Jump to

• Request
• Response

Get CAPE Nodes

get

/api/event/Nodes

Gets the CAPE nodes that match the specified parameters. If no parameters are specified, all CAPE nodes are returned.

Request

Query Parameters

• filter: object
  The fields to filter the results by. You cannot filter by fields that contain a state.
  This parameter's value uses the following JSON format:
  {
  "property": "property",
  "value": "propertyValue",
  "operator": "operator",
  "conjunction": "conjunction"
  }
  
  If you use multiple JSON objects to combine filters, for example, to filter by several different device names, you cannot combine OR and AND conjunctions. The conjunction used for the last object applies to the entire list.

  • conjunction: string
    Default Value: OR

    Allowed Values: [ "AND", "OR" ]

    The conjunction between filters.

    Example: AND
  • operator: string
    Default Value: LIKE

    Allowed Values: [ "eq", "ne", "gte", "gt", "lte", "lt", "LIKE", "NOT LIKE", "re", "not re", "NOT IN" ]

    The filter operation to use.

    Example: eq
  • property(required): string
    The name of the field to filter on.

    Example: name
  • value(required): string
    The value of the field to filter on.

    Example: test

  {
      "required":[
          "property",
          "value"
      ],
      "properties":{
          "property":{
              "description":"The name of the field to filter on.",
              "type":"string",
              "example":"name"
          },
          "value":{
              "description":"The value of the field to filter on.",
              "type":"string",
              "example":"test"
          },
          "operator":{
              "description":"The filter operation to use.",
              "type":"string",
              "default":"LIKE",
              "enum":[
                  "eq",
                  "ne",
                  "gte",
                  "gt",
                  "lte",
                  "lt",
                  "LIKE",
                  "NOT LIKE",
                  "re",
                  "not re",
                  "NOT IN"
              ],
              "example":"eq"
          },
          "conjunction":{
              "description":"The conjunction between filters.",
              "type":"string",
              "default":"OR",
              "enum":[
                  "AND",
                  "OR"
              ],
              "example":"AND"
          }
      },
      "type":"object"
  }

• limit: integer(int32)
  The number of records to limit results by.

  Example:

  100

• sort: object
  The field and direction to sort results by. You cannot sort by fields that contain a state.
  This parameters value uses the following JSON format:
  {
  "property": "property",
  "direction": "direction"
  }

  • direction(required): string
    Allowed Values: [ "ASC", "DESC" ]

    The direction of the sort.

    Example: ASC
  • property(required): string
    The field to sort on.

    Example: name

  {
      "required":[
          "property",
          "direction"
      ],
      "properties":{
          "property":{
              "description":"The field to sort on.",
              "type":"string",
              "example":"name"
          },
          "direction":{
              "description":"The direction of the sort.",
              "type":"string",
              "enum":[
                  "ASC",
                  "DESC"
              ],
              "example":"ASC"
          }
      },
      "type":"object"
  }

• start: integer(int32)
  The page of results to start from.

  Default Value: 0

  Example:

  1

There's no request body for this operation.

Back to Top

Response

Supported Media Types

• application/json

200 Response

Successful operation

Body ()

Root Schema : schema

Match All

Show Source

• object SuccessfulGetOperation
• object type

{
    "allOf":[
        {
            "$ref":"#/components/schemas/SuccessfulGetOperation"
        },
        {
            "type":"object",
            "properties":{
                "total":{
                    "description":"The total number of results regardless of paging.",
                    "type":"integer",
                    "example":"1"
                },
                "data":{
                    "description":"The list of CAPE nodes that match the specified parameters.",
                    "type":"array",
                    "items":{
                        "$ref":"#/components/schemas/eventNodesRead"
                    }
                }
            }
        }
    ]
}

Nested Schema : SuccessfulGetOperation

Type: object

Show Source

• message: string
  The response message.

  Example: Loaded 1 entries
• success: boolean
  Whether the operation was a success (true) or a failure (false).

  Example: true

{
    "properties":{
        "success":{
            "description":"Whether the operation was a success (<b>true</b>) or a failure (<b>false</b>).",
            "type":"boolean",
            "example":"true"
        },
        "message":{
            "description":"The response message.",
            "type":"string",
            "example":"Loaded 1 entries"
        }
    },
    "type":"object"
}

Nested Schema : type

Type: object

Show Source

• data: array data
  The list of CAPE nodes that match the specified parameters.
• total: integer
  The total number of results regardless of paging.

  Example: 1

{
    "type":"object",
    "properties":{
        "total":{
            "description":"The total number of results regardless of paging.",
            "type":"integer",
            "example":"1"
        },
        "data":{
            "description":"The list of CAPE nodes that match the specified parameters.",
            "type":"array",
            "items":{
                "$ref":"#/components/schemas/eventNodesRead"
            }
        }
    }
}

Nested Schema : data

Type: array

The list of CAPE nodes that match the specified parameters.

Show Source

• Array of: object eventNodesRead

{
    "description":"The list of CAPE nodes that match the specified parameters.",
    "type":"array",
    "items":{
        "$ref":"#/components/schemas/eventNodesRead"
    }
}

Nested Schema : eventNodesRead

Type: object

Show Source

• NodeActionText: string
  Content of CAPE Node Rule

  Example: use JSON; my $EventDBH = DBConnect($Config, 'Event', {AutoCommit => 1}); my $CurrentTime = sprintf "%.3f", Time::HiRes::time; # Get Anomaly EventID and Details my $AnomalyEventID = $EventData->{EventID}; my $AnomalyDetails; eval { local $SIG{__DIE__}; $AnomalyDetails = decode_json($EventData->{Details}); }; if ($@) { $Log->Message("ERROR", "Failed to decode Details: $@"); } # Get ML job my $AnomalyJobID = $AnomalyDetails->{MLJobID}; # Get Filter | Node ='xyz' AND SubNode='eth0' my $AnomalyFilter = $AnomalyDetails->{EventFilter}; my $AnomalyDuration = $CurrentTime - $EventData->{FirstReported}; # Mark Anomaly Event to prevent duplicate processing my ($ErrorFlag, $Message) = UpdateEvent({ DBH => \$EventDBH, EventID => $AnomalyEventID, Values => { Action => 'EscalateByAnomaly', Actor => 'CAPE', Duration => $AnomalyDuration, LastChanged => $CurrentTime, RootCauseFlag => 1, Severity => 0 } }); $Log->Message("WARN", "-> EscalateByAnomaly -> Marked Anomaly Event [$AnomalyEventID] as Cleared"); $Log->Message("WARN", "-> EscalateByAnomaly -> Escalating filter [$AnomalyFilter]"); # Retrieve alarms in filter with timeframe my ($ErrorFlag1, $Message1, $EventRef) = FindEventID({ DBH => \$EventDBH, Filter => $AnomalyFilter }); my $EventList = join(',', @$EventRef); $Log->Message("WARN", "-> EscalateByAnomaly -> Escalating filter returns [$EventList]"); # Set Severity Setting my $SymptomNewSeverity = 5; my $i = 0; foreach my $SymptomEventID (@$EventRef) { $i++; # Get symptom my $SymptomEvent = GetEventHash({ DBH => \$EventDBH, EventID => $SymptomEventID, ShardID => 1 }); my $SymptomOrigSeverity = $SymptomEvent->{Severity}; my $SymptomDuration = $CurrentTime - $SymptomEvent->{FirstReported}; # Suppress Events my ($ErrorFlag, $Message) = UpdateEvent({ DBH => \$EventDBH, EventID => $SymptomEventID, Values => { Action => 'EscalateByAnomaly', Actor => 'CAPE', Duration => $SymptomDuration, LastChanged => $CurrentTime, OrigSeverity => $SymptomOrigSeverity, RootCauseID => $AnomalyEventID, Severity => $SymptomNewSeverity } }); # EventJournal for suppression my ($ErrorFlag, $Message) = AddJournal({ DBH => \$EventDBH, EventID => $SymptomEventID, TimeStamp => $CurrentTime, Username => 'api', Entry => 'Escalate Abnormal Activity via event [' . $AnomalyEventID . '] due to [' . $AnomalyJobID . ']' }); } $EventDBH->disconnect();
• NodeAlias: string
  CAPE Node Alias (optional) used for referencing another CAPE node

  Example: oracle.doceng.json.BetterJsonNull@53086bdc
• NodeAliasDisplay: string
  UI-Only field that is either the NodeAlias if one exists or "[None]" if no alias is set

  Example: [None]
• NodeDescription: string
  CAPE Node Description

  Example: Take anomaly event by Machine Learning Policy and escalated Severity
• NodeID: integer
  Node ID specified for individual CRUD operations

  Example: 1
• NodeName: string
  CAPE Node Name

  Example: EscalateByAnomaly
• NodeNextNodeID: integer
  NodeID of the next node IF a node is set as the next to be executed.

  Example: oracle.doceng.json.BetterJsonNull@55a29589
• NodeNextNodeName: string
  NodeName of the next node IF a node is set as the next to be executed

  Example: oracle.doceng.json.BetterJsonNull@155767a7
• NodeStateVerify: string
  CAPE Node "next node" test statement. If this evaluates to "true", the event will be passed to $NodeNextNode

  Example:

{
    "type":"object",
    "properties":{
        "NodeID":{
            "description":"Node ID specified for individual CRUD operations",
            "type":"integer",
            "example":"1"
        },
        "NodeName":{
            "description":"CAPE Node Name",
            "type":"string",
            "example":"EscalateByAnomaly"
        },
        "NodeAlias":{
            "description":"CAPE Node Alias (optional) used for referencing another CAPE node",
            "type":"string",
            "example":null,
            "nullable":true
        },
        "NodeDescription":{
            "description":"CAPE Node Description",
            "type":"string",
            "example":"Take anomaly event by Machine Learning Policy and escalated Severity"
        },
        "NodeActionText":{
            "description":"Content of CAPE Node Rule",
            "type":"string",
            "example":"use JSON;\n\nmy $EventDBH = DBConnect($Config, 'Event', {AutoCommit => 1});\n\nmy $CurrentTime = sprintf \"%.3f\", Time::HiRes::time;\n\n# Get Anomaly EventID and Details\nmy $AnomalyEventID = $EventData->{EventID};\nmy $AnomalyDetails;\n\neval {\n\tlocal $SIG{__DIE__};\n\n\t$AnomalyDetails = decode_json($EventData->{Details});\n};\nif ($@) {\n  $Log->Message(\"ERROR\", \"Failed to decode Details: $@\");\n}\n\n# Get ML job\nmy $AnomalyJobID = $AnomalyDetails->{MLJobID};\n\n# Get Filter | Node ='xyz' AND SubNode='eth0'\nmy $AnomalyFilter = $AnomalyDetails->{EventFilter};\n\nmy $AnomalyDuration = $CurrentTime - $EventData->{FirstReported};\n\n# Mark Anomaly Event to prevent duplicate processing\nmy ($ErrorFlag, $Message) = UpdateEvent({\n\tDBH      => \\$EventDBH,\n\tEventID  => $AnomalyEventID,\n\tValues   => {\n\t\tAction        => 'EscalateByAnomaly',\n\t\tActor         => 'CAPE',\n\t\tDuration      => $AnomalyDuration,\n\t\tLastChanged   => $CurrentTime,\n\t\tRootCauseFlag => 1,\n\t\tSeverity      => 0\n\t}\n});\n\n$Log->Message(\"WARN\", \"-> EscalateByAnomaly -> Marked Anomaly Event [$AnomalyEventID] as Cleared\");\n\n$Log->Message(\"WARN\", \"-> EscalateByAnomaly -> Escalating filter [$AnomalyFilter]\");\n\n# Retrieve alarms in filter with timeframe\nmy ($ErrorFlag1, $Message1, $EventRef) = FindEventID({\n\tDBH    => \\$EventDBH,\n\tFilter => $AnomalyFilter\n});\n\nmy $EventList = join(',', @$EventRef);\n\n$Log->Message(\"WARN\", \"-> EscalateByAnomaly -> Escalating filter returns [$EventList]\");\n\n# Set Severity Setting\nmy $SymptomNewSeverity = 5;\n\nmy $i = 0;\nforeach my $SymptomEventID (@$EventRef) {\n\t$i++;\n\n\t# Get symptom\n\tmy $SymptomEvent = GetEventHash({\n\t\tDBH     => \\$EventDBH,\n\t\tEventID => $SymptomEventID,\n\t\tShardID => 1\n\t});\n\n\tmy $SymptomOrigSeverity = $SymptomEvent->{Severity};\n\tmy $SymptomDuration     = $CurrentTime - $SymptomEvent->{FirstReported};\n\n\t# Suppress Events\n\tmy ($ErrorFlag, $Message) = UpdateEvent({\n\t\tDBH      => \\$EventDBH,\n\t\tEventID  => $SymptomEventID,\n\t\tValues   => {\n\t\t\tAction       => 'EscalateByAnomaly',\n\t\t\tActor        => 'CAPE',\n\t\t\tDuration     => $SymptomDuration,\n\t\t\tLastChanged  => $CurrentTime,\n\t\t\tOrigSeverity => $SymptomOrigSeverity,\n\t\t\tRootCauseID  => $AnomalyEventID,\n\t\t\tSeverity     => $SymptomNewSeverity\n\t\t}\n\t});\n\n\t# EventJournal for suppression\n\tmy ($ErrorFlag, $Message) = AddJournal({\n\t\tDBH       => \\$EventDBH,\n\t\tEventID   => $SymptomEventID,\n\t\tTimeStamp => $CurrentTime,\n\t\tUsername  => 'api',\n\t\tEntry     => 'Escalate Abnormal Activity via event [' . $AnomalyEventID . '] due to [' . $AnomalyJobID . ']'\n\t});\n}\n\n$EventDBH->disconnect();"
        },
        "NodeStateVerify":{
            "description":"CAPE Node \"next node\" test statement.  If this evaluates to \"true\", the event will be passed to $NodeNextNode",
            "type":"string",
            "example":""
        },
        "NodeAliasDisplay":{
            "description":"UI-Only field that is either the NodeAlias if one exists or \"[None]\" if no alias is set",
            "type":"string",
            "example":"[None]"
        },
        "NodeNextNodeName":{
            "description":"NodeName of the next node IF a node is set as the next to be executed",
            "type":"string",
            "example":null,
            "nullable":true
        },
        "NodeNextNodeID":{
            "description":"NodeID of the next node IF a node is set as the next to be executed.",
            "type":"integer",
            "example":null,
            "nullable":true
        }
    }
}

Default Response

Failed operation

Body ()

Root Schema : schema

Type: object

Show Source

• errors: array errors
  The list of errors reported. Validation errors will be keyed by record field.
• message: string
  The response message.

  Example: Exception thrown
• success: boolean
  Whether the operation was a success (true) or a failure (false).

  Example: false

{
    "properties":{
        "success":{
            "description":"Whether the operation was a success (<b>true</b>) or a failure (<b>false</b>).",
            "type":"boolean",
            "example":"false"
        },
        "message":{
            "description":"The response message.",
            "type":"string",
            "example":"Exception thrown"
        },
        "errors":{
            "description":"The list of errors reported. Validation errors will be keyed by record field.",
            "type":"array",
            "items":{
                "type":"object"
            }
        }
    },
    "type":"object"
}

Nested Schema : errors

Type: array

The list of errors reported. Validation errors will be keyed by record field.

Show Source

• Array of: object items

{
    "description":"The list of errors reported. Validation errors will be keyed by record field.",
    "type":"array",
    "items":{
        "type":"object"
    }
}

Nested Schema : items

Type: object

Back to Top