Use this API to search all the alerting activities for FIM.
Parameter |
Mandatory/Optional |
Data Type |
Description |
---|---|---|---|
filter |
Mandatory |
String |
Filter the alerts by providing a query using Qualys syntax. Refer to the How to Search topic in the Online Help for assistance with creating your query. For example: ruleName:`POD12: Email Rule` |
pageNumber |
Mandatory |
String |
The page number to be returned. The number starts from zero. |
pageSize |
Mandatory |
String |
The number of records per page to be included in the response. Default is 10. |
sort | Mandatory |
String |
Sort the results using a Qualys token. For example - "sort":"[{\"status\":\"desc\"}]" |
API Request
curl -X POST
<qualys_base_url>
/fim/v3/alert/activities/search
-H 'authorization: Bearer <token>'
-H 'content-type: application/json'
-d @request.json
Contents of request.json:
{
"filter": "string",
"pageNumber": {},
"pageSize": {},
"sort": "string"
}
Response
[
"statusDate": 1560569128488,
"subject": "PagerDuty Test Action with John's Service Key",
"identifiers": [
"xx18x49x-1x2x-3xxx-x7x1-4787xxx5xxxx"
],
"emailRecipients": [],
"matches": 1,
"ruleDescription": "Rule to test PagerDuty account",
"aggregate": true,
"actionType": "pagerduty",
"createdBy": "John Doe",
"alert": "Testing the pager duty account, to check the calls and sms\nSecurity\xxx5026x1-0xx8-4x4x-9xx4-64x8x1xx905f\nJohn Linux FIM\nCentOS Linux 7.5.1804\n2\n[Linux Profile]\n[[f0534cd2-8f19-4a1d-986f-414d8ef5825d]]\nchgrp\n/usr/bin/chgrp\n2.4.0.72\n\n[7701016, 7905815]\xxx18x49x-1x2x-3xxx-x7x1-4787xxx5xxxx\n[My category JD]",
"datasource": "EVENTS",
"customerId": "x5x0514x-x211-x1b4-809x-x3x2xx667xxx",
"actionId": "xx3xx0x0-8x68-11x9-9xx1-058683x890x9",
"ruleName": "Rule to test PagerDuty account",
"id": "x51xxxx1-8x91-11x9-88x1-x97xx3100467",
"ruleId": "x5xx0190-8x68-11x9-x24x-87456x2x93x3",
"applicationName": "FIM",
"createdById": "doe-john",
"actionName": "PagerDuty Test Action",
"status": "SUCCESS"
]