Google Workspace Alert Center API . alerts

Instance Methods

feedback()

Returns the feedback Resource.

batchDelete(body=None, x__xgafv=None)

Performs batch delete operation on alerts.

batchUndelete(body=None, x__xgafv=None)

Performs batch undelete operation on alerts.

close()

Close httplib2 connections.

delete(alertId, customerId=None, x__xgafv=None)

Marks the specified alert for deletion. An alert that has been marked for deletion is removed from Alert Center after 30 days. Marking an alert for deletion has no effect on an alert which has already been marked for deletion. Attempting to mark a nonexistent alert for deletion results in a `NOT_FOUND` error.

get(alertId, customerId=None, x__xgafv=None)

Gets the specified alert. Attempting to get a nonexistent alert returns `NOT_FOUND` error.

getMetadata(alertId, customerId=None, x__xgafv=None)

Returns the metadata of an alert. Attempting to get metadata for a non-existent alert returns `NOT_FOUND` error.

list(customerId=None, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)

Lists the alerts.

list_next(previous_request, previous_response)

Retrieves the next page of results.

undelete(alertId, body=None, x__xgafv=None)

Restores, or "undeletes", an alert that was marked for deletion within the past 30 days. Attempting to undelete an alert which was marked for deletion over 30 days ago (which has been removed from the Alert Center database) or a nonexistent alert returns a `NOT_FOUND` error. Attempting to undelete an alert which has not been marked for deletion has no effect.

Method Details

batchDelete(body=None, x__xgafv=None)
Performs batch delete operation on alerts.

Args:
  body: object, The request body.
    The object takes the form of:

{ # A request to perform batch delete on alerts.
  "alertId": [ # Required. list of alert IDs.
    "A String",
  ],
  "customerId": "A String", # Optional. The unique identifier of the Google Workspace organization account of the customer the alerts are associated with.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response to batch delete operation on alerts.
  "failedAlertStatus": { # The status details for each failed alert_id.
    "a_key": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).
      "code": 42, # The status code, which should be an enum value of google.rpc.Code.
      "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
        {
          "a_key": "", # Properties of the object. Contains field @type with type URL.
        },
      ],
      "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
    },
  },
  "successAlertIds": [ # The successful list of alert IDs.
    "A String",
  ],
}
batchUndelete(body=None, x__xgafv=None)
Performs batch undelete operation on alerts.

Args:
  body: object, The request body.
    The object takes the form of:

{ # A request to perform batch undelete on alerts.
  "alertId": [ # Required. list of alert IDs.
    "A String",
  ],
  "customerId": "A String", # Optional. The unique identifier of the Google Workspace organization account of the customer the alerts are associated with.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response to batch undelete operation on alerts.
  "failedAlertStatus": { # The status details for each failed alert_id.
    "a_key": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).
      "code": 42, # The status code, which should be an enum value of google.rpc.Code.
      "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
        {
          "a_key": "", # Properties of the object. Contains field @type with type URL.
        },
      ],
      "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
    },
  },
  "successAlertIds": [ # The successful list of alert IDs.
    "A String",
  ],
}
close()
Close httplib2 connections.
delete(alertId, customerId=None, x__xgafv=None)
Marks the specified alert for deletion. An alert that has been marked for deletion is removed from Alert Center after 30 days. Marking an alert for deletion has no effect on an alert which has already been marked for deletion. Attempting to mark a nonexistent alert for deletion results in a `NOT_FOUND` error.

Args:
  alertId: string, Required. The identifier of the alert to delete. (required)
  customerId: string, Optional. The unique identifier of the Google Workspace organization account of the customer the alert is associated with. Inferred from the caller identity if not provided.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.
}
get(alertId, customerId=None, x__xgafv=None)
Gets the specified alert. Attempting to get a nonexistent alert returns `NOT_FOUND` error.

Args:
  alertId: string, Required. The identifier of the alert to retrieve. (required)
  customerId: string, Optional. The unique identifier of the Google Workspace organization account of the customer the alert is associated with. Inferred from the caller identity if not provided.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # An alert affecting a customer.
  "alertId": "A String", # Output only. The unique identifier for the alert.
  "createTime": "A String", # Output only. The time this alert was created.
  "customerId": "A String", # Output only. The unique identifier of the Google account of the customer.
  "data": { # Optional. The data associated with this alert, for example google.apps.alertcenter.type.DeviceCompromised.
    "a_key": "", # Properties of the object. Contains field @type with type URL.
  },
  "deleted": True or False, # Output only. `True` if this alert is marked for deletion.
  "endTime": "A String", # Optional. The time the event that caused this alert ceased being active. If provided, the end time must not be earlier than the start time. If not provided, it indicates an ongoing alert.
  "etag": "A String", # Optional. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of an alert from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform alert updates in order to avoid race conditions: An `etag` is returned in the response which contains alerts, and systems are expected to put that etag in the request to update alert to ensure that their change will be applied to the same version of the alert. If no `etag` is provided in the call to update alert, then the existing alert is overwritten blindly.
  "metadata": { # An alert metadata. # Output only. The metadata associated with this alert.
    "alertId": "A String", # Output only. The alert identifier.
    "assignee": "A String", # The email address of the user assigned to the alert.
    "customerId": "A String", # Output only. The unique identifier of the Google account of the customer.
    "etag": "A String", # Optional. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of an alert metadata from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform metatdata updates in order to avoid race conditions: An `etag` is returned in the response which contains alert metadata, and systems are expected to put that etag in the request to update alert metadata to ensure that their change will be applied to the same version of the alert metadata. If no `etag` is provided in the call to update alert metadata, then the existing alert metadata is overwritten blindly.
    "severity": "A String", # The severity value of the alert. Alert Center will set this field at alert creation time, default's to an empty string when it could not be determined. The supported values for update actions on this field are the following: * HIGH * MEDIUM * LOW
    "status": "A String", # The current status of the alert. The supported values are the following: * NOT_STARTED * IN_PROGRESS * CLOSED
    "updateTime": "A String", # Output only. The time this metadata was last updated.
  },
  "securityInvestigationToolLink": "A String", # Output only. An optional [Security Investigation Tool](https://support.google.com/a/answer/7575955) query for this alert.
  "source": "A String", # Required. A unique identifier for the system that reported the alert. This is output only after alert is created. Supported sources are any of the following: * Google Operations * Mobile device management * Gmail phishing * Data Loss Prevention * Domain wide takeout * State sponsored attack * Google identity * Apps outage
  "startTime": "A String", # Required. The time the event that caused this alert was started or detected.
  "type": "A String", # Required. The type of the alert. This is output only after alert is created. For a list of available alert types see [Google Workspace Alert types](https://developers.google.com/admin-sdk/alertcenter/reference/alert-types).
  "updateTime": "A String", # Output only. The time this alert was last updated.
}
getMetadata(alertId, customerId=None, x__xgafv=None)
Returns the metadata of an alert. Attempting to get metadata for a non-existent alert returns `NOT_FOUND` error.

Args:
  alertId: string, Required. The identifier of the alert this metadata belongs to. (required)
  customerId: string, Optional. The unique identifier of the Google Workspace organization account of the customer the alert metadata is associated with. Inferred from the caller identity if not provided.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # An alert metadata.
  "alertId": "A String", # Output only. The alert identifier.
  "assignee": "A String", # The email address of the user assigned to the alert.
  "customerId": "A String", # Output only. The unique identifier of the Google account of the customer.
  "etag": "A String", # Optional. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of an alert metadata from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform metatdata updates in order to avoid race conditions: An `etag` is returned in the response which contains alert metadata, and systems are expected to put that etag in the request to update alert metadata to ensure that their change will be applied to the same version of the alert metadata. If no `etag` is provided in the call to update alert metadata, then the existing alert metadata is overwritten blindly.
  "severity": "A String", # The severity value of the alert. Alert Center will set this field at alert creation time, default's to an empty string when it could not be determined. The supported values for update actions on this field are the following: * HIGH * MEDIUM * LOW
  "status": "A String", # The current status of the alert. The supported values are the following: * NOT_STARTED * IN_PROGRESS * CLOSED
  "updateTime": "A String", # Output only. The time this metadata was last updated.
}
list(customerId=None, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)
Lists the alerts.

Args:
  customerId: string, Optional. The unique identifier of the Google Workspace organization account of the customer the alerts are associated with. Inferred from the caller identity if not provided.
  filter: string, Optional. A query string for filtering alert results. For more details, see [Query filters](https://developers.google.com/admin-sdk/alertcenter/guides/query-filters) and [Supported query filter fields](https://developers.google.com/admin-sdk/alertcenter/reference/filter-fields#alerts.list).
  orderBy: string, Optional. The sort order of the list results. If not specified results may be returned in arbitrary order. You can sort the results in descending order based on the creation timestamp using `order_by="create_time desc"`. Currently, supported sorting are `create_time asc`, `create_time desc`, `update_time desc`
  pageSize: integer, Optional. The requested page size. Server may return fewer items than requested. If unspecified, server picks an appropriate default.
  pageToken: string, Optional. A token identifying a page of results the server should return. If empty, a new iteration is started. To continue an iteration, pass in the value from the previous ListAlertsResponse's next_page_token field.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response message for an alert listing request.
  "alerts": [ # The list of alerts.
    { # An alert affecting a customer.
      "alertId": "A String", # Output only. The unique identifier for the alert.
      "createTime": "A String", # Output only. The time this alert was created.
      "customerId": "A String", # Output only. The unique identifier of the Google account of the customer.
      "data": { # Optional. The data associated with this alert, for example google.apps.alertcenter.type.DeviceCompromised.
        "a_key": "", # Properties of the object. Contains field @type with type URL.
      },
      "deleted": True or False, # Output only. `True` if this alert is marked for deletion.
      "endTime": "A String", # Optional. The time the event that caused this alert ceased being active. If provided, the end time must not be earlier than the start time. If not provided, it indicates an ongoing alert.
      "etag": "A String", # Optional. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of an alert from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform alert updates in order to avoid race conditions: An `etag` is returned in the response which contains alerts, and systems are expected to put that etag in the request to update alert to ensure that their change will be applied to the same version of the alert. If no `etag` is provided in the call to update alert, then the existing alert is overwritten blindly.
      "metadata": { # An alert metadata. # Output only. The metadata associated with this alert.
        "alertId": "A String", # Output only. The alert identifier.
        "assignee": "A String", # The email address of the user assigned to the alert.
        "customerId": "A String", # Output only. The unique identifier of the Google account of the customer.
        "etag": "A String", # Optional. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of an alert metadata from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform metatdata updates in order to avoid race conditions: An `etag` is returned in the response which contains alert metadata, and systems are expected to put that etag in the request to update alert metadata to ensure that their change will be applied to the same version of the alert metadata. If no `etag` is provided in the call to update alert metadata, then the existing alert metadata is overwritten blindly.
        "severity": "A String", # The severity value of the alert. Alert Center will set this field at alert creation time, default's to an empty string when it could not be determined. The supported values for update actions on this field are the following: * HIGH * MEDIUM * LOW
        "status": "A String", # The current status of the alert. The supported values are the following: * NOT_STARTED * IN_PROGRESS * CLOSED
        "updateTime": "A String", # Output only. The time this metadata was last updated.
      },
      "securityInvestigationToolLink": "A String", # Output only. An optional [Security Investigation Tool](https://support.google.com/a/answer/7575955) query for this alert.
      "source": "A String", # Required. A unique identifier for the system that reported the alert. This is output only after alert is created. Supported sources are any of the following: * Google Operations * Mobile device management * Gmail phishing * Data Loss Prevention * Domain wide takeout * State sponsored attack * Google identity * Apps outage
      "startTime": "A String", # Required. The time the event that caused this alert was started or detected.
      "type": "A String", # Required. The type of the alert. This is output only after alert is created. For a list of available alert types see [Google Workspace Alert types](https://developers.google.com/admin-sdk/alertcenter/reference/alert-types).
      "updateTime": "A String", # Output only. The time this alert was last updated.
    },
  ],
  "nextPageToken": "A String", # The token for the next page. If not empty, indicates that there may be more alerts that match the listing request; this value can be used in a subsequent ListAlertsRequest to get alerts continuing from last result of the current list call.
}
list_next(previous_request, previous_response)
Retrieves the next page of results.

Args:
  previous_request: The request for the previous page. (required)
  previous_response: The response from the request for the previous page. (required)

Returns:
  A request object that you can call 'execute()' on to request the next
  page. Returns None if there are no more items in the collection.
    
undelete(alertId, body=None, x__xgafv=None)
Restores, or "undeletes", an alert that was marked for deletion within the past 30 days. Attempting to undelete an alert which was marked for deletion over 30 days ago (which has been removed from the Alert Center database) or a nonexistent alert returns a `NOT_FOUND` error. Attempting to undelete an alert which has not been marked for deletion has no effect.

Args:
  alertId: string, Required. The identifier of the alert to undelete. (required)
  body: object, The request body.
    The object takes the form of:

{ # A request to undelete a specific alert that was marked for deletion.
  "customerId": "A String", # Optional. The unique identifier of the Google Workspace organization account of the customer the alert is associated with. Inferred from the caller identity if not provided.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # An alert affecting a customer.
  "alertId": "A String", # Output only. The unique identifier for the alert.
  "createTime": "A String", # Output only. The time this alert was created.
  "customerId": "A String", # Output only. The unique identifier of the Google account of the customer.
  "data": { # Optional. The data associated with this alert, for example google.apps.alertcenter.type.DeviceCompromised.
    "a_key": "", # Properties of the object. Contains field @type with type URL.
  },
  "deleted": True or False, # Output only. `True` if this alert is marked for deletion.
  "endTime": "A String", # Optional. The time the event that caused this alert ceased being active. If provided, the end time must not be earlier than the start time. If not provided, it indicates an ongoing alert.
  "etag": "A String", # Optional. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of an alert from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform alert updates in order to avoid race conditions: An `etag` is returned in the response which contains alerts, and systems are expected to put that etag in the request to update alert to ensure that their change will be applied to the same version of the alert. If no `etag` is provided in the call to update alert, then the existing alert is overwritten blindly.
  "metadata": { # An alert metadata. # Output only. The metadata associated with this alert.
    "alertId": "A String", # Output only. The alert identifier.
    "assignee": "A String", # The email address of the user assigned to the alert.
    "customerId": "A String", # Output only. The unique identifier of the Google account of the customer.
    "etag": "A String", # Optional. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of an alert metadata from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform metatdata updates in order to avoid race conditions: An `etag` is returned in the response which contains alert metadata, and systems are expected to put that etag in the request to update alert metadata to ensure that their change will be applied to the same version of the alert metadata. If no `etag` is provided in the call to update alert metadata, then the existing alert metadata is overwritten blindly.
    "severity": "A String", # The severity value of the alert. Alert Center will set this field at alert creation time, default's to an empty string when it could not be determined. The supported values for update actions on this field are the following: * HIGH * MEDIUM * LOW
    "status": "A String", # The current status of the alert. The supported values are the following: * NOT_STARTED * IN_PROGRESS * CLOSED
    "updateTime": "A String", # Output only. The time this metadata was last updated.
  },
  "securityInvestigationToolLink": "A String", # Output only. An optional [Security Investigation Tool](https://support.google.com/a/answer/7575955) query for this alert.
  "source": "A String", # Required. A unique identifier for the system that reported the alert. This is output only after alert is created. Supported sources are any of the following: * Google Operations * Mobile device management * Gmail phishing * Data Loss Prevention * Domain wide takeout * State sponsored attack * Google identity * Apps outage
  "startTime": "A String", # Required. The time the event that caused this alert was started or detected.
  "type": "A String", # Required. The type of the alert. This is output only after alert is created. For a list of available alert types see [Google Workspace Alert types](https://developers.google.com/admin-sdk/alertcenter/reference/alert-types).
  "updateTime": "A String", # Output only. The time this alert was last updated.
}