deleteAggregateAlertV2()

Security Requirements and Controls

UpdateTriggers API permission

Stability Level

Long-Term

The deleteAggregateAlertV2() GraphQL mutation is used to delete an aggregate alert. It will return true if successful, false if the aggregate alert does not exist, and null with errors for other failures.

To create an aggregate alert, use the createAggregateAlert() mutation. Use the updateAggregateAlertV2() mutation to update an aggregate alert. To disable and enable an aggregate alert, you can use the enableAggregateAlertV2() and disableAggregateAlertV2() mutations.

Hide Query Example

Show Aggregate Alerts Query

To get a list of aggregate alerts, you could use the repositories() query like this:

graphql

query {
     repositories
      { id, name, 
        aggregateAlerts { id, name, enabled, description } }
   }

For a better understanding of aggregate alerts, see the Triggers page in the main documentation.

Syntax

graphql

deleteAggregateAlertV2(
       input: DeleteAggregateAlert!
    ): boolean

There are no special return datatypes for this mutation field.

Example

Raw

graphql

mutation {
  deleteAggregateAlertV2(input:
     {viewName: "humio", 
      id: "abc123" } )
}

Mac OS or Linux (curl)

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  deleteAggregateAlertV2(input:
     {viewName: \"humio\", 
      id: \"abc123\" } )
}"
}
EOF

Mac OS or Linux (curl) One-line

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  deleteAggregateAlertV2(input:
     {viewName: \"humio\", 
      id: \"abc123\" } )
}"
}
EOF

Windows Cmd and curl

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
  deleteAggregateAlertV2(input: ^
     {viewName: \"humio\",  ^
      id: \"abc123\" } ) ^
}" ^
} '

Windows Powershell and curl

powershell

curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
  deleteAggregateAlertV2(input:
     {viewName: \"humio\", 
      id: \"abc123\" } )
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"

Perl

perl

#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "mutation {
  deleteAggregateAlertV2(input:
     {viewName: \"humio\", 
      id: \"abc123\" } )
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";

Python

python

#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
  deleteAggregateAlertV2(input:
     {viewName: \"humio\", 
      id: \"abc123\" } )
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)

Node.js

javascript

const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
  deleteAggregateAlertV2(input:
     {viewName: \"humio\", 
      id: \"abc123\" } )
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL',
  path: 'graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();

Example Responses

Success (HTTP Response Code 200 OK)

json

{
  "data": {
    "deleteAggregateAlertV2": true
  }
}

Given Datatype

For this input datatype, you would give the unique identifier of the aggregate alert to delete, and the name of the associated view. This is described in the table here:

Table: DeleteAggregateAlert

Parameter	Type	Required	Stability	Description
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Sep 18, 2024
id	string	yes	`Long-Term`	The unique identifier of the aggregate alert.
viewName	RepoOrViewName	yes	`Long-Term`	The name of the view of the aggregate alert. RepoOrViewName is a scalar.

Versions of this Page

GraphQL Mutations

GraphQL API Stability

GraphQL Queries

GraphQL Datatypes