possible values 1-4.
State SeverityFilter by this state.severity.
State StatusFilter by this state.status.
TypeFilter by this type.

Example Output

{
	"version": "<string>",
	"status": "<string>",
	"data_grouped": true,
	"total_supported_items": "<string>",
	"total_ungrouped_items": 2,
	"total_items": 1,
	"data": []
}

Workflow Library Example

Send a Report to Slack on New Orca Security Alert

Preview this Workflow on desktop