Defines the schema for an alert enrichment (Enrichment V2)
| API Endpoints | https://api.bigpanda.io/resources/v2.0/enrichments-config/https://api.bigpanda.io/resources/v2.0/alert-enrichments/https://api.bigpanda.io/resources/v2.0/alert-enrichments-jobs/ |
| Supported Methods | POST, GET, PATCH, PUT,DELETE |
Parameters
The Enrichment item object schema includes the following attributes:
| Attribute | Description | Example |
|---|---|---|
| active | Whether the enrichment item is applied to all incoming alert data. | "active": true |
| id | System-generated unique identifier for the enrichment item. | "id": "1234a53b6789c12d3efg45h" |
| version | Internal version number of the current data mapping table for this enrichment item. This number is incremented automatically each time the table/item is updated. | "version": 1 |
| type | Enrichment function type used to create enrichment items. | "type": "mapping" |
| config | Configuration details associated with the enrichment technique. | For a mapping enrichment, this attribute contains the map's definitions like table name, query & result tags and note. |
| when | A BPQL query for filtering the incoming alerts to be enriched | BPQL string, BPQL object or boolean "when": true "when": "host != x" "when": { "!=": [ "host", "x" ] } |
| note | A description | "note": hello world |
`