1<html><body> 2<style> 3 4body, h1, h2, h3, div, span, p, pre, a { 5 margin: 0; 6 padding: 0; 7 border: 0; 8 font-weight: inherit; 9 font-style: inherit; 10 font-size: 100%; 11 font-family: inherit; 12 vertical-align: baseline; 13} 14 15body { 16 font-size: 13px; 17 padding: 1em; 18} 19 20h1 { 21 font-size: 26px; 22 margin-bottom: 1em; 23} 24 25h2 { 26 font-size: 24px; 27 margin-bottom: 1em; 28} 29 30h3 { 31 font-size: 20px; 32 margin-bottom: 1em; 33 margin-top: 1em; 34} 35 36pre, code { 37 line-height: 1.5; 38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; 39} 40 41pre { 42 margin-top: 0.5em; 43} 44 45h1, h2, h3, p { 46 font-family: Arial, sans serif; 47} 48 49h1, h2, h3 { 50 border-bottom: solid #CCC 1px; 51} 52 53.toc_element { 54 margin-top: 0.5em; 55} 56 57.firstline { 58 margin-left: 2 em; 59} 60 61.method { 62 margin-top: 1em; 63 border: solid 1px #CCC; 64 padding: 1em; 65 background: #EEE; 66} 67 68.details { 69 font-weight: bold; 70 font-size: 14px; 71} 72 73</style> 74 75<h1><a href="alertcenter_v1beta1.html">Google Workspace Alert Center API</a> . <a href="alertcenter_v1beta1.alerts.html">alerts</a></h1> 76<h2>Instance Methods</h2> 77<p class="toc_element"> 78 <code><a href="alertcenter_v1beta1.alerts.feedback.html">feedback()</a></code> 79</p> 80<p class="firstline">Returns the feedback Resource.</p> 81 82<p class="toc_element"> 83 <code><a href="#batchDelete">batchDelete(body=None, x__xgafv=None)</a></code></p> 84<p class="firstline">Performs batch delete operation on alerts.</p> 85<p class="toc_element"> 86 <code><a href="#batchUndelete">batchUndelete(body=None, x__xgafv=None)</a></code></p> 87<p class="firstline">Performs batch undelete operation on alerts.</p> 88<p class="toc_element"> 89 <code><a href="#close">close()</a></code></p> 90<p class="firstline">Close httplib2 connections.</p> 91<p class="toc_element"> 92 <code><a href="#delete">delete(alertId, customerId=None, x__xgafv=None)</a></code></p> 93<p class="firstline">Marks the specified alert for deletion. An alert that has been marked for deletion is removed from Alert Center after 30 days. Marking an alert for deletion has no effect on an alert which has already been marked for deletion. Attempting to mark a nonexistent alert for deletion results in a `NOT_FOUND` error.</p> 94<p class="toc_element"> 95 <code><a href="#get">get(alertId, customerId=None, x__xgafv=None)</a></code></p> 96<p class="firstline">Gets the specified alert. Attempting to get a nonexistent alert returns `NOT_FOUND` error.</p> 97<p class="toc_element"> 98 <code><a href="#getMetadata">getMetadata(alertId, customerId=None, x__xgafv=None)</a></code></p> 99<p class="firstline">Returns the metadata of an alert. Attempting to get metadata for a non-existent alert returns `NOT_FOUND` error.</p> 100<p class="toc_element"> 101 <code><a href="#list">list(customerId=None, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p> 102<p class="firstline">Lists the alerts.</p> 103<p class="toc_element"> 104 <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p> 105<p class="firstline">Retrieves the next page of results.</p> 106<p class="toc_element"> 107 <code><a href="#undelete">undelete(alertId, body=None, x__xgafv=None)</a></code></p> 108<p class="firstline">Restores, or "undeletes", an alert that was marked for deletion within the past 30 days. Attempting to undelete an alert which was marked for deletion over 30 days ago (which has been removed from the Alert Center database) or a nonexistent alert returns a `NOT_FOUND` error. Attempting to undelete an alert which has not been marked for deletion has no effect.</p> 109<h3>Method Details</h3> 110<div class="method"> 111 <code class="details" id="batchDelete">batchDelete(body=None, x__xgafv=None)</code> 112 <pre>Performs batch delete operation on alerts. 113 114Args: 115 body: object, The request body. 116 The object takes the form of: 117 118{ # A request to perform batch delete on alerts. 119 "alertId": [ # Required. list of alert IDs. 120 "A String", 121 ], 122 "customerId": "A String", # Optional. The unique identifier of the Google Workspace organization account of the customer the alerts are associated with. 123} 124 125 x__xgafv: string, V1 error format. 126 Allowed values 127 1 - v1 error format 128 2 - v2 error format 129 130Returns: 131 An object of the form: 132 133 { # Response to batch delete operation on alerts. 134 "failedAlertStatus": { # The status details for each failed alert_id. 135 "a_key": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). 136 "code": 42, # The status code, which should be an enum value of google.rpc.Code. 137 "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use. 138 { 139 "a_key": "", # Properties of the object. Contains field @type with type URL. 140 }, 141 ], 142 "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. 143 }, 144 }, 145 "successAlertIds": [ # The successful list of alert IDs. 146 "A String", 147 ], 148}</pre> 149</div> 150 151<div class="method"> 152 <code class="details" id="batchUndelete">batchUndelete(body=None, x__xgafv=None)</code> 153 <pre>Performs batch undelete operation on alerts. 154 155Args: 156 body: object, The request body. 157 The object takes the form of: 158 159{ # A request to perform batch undelete on alerts. 160 "alertId": [ # Required. list of alert IDs. 161 "A String", 162 ], 163 "customerId": "A String", # Optional. The unique identifier of the Google Workspace organization account of the customer the alerts are associated with. 164} 165 166 x__xgafv: string, V1 error format. 167 Allowed values 168 1 - v1 error format 169 2 - v2 error format 170 171Returns: 172 An object of the form: 173 174 { # Response to batch undelete operation on alerts. 175 "failedAlertStatus": { # The status details for each failed alert_id. 176 "a_key": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). 177 "code": 42, # The status code, which should be an enum value of google.rpc.Code. 178 "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use. 179 { 180 "a_key": "", # Properties of the object. Contains field @type with type URL. 181 }, 182 ], 183 "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. 184 }, 185 }, 186 "successAlertIds": [ # The successful list of alert IDs. 187 "A String", 188 ], 189}</pre> 190</div> 191 192<div class="method"> 193 <code class="details" id="close">close()</code> 194 <pre>Close httplib2 connections.</pre> 195</div> 196 197<div class="method"> 198 <code class="details" id="delete">delete(alertId, customerId=None, x__xgafv=None)</code> 199 <pre>Marks the specified alert for deletion. An alert that has been marked for deletion is removed from Alert Center after 30 days. Marking an alert for deletion has no effect on an alert which has already been marked for deletion. Attempting to mark a nonexistent alert for deletion results in a `NOT_FOUND` error. 200 201Args: 202 alertId: string, Required. The identifier of the alert to delete. (required) 203 customerId: string, Optional. The unique identifier of the Google Workspace organization account of the customer the alert is associated with. Inferred from the caller identity if not provided. 204 x__xgafv: string, V1 error format. 205 Allowed values 206 1 - v1 error format 207 2 - v2 error format 208 209Returns: 210 An object of the form: 211 212 { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`. 213}</pre> 214</div> 215 216<div class="method"> 217 <code class="details" id="get">get(alertId, customerId=None, x__xgafv=None)</code> 218 <pre>Gets the specified alert. Attempting to get a nonexistent alert returns `NOT_FOUND` error. 219 220Args: 221 alertId: string, Required. The identifier of the alert to retrieve. (required) 222 customerId: string, Optional. The unique identifier of the Google Workspace organization account of the customer the alert is associated with. Inferred from the caller identity if not provided. 223 x__xgafv: string, V1 error format. 224 Allowed values 225 1 - v1 error format 226 2 - v2 error format 227 228Returns: 229 An object of the form: 230 231 { # An alert affecting a customer. 232 "alertId": "A String", # Output only. The unique identifier for the alert. 233 "createTime": "A String", # Output only. The time this alert was created. 234 "customerId": "A String", # Output only. The unique identifier of the Google account of the customer. 235 "data": { # Optional. The data associated with this alert, for example google.apps.alertcenter.type.DeviceCompromised. 236 "a_key": "", # Properties of the object. Contains field @type with type URL. 237 }, 238 "deleted": True or False, # Output only. `True` if this alert is marked for deletion. 239 "endTime": "A String", # Optional. The time the event that caused this alert ceased being active. If provided, the end time must not be earlier than the start time. If not provided, it indicates an ongoing alert. 240 "etag": "A String", # Optional. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of an alert from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform alert updates in order to avoid race conditions: An `etag` is returned in the response which contains alerts, and systems are expected to put that etag in the request to update alert to ensure that their change will be applied to the same version of the alert. If no `etag` is provided in the call to update alert, then the existing alert is overwritten blindly. 241 "metadata": { # An alert metadata. # Output only. The metadata associated with this alert. 242 "alertId": "A String", # Output only. The alert identifier. 243 "assignee": "A String", # The email address of the user assigned to the alert. 244 "customerId": "A String", # Output only. The unique identifier of the Google account of the customer. 245 "etag": "A String", # Optional. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of an alert metadata from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform metatdata updates in order to avoid race conditions: An `etag` is returned in the response which contains alert metadata, and systems are expected to put that etag in the request to update alert metadata to ensure that their change will be applied to the same version of the alert metadata. If no `etag` is provided in the call to update alert metadata, then the existing alert metadata is overwritten blindly. 246 "severity": "A String", # The severity value of the alert. Alert Center will set this field at alert creation time, default's to an empty string when it could not be determined. The supported values for update actions on this field are the following: * HIGH * MEDIUM * LOW 247 "status": "A String", # The current status of the alert. The supported values are the following: * NOT_STARTED * IN_PROGRESS * CLOSED 248 "updateTime": "A String", # Output only. The time this metadata was last updated. 249 }, 250 "securityInvestigationToolLink": "A String", # Output only. An optional [Security Investigation Tool](https://support.google.com/a/answer/7575955) query for this alert. 251 "source": "A String", # Required. A unique identifier for the system that reported the alert. This is output only after alert is created. Supported sources are any of the following: * Google Operations * Mobile device management * Gmail phishing * Data Loss Prevention * Domain wide takeout * State sponsored attack * Google identity * Apps outage 252 "startTime": "A String", # Required. The time the event that caused this alert was started or detected. 253 "type": "A String", # Required. The type of the alert. This is output only after alert is created. For a list of available alert types see [Google Workspace Alert types](https://developers.google.com/admin-sdk/alertcenter/reference/alert-types). 254 "updateTime": "A String", # Output only. The time this alert was last updated. 255}</pre> 256</div> 257 258<div class="method"> 259 <code class="details" id="getMetadata">getMetadata(alertId, customerId=None, x__xgafv=None)</code> 260 <pre>Returns the metadata of an alert. Attempting to get metadata for a non-existent alert returns `NOT_FOUND` error. 261 262Args: 263 alertId: string, Required. The identifier of the alert this metadata belongs to. (required) 264 customerId: string, Optional. The unique identifier of the Google Workspace organization account of the customer the alert metadata is associated with. Inferred from the caller identity if not provided. 265 x__xgafv: string, V1 error format. 266 Allowed values 267 1 - v1 error format 268 2 - v2 error format 269 270Returns: 271 An object of the form: 272 273 { # An alert metadata. 274 "alertId": "A String", # Output only. The alert identifier. 275 "assignee": "A String", # The email address of the user assigned to the alert. 276 "customerId": "A String", # Output only. The unique identifier of the Google account of the customer. 277 "etag": "A String", # Optional. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of an alert metadata from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform metatdata updates in order to avoid race conditions: An `etag` is returned in the response which contains alert metadata, and systems are expected to put that etag in the request to update alert metadata to ensure that their change will be applied to the same version of the alert metadata. If no `etag` is provided in the call to update alert metadata, then the existing alert metadata is overwritten blindly. 278 "severity": "A String", # The severity value of the alert. Alert Center will set this field at alert creation time, default's to an empty string when it could not be determined. The supported values for update actions on this field are the following: * HIGH * MEDIUM * LOW 279 "status": "A String", # The current status of the alert. The supported values are the following: * NOT_STARTED * IN_PROGRESS * CLOSED 280 "updateTime": "A String", # Output only. The time this metadata was last updated. 281}</pre> 282</div> 283 284<div class="method"> 285 <code class="details" id="list">list(customerId=None, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)</code> 286 <pre>Lists the alerts. 287 288Args: 289 customerId: string, Optional. The unique identifier of the Google Workspace organization account of the customer the alerts are associated with. Inferred from the caller identity if not provided. 290 filter: string, Optional. A query string for filtering alert results. For more details, see [Query filters](https://developers.google.com/admin-sdk/alertcenter/guides/query-filters) and [Supported query filter fields](https://developers.google.com/admin-sdk/alertcenter/reference/filter-fields#alerts.list). 291 orderBy: string, Optional. The sort order of the list results. If not specified results may be returned in arbitrary order. You can sort the results in descending order based on the creation timestamp using `order_by="create_time desc"`. Currently, supported sorting are `create_time asc`, `create_time desc`, `update_time desc` 292 pageSize: integer, Optional. The requested page size. Server may return fewer items than requested. If unspecified, server picks an appropriate default. 293 pageToken: string, Optional. A token identifying a page of results the server should return. If empty, a new iteration is started. To continue an iteration, pass in the value from the previous ListAlertsResponse's next_page_token field. 294 x__xgafv: string, V1 error format. 295 Allowed values 296 1 - v1 error format 297 2 - v2 error format 298 299Returns: 300 An object of the form: 301 302 { # Response message for an alert listing request. 303 "alerts": [ # The list of alerts. 304 { # An alert affecting a customer. 305 "alertId": "A String", # Output only. The unique identifier for the alert. 306 "createTime": "A String", # Output only. The time this alert was created. 307 "customerId": "A String", # Output only. The unique identifier of the Google account of the customer. 308 "data": { # Optional. The data associated with this alert, for example google.apps.alertcenter.type.DeviceCompromised. 309 "a_key": "", # Properties of the object. Contains field @type with type URL. 310 }, 311 "deleted": True or False, # Output only. `True` if this alert is marked for deletion. 312 "endTime": "A String", # Optional. The time the event that caused this alert ceased being active. If provided, the end time must not be earlier than the start time. If not provided, it indicates an ongoing alert. 313 "etag": "A String", # Optional. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of an alert from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform alert updates in order to avoid race conditions: An `etag` is returned in the response which contains alerts, and systems are expected to put that etag in the request to update alert to ensure that their change will be applied to the same version of the alert. If no `etag` is provided in the call to update alert, then the existing alert is overwritten blindly. 314 "metadata": { # An alert metadata. # Output only. The metadata associated with this alert. 315 "alertId": "A String", # Output only. The alert identifier. 316 "assignee": "A String", # The email address of the user assigned to the alert. 317 "customerId": "A String", # Output only. The unique identifier of the Google account of the customer. 318 "etag": "A String", # Optional. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of an alert metadata from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform metatdata updates in order to avoid race conditions: An `etag` is returned in the response which contains alert metadata, and systems are expected to put that etag in the request to update alert metadata to ensure that their change will be applied to the same version of the alert metadata. If no `etag` is provided in the call to update alert metadata, then the existing alert metadata is overwritten blindly. 319 "severity": "A String", # The severity value of the alert. Alert Center will set this field at alert creation time, default's to an empty string when it could not be determined. The supported values for update actions on this field are the following: * HIGH * MEDIUM * LOW 320 "status": "A String", # The current status of the alert. The supported values are the following: * NOT_STARTED * IN_PROGRESS * CLOSED 321 "updateTime": "A String", # Output only. The time this metadata was last updated. 322 }, 323 "securityInvestigationToolLink": "A String", # Output only. An optional [Security Investigation Tool](https://support.google.com/a/answer/7575955) query for this alert. 324 "source": "A String", # Required. A unique identifier for the system that reported the alert. This is output only after alert is created. Supported sources are any of the following: * Google Operations * Mobile device management * Gmail phishing * Data Loss Prevention * Domain wide takeout * State sponsored attack * Google identity * Apps outage 325 "startTime": "A String", # Required. The time the event that caused this alert was started or detected. 326 "type": "A String", # Required. The type of the alert. This is output only after alert is created. For a list of available alert types see [Google Workspace Alert types](https://developers.google.com/admin-sdk/alertcenter/reference/alert-types). 327 "updateTime": "A String", # Output only. The time this alert was last updated. 328 }, 329 ], 330 "nextPageToken": "A String", # The token for the next page. If not empty, indicates that there may be more alerts that match the listing request; this value can be used in a subsequent ListAlertsRequest to get alerts continuing from last result of the current list call. 331}</pre> 332</div> 333 334<div class="method"> 335 <code class="details" id="list_next">list_next(previous_request, previous_response)</code> 336 <pre>Retrieves the next page of results. 337 338Args: 339 previous_request: The request for the previous page. (required) 340 previous_response: The response from the request for the previous page. (required) 341 342Returns: 343 A request object that you can call 'execute()' on to request the next 344 page. Returns None if there are no more items in the collection. 345 </pre> 346</div> 347 348<div class="method"> 349 <code class="details" id="undelete">undelete(alertId, body=None, x__xgafv=None)</code> 350 <pre>Restores, or "undeletes", an alert that was marked for deletion within the past 30 days. Attempting to undelete an alert which was marked for deletion over 30 days ago (which has been removed from the Alert Center database) or a nonexistent alert returns a `NOT_FOUND` error. Attempting to undelete an alert which has not been marked for deletion has no effect. 351 352Args: 353 alertId: string, Required. The identifier of the alert to undelete. (required) 354 body: object, The request body. 355 The object takes the form of: 356 357{ # A request to undelete a specific alert that was marked for deletion. 358 "customerId": "A String", # Optional. The unique identifier of the Google Workspace organization account of the customer the alert is associated with. Inferred from the caller identity if not provided. 359} 360 361 x__xgafv: string, V1 error format. 362 Allowed values 363 1 - v1 error format 364 2 - v2 error format 365 366Returns: 367 An object of the form: 368 369 { # An alert affecting a customer. 370 "alertId": "A String", # Output only. The unique identifier for the alert. 371 "createTime": "A String", # Output only. The time this alert was created. 372 "customerId": "A String", # Output only. The unique identifier of the Google account of the customer. 373 "data": { # Optional. The data associated with this alert, for example google.apps.alertcenter.type.DeviceCompromised. 374 "a_key": "", # Properties of the object. Contains field @type with type URL. 375 }, 376 "deleted": True or False, # Output only. `True` if this alert is marked for deletion. 377 "endTime": "A String", # Optional. The time the event that caused this alert ceased being active. If provided, the end time must not be earlier than the start time. If not provided, it indicates an ongoing alert. 378 "etag": "A String", # Optional. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of an alert from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform alert updates in order to avoid race conditions: An `etag` is returned in the response which contains alerts, and systems are expected to put that etag in the request to update alert to ensure that their change will be applied to the same version of the alert. If no `etag` is provided in the call to update alert, then the existing alert is overwritten blindly. 379 "metadata": { # An alert metadata. # Output only. The metadata associated with this alert. 380 "alertId": "A String", # Output only. The alert identifier. 381 "assignee": "A String", # The email address of the user assigned to the alert. 382 "customerId": "A String", # Output only. The unique identifier of the Google account of the customer. 383 "etag": "A String", # Optional. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of an alert metadata from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform metatdata updates in order to avoid race conditions: An `etag` is returned in the response which contains alert metadata, and systems are expected to put that etag in the request to update alert metadata to ensure that their change will be applied to the same version of the alert metadata. If no `etag` is provided in the call to update alert metadata, then the existing alert metadata is overwritten blindly. 384 "severity": "A String", # The severity value of the alert. Alert Center will set this field at alert creation time, default's to an empty string when it could not be determined. The supported values for update actions on this field are the following: * HIGH * MEDIUM * LOW 385 "status": "A String", # The current status of the alert. The supported values are the following: * NOT_STARTED * IN_PROGRESS * CLOSED 386 "updateTime": "A String", # Output only. The time this metadata was last updated. 387 }, 388 "securityInvestigationToolLink": "A String", # Output only. An optional [Security Investigation Tool](https://support.google.com/a/answer/7575955) query for this alert. 389 "source": "A String", # Required. A unique identifier for the system that reported the alert. This is output only after alert is created. Supported sources are any of the following: * Google Operations * Mobile device management * Gmail phishing * Data Loss Prevention * Domain wide takeout * State sponsored attack * Google identity * Apps outage 390 "startTime": "A String", # Required. The time the event that caused this alert was started or detected. 391 "type": "A String", # Required. The type of the alert. This is output only after alert is created. For a list of available alert types see [Google Workspace Alert types](https://developers.google.com/admin-sdk/alertcenter/reference/alert-types). 392 "updateTime": "A String", # Output only. The time this alert was last updated. 393}</pre> 394</div> 395 396</body></html>