Anomaly Alert Webhook Formats

 DESCRIPTION 

Structure of an anomaly alert object returned by Anodot webhook channels.

Notes:

  • Epoch time is in seconds.
  • The alert templates show the structure (with iterators if a number of metrics and alerts descriptions are combined to the same alert message).

ANOMALY ALERT TEMPLATE 
WEBHOOK EXAMPLE

ANOMALY ALERT TEMPLATE

{
"subject": "{{subject}}",
"severity": "{{severity}}",
"description": "{{description}}",
"investigationUrl":” {{The link to the Anoboard}}",
"startTime": "{{startTime}} (UTC)",
"startTimeEpoch": "{{startTimeEpoch}}",
"anomalyId": "{{anomalyId}}",
"mergedAnomalies":"[{{anomalyId}}]",
"timeScale": "timeScale",
"type": "{{type}}",
"alerts": [
{{#alerts}}
    {
    "title": "{{title}}",
    "metrics": [
    {{#each metrics}}
        {
        "duration": "{{duration}}",
        "durationInSeconds": "{{durationInSeconds}}",
        "startTime": "{{startTime}} (UTC)",
        "startTimeEpoch": "{{startTimeEpoch}}",
        "imageUrl": "{{imageUrl}}",
        "peak": "{{peak}}",
        "direction": "{{direction}}",
        "delta": {{delta}},
         "significance" : {{score}},
        "name": "{{name}}",
        "id":"{{id}}",
        "state": "{{state}}",
        "season":"{{season}}"
        }
    {{/each}}
    ],
"events":{
"Total":"{{total Events}}",
"buckets":[
{{#if events}}
   {{#each events}}
       {
       "date":"{{date}}",
       "Total":"{{total events in aggregation}}",
       "topEvents":[
       {{#each topEvents}}
           {
           "title" :"{{title}}",
           "description" :"{{description}}",
           "source" :"{{source}}",
           "category" : "{{category}}",
           "startDate" :"{{startDate}}",
           "endDate" : "{{endDate}}"
           }
         {{/each}}
       ]
       }
   {{/each}}
{{/if}}
]
},
    "alertId": "{{alertId}}",
    "alertSettingsUrl": "{{The link to the alert’s setting}}",
    "description": "{{description}}",
    "severity": "{{severity}}"
    }{{/alerts}}
]
}

 
WEBHOOK MAIN FIELDS

Field  Description and content
subject Alert subject - same as alert email. Taken from Alert
title
severity Determined by the alert with the highest severity
amongst the alerts included in the webhook
description Description of the alert who’s title was used in the
subject
investigationUrl Link to Anoboard within Anodot for investigation
purposes
startTime Human readable start time of 1st alert in the anomaly
startTimeEpoch startTime in Epoch
timescale Alert timescale values: 1min, 5min, 1 hour, 1 day, 1 week
type Alert type: Anomaly / Static / No Data
mergedAnomalies An array of all merged anomalies
alerts An array of all alerts included in this triggered instance
metrics An array of all metrics in each alert
direction Up/down or both. If both, then the upper/lower are
relevant
delta  For backward compatibility
name Metric name (including tags and user given names
for composite)
id Metric id
state Either open closed
season If relevant
events If correlated in the alert - User events within the time of the alert metrics
buckets An array of the events grouped by dates
topEvents Top X events for the alert
alertid Specific alert id
AlertSettingsURl Link to specific alert configuration
description Specific alert description
severity Specific alert severity

WEBHOOK EXAMPLE (WITH MULTIPLE METRICS)

{
  "subject": "(2 Alerts) Close: [6-1. Automation DAL1] and [6-2. Automation DAL2][critical][a42ba]",
  "severity": "critical",
  "description": "should generate one alert story with DAL1 contains metrics m1(up) and DAL2 contains metrics m4(down)",
  "investigationUrl": "https://master.ano-dev.com/#!/anomalies?tabs=main;0&activeTab=1&anomalies=;0(a42bab2f70f44ec8a420cc2130cc47bb)&duration=;1(1)&durationScale=;minutes(minutes)&delta=;1(1)&deltaType=;percentage(percentage)&resolution=;short(short)&score=;0(0)&state=;both(both)&direction=;both(both)&bookmark=;()&alertId=;(4fd71678-cd35-4248-ae2b-7578201cde78,33187cca-680c-4a42-a067-1d817ddb28dc)&sort=;significance(significance)&q=;()&constRange=;1h(c)&startDate=;0(0)&endDate=;0(0)",
  "startTime": "14 Nov, 2018 9:17AM (UTC)",
  "startTimeEpoch": "1542187020",
  "anomalyId": "a42bab2f70f44ec8a420cc2130cc47bb",
  "mergedAnomalies": "[a42bab2f70f44ec8a420cc2130cc47bb]",
  "timeScale": "1m",
  "type": "Anomaly",
  "alerts": [
    {
      "title": "6-2. Automation DAL2 1542267963737",
      "metrics": [
        {
          "duration": "20m",
          "durationInSeconds": "1200",
          "startTime": "14 Nov, 2018 9:17AM (UTC)",
          "startTimeEpoch": "1542187020",
          "imageUrl": "https://alert-images-staging.s3.amazonaws.com/i:33187cca-680c-4a42-a067-1d817ddb28dce:f855728768f0a8d979581e8fb3dd5320s:close.png",
          "peak": "-500.0",
          "lowerPeak": "-500",
          "direction": "DOWN",
          "delta": 1000,
          "lowerPercentageDelta": 1000,
          "significance": 0,
          "name": "automation.alert.m4.1542267963737",
          "id": "automation.alert.m4.1542267963737",
          "state": "CLOSED",
          "season": "None"
        }
      ],
      "events": {
        "total": "0",
        "buckets": []
      },
      "alertId": "dc23e0ad-5561-4742-b123-af7046659d4e",
      "alertSettingsUrl": "https://master.ano-dev.com/#!/alerts/dc23e0ad-5561-4742-b123-af7046659d4e",
      "description": "should generate one alert story with DAL1 contains metrics m1(up) and DAL2 contains metrics m4(down)",
      "severity": "critical"
    },
    {
      "title": "6-1. Automation DAL1 1542267963737",
      "metrics": [
        {
          "duration": "20m",
          "durationInSeconds": "1200",
          "startTime": "14 Nov, 2018 9:17AM (UTC)",
          "startTimeEpoch": "1542187020",
          "imageUrl": "https://alert-images-staging.s3.amazonaws.com/i:4fd71678-cd35-4248-ae2b-7578201cde78e:14e50f7a6cd06fc2efa0b542c73dc3fcs:close.png",
          "peak": "500.0",
          "upperPeak": "500",
          "direction": "UP",
          "delta": 1000,
          "upperPercentageDelta": 1000,
          "significance": 0,
          "name": "automation.alert.m1.1542267963737",
          "id": "automation.alert.m1.1542267963737",
          "state": "CLOSED",
          "season": "None"
        }
      ],
      "events": {
        "total": "0",
        "buckets": []
      },
      "alertId": "04d7af9d-f892-4d50-8a1a-eb5297247f4f",
      "alertSettingsUrl": "https://master.ano-dev.com/#!/alerts/04d7af9d-f892-4d50-8a1a-eb5297247f4f",
      "description": "should generate one alert story with DAL1 contains metrics m1(up) and DAL2 contains metrics m4(down)",
      "severity": "critical"
    }
  ]
}
 
 
Was this article helpful?
0 out of 0 found this helpful
-->