Update First Response Policy

This endpoint is used to update the First Response Policy.

URL

POST https://{api-url}/api/v2/tenants/{tenantId}/policies/firstResponse/{policyId}

Sample URLs

https://{api-url}/api/v2/tenants/client_7/policies/firstResponse/{policyId}

Header format

Header	Value
Authorization	Bearer {accessToken}
Content-type	application/json
Accept	application/json

Status code

200 OK

Parameters

All parameters are mandatory unless specified otherwise.

Field	Data Type	Description
name (required)	String	Name of the first response policy. Maximum length: 250 characters.
enabled	String	(Optional) State of the first response policy. Default state: true.
enabledMode	String	(Optional) Mode for the first response policy. Options: ON, OFF, OBSERVED, RECOMMEND
filterCriteria	Object	(Optional) Rule is mandatory when `filterBased` is specified.
filterCriteria : filterBased	String	(Optional) Rule is mandatory when `filterBased` is specified.
filterCriteria : matchingType	String	ANY/ALL
filterCriteria : rules filterType entityName operator entityValue	String String String String	Should be: `nativeAttributes` or `customAttributes` See Notes for more information. See Notes for more information. Value to compare.
attributeActions	Object	Default: false
attributeActions : continuousLearning	Boolean	Enable/Disable continuous machine learning.
attributeActions : suppress suppressDuration learnedConfiguration	Object Integer Boolean	Used to suppress the alert. `-1 <= n <= 1440` (24 hrs), `-1` to suppress always, `0` to do not suppress or a positive number `n` to suppress for `n` minutes. Options: true/false. Default: false
attributeActions : runProcess processIds learnedConfiguration	Object List Boolean	Run process. Suppress alerts that happen regularly, at around the same time. Options: true/false. Default: false
patternActions	Object	Default: false
patternActions : suppress seasonalAlerts	Object Boolean	Suppress alerts that happen regularly, at around the same time. Options: true/false. Default: false

Notes

name - Should be maximum of 250 characters.
filterCriteria : rules : entityType - For filterType, nativeAttributes, use one of the following for entityType:
- dns_name
- resource_name
- alias_name
- ip_address
- resource_type
- agent_installed
- operating_system
- make
- model
- alert_source
- alert_metric
- alert_component
- device_group
- service_group
- site
- application
- alert_subject
- alert_description
filterType : CustomAttributes Type - Provide Custom-Attribute-Names defined for Client or defined for Partner/ServiceProvider, which are assigned to the devices of the client
filterCriteria : rules : operator - Should be one of the following:
- Contains
- Not Contains
- Equals
- Not Equals
- Starts With
- Ends With
- Regex
- Is [yes, no]
continuousLearning - Should be mandatory if suppress/runProcess learnedConfiguration of attributeActions object is set to true
suppressDuration - suppressDuration can be any value between -1 to 1440 (24 hrs).
- -1 to suppress always.
- 0 to do not suppress or a positive number n to suppress for n minutes.

Sample request

{
  "name": "firstResponse_1",
  "enabledMode":"ON",
  "filterCriteria": {
    "filterBased": true,
    "matchingType": "ALL",
    "rules": [
      {
        "filterType": "nativeAttributes",
        "entityName": "resource_name",
        "operator": "Starts with",
        "entityValue": "vm"
      },
      {
		"filterType":"nativeAttributes",
		"entityName":"ip_address",
		"ipMatchingConditions": {
			"ipAddressMatchType":"CIDR Match",
			"cidrNotation":"192.168.1.1/24"
		}
	  }
    ]
  },
  "attributeActions": {
    "continuousLearning": true,
    "suppress": {
        "learnedConfiguration": true,
        "suppressDuration": 5
    },
    "runProcess": {
        "learnedConfiguration": true,
        "processIds": [
            "PROCESS_9beade88-834a-4229-ab34-90380214cf74"
        ]
    }
   },
   "patternActions": {
     "suppress": {
         "seasonalAlerts": true
      }
    }
}

Sample response

{
  "id": "POLICY-AC-d53e179d-8c9b-4564-b793-dc639f6a7cf2",
  "name": "firstResponse_1",
  "enabled": true,
  "enabledMode":"ON",
  "filterCriteria": {
    "filterBased": true,
    "matchingType": "ALL",
    "rules": [
      {
        "filterType": "nativeAttributes",
        "entityName": "resource_name",
        "operator": "Starts with",
        "entityValue": "vm"
      },
      {
        "filterType": "nativeAttributes",
        "entityName": "ip_address",
        "ipMatchingConditions": {
          "ipAddressMatchType": "CIDR Match",
          "cidrNotation": "192.168.1.1/24"
        }
      }
    ]
  },
  "attributeActions": {
    "continuousLearning": true,
    "suppress": {
        "learnedConfiguration": true,
        "suppressDuration": 5
    },
    "runProcess": {
        "learnedConfiguration": true,
        "processIds": [
           "PROCESS_9beade88-834a-4229-ab34-90380214cf74"
        ]
    }
   },
  "patternActions": {
    "suppress": {
       "seasonalAlerts": true
    }
   },
  "createdBy": {
    "loginName": "opsramp_api_user",
    "lastName": " ",
    "firstName": "OpsRamp API User",
    "email": "opsAdmin@opsramp.com"
  },
  "updatedBy": {
    "loginName": "opsramp_api_user",
    "lastName": " ",
    "firstName": "OpsRamp API User",
    "email": "opsAdmin@opsramp.com"
  },
  "createdTime": "2019-02-28T09:25:56+0000",
  "updatedTime": "2019-02-28T10:14:05+0000"
}