enableFilterAlertV2()

Stability Level

Long-Term

The enableFilterAlertV2() GraphQL mutation is used to enable a filter alert.

The mutation field replaces enableFilterAlert(), which is deprecated.

Syntax

Below is the syntax for the enableFilterAlertV2() mutation field:

graphql

enableFilterAlertV2(
       input: EnableFilterAlert!
    ): FilterAlert

Example

Below is an example of how this mutation field might be used:

Raw

graphql

mutation {
  enableFilterAlertV2( input:
    { viewName: "humio",
      id: "abc123" } )
  { id, enabled }
}

Mac OS or Linux (curl)

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  enableFilterAlertV2( input:
    { viewName: \"humio\",
      id: \"abc123\" } )
  { id, enabled }
}"
}
EOF

Mac OS or Linux (curl) One-line

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  enableFilterAlertV2( input:
    { viewName: \"humio\",
      id: \"abc123\" } )
  { id, enabled }
}"
}
EOF

Windows Cmd and curl

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
  enableFilterAlertV2( input: ^
    { viewName: \"humio\", ^
      id: \"abc123\" } ) ^
  { id, enabled } ^
}" ^
} '

Windows Powershell and curl

powershell

curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
  enableFilterAlertV2( input:
    { viewName: \"humio\",
      id: \"abc123\" } )
  { id, enabled }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"

Perl

perl

#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "mutation {
  enableFilterAlertV2( input:
    { viewName: \"humio\",
      id: \"abc123\" } )
  { id, enabled }
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";

Python

python

#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
  enableFilterAlertV2( input:
    { viewName: \"humio\",
      id: \"abc123\" } )
  { id, enabled }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)

Node.js

javascript

const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
  enableFilterAlertV2( input:
    { viewName: \"humio\",
      id: \"abc123\" } )
  { id, enabled }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL',
  path: 'graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();

Example Responses

Success (HTTP Response Code 200 OK)

json

{
  "data": {
    "enableFilterAlertV2": {
      "id": "abc123",
      "enabled": true
    }
  }
}

Given Datatype

For the EnableFilterAlert given datatype, there are a few parameters. Below is a list of them, along with a description of each.

Table: EnableFilterAlert

Parameter	Type	Required	Stability	Description
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Sep 18, 2024
id	string	yes	`Long-Term`	The unique identifier of the filter alert to enable.
viewName	RepoOrViewName	yes	`Long-Term`	Name of the view of the filter alert. RepoOrViewName is a scalar.

Returned Datatype

You can get the query string used by the alert, what actions are triggered, and any errors or warnings when it was last executed. These and other parameters are listed in the table below, along with links to related datatype tables.

Table: FilterAlert

Parameter	Type	Required	Stability	Description
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Feb 10, 2026
actions	[Action]	yes	`Long-Term`	List of unique identifiers for actions to fire on query result. See Action.
allowedActions	[AssetAction]	yes	`Short-Term`	List of actions allowed on which to filter query results. See AssetAction .
createdInfo	AssetCommitMetadata		`Long-Term`	Metadata related to the creation of the filter alert. See AssetCommitMetadata.
description	string		`Long-Term`	Description of the filter alert.
enabled	boolean	yes	`Long-Term`	Whether the filter alert is enabled.
id	string	yes	`Long-Term`	The unique identifier of the filter alert.
labels	[string]	yes	`Long-Term`	Labels attached to the filter alert.
lastError	string		`Long-Term`	Last error encountered while running the filter alert.
lastErrorTime	long		`Long-Term`	Unix timestamp for last error.
lastSuccessfulPoll	long		`Long-Term`	Unix timestamp for last successful poll of the filter alert query. If this is not quite recent, then the alert might be having problems.
lastTriggered	long		`Long-Term`	Unix timestamp for last execution of trigger.
lastWarnings	[string]	yes	`Long-Term`	Last warnings encountered while running the filter alert.
modifiedInfo	ModifiedInfo		`Long-Term`	User or token used to modify the asset. See ModifiedInfo. This is a preview and subject to change.
name	string	yes	`Long-Term`	The name of the filter alert.
package	PackageInstallation		`Long-Term`	The package of which the alert was installed. See PackageInstallation.
packageId	VersionedPackageSpecifier		`Long-Term`	The unique identifier of the package of which the alert was installed. VersionedPackageSpecifier is a scalar.
queryOwnership	QueryOwnership	yes	`Long-Term`	Ownership of the query run by this alert. See QueryOwnership.
queryString	string	yes	`Long-Term`	The LogScale query to execute.
resource	string	yes	`Short-Term`	The resource identifier for this filter alert.
throttleField	string		`Deprecated`	The field on which to throttle. This can be set only if throttleTimeSeconds is set. Filter alerts now support multiple throttle fields. This field will be removed at the earliest in version 1.279. Use instead the throttleFields field.
throttleFields	[string]		`Long-Term`	The fields on which to throttle. This can be set only if throttleTimeSeconds is set.
throttleTimeSeconds	long		`Long-Term`	The throttle time in seconds.
yamlTemplate	YAML	yes	`Long-Term`	The yaml specification of the filter alert. YAML is a scalar.

Versions of this Page

GraphQL Mutations

GraphQL API Stability

GraphQL Queries

GraphQL Datatypes