Alert Body


(Daniel) #1

Hello,

is there a way to get alert bodies via the API?
When I query the api for incidents/{incident-id}/alerts/{alert-id} I get back JSON with a body key, like so:

"body": {
      "contexts": [],
      "details": {},
      "cef_details": null,
      "type": "alert_body"
    },

Notice that there is no information here. However the alert itself came from an email and has a rich text body. Is there a way to lift that information via the API?

Thanks,
Daniel


(John Coleman) #2

Hi Daniel,

Thank you for this community comment. I did some research, and I have gathered that we currently do not offer this functionality. The type of data that you are looking for would likely be accessible through the log_entries/:id endpoint in the response data: log_entry.channel.body. Currently, we only provide the log_entry.channel.summary, which is mapped to the alert.summary from the endpoint that you have referenced (i.e. incidents/{incident-id}/alerts/{alert-id}).

Since we don’t have this functionality, it appears that this seems like a feature request. I will pass along your feedback to our Product team.

Cheers,
John


(system) #3