Table of Contents
How to create, update, query and delete notification records in SPM using the Fire Scope REST API.
Overview
The REST API allows you to work with Notifications in Fire Scope SPM. Specifically, you can:
- Retrieve
- Create or Update
- Delete
Retrieve
To retrieve the current information about a Notification in SPM, send unique query parameters in a GET request to the following URL:
http://[IP address]:38050/web_services/notifications?account=[Account name]&name=[Notification name]
Example:
http://localhost:38050/web_services/...=notification1
Note: Don’t forget to change the domain name (localhost) and query parameter values (account, and name) to match your environment and data.
A JSON response will be returned similar in structure to the payload for the Create or Update.
Query Parameter Descriptions
| Parameter | Description | Type | Required |
| account | The SPM account | String | Yes |
| name | Name of the Notification | String | Yes |
Create or Update
To create or update a Notification, POST a JSON document with the appropriate information to the following URL:
http://[IP address]:38050/web_services/notifications
Note: Don’t forget to change the domain name (localhost) to match your environment and data.
Use the following example as a guide.
{ "account_id" : "firescope", "name" : "Event Def Severity Notification", "created_by" : "Admin", "status" : 0, "type" : 1, "filters" : [{ "filtertype" : 4, "operator" : 5, "value" : {"edge_device" : "edge1", "ci" : "VMWare", "eventdef" : "Ping"} },{ "filtertype" : 2, "operator" : 0, "value" : "5" }], "procedures" : [{ "content_type" : 0, "longdata" : "{CI}:{IPADDRESS}:{EVENT.NAME}:{STATUS}", "object" : 0, "objectid" : {"users" : "bryancan"}, "proceduretype" : 0, "shortdata" : "{CI}:{EVENT.NAME}:{STATUS}" }, { "content_type" : 0, "longdata" : "{CI}:{IPADDRESS}:{EVENT.NAME}:{STATUS}", "object" : 1, "objectid" : {"usrgrp" : "Fire Scope administrators"}, "proceduretype" : 0, "shortdata" : "{CI}:{EVENT.NAME}:{STATUS}" }], "usrgrp" : ["Database administrators", "Fire Scope administrators", "Guests"] }Property Descriptions
| Property | Description | Type | Default | Required |
| account_id | The name of the SPM account. | String | Yes | |
| created_by | The user name of the person who created this notification. | String | Yes | |
| name | The unique name of the notification. | String | Yes | |
| status | Status of the Notification:0 = Enabled1 = Disabled | Number | 0 | Yes |
| type | The type of boolean logic to apply to the filters:1 – AND2 – OR | Number | 1 | Yes |
| usrgrp | The list of associated user groups. | String[] | No | |
| procedures |
PropertyDescriptionTypeDefaultRequired 0 = text/plain1 = text/html Number0Yes, if Message typelongdata A macro-filled text field whose values depends upon the type.For messages, this field represents the message body.For remote commands, this field represents the actual command to execute For Service Now, this field represents the ticket comment to add.String Yesobject0 = Single User1 = User Group Number0Yes, if Message typeobjectid Unique key to a user or a user group, depending upon ‘object’ enumeration.e.g. {“users” : “Admin”} or {“usrgrp” : “Administrators”}Object Yes, if Message typeproceduretype0 = Message1 = Remote Command8 = Service Now Incident Processing Number0Yesshortdata A macro-filled text field whose values depends upon the type.For messages, this field represents the message subject.For Service Now, this field represents the comment description.String Yes, except for Remote Commands |
Object[] | Yes | |
|
filters PropertyDescriptionTypeDefaultRequiredfiltertypeThe category of filtering Number0YesoperatorWhich operation should be applied to the value Number0YesvalueA context dependent value depending upon the filter type. See ‘Value Format’ column of table below.Object Yes |
Possible values for filtertype and value fields: Filter TypeDefinitionValue FormatExample Value0Logical Group Unique key for a logical group”Database Servers”1Configuration Item Unique key for a CI{“edge_device” : “edge1”, “ci” : “VMWare”}2Event Definition (ED)Unique key for an ED{“edge_device” : “edge1”, “ci” : “VMWare”, “eventdef” : “Ping Status”}3ED/AED/Policy Name Supports name for all 3 types”Ping Status”4Event Definition Severity”0″ = Not Classified”1″ = Information”2″ = Average”3″ = Warning”4″ = High”5″ = Major”0″5Event Definition Value”0″ = OK”1″ = Failed”0″6Time Period “1502206054”13Aggregate Event Definition (AED)Unique key for an AED{“logicalgroup” : “Database Servers”, “aed” : “aed1”}14Policy Unique key for a policy{“servicegroup”: “CRM”, “policy” : “policy1”}15Event Definition Name Name of an ED. Can match multiple”Ping Status”16Aggregate Event Definition Name Name of an AED. Can match multiple”aed1″17Policy Name Name of a policy. Can match multiple”policy1″Operator of the Notification OperatorDefinition0Equals1Not equals2Like3Not like4Between5Greater than or equal6Less than or equal7Not between |
Object[] | Yes |
Delete
To delete a Notification, send an HTTP DELETE request with the same query parameters as the GET request.
See the Retrieve for the URL format and query parameter descriptions.