Issue with "Prisma Cloud CSPM API Time Range Model" in @site/api/cloud/api-time-range-model.md

Question

Issue with "Prisma Cloud CSPM API Time Range Model" in @site/api/cloud/api-time-range-model.md

Paul-Jazz opened this issue 3 years ago · 3 comments

Thank you for taking the time to help us improve our documentation! Please describe the problem and a suggested fix below and we'll get back to you as soon as we can. --DevRel

Describe the problem

With alerts v2, I am told that you can specify :

{
  "timeRange": {
    "value": {
      "unit": "hour",
      "amount": 24
    },
    "type": "relative"
  },
  "filters": [
    {
      "name": "alert.status",
      "value": "resolved",
      "operator": "="
    },
    {
      "name": "alert.status",
      "value": "open",
      "operator": "="
    }
  ],
    "timeRangeType": "ALERT_UPDATED"
}

But there is no information or detail on the "timeRangeType": "ALERT_UPDATED" parameter

Suggested fix

Answer 1 · 2021-07-28T00:00:52.000Z

🎉 Thanks for opening your first issue here! Welcome to the community!

Answer 2 · 2021-08-02T14:53:01.000Z

Thanks for the feedback. I think I found the cause. 'Working on it.

Answer 3 · 2021-08-04T01:14:58.000Z

It turns out that "timeRangeType": "ALERT_UPDATED" is not a supported parameter. If it does happen to work, since it isn't supported, it might be removed at any time. You can do something like the following with POST /v2/alert, however, to get the same result:

{
    "detailed": false,
    "filters": [
        {
          "name": "alert.status",
          "value": "resolved",
          "operator": "="
        },
       {
          "name": "alert.status",
          "value": "open",
          "operator": "="
        },
        {
            "name": "timeRange.type",
            "operator": "=",
            "value": "ALERT_UPDATED"
        }
    ],
    "timeRange": {
        "type": "relative",
        "value": {
            "amount": "24",
            "unit": "hour"
        }
    },
    "limit": 100
}