# LitmusEdgeManager 2.31.x API Documentation/Edge Lifecycle Management/Alerts - LE, LEM, LUNS API Docs ## List of Incidents **GET** `{{LEM_URL}}/api/v1/project/incident/{{project_id}}?limit=10&requestedPage=0&state=OPEN` # List of Incidents Returns the paginated list of incidents (alert firings) for the project. Filter by `state` (`OPEN` / `RESOLVED`). ## Endpoint ```http GET {{LEM_URL}}/api/v1/project/incident/{{project_id}}?limit=10&requestedPage=0&state=OPEN ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Response **Status**: 200 OK ```json [ { "id": "string", "triggerId": "string", "startedAt": "2019-08-24T14:15:22Z", "resolvedAt": "2019-08-24T14:15:22Z", "deviceId": "string", "severity": 0, "showOnDashboard": true, "scopeType": "USER", "subject": "string", "message": "string", "hostname": "string" } ] ``` --- ## Create Trigger - Metrics **POST** `{{LEM_URL}}/api/v1/project/trigger/definition/{{project_id}}` # Create Trigger -- Metrics Creates a new alert trigger based on **metric rules** (e.g. CPU > 90%). `deviceId: null` makes the trigger apply to every device in the project; pass a specific UUID to scope down. The `subject` and `message` templates can reference variables like `$devicename`, `$value`, `$alertDelay`, `$company`, etc. ## Endpoint ```http POST {{LEM_URL}}/api/v1/project/trigger/definition/{{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Request body ```json { "id": "ccraeulf5jvtoausc8f0cjh7l", "active": false, "name": "ad", "severity": 0, "showOnDashboard": true, "deduplicate": false, "subject": " $devicename $name $value $company $deviceid ...", "message": " $devicename $name $value $company $deviceid ...", "deviceId": null, "actions": ["bp0pgdjum4l1ltore344h9j1p"] } ``` ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Request Body ```json { "id": "ccraeulf5jvtoausc8f0cjh7l", "active": false, "advancedRules": "", "deduplicate": false, "subject": " $devicename $name $alertDelay $value $company $deviceid $project $targetValue ", "message": " $devicename $name $alertDelay $value $company $deviceid $project $targetValue ", "name": "ad", "severity": 0, "notifyGracePeriod": null, "notifyContinuously": false, "showOnDashboard": true, "simpleRules": [], "eventRules": [], "dataRules": [], "metricRules": [], "tags": [], "deviceId": null, "scopeType": "USER", "sourceType": "METRICS", "alertDelay": 60, "description": "dd", "actions": [ "bp0pgdjum4l1ltore344h9j1p" ] } ``` ### Response **Status**: 201 Created ```json { "id": "ccraeulf5jvtoausc8f0cjh7l", "name": "ad", "description": "dd", "simpleRules": [], "eventRules": [], "rawDataRules": null, "metricRules": [], "advancedRules": "", "deduplicate": false, "severity": 0, "subject": " $devicename $name $alertDelay $value $company $deviceid $project $targetValue ", "message": " $devicename $name $alertDelay $value $company $deviceid $project $targetValue ", "tags": [], "deviceId": null, "actions": [ "bp0pgdjum4l1ltore344h9j1p" ], "active": false, "showOnDashboard": true, "scopeType": "USER", "sourceType": "METRICS", "updatedOn": 1698260499322, "notifyContinuously": false, "notifyGracePeriod": 0, "alertDelay": 60 } ``` --- ## Create Trigger - Event **POST** `{{LEM_URL}}/api/v1/project/trigger/definition/{{project_id}}` # Create Trigger -- Event Creates a trigger based on **event rules** -- when an LE event matching the rule (component / severity / event ID / message / attrs) is received, the trigger fires. ## Endpoint ```http POST {{LEM_URL}}/api/v1/project/trigger/definition/{{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Request body ```json { "id": "ccraeulf5jvtoausc8f0cjh7l", "name": "event-related-trigger", "severity": 0, "eventRules": [ { "operator": "OR", "severity": "INFO" } ], "deviceId": null } ``` ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Request Body ```json { "id": "ccraeulf5jvtoausc8f0cjh7l", "active": false, "advancedRules": "", "deduplicate": false, "subject": "$eventid $type $triggername $severity $tags $deviceid $hostname $triggerid $message $componentid $devicename ", "message": "$devicename $componentid $message $triggerid $hostname $deviceid $tags $severity $triggername $type $eventid ", "name": "event-related-trigger", "severity": 0, "notifyGracePeriod": null, "notifyContinuously": false, "showOnDashboard": true, "simpleRules": [], "eventRules": [ { "attrs": {}, "component": null, "eventId": null, "msg": null, "operator": "OR", "severity": "INFO" } ], "dataRules": [], "metricRules": [], "tags": [], "deviceId": null, "scopeType": "USER", "sourceType": "EVENTS", "alertDelay": 60, "description": "dd", "actions": [ "bp0pgdjum4l1ltore344h9j1p" ] } ``` ### Response **Status**: 201 Created ```json { "id": "ccraeulf5jvtoausc8f0cjh7l", "name": "event-related-trigger", "description": "dd", "simpleRules": [], "eventRules": [ { "operator": "OR", "component": null, "severity": "INFO", "eventId": null, "msg": null, "attrs": {} } ], "rawDataRules": null, "metricRules": [], "advancedRules": "", "deduplicate": false, "severity": 0, "subject": "$eventid $type $triggername $severity $tags $deviceid $hostname $triggerid $message $componentid $devicename ", "message": "$devicename $componentid $message $triggerid $hostname $deviceid $tags $severity $triggername $type $eventid ", "tags": [], "deviceId": null, "actions": [ "bp0pgdjum4l1ltore344h9j1p" ], "active": false, "showOnDashboard": true, "scopeType": "USER", "sourceType": "EVENTS", "updatedOn": 1698260279239, "notifyContinuously": false, "notifyGracePeriod": 0, "alertDelay": 60 } ``` --- ## Delete Trigger **DELETE** `{{LEM_URL}}/api/v1/project/trigger/definition/{{project_id}}/{{trigger_id}}` # Delete Trigger Removes a trigger from the project. ## Endpoint ```http DELETE {{LEM_URL}}/api/v1/project/trigger/definition/{{project_id}}/{{trigger_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Response **Status**: 204 No Content --- ## Project Actions **GET** `{{LEM_URL}}/api/v1/project/action/templates?projectId={{project_id}}` # Project Actions Returns the **action templates** (notification recipes) defined for the project. Each is the destination of an alert firing -- email / Slack / PagerDuty / webhook. ## Endpoint ```http GET {{LEM_URL}}/api/v1/project/action/templates?projectId={{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Response **Status**: 200 OK ```json [ { "id": "bp0pgdjum4l1ltore344h9j1p", "name": "apiEMail", "type": "EMAIL", "limit": { "maxActionsPerInterval": 1, "updateIntervalSeconds": 3600 }, "recipients": [ "recipeint@email.com" ], "subject": null, "message": null } ] ``` --- ## Project Triggers **GET** `{{LEM_URL}}/api/v1/project/trigger/definition?projectId={{project_id}}` # Project Triggers Returns the trigger definitions for the project. Same shape as the records created via `Triggers > Create Trigger - Metrics/Event`. ## Endpoint ```http GET {{LEM_URL}}/api/v1/project/trigger/definition?projectId={{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Response **Status**: 200 OK ```json [ { "id": "6u98gdlpwxuypstkb7826beb9", "name": "Monitor alert failures", "description": null, "simpleRules": null, "eventRules": null, "rawDataRules": null, "metricRules": null, "advancedRules": null, "deduplicate": true, "severity": 2, "subject": "Monitor alert failures", "message": "Monitor alert failures", "tags": null, "deviceId": null, "actions": null, "active": true, "showOnDashboard": true, "scopeType": "SYSTEM", "sourceType": "DATA", "updatedOn": 1691100533111, "notifyContinuously": false, "notifyGracePeriod": 0, "alertDelay": 0 } ] ``` --- ## Add Action - Email **POST** `{{LEM_URL}}/api/v1/project/action/templates/{{project_id}}` # Add Action -- Email Creates an Email action template. Triggers can reference its ID to send email on firing. ## Endpoint ```http POST {{LEM_URL}}/api/v1/project/action/templates/{{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Request body ```json { "type": "EMAIL", "name": "Action Name from API", "recipients": ["fake@fake.com"], "isValid": true, "limit": { "maxActionsPerInterval": 1, "updateIntervalSeconds": 3600 } } ``` ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Request Body ```json { "type": "EMAIL", "limit": { "maxActionsPerInterval": 1, "updateIntervalSeconds": 3600 }, "recipients": [ "fake@fake.com" ], "isValid": true, "name": "Action Name from API" } ``` ### Response **Status**: 201 Created ```json { "id": "703rj3do9iq5b094uk346409n", "name": "Action Name from API", "type": "EMAIL", "limit": { "maxActionsPerInterval": 1, "updateIntervalSeconds": 3600 }, "recipients": [ "fake@fake.com" ], "subject": null, "message": null } ``` --- ## Add Action - Slack **POST** `{{LEM_URL}}/api/v1/project/action/templates/{{project_id}}` # Add Action -- Slack Creates a Slack action template. Carries `webhook`, `channel`, and `username` fields. ## Endpoint ```http POST {{LEM_URL}}/api/v1/project/action/templates/{{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Request body ```json { "type": "SLACK", "name": "slackFromAPI", "webhook": "https://hooks.slack.com/services/T0/B0/XX", "channel": "#channel-to-post-to", "username": "slackUser", "isValid": true, "limit": { "maxActionsPerInterval": 1, "updateIntervalSeconds": 604800 } } ``` ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Request Body ```json { "type": "SLACK", "isValid": true, "name": "slackFromAPI", "webhook": "https://hooks.slack.com/services/T0/B0/XX", "channel": "#channel-to-post-to", "username": "slackUser", "limit": { "maxActionsPerInterval": 1, "updateIntervalSeconds": "604800" } } ``` ### Response **Status**: 201 Created ```json { "id": "647oel6t3z1572y4jqwt5go4w", "name": "slackFromAPI", "type": "SLACK", "limit": { "maxActionsPerInterval": 1, "updateIntervalSeconds": 604800 }, "webhook": "https://hooks.slack.com/services/T0/B0/XX", "channel": "#channel-to-post-to", "username": "slackUser" } ``` --- ## Add Action - Pagerduty **POST** `{{LEM_URL}}/api/v1/project/action/templates/{{project_id}}` # Add Action -- PagerDuty Creates a PagerDuty action template. Carries the integration `token`. ## Endpoint ```http POST {{LEM_URL}}/api/v1/project/action/templates/{{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Request body ```json { "type": "PAGERDUTY", "name": "pager", "token": "your-token-here", "isValid": true, "limit": { "maxActionsPerInterval": 1, "updateIntervalSeconds": 3600 } } ``` ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Request Body ```json { "type": "PAGERDUTY", "isValid": true, "name": "pager", "token": "your-token-here", "limit": { "maxActionsPerInterval": 1, "updateIntervalSeconds": 3600 } } ``` ### Response **Status**: 201 Created ```json { "id": "8ahv0npni0etbmgk6nllcxiwl", "name": "pager", "type": "PAGERDUTY", "limit": { "maxActionsPerInterval": 1, "updateIntervalSeconds": 3600 }, "token": "your-token-here" } ``` --- ## Add Action - Webhook **POST** `{{LEM_URL}}/api/v1/project/action/templates/{{project_id}}` # Add Action -- Webhook Creates a generic webhook action template. LEM POSTs the alert payload to `webhook` with an `Authorization: ` header. ## Endpoint ```http POST {{LEM_URL}}/api/v1/project/action/templates/{{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Request body ```json { "type": "WEBHOOK", "name": "webhook-created-from-API", "webhook": "webhook-here", "token": "token-here", "verifySsl": true, "isValid": true, "limit": { "maxActionsPerInterval": 1, "updateIntervalSeconds": 60 } } ``` ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Request Body ```json { "type": "WEBHOOK", "isValid": true, "verifySsl": true, "webhook": "webhook-here", "token": "token-here", "limit": { "maxActionsPerInterval": 1, "updateIntervalSeconds": "60" }, "name": "webhook-created-from-API" } ``` ### Response **Status**: 201 Created ```json { "id": "233sz904bau25fotj6rw8m6z7", "name": "webhook-created-from-API", "type": "WEBHOOK", "limit": { "maxActionsPerInterval": 1, "updateIntervalSeconds": 60 }, "webhook": "webhook-here", "token": "token-here", "verifySsl": true } ``` --- ## Delete Action **DELETE** `{{LEM_URL}}/api/v1/project/action/templates/{{project_id}}/{{alert_id}}` # Delete Action Removes an action template by ID. ## Endpoint ```http DELETE {{LEM_URL}}/api/v1/project/action/templates/{{project_id}}/{{alert_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Response **Status**: 204 No Content ---