diff --git a/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml b/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml index fabef6d87..cafceb245 100644 --- a/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml +++ b/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml @@ -13,8 +13,8 @@ info: \ the tenants have been onboarded by Palo Alto Networks using a Tenant Service\ \ Group\n(TSG) identifier.\n\nThese APIs use the common SASE authentication mechanism\ \ and base URL. See the\n[Prisma SASE API Get Started](https://pan.dev/sase/docs/getstarted)\ - \ guide for more information.\n\nThis Open API spec file was created on August\ - \ 01, 2024. To check for a more recent version of this file, see\n[Prisma Insights\ + \ guide for more information.\n\nThis Open API spec file was created on November\ + \ 22, 2024. To check for a more recent version of this file, see\n[Prisma Insights\ \ APIs on pan.dev](https://pan.dev//access/api/insights/).\n\n\xA9 2024 Palo Alto\ \ Networks, Inc. Palo Alto Networks is a registered trademark of Palo\nAlto Networks.\ \ A list of our trademarks can be found at\n\n[https://www.paloaltonetworks.com/company/trademarks.html](https://www.paloaltonetworks.com/company/trademarks.html)\n\ @@ -391,6 +391,311 @@ paths: summary: Application list tags: - Application + /insights/v3.0/resource/query/incidents/incidents_view: + post: + description: 'Retrieves the list of incident. + + ' + operationId: post-insights-v3.0-resource-query-incidents-incidents_view + parameters: + - description: "Region mapping for the tenant. \n" + in: header + name: X-PANW-Region + required: true + schema: + example: americas + type: string + - description: 'A Prisma-Tenant is a unique identifier for a tenant or a subtenant + within a single or multi-tenant architecture, providing precise tenant management + and resource allocation. + + ' + in: header + name: Prisma-Tenant + required: false + schema: + example: 12345678:12345679 + type: string + requestBody: + content: + application/json: + examples: + Mandatory Filter: + value: + filter: + rules: + - operator: in + property: status_computed + values: + - Raised + - ClearPending + - Cleared + Possible Filters: + value: + filter: + rules: + - operator: between + property: updated_time + values: + - 1728416763970 + - 1731008762970 + - operator: in + property: severity + values: + - Warning + - Critical + - operator: in + property: category + values: + - Application Experience + - Authentication + - Certificates + - DNS + - EP + - GATEWAY + - GP + - MU + - PORTAL + - Prisma Access Infrastructure + - RN + - SC + - Security + - ZTNA + - operator: in + property: code + values: + - INC_GATEWAY_USER_AUTH_ALL_FAILURES_COUNT_EXCEEDED_ABOVE_BASELINE_PER_INSTANCE + - INC_GATEWAY_USER_GROUP_COUNT_MAPPING_DEVIATION_FROM_BASELINE + - operator: in + property: site_name + values: + - sitename-1 + - sitename-2 + - operator: in + property: tunnel_name + values: + - tunnelname-1-A + - tunnelname-2-A + - operator: in + property: pa_location + values: + - Australia East + - Australia South + schema: + example: + filter: + rules: + - operator: in + property: status_computed + values: + - Raised + - ClearPending + - Cleared + properties: + ack_by: + description: User who acknowledged the incident + example: xyz@paloaltonetworks.com + type: string + acknowledged: + description: Whether the incident has been acknowledged + enum: + - true + - false + example: false + type: boolean + category: + description: Category of the incident + enum: + - SC + - RN + - MU + - Authentication + - GP + - Certificates + - ZTNA + - Prisma Access Infrastructure + - DNS + - Security + - Application Experience + - PORTAL + - GATEWAY + - EP + example: SC + type: string + child_incidents_count: + description: Number of child incidents + example: 0 + type: integer + code: + description: Incident Code + example: INC_SC_SITE_DOWN + type: string + correlated_alerts_count: + description: Number of correlated alerts + example: 2 + type: integer + detailed_message: + description: Detailed message of the incident + example: Remote Network Site vpn-to-sfo-isp1-rn ECMP Tunnel ipsec-to-sfo-isp2-rn1 + is down + type: string + incident_id: + description: Unique identifier for the incident + example: 22096e0a-a02e-489f-ab4f-d94ae9921128 + type: string + parent_incidents_count: + description: Number of parent incidents + example: 0 + type: integer + raised_time: + description: Timestamp when the incident was raised + example: 1720569635383 + type: integer + severity: + description: Severity level of the incident + enum: + - Warning + - Critical + - Informational + example: Informational + type: string + status: + description: Current status of the incident + enum: + - Raised + - Clearing + - Cleared + example: Raised + type: string + status_computed: + description: Computed status of the incident + enum: + - Raised + - ClearPending + - Cleared + example: Raised + type: string + title: + description: Title of the incident + example: Tenant has 1 raised alerts + type: string + updated_time: + description: Timestamp of last update + example: 1720569635383 + type: integer + required: + - status_computed + type: object + required: true + responses: + '200': + content: + application/json: + example: + data: + - incidents: + - acknowledged: false + category: SC + child_incidents_count: 0 + code: INC_SC_SITE_DOWN + correlated_alerts_count: 2 + incident_id: 3a0379f6-4d45-4e62-b119-84ca59c041d0 + parent_incidents_count: 0 + raised_time: 1731051358702 + severity: Critical + status: Raised + status_computed: Raised + title: Service Connection Site ipsec-prisma-to-mel-isp1 is down + updated_time: 1731051358702 + - acknowledged: false + category: SC + child_incidents_count: 0 + code: INC_SC_SITE_DOWN + correlated_alerts_count: 2 + incident_id: 513c153b-58df-4c07-9b6c-ca10d2e81021 + parent_incidents_count: 0 + raised_time: 1731051358609 + severity: Critical + status: Raised + status_computed: Raised + title: Service Connection Site ipsec-prisma-to-mel-isp2 is down + updated_time: 1731051358609 + schema: + properties: + data: + items: + properties: + incidents: + items: + properties: + ack_by: + description: User who acknowledged the incident + example: xyz@xyz.com + type: string + acknowledged: + description: Whether the incident has been acknowledged + example: true + type: boolean + category: + description: Category of the incident + example: SC + type: string + child_incidents_count: + description: Number of child incidents + example: 0 + type: integer + code: + description: Incident code + example: INC_SC_SITE_DOWN + type: string + correlated_alerts_count: + description: Number of correlated alerts + example: 2 + type: integer + incident_id: + description: Unique identifier for the incident + example: 3a0379f6-4d45-4e62-b119-84ca59c041d0 + type: string + parent_incidents_count: + description: Number of parent incidents + example: 0 + type: integer + raised_time: + description: Timestamp when the incident was raised + example: 1731051358702 + type: integer + severity: + description: Severity level of the incident + example: Critical + type: string + status: + description: Current status of the incident + example: Raised + type: string + status_computed: + description: Computed status of the incident + example: Raised + type: string + title: + description: Title of the incident + example: Service Connection Site ipsec-prisma-to-mel-isp1 + is down + type: string + updated_time: + description: Timestamp of last update + example: 1731051358702 + type: integer + type: object + type: array + type: object + type: array + type: object + description: OK + security: + - Bearer: [] + summary: View incident list + tags: + - Incident /insights/v3.0/resource/query/locations/location_current_status_count: post: description: "Retrieves the current location count per node type and location\ @@ -2572,6 +2877,10 @@ paths: servers: - url: https://api.sase.paloaltonetworks.com tags: +- description: 'Incident API + + ' + name: Incident API - description: 'Location API '