Update parameters for a specific enrichment item (Enrichment V2)
New API Version & Additional Functionality
Extraction and Composition tags cannot be managed using the V2.0 Alert Enrichment. To create and manage non-mapping tags, see the Alert Enrichments V2.1 API version documenation.
If you have previously configured API management of Alert Enrichment using the V1 or V2.0 API, you can update those processes to the new version by following the steps in the Migrate to Alert Enrichment V2.1 documentation.
Authentication
All BigPanda APIs require Bearer Token Authorization in the call headers.
This API uses the User API Key type of Authorization token.
Sample Calls
curl --request PATCH \
--url https://api.bigpanda.io/resources/v2.0/alert-enrichments/11842229-74ac-467c-919c-ea0050b0a710 \
--header 'Authorization: Bearer <User API Key>' \
--header 'Content-Type: application/json' \
--data '{
"active": false,
"note": "this is a result tag in the map"
}'
curl --request PATCH \
--url https://eu-api.bigpanda.io/resources/v2.0/alert-enrichments/11842229-74ac-467c-919c-ea0050b0a710 \
--header 'Authorization: Bearer <User API Key>' \
--header 'Content-Type: application/json' \
--data '{
"active": false,
"note": "this is a result tag in the map"
}'
Literal Pipes in Tag Values
Pipes: |
are used in BigPanda as a delimiter for array values.
If the value should have a literal pipe, wrap the entire cell in three quotes:
"""this is a | literal pipe"""
If the value should have both a literal pipe and quotation marks, then the cell should be wrapped in three quotes, and the quoted text needs to be wrapped in four quotes:
"""this is a | literal pipe with """"quoted"""" text"""
Usage
The Enrichments API supports updating attributes of an existing enrichment. If the structure of your mapping enrichment tables changes and you need to update the schema definition, you must deactivate the existing enrichment and create a new enrichment for the updated schema definition.