Skip to main content

Incidents v1

Authentication

All BigPanda APIs require Bearer Token Authorization in the call headers.

This API uses the Org Token type of Authorization token.

BigPanda recommends adding Authentication headers only in the secure tool you use to make API calls.

Example 1. Retrieve an incident
curl --request GET \
     --url https://api.bigpanda.io/resources/v1.0/incidents/1235553b6789c12d3efg45h \
     --header 'Authorization: Bearer <ORG TOKEN>' \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json; charset=utf8' \
curl --request GET \
     --url https://eu-api.bigpanda.io/resources/v1.0/incidents/1234555b6789c12d3efg45h \
     --header 'Authorization: Bearer <ORG TOKEN>' \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json; charset=utf8' \


Example 2. Retrieve an incident with expanded alert data
curl --request GET \
     --url https://api.bigpanda.io/resources/v1.0/incidents/1234a5556789c12d3efg45h?expand=alerts \
     --header 'Authorization: Bearer <ORG TOKEN>' \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json; charset=utf8' \


Example 3. Resolve or add a comment to an incident
curl --request POST \
     --url https://api.bigpanda.io/resources/v1.0/incidents/1e5555ed5fow65ieof018f8 \
     --header 'Authorization: Bearer <ORG TOKEN>' \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     --data '{ "resolved": true, "comments": "ServiceNow ticket was resolved" }'
curl --request POST \
     --url https://eu-api.bigpanda.io/resources/v1.0/incidents/1e5555ed5fow65ieof018f8 \
     --header 'Authorization: Bearer <ORG TOKEN>' \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     --data '{ "resolved": true, "comments": "ServiceNow ticket was resolved" }'


Available Objects & Actions

The Incidents API provides the following objects:

Object

Description

Supported Methods

API Endpoint

Alerts Object

Represents an alert that is contained in a BigPanda incident.

GET

<https://api.bigpanda.io/resources/v1.0/incidents/{incident> ID}?expand=alerts

Incidents Object

Represents an incident in BigPanda.

POST, GET

<https://api.bigpanda.io/resources/v1.0/incidents/{incident> ID}

Use the Incidents API to perform these actions:

Action

Definition

Description

Resolve Incident

POST /incidents/{id}

Resolves a BigPanda incident by closing all related alerts in BigPanda.

Retrieve Incident

GET /incidents/{id}

Retrieves the requested BigPanda incident.

Rate Limitations

To maintain quality of service, the Incidents API is limited to 150 requests per minute. Additional requests will return a 429 response code and the request will need to be retried.

Parameters

The Incidents object schema includes the following attributes.

id

System-generated unique identifier for the incident.

"id": "1234a53b6789c12d3efg45h"

status

Current incident status, which is determined by the most severe status of the correlated alerts. One of [critical, warning, unknown, ok].

"status" : "critical"

active

Whether the incident contains at least one active alert and has not been manually resolved. An incident is automatically resolved when all the alerts are resolved.

"active": true

flapping

Whether at least one correlated alert has changed states frequently enough to be treated as flapping.

"flapping": false

resolved

Whether the incident is currently resolved (true) or active (false).

"resolved": false

snooze

Snooze options for the incident.

Attributes:

- snoozed - Whether the incident is currently snoozed.

- wake - Time when the current snooze period expires, in Unix epochs.

- autoCancel - Whether the current snooze is automatically cancelled if a new alert is added, the severity of an existing alert increases, or the incident is resolved and then reopens.

"snooze" : {"snoozed" : false, "wake" : null, "autoCancel" : false}

startedOn

Unix epoch time when the earliest correlated alert was received (in seconds).

"startedOn": 1466416853

changedOn

Unix epoch time when the last change to the incident that triggered applicable sharing updates occurred (in seconds).

"changedOn": 1466417169

updatedOn

Unix epoch time when the last change to the incident occurred (in seconds).

"updatedOn": 1466417169

endedOn

Unix epoch time when the incident was resolved, either manually or automatically when all alerts were resolved (in seconds).

"endedOn": null

alerts

Array of the alerts that the incident contains.

Attributes:

- alertID - System-generated unique identifier for the alert.

"alerts" : [ { "alertId": "57da76d24cdb1f3a54ce25a0", "alertId": "68eb89e35dca2g4b65df36b1", "alertId": "79fc79f46egh3h5c78rg78d2" } ]

Alerts Object

---
title: "Alerts Object"
slug: "alert-object"
excerpt: "Defines the schema for an alert that is contained in a BigPanda incident."
hidden: false
---

API Endpoint 

https://api.bigpanda.io/resources/v1.0/incidents/{incident ID}/alerts/

Supported Methods

GET 

Parameters

The `Alerts` object schema includes the following attributes:

Attribute 

Description 

Example 

id

System-generated unique identifier for the alert.

`"id": "57da76d24cdb1f3a54ce25a0"`

status

Current state of the alert. One of [`critical`, `warning`, `unknown`, `ok`].

`"status" : "critical"`

active

Whether the alert has been resolved.

`"active": true`

startedOn

Unix epoch time when the alert was first received (in seconds).

`"startedOn": 146641685`

changedOn

Unix epoch time when the last change to alert status occurred (in seconds).

`"changedOn": 1466417169`

updatedOn

Unix epoch time when the last change to an alert occurred (in seconds).

`"updatedOn": 1466417169`

endedOn

Unix epoch time when the alert status was set to ok (in seconds).

`"endedOn": null`

primary_property

Main object that triggered the alert. See Primary property.

`"primary_property": "host"`

secondary_property

Secondary object or sub-item that triggered the alert.

`"secondary_property": "check"`

source_system

Integrated monitoring system that sent the alert to BigPanda, in the following format: `<source type>.<integration name>`.

`"source_system": "nagios.nagios_east"`

description

Brief summary (max. 2048 characters) of the alert for certain monitoring tools.

`"description": "CRITICAL - Host Unreachable"`

tags

Array of name-value pairs that represent alert properties.<br><br>

Attributes:<br><br>

- name - Tag name in BigPanda.<br><br>

- value - Tag value in BigPanda.<br><br>

Note: By default, tag values are limited to a maximum of 30 items. Each value supports up to 512 characters before truncation. If you want to increase the value limit, reach out to your BigPanda account team.

`"tags":[ {"name":"host","value":"production-database-1"}, {"name":"check","value":"CPU load"} ]`

In this section: