4.1.8. Alerts (Get) Endpoint


Request URL: https://<hostname>/ekranapi/alerts

Name

Description

Type

Request Parameters

Name

Description

Type

Format

Required

alerts

Gets a list of alert events that have occurred due to alerts being triggered (with detailed info for each alert event).

GET

start

Alerts events that occurred after this time will be added to the selection.

string

Examples:

"2021-04-01"

"2021-04-01T12:00"

"2021-04-01T12:00:00"

No

end

Alerts that occurred before this time will be added to the selection.

string

Examples:

"2021-04-01"

"2021-04-01T12:00"

"2021-04-01T12:00:00"

No

alertCount

The number of alert events to be returned in 1 request.

Default value: 1000

Max value: 1000

int

Any integer from 0 to 1000.

No

afterActivityId

If there are more than 1000 alert events, the next batch can be requested by using this parameter.

int

Any positive integer.

No

Notes:

1. If the optional time parameters are not specified in the Alerts request:

- If both the start and end parameters are not specified, all alert events in the whole database are added to the response.

- If the start parameter is not specified, all alert events in the whole database before the end date/time are added to the response.

- If the end parameter is not specified, all alert events in the whole database after the start date/time are added to the response.


The alerts response (status 200 = successful):

Response Parameters

Name (& Type)

Description

Example Response

afterActivityId (int):


The ID of the first alert event (i.e. the first activityId) in the batch of 1000 alerts.

{
  "afterActivityId": 20223,
  "alerts": [
    {
      "alertId": 88,
      "activityId": 29,
      "date": "2022-09-05T12:33:32.548",
      "alertName": "application alert",
      "alertDescription": "check application equal cmd",
      "userName": "WINDEV2106EVAL\\User",
      "clientName": "WinDev2106Eval",
      "what": "Command Prompt - cmd.exe - cmd",
      "playerLink": "https://localhost/EkranSystem/Player?id=5&startSlideId=29&play=false&mode=0"
    },
    {
      "alertId": 91,
      "activityId": 20223,
      "date": "2022-09-19T16:11:24.356",
      "alertName": "username alert",
      "alertDescription": "check username equal WINDEV2106EVAL\\User",
      "userName": "WINDEV2106EVAL\\User",
      "clientName": "WinDev2106Eval",
      "what": "explorer.exe",
      "playerLink": "https://localhost/EkranSystem/Player?id=1013&startSlideId=20223&play=false&mode=0"
    }
  ]
}

alerts:

The list of alert events (with the following detailed info for each alert):

  • alertId (int)
  • The ID of the alert (i.e. that was triggered to produce the alert event that occurred).
  • activityId (int)
  • The ID of the alert event (i.e. that occurred when the alert was triggered).
  • date (date)
  • The date & time when the alert was triggered.
  • alertName (string)
  • The name of the alert that was triggered.
  • alertDescription (string)
  • The alert description.
  • userName (string)
  • The user name of the user that triggered the alert.
  • clientName (string)
  • The name of the Client computer on which the alert was triggered.
  • what (string)
  • What user activity caused the alert to be triggered (e.g. keystroke, URL, application title, application name, etc).
  • playerLink (string)
  • A link to open the session in the Session Viewer (at the time when the alert was triggered).


NOTE: If the requested alertCount is more than 1000, a status code of "400" is returned.