Alert API
The Alert API is a REST API that provides programmatic access to data resulting from an alert configured in Risk Monitor. This allows you to download csv streams of the alert data for further processing, for example, for use in your process to handle vulnerabilities.
Description
The API has two endpoints that you use in sequence to retrieve alert data in a csv stream. The API supports the HTTP request method GET.
For the authentication required, see Authenticate Alert API.
The API version must be included in the HTTP requests, see Include API version.
All responses are in JSON format.
The rate limit is 200 API calls during a period of 2 minutes.
List
/api/Alert/{alertId}/List
Lists all the latest download tokens for the alert that you specify.
GET /api/Alert/123/List HTTP/1.1
Host: https://api.analytics.snowsoftware.com
x-api-key: dTR7y0WhbN9WAjr8bhaWgmF8pXxEc1P7U=
x-api-version: 1.0
The API returns a list of download tokens as URLs for you to insert in the Download token endpoint to download the alert data.
The number of download tokens returned is determined by the size of the alert data result. Each URL can be used to download a segment of the alert data. To download all of the alert data, you must download each of the URLs returned.
To ensure that the latest alert data has been returned, check the value returned for createdon.
The data result for a new alert is available to download at the earliest the day after the alert is created, since the data has to be processed for the new alert criteria.
Table 1. Parameters
| Name | Parameter type | Data type | Description |
|---|---|---|---|
alertId | Path | integer($int32) | The Alert Id of the alert created in the Risk Monitor. This parameter is mandatory. |
Table 2. Responses
| Code | Description |
|---|---|
| 200 | Returns a list of download tokens, each representing a segment of data. |
| 400 | Bad request. Part of the request was incorrect. |
| 400 | An API version is required, but was not specified. |
| 400 | An API version was specified, but it is invalid. |
| 400 | An API version was specified multiple times with different values. |
| 401 | API key is missing or invalid. |
| 404 | Alert or alert data cannot be found. |
| 429 | Rate limit is exceeded. Try again in (x) seconds. |
Download token
/api/Alert/{alertId}/Get/{downloadToken}
Downloads alert data using a download token retrieved from the List endpoint.
GET /api/Alert/123/Get/MTglMmY2OTclM...mY2Mz£==?header=true HTTP/1.1
Host: https://api.analytics.snowsoftware.com
x-api-key: dTR7y0WhbN9WAjr8bhaWgmF8pXxEc1P7U=
x-api-version: 1.0
The API returns a csv stream containing alert data.
Table 3. Parameters
| Name | Parameter type | Data type | Description |
|---|---|---|---|
alertId | Path | integer($int32) | The Alert Id of the alert created in the Risk Monitor. This parameter is mandatory. |
downloadToken | Path | string | A download token retrieved from the List endpoint, which represents a segment of data for an alert. This parameter is mandatory. |
header | Query | boolean | Add with the value true if you want to include a header row.By default, there is no header row in the alert data. This parameter is optional. |
Table 4. Responses
| Code | Description |
|---|---|
| 200 | Returns a csv stream containing alert data. |
| 400 | Bad request. Part of the request was incorrect. |
| 400 | An API version is required, but was not specified. |
| 400 | An API version was specified, but it is invalid. |
| 400 | An API version was specified multiple times with different values. |
| 401 | API key is missing or invalid. |
| 404 | Alert or alert data cannot be found. |
| 429 | Rate limit is exceeded. Try again in (x) seconds. |
Schemas
ErrorResponse
{
error string
nullable: true
}
ListResponseDto
{
List of download tokens that can be used to get alert data
downloadTokens [
nullable: true
The URL that should be used in additional http requests to retrieve the alert data
string]
createdOn string($date-time)
The date and time the alert data was created in the Risk Monitor system. Use
this field to know if the data you are retrieving is up-to-date or not.
}