Incident Management API
Overview
This document outlines the Incident Management API. It includes various methods for managing incidents, such as retrieving incident details, listing incidents, aggregating incidents, assigning and unassigning incidents and acknowledging or resolving incidents. The IncidentsService
is designed to handle all operations related to incident management within Coralogix.
Prerequisites
Before you begin, please make sure you have the following:
-
To use this API you need to create a personal or team API key. It’s recommended to use permission presets, as they are automatically updated with all relevant permissions. Alternatively, you can manually add individual permissions.
Preset Action Description Incidents INCIDENTS:ACKNOWLEDGE
INCIDENTS:ASSIGN
INCIDENTS:CLOSE
INCIDENTS:READ
INCIDENTS:SNOOZE
Acknowledge Events in Triggered Alerts
Assign an Event in Triggered Alerts
Manually Resolve Events in Triggered Alerts
View Events in Triggered Alerts
Snooze Events -
A Management API endpoint that corresponds to your Coralogix domain
-
Administrator permissions to manage your services.
Authentication
Coralogix API uses API keys to authenticate requests. You can view and manage your API keys from the Data Flow tab in Coralogix. You need to use an API key in the Authorization request header to successfully connect.
Example
grpcurl -H "Authorization: Bearer <cx_api_key>"
Then, use one of our designated Management endpoints to structure your header.
d @ ng-api-grpc.<span class="domain-value"></span>:443
For the Incidents Service API, the service name will be IncidentsService
.
com.coralogixapis.incidents.v1.IncidentsService/
The complete request header should look like this:
grpcurl -H "Authorization: Bearer <cx_api_key>" -d @ ng-api-grpc.<span class="domain-value"></span>:443 com.coralogixapis.incidents.v1.IncidentsService/
Sample request
Lists all available incidents based on specified filters and order. In this case, incidents are shown per assignee
. The list is ordered in an unspecified direction and sorted by time created.
grpcurl -H "Authorization: Bearer <cx_api_key>" -d @ ng-api-grpc.<span class="domain-value"></span>:443 com.coralogixapis.incidents.v1.IncidentsService/ListIncidents <<EOF
{
"filter": {
"assignee": [
"[email protected]"
]
},
"order_bys": [
{
"direction": "ORDER_BY_DIRECTION_UNSPECIFIED",
"incident_field": "INCIDENTS_FIELDS_CREATED_TIME"
}
]
}
EOF
Sample response
{
"incidents": [
{
"assignments": [
{
"assigned_to": {
"user_id": {
"value": "[email protected]"
}
},
"assigned_by": {
"user_id": {
"value": "[email protected]"
}
}
}
],
"events": [],
"contextualLabels": [
{
"key": "alert_id",
"value": "e2e1e00f-552f-4dfc-9d24-ab9d21d4979c"
},
{
"key": "alert_name",
"value": "inalert"
},
{
"key": "alert_type",
"value": "Standard"
},
{
"key": "alert_severity",
"value": "Info"
},
{
"key": "alert_group_by_fields",
"value": "coralogix.metadata.applicationName , coralogix.metadata.subsystemName"
},
{
"key": "alert_notification_group_id",
"value": "ab8dee0e-063b-43c2-89a3-bdbb068ff851"
},
{
"key": "alert_notification_group_grouping_fields",
"value": "coralogix.metadata.applicationName , coralogix.metadata.subsystemName"
},
{
"key": "alert_notification_group_integrations_ids",
"value": ""
}
],
"displayLabels": [
{
"key": "coralogix.metadata.subsystemName",
"value": "coralogix-operator"
},
{
"key": "coralogix.metadata.applicationName",
"value": "staging"
}
],
"id": {
"value": "cdfaf78b-27ee-401f-8d13-ebd2daa08232"
},
"name": null,
"state": "INCIDENT_STATE_TRIGGERED",
"status": "INCIDENT_STATUS_TRIGGERED",
"description": null,
"severity": "INCIDENT_SEVERITY_INFO",
"created_at": {
"seconds": "1703677320",
"nanos": 0
},
"closed_at": null,
"last_state_update_time": {
"seconds": "1706088981",
"nanos": 286000000
},
"last_state_update_key": {
"value": "8cde7807-dedc-418b-b542-62d78fead629"
},
"is_muted": {
"value": false
}
}
]
}
API endpoints
⚠️ This is only a list of endpoints. For a detailed schema, please consult the whole specification file in GitHub.
IncidentsService
The IncidentsService is designed to provide a set of functionalities and operations to facilitate the effective management, monitoring, and resolution of incidents. Here are some key methods within the IncidentsService:
Method Name | Description |
---|---|
ListIncidents | Lists incidents based on filters. This method is used to retrieve a collection of incidents that match certain criteria. |
ListIncidentAggregations | Lists incident aggregations. This method is used to retrieve aggregated information about incidents, grouped by specific parameters. |
GetIncident | Retrieves detailed information about a specific incident. This method is used to get comprehensive details regarding a single incident. |
GetIncidentEvents | Retrieves events associated with a particular incident. This method is used to obtain a chronological sequence of events related to an incident. |
BatchGetIncident | Retrieves details for multiple incidents. This method is designed to efficiently retrieve information for a batch of incidents in a single request. |
AssignIncidents | Assigns incidents to specific users or teams. This method is used for managing the assignment of incidents to responsible parties. |
UnassignIncidents | Unassigns incidents from users or teams. This method is used to remove assignment associations for incidents. |
AcknowledgeIncidents | Acknowledges incidents. |
PaginationRequest | Retrieves pagination information for incidents. |
CloseIncidents | Closes incidents. |
ResolveIncidents | Resolves incidents. |
Support
Need help?
Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.
Feel free to reach out to us via our in-app chat or by sending us an email to [email protected].