Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DOCS-6779 adding incident list to insights 30 #756

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

DOCS-6779 adding incident list to insights 30 #756

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
60392be
DOCS-6779 adding incident list to insights 30
sra-hub Oct 12, 2024
cd9fb84
DOCS-6779 Updated the latest OAS file
sra-hub Nov 6, 2024
857346d
DOCS-6779 Staging changes made. Local server starts only on PRODUCTS…
sra-hub Nov 15, 2024
d49a407
DOCS-6779: Updated the latest OAS file
sra-hub Nov 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
313 changes: 311 additions & 2 deletions openapi-specs/access/insights/3.0/paloaltonetworks-insights_30.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,8 @@ info:
\ the tenants have been onboarded by Palo Alto Networks using a Tenant Service\
\ Group\n(TSG) identifier.\n\nThese APIs use the common SASE authentication mechanism\
\ and base URL. See the\n[Prisma SASE API Get Started](https://pan.dev/sase/docs/getstarted)\
\ guide for more information.\n\nThis Open API spec file was created on August\
\ 01, 2024. To check for a more recent version of this file, see\n[Prisma Insights\
\ guide for more information.\n\nThis Open API spec file was created on November\
\ 22, 2024. To check for a more recent version of this file, see\n[Prisma Insights\
\ APIs on pan.dev](https://pan.dev//access/api/insights/).\n\n\xA9 2024 Palo Alto\
\ Networks, Inc. Palo Alto Networks is a registered trademark of Palo\nAlto Networks.\
\ A list of our trademarks can be found at\n\n[https://www.paloaltonetworks.com/company/trademarks.html](https://www.paloaltonetworks.com/company/trademarks.html)\n\
Expand Down Expand Up @@ -391,6 +391,311 @@ paths:
summary: Application list
tags:
- Application
/insights/v3.0/resource/query/incidents/incidents_view:
post:
description: 'Retrieves the list of incident.

'
operationId: post-insights-v3.0-resource-query-incidents-incidents_view
parameters:
- description: "Region mapping for the tenant. \n"
in: header
name: X-PANW-Region
required: true
schema:
example: americas
type: string
- description: 'A Prisma-Tenant is a unique identifier for a tenant or a subtenant
within a single or multi-tenant architecture, providing precise tenant management
and resource allocation.

'
in: header
name: Prisma-Tenant
required: false
schema:
example: 12345678:12345679
type: string
requestBody:
content:
application/json:
examples:
Mandatory Filter:
value:
filter:
rules:
- operator: in
property: status_computed
values:
- Raised
- ClearPending
- Cleared
Possible Filters:
value:
filter:
rules:
- operator: between
property: updated_time
values:
- 1728416763970
- 1731008762970
- operator: in
property: severity
values:
- Warning
- Critical
- operator: in
property: category
values:
- Application Experience
- Authentication
- Certificates
- DNS
- EP
- GATEWAY
- GP
- MU
- PORTAL
- Prisma Access Infrastructure
- RN
- SC
- Security
- ZTNA
- operator: in
property: code
values:
- INC_GATEWAY_USER_AUTH_ALL_FAILURES_COUNT_EXCEEDED_ABOVE_BASELINE_PER_INSTANCE
- INC_GATEWAY_USER_GROUP_COUNT_MAPPING_DEVIATION_FROM_BASELINE
- operator: in
property: site_name
values:
- sitename-1
- sitename-2
- operator: in
property: tunnel_name
values:
- tunnelname-1-A
- tunnelname-2-A
- operator: in
property: pa_location
values:
- Australia East
- Australia South
schema:
example:
filter:
rules:
- operator: in
property: status_computed
values:
- Raised
- ClearPending
- Cleared
properties:
ack_by:
description: User who acknowledged the incident
example: xyz@paloaltonetworks.com
type: string
acknowledged:
description: Whether the incident has been acknowledged
enum:
- true
- false
example: false
type: boolean
category:
description: Category of the incident
enum:
- SC
- RN
- MU
- Authentication
- GP
- Certificates
- ZTNA
- Prisma Access Infrastructure
- DNS
- Security
- Application Experience
- PORTAL
- GATEWAY
- EP
example: SC
type: string
child_incidents_count:
description: Number of child incidents
example: 0
type: integer
code:
description: Incident Code
example: INC_SC_SITE_DOWN
type: string
correlated_alerts_count:
description: Number of correlated alerts
example: 2
type: integer
detailed_message:
description: Detailed message of the incident
example: Remote Network Site vpn-to-sfo-isp1-rn ECMP Tunnel ipsec-to-sfo-isp2-rn1
is down
type: string
incident_id:
description: Unique identifier for the incident
example: 22096e0a-a02e-489f-ab4f-d94ae9921128
type: string
parent_incidents_count:
description: Number of parent incidents
example: 0
type: integer
raised_time:
description: Timestamp when the incident was raised
example: 1720569635383
type: integer
severity:
description: Severity level of the incident
enum:
- Warning
- Critical
- Informational
example: Informational
type: string
status:
description: Current status of the incident
enum:
- Raised
- Clearing
- Cleared
example: Raised
type: string
status_computed:
description: Computed status of the incident
enum:
- Raised
- ClearPending
- Cleared
example: Raised
type: string
title:
description: Title of the incident
example: Tenant has 1 raised alerts
type: string
updated_time:
description: Timestamp of last update
example: 1720569635383
type: integer
required:
- status_computed
type: object
required: true
responses:
'200':
content:
application/json:
example:
data:
- incidents:
- acknowledged: false
category: SC
child_incidents_count: 0
code: INC_SC_SITE_DOWN
correlated_alerts_count: 2
incident_id: 3a0379f6-4d45-4e62-b119-84ca59c041d0
parent_incidents_count: 0
raised_time: 1731051358702
severity: Critical
status: Raised
status_computed: Raised
title: Service Connection Site ipsec-prisma-to-mel-isp1 is down
updated_time: 1731051358702
- acknowledged: false
category: SC
child_incidents_count: 0
code: INC_SC_SITE_DOWN
correlated_alerts_count: 2
incident_id: 513c153b-58df-4c07-9b6c-ca10d2e81021
parent_incidents_count: 0
raised_time: 1731051358609
severity: Critical
status: Raised
status_computed: Raised
title: Service Connection Site ipsec-prisma-to-mel-isp2 is down
updated_time: 1731051358609
schema:
properties:
data:
items:
properties:
incidents:
items:
properties:
ack_by:
description: User who acknowledged the incident
example: xyz@xyz.com
type: string
acknowledged:
description: Whether the incident has been acknowledged
example: true
type: boolean
category:
description: Category of the incident
example: SC
type: string
child_incidents_count:
description: Number of child incidents
example: 0
type: integer
code:
description: Incident code
example: INC_SC_SITE_DOWN
type: string
correlated_alerts_count:
description: Number of correlated alerts
example: 2
type: integer
incident_id:
description: Unique identifier for the incident
example: 3a0379f6-4d45-4e62-b119-84ca59c041d0
type: string
parent_incidents_count:
description: Number of parent incidents
example: 0
type: integer
raised_time:
description: Timestamp when the incident was raised
example: 1731051358702
type: integer
severity:
description: Severity level of the incident
example: Critical
type: string
status:
description: Current status of the incident
example: Raised
type: string
status_computed:
description: Computed status of the incident
example: Raised
type: string
title:
description: Title of the incident
example: Service Connection Site ipsec-prisma-to-mel-isp1
is down
type: string
updated_time:
description: Timestamp of last update
example: 1731051358702
type: integer
type: object
type: array
type: object
type: array
type: object
description: OK
security:
- Bearer: []
summary: View incident list
tags:
- Incident
/insights/v3.0/resource/query/locations/location_current_status_count:
post:
description: "Retrieves the current location count per node type and location\
Expand Down Expand Up @@ -2572,6 +2877,10 @@ paths:
servers:
- url: https://api.sase.paloaltonetworks.com
tags:
- description: 'Incident API

'
name: Incident API
- description: 'Location API

'
Expand Down