Skip to content

Commit

Permalink
Merge pull request #756 from sarette/DOCS-6779_Incident_list_insights30
Browse files Browse the repository at this point in the history 
DOCS-6779 adding incident list to insights 30
  • Loading branch information
@sarette
sarette authored Nov 27, 2024
2 parents 8171bba + 15532b0 commit 41d420d
Showing 1 changed file with 311 additions and 2 deletions.
313 changes: 311 additions & 2 deletions openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,8 @@ info:
\ the tenants have been onboarded by Palo Alto Networks using a Tenant Service\
\ Group\n(TSG) identifier.\n\nThese APIs use the common SASE authentication mechanism\
\ and base URL. See the\n[Prisma SASE API Get Started](https://pan.dev/sase/docs/getstarted)\
\ guide for more information.\n\nThis Open API spec file was created on August\
\ 01, 2024. To check for a more recent version of this file, see\n[Prisma Insights\
\ guide for more information.\n\nThis Open API spec file was created on November\
\ 22, 2024. To check for a more recent version of this file, see\n[Prisma Insights\
\ APIs on pan.dev](https://pan.dev//access/api/insights/).\n\n\xA9 2024 Palo Alto\
\ Networks, Inc. Palo Alto Networks is a registered trademark of Palo\nAlto Networks.\
\ A list of our trademarks can be found at\n\n[https://www.paloaltonetworks.com/company/trademarks.html](https://www.paloaltonetworks.com/company/trademarks.html)\n\
Expand Down Expand Up @@ -391,6 +391,311 @@ paths:
summary: Application list
tags:
- Application
/insights/v3.0/resource/query/incidents/incidents_view:
post:
description: 'Retrieves the list of incident.
'
operationId: post-insights-v3.0-resource-query-incidents-incidents_view
parameters:
- description: "Region mapping for the tenant. \n"
in: header
name: X-PANW-Region
required: true
schema:
example: americas
type: string
- description: 'A Prisma-Tenant is a unique identifier for a tenant or a subtenant
within a single or multi-tenant architecture, providing precise tenant management
and resource allocation.
'
in: header
name: Prisma-Tenant
required: false
schema:
example: 12345678:12345679
type: string
requestBody:
content:
application/json:
examples:
Mandatory Filter:
value:
filter:
rules:
- operator: in
property: status_computed
values:
- Raised
- ClearPending
- Cleared
Possible Filters:
value:
filter:
rules:
- operator: between
property: updated_time
values:
- 1728416763970
- 1731008762970
- operator: in
property: severity
values:
- Warning
- Critical
- operator: in
property: category
values:
- Application Experience
- Authentication
- Certificates
- DNS
- EP
- GATEWAY
- GP
- MU
- PORTAL
- Prisma Access Infrastructure
- RN
- SC
- Security
- ZTNA
- operator: in
property: code
values:
- INC_GATEWAY_USER_AUTH_ALL_FAILURES_COUNT_EXCEEDED_ABOVE_BASELINE_PER_INSTANCE
- INC_GATEWAY_USER_GROUP_COUNT_MAPPING_DEVIATION_FROM_BASELINE
- operator: in
property: site_name
values:
- sitename-1
- sitename-2
- operator: in
property: tunnel_name
values:
- tunnelname-1-A
- tunnelname-2-A
- operator: in
property: pa_location
values:
- Australia East
- Australia South
schema:
example:
filter:
rules:
- operator: in
property: status_computed
values:
- Raised
- ClearPending
- Cleared
properties:
ack_by:
description: User who acknowledged the incident
example: [email protected]
type: string
acknowledged:
description: Whether the incident has been acknowledged
enum:
- true
- false
example: false
type: boolean
category:
description: Category of the incident
enum:
- SC
- RN
- MU
- Authentication
- GP
- Certificates
- ZTNA
- Prisma Access Infrastructure
- DNS
- Security
- Application Experience
- PORTAL
- GATEWAY
- EP
example: SC
type: string
child_incidents_count:
description: Number of child incidents
example: 0
type: integer
code:
description: Incident Code
example: INC_SC_SITE_DOWN
type: string
correlated_alerts_count:
description: Number of correlated alerts
example: 2
type: integer
detailed_message:
description: Detailed message of the incident
example: Remote Network Site vpn-to-sfo-isp1-rn ECMP Tunnel ipsec-to-sfo-isp2-rn1
is down
type: string
incident_id:
description: Unique identifier for the incident
example: 22096e0a-a02e-489f-ab4f-d94ae9921128
type: string
parent_incidents_count:
description: Number of parent incidents
example: 0
type: integer
raised_time:
description: Timestamp when the incident was raised
example: 1720569635383
type: integer
severity:
description: Severity level of the incident
enum:
- Warning
- Critical
- Informational
example: Informational
type: string
status:
description: Current status of the incident
enum:
- Raised
- Clearing
- Cleared
example: Raised
type: string
status_computed:
description: Computed status of the incident
enum:
- Raised
- ClearPending
- Cleared
example: Raised
type: string
title:
description: Title of the incident
example: Tenant has 1 raised alerts
type: string
updated_time:
description: Timestamp of last update
example: 1720569635383
type: integer
required:
- status_computed
type: object
required: true
responses:
'200':
content:
application/json:
example:
data:
- incidents:
- acknowledged: false
category: SC
child_incidents_count: 0
code: INC_SC_SITE_DOWN
correlated_alerts_count: 2
incident_id: 3a0379f6-4d45-4e62-b119-84ca59c041d0
parent_incidents_count: 0
raised_time: 1731051358702
severity: Critical
status: Raised
status_computed: Raised
title: Service Connection Site ipsec-prisma-to-mel-isp1 is down
updated_time: 1731051358702
- acknowledged: false
category: SC
child_incidents_count: 0
code: INC_SC_SITE_DOWN
correlated_alerts_count: 2
incident_id: 513c153b-58df-4c07-9b6c-ca10d2e81021
parent_incidents_count: 0
raised_time: 1731051358609
severity: Critical
status: Raised
status_computed: Raised
title: Service Connection Site ipsec-prisma-to-mel-isp2 is down
updated_time: 1731051358609
schema:
properties:
data:
items:
properties:
incidents:
items:
properties:
ack_by:
description: User who acknowledged the incident
example: [email protected]
type: string
acknowledged:
description: Whether the incident has been acknowledged
example: true
type: boolean
category:
description: Category of the incident
example: SC
type: string
child_incidents_count:
description: Number of child incidents
example: 0
type: integer
code:
description: Incident code
example: INC_SC_SITE_DOWN
type: string
correlated_alerts_count:
description: Number of correlated alerts
example: 2
type: integer
incident_id:
description: Unique identifier for the incident
example: 3a0379f6-4d45-4e62-b119-84ca59c041d0
type: string
parent_incidents_count:
description: Number of parent incidents
example: 0
type: integer
raised_time:
description: Timestamp when the incident was raised
example: 1731051358702
type: integer
severity:
description: Severity level of the incident
example: Critical
type: string
status:
description: Current status of the incident
example: Raised
type: string
status_computed:
description: Computed status of the incident
example: Raised
type: string
title:
description: Title of the incident
example: Service Connection Site ipsec-prisma-to-mel-isp1
is down
type: string
updated_time:
description: Timestamp of last update
example: 1731051358702
type: integer
type: object
type: array
type: object
type: array
type: object
description: OK
security:
- Bearer: []
summary: View incident list
tags:
- Incident
/insights/v3.0/resource/query/locations/location_current_status_count:
post:
description: "Retrieves the current location count per node type and location\
Expand Down Expand Up @@ -2572,6 +2877,10 @@ paths:
servers:
- url: https://api.sase.paloaltonetworks.com
tags:
- description: 'Incident API
'
name: Incident API
- description: 'Location API
'
Expand Down

0 comments on commit 41d420d

Please sign in to comment.