alerts

Documentation

Index

• func CreateAlert(client *splunk.SplunkClient, spAlert *AlertRequest) error
• func DeleteAlert(client *splunk.SplunkClient, spAlert *AlertRequest) (*http.Response, error)
• func GetAlerts(client *splunk.SplunkClient) (*http.Response, error)
• func HttpAlertRequest(client *splunk.SplunkClient, method string, spAlert *AlertRequest) (*http.Response, error)
• func ListAlertsNames(client *splunk.SplunkClient) (splunkAlertList, error)
• func PostAlert(client *splunk.SplunkClient, spAlert *AlertRequest) (*http.Response, error)
• func RemoveAlert(client *splunk.SplunkClient, alertName string) error
• type AlertParams
• type AlertRequest
• type Content
• type EntryItem
• type Links
• type TriggeredAlerts
  • func GetTriggeredAlerts(client *splunk.SplunkClient) (TriggeredAlerts, error)
• type TriggeredInstances
  • func GetInstancesOfTriggeredAlert(client *splunk.SplunkClient, link string) (TriggeredInstances, error)

Functions

func CreateAlert

func CreateAlert(client *splunk.SplunkClient, spAlert *AlertRequest) error

Creates a new alert from saved search

func DeleteAlert

func DeleteAlert(client *splunk.SplunkClient, spAlert *AlertRequest) (*http.Response, error)

func GetAlerts

func GetAlerts(client *splunk.SplunkClient) (*http.Response, error)

func HttpAlertRequest

func HttpAlertRequest(client *splunk.SplunkClient, method string, spAlert *AlertRequest) (*http.Response, error)

func ListAlertsNames

func ListAlertsNames(client *splunk.SplunkClient) (splunkAlertList, error)

List saved searches

func PostAlert

func PostAlert(client *splunk.SplunkClient, spAlert *AlertRequest) (*http.Response, error)

func RemoveAlert

func RemoveAlert(client *splunk.SplunkClient, alertName string) error

Removes an existing saved search

Types

type AlertParams

type AlertParams struct {
	Name         string
	Description  string `default:""`
	CronSchedule string
	// splunk search in spl syntax
	SearchQuery string
	OutputMode  string `default:"json"`
	// splunk returns a job SID only if the job is complete
	EarliestTime string
	// latest (exclusive) time bounds for the search
	LatestTime string
	//condition for triggering the alert
	AlertCondition      string
	AlertSuppress       string
	AlertSuppressPeriod string
	Actions             string
	WebhookUrl          string
}

type AlertRequest

type AlertRequest struct {
	Headers map[string]string
	Params  AlertParams
}

type Content

type Content struct {
	Sid                 string `json:"sid"`
	SavedSearchName     string `json:"savedsearch_name"`
	TriggerTime         int    `json:"trigger_time"`
	TriggeredAlertCount int    `json:"triggered_alert_count"`
}

type EntryItem

type EntryItem struct {
	Name    string  `json:"name"`
	Links   Links   `json:"links"`
	Content Content `content:"content"`
}

type Links

type Links struct {
	Alternate   string `json:"alternate"`
	List        string `json:"list"`
	Remove      string `json:"remove"`
	Job         string `json:"job"`
	SavedSearch string `json:"savedsearch"`
}

type TriggeredAlerts

type TriggeredAlerts struct {
	Origin  string      `json:"origin"`
	Updated string      `json:"updated"`
	Entry   []EntryItem `json:"entry"`
}

func GetTriggeredAlerts

func GetTriggeredAlerts(client *splunk.SplunkClient) (TriggeredAlerts, error)

type TriggeredInstances

type TriggeredInstances struct {
	Origin  string      `json:"origin"`
	Updated string      `json:"updated"`
	Entry   []EntryItem `json:"entry"`
}

func GetInstancesOfTriggeredAlert

func GetInstancesOfTriggeredAlert(client *splunk.SplunkClient, link string) (TriggeredInstances, error)