API Stability Long-Term

The clearErrorOnFilterAlert() GraphQL mutation may be used to clear the error status on a filter alert. The status will be updated, though, if the error reoccurs.

There are three other similar mutation fields: clearErrorOnAlert() for clearing errors on alerts; clearErrorOnAggregateAlert for clearing aggregate alert errors; and clearErrorOnScheduledSearch() for clearing scheduled search errors.

Hide Query Example

Show Filter Alert Errors Query

For more information on filter alerts, see the Filter Alerts documentation page.

Syntax

graphql
clearErrorOnFilterAlert(
      input: ClearErrorOnFilterAlertInput!
   ): FilterAlert!

Example

Below is an example of how this mutation field might be used:

Raw
graphql
mutation {
  clearErrorOnFilterAlert(input:
       { viewName: "humio", 
         id: "pvnPez4zbRDJqnS87HE1oZseiocfOGdN" } )
  {name, enabled}
}
Mac OS or Linux (curl)
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  clearErrorOnFilterAlert(input:
       { viewName: \"humio\", 
         id: \"pvnPez4zbRDJqnS87HE1oZseiocfOGdN\" } )
  {name, enabled}
}"
}
EOF
Mac OS or Linux (curl) One-line
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  clearErrorOnFilterAlert(input:
       { viewName: \"humio\", 
         id: \"pvnPez4zbRDJqnS87HE1oZseiocfOGdN\" } )
  {name, enabled}
}"
}
EOF
Windows Cmd and curl
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
  clearErrorOnFilterAlert(input: ^
       { viewName: \"humio\",  ^
         id: \"pvnPez4zbRDJqnS87HE1oZseiocfOGdN\" } ) ^
  {name, enabled} ^
}" ^
} '
Windows Powershell and curl
powershell
curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
  clearErrorOnFilterAlert(input:
       { viewName: \"humio\", 
         id: \"pvnPez4zbRDJqnS87HE1oZseiocfOGdN\" } )
  {name, enabled}
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"
Perl
perl
#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "mutation {
  clearErrorOnFilterAlert(input:
       { viewName: \"humio\", 
         id: \"pvnPez4zbRDJqnS87HE1oZseiocfOGdN\" } )
  {name, enabled}
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";
Python
python
#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
  clearErrorOnFilterAlert(input:
       { viewName: \"humio\", 
         id: \"pvnPez4zbRDJqnS87HE1oZseiocfOGdN\" } )
  {name, enabled}
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)
Node.js
javascript
const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
  clearErrorOnFilterAlert(input:
       { viewName: \"humio\", 
         id: \"pvnPez4zbRDJqnS87HE1oZseiocfOGdN\" } )
  {name, enabled}
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL',
  path: 'graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();
Example Responses
Success (HTTP Response Code 200 OK)
json
{
  "data": {
    "clearErrorOnFilterAlert": {
      "name": "Great Filtration Watcher",
      "enabled": true
    }
  }
}

Given Datatype

For this datatype, you will need to give the name of the view and the unique identifier of the filter alert on which to clear errors. See the table below for a bit more details:

Table: ClearErrorOnFilterAlertInput

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Sep 17, 2024
idstringyes Long-TermThe unique identifier of the filter alert.
viewNameRepoOrViewNameyes Long-TermName of the view of the filter alert. RepoOrViewName is a scalar.

Returned Datatype

You can get the query string used by the alert, what actions are triggered, and any errors or warnings when it was last executed. These and other parameters are listed in the table below, along with links to related datatype tables.

Table: FilterAlert

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Feb 10, 2026
actions[Action]yes Long-TermList of unique identifiers for actions to fire on query result. See Action.
allowedActions[AssetAction]yes Short-TermList of actions allowed on which to filter query results. See AssetAction .
createdInfoAssetCommitMetadata  Long-TermMetadata related to the creation of the filter alert. See AssetCommitMetadata.
descriptionstring  Long-TermDescription of the filter alert.
enabledbooleanyes Long-TermWhether the filter alert is enabled.
idstringyes Long-TermThe unique identifier of the filter alert.
labels[string]yes Long-TermLabels attached to the filter alert.
lastErrorstring  Long-TermLast error encountered while running the filter alert.
lastErrorTimelong  Long-TermUnix timestamp for last error.
lastSuccessfulPolllong  Long-TermUnix timestamp for last successful poll of the filter alert query. If this is not quite recent, then the alert might be having problems.
lastTriggeredlong  Long-TermUnix timestamp for last execution of trigger.
lastWarnings[string]yes Long-TermLast warnings encountered while running the filter alert.
modifiedInfoModifiedInfo  Long-TermUser or token used to modify the asset. See ModifiedInfo. This is a preview and subject to change.
namestringyes Long-TermThe name of the filter alert.
packagePackageInstallation  Long-TermThe package of which the alert was installed. See PackageInstallation.
packageIdVersionedPackageSpecifier  Long-TermThe unique identifier of the package of which the alert was installed. VersionedPackageSpecifier is a scalar.
queryOwnershipQueryOwnershipyes Long-TermOwnership of the query run by this alert. See QueryOwnership.
queryStringstringyes Long-TermThe LogScale query to execute.
resourcestringyes Short-TermThe resource identifier for this filter alert.
throttleFieldstring  DeprecatedThe field on which to throttle. This can be set only if throttleTimeSeconds is set. Filter alerts now support multiple throttle fields. This field will be removed at the earliest in version 1.279. Use instead the throttleFields field.
throttleFields[string]  Long-TermThe fields on which to throttle. This can be set only if throttleTimeSeconds is set.
throttleTimeSecondslong  Long-TermThe throttle time in seconds.
yamlTemplateYAMLyes Long-TermThe yaml specification of the filter alert. YAML is a scalar.