Creating and testing multiple similar alerts using API

Creating and testing multiple similar alerts using API

This article shows how to create or update multiple Alert Rules using SQL script with up to 4 parameters.

  1. Save SQL script in a separate file.  The script can have up to 4 variables
  2. Edit the config file and update all variables as needed. The script will loop through the "keyValue" dictionary and create or update the Alert Rule for each key:value pair 
  3. script argument can have 3 values:
    1. validateQuery = validate query and save the results in CSV file
    2. postAlertRule = post new Alert Rule or update if the rule with the same code exists
    3. closeAlerts = close open alerts with the same code

    • Related Articles

    • Provisioning roles using API

      Overview Starting with Uptycs portal release 46025, Uptycs provides entity level granular user permissions through roles. This document outlines the process to create roles using API - with examples. Procedure -- Create a new role $ urestapi -k ...
    • Delete duplicate assets using the API

      Duplicate asset (hostname) on Uptycs platform could be a result of particular asset being in rotation or being used a a loaner laptop in which case, uuid of the asset remains the same and the asset is recorded under different hostnames. Following ...
    • Create Custom Threat Source using API

      The article includes the API query to create and update the threat source. We support uploading CSV as of now. To create Threat source: curl --location --request POST ...
    • Uptycs Alert Triggers API Call

      This python module can be run to trigger Uptycs API calls from Uptycs alerts.  Example: An alert is configured to fire when asset location is not in USA (possible GDPR issue). This python can then be run to automatically make an API call to disable ...
    • Create Custom Event Exclusion Profile via API

      It may be a lengthy process to create an event exclusion profile with many entries using the GUI. This article shows how to create two custom event exclusion profiles via the API. The urestapi tool is used (  ...