fetchAlerts
Fetches alerts from alerts under case management.
Fetches alerts from alerts under case management.
Operator Usage in Easy Mode
- Click + on the Start node.
Note: Fetch Alerts is a data source and therefore can be used only at the beginning under Start. - Enter the Fetch Alerts operator in the search field and select the operator from the Results to open the operator form.
- In the Query field, use * to fetch all alerts.
- Optional. In the Limit field, enter the number of alerts to fetch. Enter a value of less than 100000.
- Optional. In the Table field, enter or select the name of the table that contains the input values for the query template.
- Click Run to view the result.
- Click Save to add the operator to the playbook.
- Click Cancel to discard the operator form.
Usage Details
function fetchAlerts(query: String, limit: Long, table: TableReference)
Input Parameters
- query (String): Query to filter the alerts. Use * to fetch all.
- limit (Long)(Optional): Number of alerts to fetch. Limit has to be less than 100000 alerts.
- table (TableReference) (Optional): The table that contains the input values for the query template. The table should not have more than 500 rows.
Output
A table with all alerts that are retrieved by the query.
Example
Input
fetchAlerts("alert_type='default'", 10)
Output
| Alert ID | Alert Name | Alert Type | Alert Source |
|---|---|---|---|
| alert-13554 | [email protected] | Default | { "flowName": "alertIssues", "nodeName": "m62Alert" } |
Relative-Time Filters
Currently, we don’t support relative-time filters while fetching alerts. However, this is feasible by adding an extra node to define the start/end time:
- Parent node query
select DATE_FORMAT(DATE_SUB(CURRENT_TIMESTAMP(), 1), "yyyy/MM/dd HH:mm") as start_time,
DATE_FORMAT(CURRENT_TIMESTAMP(), "yyyy/MM/dd HH:mm") as end_time from _Start_Node
- FetchAlerts node query
fetchAlerts("created >= \"$start_time\" and created <= \"$end_time\"", 100000, currentTimeStamp)
Updated over 1 year ago