Action API

The Notifier API was renamed to the Action API. However, in the actual API, no renaming has been done so far.

The endpoints displayed on this page, except for Test Action, are deprecated starting with version 1.23 of Humio. Users are encouraged to use instead the corresponding queries and mutations found in our GraphQL.

List Actions

python
GET /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers

Example:

shell
curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers \
     -H "Authorization: Bearer $TOKEN"

Get Action by ID

python
GET /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/$ID

Example:

shell
curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers/GXso4uF2EawsVyvtr2Q6DbtlWNPKwtOj \
    -H "Authorization: Bearer $TOKEN"

Create Action

python
POST /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers

Params:

  • name—string

  • entity—string—EmailNotifier, HumioRepoNotifier, OpsGenieNotifier, PagerDutyNotifier, SlackNotifier, SlackPostMessageNotifier, VictorOpsNotifier, WebHookNotifier

  • properties:
    • EmailNotifier:
      • recipients—array—array of email address strings

      • subjectTemplate—string

      • bodyTemplate—string

      • useProxy—boolean

    • HumioRepoNotifier:
      • ingestToken—string

    • OpsGenieNotifier:
      • apiUrl—string

      • genieKey—string

      • useProxy—boolean

    • PagerDutyNotifier:
      • severity—string—critical, error, warning, info

      • routingKey—string

      • useProxy—boolean

    • SlackNotifier:
      • url—string

      • fields—map(string, string)

      • useProxy—boolean

    • SlackPostMessageNotifier:
      • apiToken—string

      • channels—array—array of Slack channel strings

      • fields—map(string, string)

      • useProxy—boolean

    • VictorOpsNotifier:
      • messageType—string

      • notifyUrl—string

      • useProxy—boolean

    • WebHookNotifier:
      • url—string

      • method—string—GET, HEAD, OPTIONS, PATCH, POST, PUT

      • headers—map(string, string)

      • bodyTemplate—string

      • ignoreSSL—boolean

      • useProxy—boolean

Example:

shell

curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers

-X POST -H “Content-Type: application/json” -H “Authorization: Bearer $TOKEN” -d ‘{“name”:”test”, “entity”: “WebHookNotifier”, “properties”: {“url”:”http://example.com”, “method”:”POST”, “headers”: {“Content-Type”:”application/json”}, “bodyTemplate”:”{n "repository": "{repo_name}",n "timestamp": "{alert_triggered_timestamp}",n "alert": {n "name": "{alert_name}",n "description": "{alert_description}",n "query": {n "queryString": "{query_string} ",n "end": "{query_time_end}",n "start": "{query_time_start}"n },n "notifierID": "{alert_notifier_id}",n "id": "{alert_id}"n },n "warnings": "{warnings}",n "events": {events},n "numberOfEvents": {event_count}n}”, “ignoreSSL”:true, “useProxy”:true}}’

Update Action

shell
PUT /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/$ID

Params:

  • name—string

  • entity—string—EmailNotifier, HumioRepoNotifier, OpsGenieNotifier, PagerDutyNotifier, SlackNotifier, SlackPostMessageNotifier, VictorOpsNotifier, WebHookNotifier

  • properties:
    • EmailNotifier:
      • recipients—array—array of email address strings

      • subjectTemplate—string

      • bodyTemplate—string

      • useProxy—boolean

    • HumioRepoNotifier:
      • ingestToken—string

    • OpsGenieNotifier:
      • apiUrl—string

      • genieKey—string

      • useProxy—boolean

    • PagerDutyNotifier:
      • severity—string—critical, error, warning, info

      • routingKey—string

      • useProxy—boolean

    • SlackNotifier:
      • url—string

      • fields—map(string, string)

      • useProxy—boolean

    • SlackPostMessageNotifier:
      • apiToken—string

      • channels—array—array of Slack channel strings

      • fields—map(string, string)

      • useProxy—boolean

    • VictorOpsNotifier:
      • messageType—string

      • notifyUrl—string

      • useProxy—boolean

    • WebHookNotifier:
      • url—string

      • method—string—GET, HEAD, OPTIONS, PATCH, POST, PUT

      • headers—map(string, string)

      • bodyTemplate—string

      • ignoreSSL—boolean

      • useProxy—boolean

Example:

shell
curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers/GXso4uF2EawsVyvtr2Q6DbtlWNPKwtOj \
    -X PUT \
    -H "Content-Type: application/json" \
    -H "Authorization: Bearer $TOKEN" \
    -d '{"name":"test", "entity": "WebHookNotifier", "properties": {"url":"http://example.com", "method":"POST", "headers": {"Content-Type":"application/json"}, "bodyTemplate":"{\n  \"repository\": \"{repo_name}\",\n  \"timestamp\": \"{alert_triggered_timestamp}\",\n  \"alert\": {\n    \"name\": \"{alert_name}\",\n    \"description\": \"{alert_description}\",\n    \"query\": {\n      \"queryString\": \"{query_string} \",\n      \"end\": \"{query_time_end}\",\n      \"start\": \"{query_time_start}\"\n    },\n    \"notifierID\": \"{alert_notifier_id}\",\n    \"id\": \"{alert_id}\"\n },\n  \"warnings\": \"{warnings}\",\n  \"events\": {events},\n  \"numberOfEvents\": {event_count}\n}",
    "ignoreSSL":true, "useProxy":true}}'

Delete Action

shell
DELETE /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/$ID

Example:

shell
curl http://$YOUR_HUMIO_URL/api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/GXso4uF2EawsVyvtr2Q6DbtlWNPKwtOj \
    -X DELETE \
    -H "Authorization: Bearer $TOKEN"

Test Action

shell
POST /api/v1/repositories/$REPOSITORY_NAME/alertnotifiers/$ID/test

Params:

  • alertName—string

  • events—array—array of Humio log events

Example:

shell
curl http://$YOUR_HUMIO_URL/api/v1/repositories/sandbox/alertnotifiers/GXso4uF2EawsVyvtr2Q6DbtlWNPKwtOj/test \
    -X POST \
    -H "Content-Type: application/json" \
    -H "Authorization: Bearer $TOKEN" \
    -d '{"alertName":"testAlertName", events: [{"@timestamp": 0, "@timezone": "Z", "#host": "TestHost"}]}'