generateAlertFromTemplate()

API Stability Long-Term

The generateAlertFromTemplate() GraphQL query to generate an unsaved alert from a YAML template.

Syntax

Below is the syntax for the generateAlertFromTemplate() query field:

graphql

generateAlertFromTemplate(
      input: GenerateAlertFromTemplateInput!
   ): UnsavedAlert

For input, you would replace GenerateAlertFromTemplateInput in the syntax with data for generating an unsaved alert object from a yaml template. For the returned datatype, UnsavedAlert enter a list of parameters you would like values See the Given and the Returned Datatype sections that follow the example below:

Raw

graphql

query {
  generateAlertFromTemplate(
    input: {viewName: "company-http", 
            yamlTemplate: "xxxx"}
  ) {
    name, 
    description,
    queryString,
    enabled,
    actions {
      id, name, isAllowedToRun
    }    
  }
}

Mac OS or Linux (curl)

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query {
  generateAlertFromTemplate(
    input: {viewName: \"company-http\", 
            yamlTemplate: \"xxxx\"}
  ) {
    name, 
    description,
    queryString,
    enabled,
    actions {
      id, name, isAllowedToRun
    }    
  }
}"
}
EOF

Mac OS or Linux (curl) One-line

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query {
  generateAlertFromTemplate(
    input: {viewName: \"company-http\", 
            yamlTemplate: \"xxxx\"}
  ) {
    name, 
    description,
    queryString,
    enabled,
    actions {
      id, name, isAllowedToRun
    }    
  }
}"
}
EOF

Windows Cmd and curl

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "query { ^
  generateAlertFromTemplate( ^
    input: {viewName: \"company-http\",  ^
            yamlTemplate: \"xxxx\"} ^
  ) { ^
    name,  ^
    description, ^
    queryString, ^
    enabled, ^
    actions { ^
      id, name, isAllowedToRun ^
    }     ^
  } ^
}" ^
} '

Windows Powershell and curl

powershell

curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "query {
  generateAlertFromTemplate(
    input: {viewName: \"company-http\", 
            yamlTemplate: \"xxxx\"}
  ) {
    name, 
    description,
    queryString,
    enabled,
    actions {
      id, name, isAllowedToRun
    }    
  }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"

Perl

perl

#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "query {
  generateAlertFromTemplate(
    input: {viewName: \"company-http\", 
            yamlTemplate: \"xxxx\"}
  ) {
    name, 
    description,
    queryString,
    enabled,
    actions {
      id, name, isAllowedToRun
    }    
  }
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";

Python

python

#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "query {
  generateAlertFromTemplate(
    input: {viewName: \"company-http\", 
            yamlTemplate: \"xxxx\"}
  ) {
    name, 
    description,
    queryString,
    enabled,
    actions {
      id, name, isAllowedToRun
    }    
  }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)

Node.js

javascript

const https = require('https');

const data = JSON.stringify(
    {"query" : "query {
  generateAlertFromTemplate(
    input: {viewName: \"company-http\", 
            yamlTemplate: \"xxxx\"}
  ) {
    name, 
    description,
    queryString,
    enabled,
    actions {
      id, name, isAllowedToRun
    }    
  }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL',
  path: 'graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();

Given Datatypes

The given datatype GenerateAlertFromTemplateInput has its own parameters. Below is a list of them along with their datatypes and a description of each:

Table: GenerateAlertFromTemplateInput

Parameter	Type	Required	Stability	Description
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Sep 18, 2024
viewName	RepoOrViewName	yes	`Long-Term`	The name of the view of the alert. RepoOrViewName is a scalar.
yamlTemplate	YAML	yes	`Long-Term`	The yaml specification of the alert. YAML is a scalar.

Returned Datatypes

For UnsavedAlert, there are several possible values returned. They're listed and described below:

Table: UnsavedAlert

Parameter	Type	Required	Stability	Description
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Apr 3, 2025
actions	[Action]	yes	`Long-Term`	A list of unique identifiers for actions to fire on query result. See Action.
description	string		`Long-Term`	A description of the alert.
enabled	boolean	yes	`Long-Term`	Whether the alert is enabled.
labels	[string]	yes	`Long-Term`	Labels attached to the alert.
name	string	yes	`Long-Term`	The name of the alert.
queryStart	string	yes	`Long-Term`	Start of the relative time interval for the query.
queryString	string	yes	`Long-Term`	The LogScale query to execute.
throttleField	string		`Long-Term`	The field on which to throttle.
throttleTimeMillis	long	yes	`Long-Term`	Throttle time in milliseconds.

GraphQL Queries

GraphQL API Stability

GraphQL Groups

GraphQL Mutations

GraphQL Datatypes