The createFilterAlert() GraphQL mutation may be used to create a filter alert.

For more information on filter alerts, see the Filter Alerts documentation page.

Syntax

Below is the syntax for the createFilterAlert() mutation field:

graphql
createFilterAlert(
      input: CreateFilterAlert!
   ): FilterAlert!

Given Datatypes

For the input CreateFilterAlert, there are several parameters that may be given. Below is a list of them along with their datatypes and a description of each:

Table: CreateFilterAlert

ParameterTypeRequiredDefaultDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Sep 17, 2024
actionIdsOrNames[string]yes List of unique identifiers or names for actions to fire on query result. Actions in packages can be referred to as packagescope/packagename:actionname.
descriptionstringyes Description of the filter alert.
enabledboolean  Flag indicating whether the filter alert is enabled.
labels[string]yes Labels attached to the filter alert.
namestringyes Name of the filter alert.
queryOwnershipTypeQueryOwnershipTypeyes Ownership of the query run by this filter alert. If value is User, ownership will be based on the runAsUserId field. See QueryOwnershipType.
queryStringstringyes LogScale query to execute.
runAsUserIdstring  The filter alert will run with the permissions of the user corresponding to this id if the queryOwnershipType field is set to User. If the queryOwnershipType is set to Organization, whilst runAsUserId is set, this will result in an error. If not specified, the filter alert will run with the permissions of the calling user. It requires the 'ChangeTriggersToRunAsOtherUsers' permission to set this field to a user id different from the calling user.
throttleFieldstring  A field to throttle on. Can only be set if throttleTimeSeconds is set.
throttleTimeSecondslong  Throttle time in seconds.
viewNameRepoOrViewNameyes Name of the view of the filter alert. RepoOrViewName is a scalar.

Returned Datatypes

The returned datatype FilterAlert has its own parameters. Below is a list of them along with their datatypes and a description of each:

Table: FilterAlert

ParameterTypeRequiredDefaultDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
actions[Action]yes List of unique identifiers for actions to fire on query result. See Action.
allowedActions[AssetAction]yes List of actions allowed on which to filter query results. See AssetAction.
descriptionstring  Description of the filter alert.
enabledbooleanyes Whether the filter alert is enabled.
idstringyes The unique identifier of the filter alert.
labels[string]yes Labels attached to the filter alert.
lastErrorstring  Last error encountered while running the filter alert.
lastErrorTimelong  Unix timestamp for last error.
lastSuccessfulPolllong  Unix timestamp for last successful poll of the filter alert query. If this is not quite recent, then the alert might be having problems.
lastTriggeredlong  Unix timestamp for last execution of trigger.
lastWarnings[string]yes Last warnings encountered while running the filter alert.
modifiedInfoModifiedInfo  User or token used to modify the asset. See ModifiedInfo. This is a preview and subject to change.
namestringyes The name of the filter alert.
packagePackageInstallation  The package of which the alert was installed. See PackageInstallation.
packageIdVersionedPackageSpecifier  The unique identifier of the package of which the alert was installed. VersionedPackageSpecifier is a scalar.
queryOwnershipQueryOwnershipyes Ownership of the query run by this alert. See QueryOwnership.
queryStringstringyes The LogScale query to execute.
throttleFieldstring  A field to throttle on. Can only be set if throttleTimeSeconds is set.
throttleTimeSecondslong  The throttle time in seconds.
yamlTemplateyamlyes YAML specification of the filter alert.