From 60392be71d10e9bb5f51df81f3b248e90ce91bf8 Mon Sep 17 00:00:00 2001 From: sra Date: Sat, 12 Oct 2024 10:57:13 +0530 Subject: [PATCH 1/4] DOCS-6779 adding incident list to insights 30 --- .../3.0/paloaltonetworks-insights_30.yaml | 160 +++++++++++++++++- 1 file changed, 158 insertions(+), 2 deletions(-) diff --git a/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml b/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml index fabef6d87..bf4b07f43 100644 --- a/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml +++ b/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml @@ -13,8 +13,8 @@ info: \ the tenants have been onboarded by Palo Alto Networks using a Tenant Service\ \ Group\n(TSG) identifier.\n\nThese APIs use the common SASE authentication mechanism\ \ and base URL. See the\n[Prisma SASE API Get Started](https://pan.dev/sase/docs/getstarted)\ - \ guide for more information.\n\nThis Open API spec file was created on August\ - \ 01, 2024. To check for a more recent version of this file, see\n[Prisma Insights\ + \ guide for more information.\n\nThis Open API spec file was created on October\ + \ 12, 2024. To check for a more recent version of this file, see\n[Prisma Insights\ \ APIs on pan.dev](https://pan.dev//access/api/insights/).\n\n\xA9 2024 Palo Alto\ \ Networks, Inc. Palo Alto Networks is a registered trademark of Palo\nAlto Networks.\ \ A list of our trademarks can be found at\n\n[https://www.paloaltonetworks.com/company/trademarks.html](https://www.paloaltonetworks.com/company/trademarks.html)\n\ @@ -391,6 +391,158 @@ paths: summary: Application list tags: - Application + /insights/v3.0/resource/query/incidents/incidents_view: + post: + description: 'Retrieves the list of incident. + + ' + operationId: post-insights-v3.0-resource-query-incidents-incidents_view + parameters: + - description: "Region mapping for the tenant. \n" + in: header + name: X-PANW-Region + required: true + schema: + example: americas + type: string + - description: 'A Prisma-Tenant is a unique identifier for a tenant or a subtenant + within a single or multi-tenant architecture, providing precise tenant management + and resource allocation. + + ' + in: header + name: Prisma-Tenant + required: false + schema: + type: string + requestBody: + content: + application/json: + examples: + Default filter: + value: + filter: + rules: + - operator: in + property: status_computed + values: + - Raised + properties: + - property: updated_time + sort: + order: desc + sequence: 1 + - property: status_computed + sort: + order: desc + sequence: 2 + - property: incident_id + - property: title + - property: status + - property: severity + - property: raised_time + schema: + properties: + filter: + properties: + rules: + items: + properties: + operator: + type: string + property: + type: string + values: + items: + type: string + type: array + type: object + type: array + type: object + properties: + items: + properties: + property: + type: string + sort: + properties: + order: + enum: + - asc + - desc + type: string + sequence: + type: integer + type: object + type: object + type: array + type: object + required: true + responses: + '200': + content: + application/json: + schema: + properties: + data: + items: + properties: + incidents: + items: + properties: + ack_by: + description: User who acknowledged the incident + type: string + acknowledged: + description: Whether the incident has been acknowledged + type: boolean + category: + description: Category of the incident + type: string + child_incidents_count: + description: Number of child incidents + type: integer + code: + description: Incident code + type: string + correlated_alerts_count: + description: Number of correlated alerts + type: integer + incident_id: + description: Unique identifier for the incident + type: string + parent_incidents_count: + description: Number of parent incidents + type: integer + raised_time: + description: Timestamp when the incident was raised + type: integer + severity: + description: Severity level of the incident + type: string + status: + description: Current status of the incident + type: string + status_computed: + description: Computed status of the incident + type: string + title: + description: Title of the incident + type: string + updated_time: + description: Timestamp of last update + type: integer + type: object + type: array + type: object + type: array + type: object + description: OK + security: + - Bearer: [] + summary: View incident list + tags: + - Incident List /insights/v3.0/resource/query/locations/location_current_status_count: post: description: "Retrieves the current location count per node type and location\ @@ -2572,6 +2724,10 @@ paths: servers: - url: https://api.sase.paloaltonetworks.com tags: +- description: 'Incident list API + + ' + name: Incident list API - description: 'Location API ' From cd9fb84e542180da8bad8ea1516f9bd43e324e30 Mon Sep 17 00:00:00 2001 From: sra Date: Wed, 6 Nov 2024 12:40:19 +0530 Subject: [PATCH 2/4] DOCS-6779 Updated the latest OAS file --- .../3.0/paloaltonetworks-insights_30.yaml | 144 ++++++++++++------ 1 file changed, 94 insertions(+), 50 deletions(-) diff --git a/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml b/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml index bf4b07f43..348d32230 100644 --- a/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml +++ b/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml @@ -13,8 +13,8 @@ info: \ the tenants have been onboarded by Palo Alto Networks using a Tenant Service\ \ Group\n(TSG) identifier.\n\nThese APIs use the common SASE authentication mechanism\ \ and base URL. See the\n[Prisma SASE API Get Started](https://pan.dev/sase/docs/getstarted)\ - \ guide for more information.\n\nThis Open API spec file was created on October\ - \ 12, 2024. To check for a more recent version of this file, see\n[Prisma Insights\ + \ guide for more information.\n\nThis Open API spec file was created on November\ + \ 06, 2024. To check for a more recent version of this file, see\n[Prisma Insights\ \ APIs on pan.dev](https://pan.dev//access/api/insights/).\n\n\xA9 2024 Palo Alto\ \ Networks, Inc. Palo Alto Networks is a registered trademark of Palo\nAlto Networks.\ \ A list of our trademarks can be found at\n\n[https://www.paloaltonetworks.com/company/trademarks.html](https://www.paloaltonetworks.com/company/trademarks.html)\n\ @@ -419,7 +419,7 @@ paths: content: application/json: examples: - Default filter: + Mandatory Filters: value: filter: rules: @@ -427,55 +427,99 @@ paths: property: status_computed values: - Raised - properties: - - property: updated_time - sort: - order: desc - sequence: 1 - - property: status_computed - sort: - order: desc - sequence: 2 - - property: incident_id - - property: title - - property: status - - property: severity - - property: raised_time + - ClearPending + - Cleared schema: properties: - filter: - properties: - rules: - items: - properties: - operator: - type: string - property: - type: string - values: - items: - type: string - type: array - type: object - type: array - type: object - properties: - items: - properties: - property: - type: string - sort: - properties: - order: - enum: - - asc - - desc - type: string - sequence: - type: integer - type: object - type: object - type: array + ack_by: + description: User who acknowledged the incident + example: xyz@paloaltonetworks.com + type: string + acknowledged: + description: Whether the incident has been acknowledged + enum: + - true + - false + example: false + type: boolean + category: + description: Category of the incident + enum: + - SC + - RN + - MU + - Authentication + - GP + - Certificates + - ZTNA + - Prisma Access Infrastructure + - DNS + - Security + - Application Experience + - PORTAL + - GATEWAY + - EP + example: SC + type: string + child_incidents_count: + description: Number of child incidents + example: 0 + type: integer + code: + description: Incident Code + example: INC_SC_SITE_DOWN + type: string + correlated_alerts_count: + description: Number of correlated alerts + example: 2 + type: integer + incident_id: + description: Unique identifier for the incident + example: 22096e0a-a02e-489f-ab4f-d94ae9921128 + type: string + parent_incidents_count: + description: Number of parent incidents + example: 0 + type: integer + raised_time: + description: Timestamp when the incident was raised + example: 1720569635383 + type: integer + severity: + description: Severity level of the incident + enum: + - Warning + - Critical + - Informational + example: Informational + type: string + status: + description: Current status of the incident + enum: + - Raised + - Clearing + - Cleared + example: Raised + type: string + status_computed: + description: Computed status of the incident + enum: + - Raised + - ClearPending + - Cleared + example: Raised + type: string + title: + description: Title of the incident + example: Tenant has 1 raised alerts + type: string + updated_time: + description: Timestamp of last update + example: 1720569635383 + type: integer + required: + - tenant_id + - sub_tenant_id type: object required: true responses: From 857346dfcc77e55f16840739934f81ec3251050a Mon Sep 17 00:00:00 2001 From: sra Date: Fri, 15 Nov 2024 13:33:06 +0530 Subject: [PATCH 3/4] DOCS-6779 Staging changes made. Local server starts only on PRODUCTS_INCLUDE=sase,access,sdwan yarn docusaurus start --- .../3.0/paloaltonetworks-insights_30.yaml | 125 +++++++++++++++++- 1 file changed, 118 insertions(+), 7 deletions(-) diff --git a/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml b/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml index 348d32230..15ef2b592 100644 --- a/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml +++ b/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml @@ -14,7 +14,7 @@ info: \ Group\n(TSG) identifier.\n\nThese APIs use the common SASE authentication mechanism\ \ and base URL. See the\n[Prisma SASE API Get Started](https://pan.dev/sase/docs/getstarted)\ \ guide for more information.\n\nThis Open API spec file was created on November\ - \ 06, 2024. To check for a more recent version of this file, see\n[Prisma Insights\ + \ 15, 2024. To check for a more recent version of this file, see\n[Prisma Insights\ \ APIs on pan.dev](https://pan.dev//access/api/insights/).\n\n\xA9 2024 Palo Alto\ \ Networks, Inc. Palo Alto Networks is a registered trademark of Palo\nAlto Networks.\ \ A list of our trademarks can be found at\n\n[https://www.paloaltonetworks.com/company/trademarks.html](https://www.paloaltonetworks.com/company/trademarks.html)\n\ @@ -414,12 +414,13 @@ paths: name: Prisma-Tenant required: false schema: + example: 12345678:12345679 type: string requestBody: content: application/json: examples: - Mandatory Filters: + Mandatory Filter: value: filter: rules: @@ -429,7 +430,67 @@ paths: - Raised - ClearPending - Cleared + Possible Filters: + value: + filter: + rules: + - operator: between + property: updated_time + values: + - 1728416763970 + - 1731008762970 + - operator: in + property: severity + values: + - Warning + - Critical + - operator: in + property: category + values: + - Application Experience + - Authentication + - Certificates + - DNS + - EP + - GATEWAY + - GP + - MU + - PORTAL + - Prisma Access Infrastructure + - RN + - SC + - Security + - ZTNA + - operator: in + property: code + values: + - INC_GATEWAY_USER_AUTH_ALL_FAILURES_COUNT_EXCEEDED_ABOVE_BASELINE_PER_INSTANCE + - INC_GATEWAY_USER_GROUP_COUNT_MAPPING_DEVIATION_FROM_BASELINE + - operator: in + property: site_name + values: + - sitename-1 + - sitename-2 + - operator: in + property: tunnel_name + values: + - tunnelname-1-A + - tunnelname-2-A + - operator: in + property: pa_location + values: + - Australia East + - Australia South schema: + example: + filter: + rules: + - operator: in + property: status_computed + values: + - Raised + - ClearPending + - Cleared properties: ack_by: description: User who acknowledged the incident @@ -473,6 +534,11 @@ paths: description: Number of correlated alerts example: 2 type: integer + detailed_message: + description: Detailed message of the incident + example: Remote Network Site vpn-to-sfo-isp1-rn ECMP Tunnel ipsec-to-sfo-isp2-rn1 + is down + type: string incident_id: description: Unique identifier for the incident example: 22096e0a-a02e-489f-ab4f-d94ae9921128 @@ -518,18 +584,63 @@ paths: example: 1720569635383 type: integer required: - - tenant_id - - sub_tenant_id + - status_computed type: object required: true responses: '200': content: application/json: + example: + data: + - incidents: + - acknowledged: false + category: SC + child_incidents_count: 0 + code: INC_SC_SITE_DOWN + correlated_alerts_count: 2 + incident_id: 3a0379f6-4d45-4e62-b119-84ca59c041d0 + parent_incidents_count: 0 + raised_time: 1731051358702 + severity: Critical + status: Raised + status_computed: Raised + title: Service Connection Site ipsec-prisma-to-mel-isp1 is down + updated_time: 1731051358702 + - acknowledged: false + category: SC + child_incidents_count: 0 + code: INC_SC_SITE_DOWN + correlated_alerts_count: 2 + incident_id: 513c153b-58df-4c07-9b6c-ca10d2e81021 + parent_incidents_count: 0 + raised_time: 1731051358609 + severity: Critical + status: Raised + status_computed: Raised + title: Service Connection Site ipsec-prisma-to-mel-isp2 is down + updated_time: 1731051358609 schema: properties: data: items: + example: + data: + - incidents: + - acknowledged: false + category: SC + child_incidents_count: 0 + code: INC_SC_SITE_DOWN + correlated_alerts_count: 2 + incident_id: 3a0379f6-4d45-4e62-b119-84ca59c041d0 + parent_incidents_count: 0 + raised_time: 1731051358702 + severity: Critical + status: Raised + status_computed: Raised + title: Service Connection Site ipsec-prisma-to-mel-isp1 + is down + updated_time: 1731051358702 properties: incidents: items: @@ -586,7 +697,7 @@ paths: - Bearer: [] summary: View incident list tags: - - Incident List + - Incident /insights/v3.0/resource/query/locations/location_current_status_count: post: description: "Retrieves the current location count per node type and location\ @@ -2768,10 +2879,10 @@ paths: servers: - url: https://api.sase.paloaltonetworks.com tags: -- description: 'Incident list API +- description: 'Incident API ' - name: Incident list API + name: Incident API - description: 'Location API ' From d49a40790f3a9ea710b1daa759c93cd9eb295d15 Mon Sep 17 00:00:00 2001 From: sra Date: Fri, 22 Nov 2024 12:10:00 +0530 Subject: [PATCH 4/4] DOCS-6779: Updated the latest OAS file --- .../3.0/paloaltonetworks-insights_30.yaml | 34 +++++++++---------- 1 file changed, 16 insertions(+), 18 deletions(-) diff --git a/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml b/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml index 15ef2b592..cafceb245 100644 --- a/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml +++ b/openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml @@ -14,7 +14,7 @@ info: \ Group\n(TSG) identifier.\n\nThese APIs use the common SASE authentication mechanism\ \ and base URL. See the\n[Prisma SASE API Get Started](https://pan.dev/sase/docs/getstarted)\ \ guide for more information.\n\nThis Open API spec file was created on November\ - \ 15, 2024. To check for a more recent version of this file, see\n[Prisma Insights\ + \ 22, 2024. To check for a more recent version of this file, see\n[Prisma Insights\ \ APIs on pan.dev](https://pan.dev//access/api/insights/).\n\n\xA9 2024 Palo Alto\ \ Networks, Inc. Palo Alto Networks is a registered trademark of Palo\nAlto Networks.\ \ A list of our trademarks can be found at\n\n[https://www.paloaltonetworks.com/company/trademarks.html](https://www.paloaltonetworks.com/company/trademarks.html)\n\ @@ -624,68 +624,66 @@ paths: properties: data: items: - example: - data: - - incidents: - - acknowledged: false - category: SC - child_incidents_count: 0 - code: INC_SC_SITE_DOWN - correlated_alerts_count: 2 - incident_id: 3a0379f6-4d45-4e62-b119-84ca59c041d0 - parent_incidents_count: 0 - raised_time: 1731051358702 - severity: Critical - status: Raised - status_computed: Raised - title: Service Connection Site ipsec-prisma-to-mel-isp1 - is down - updated_time: 1731051358702 properties: incidents: items: properties: ack_by: description: User who acknowledged the incident + example: xyz@xyz.com type: string acknowledged: description: Whether the incident has been acknowledged + example: true type: boolean category: description: Category of the incident + example: SC type: string child_incidents_count: description: Number of child incidents + example: 0 type: integer code: description: Incident code + example: INC_SC_SITE_DOWN type: string correlated_alerts_count: description: Number of correlated alerts + example: 2 type: integer incident_id: description: Unique identifier for the incident + example: 3a0379f6-4d45-4e62-b119-84ca59c041d0 type: string parent_incidents_count: description: Number of parent incidents + example: 0 type: integer raised_time: description: Timestamp when the incident was raised + example: 1731051358702 type: integer severity: description: Severity level of the incident + example: Critical type: string status: description: Current status of the incident + example: Raised type: string status_computed: description: Computed status of the incident + example: Raised type: string title: description: Title of the incident + example: Service Connection Site ipsec-prisma-to-mel-isp1 + is down type: string updated_time: description: Timestamp of last update + example: 1731051358702 type: integer type: object type: array