Open for Voting

REST API to manage ALERTS

Hello, 

We are currently creating alerts when a group is modified to detect membership alteration on critical AD groups. We have more than 500 groups under monitoring and the process to monitor group is manual in ARM, bringing difficulties when alerts have to be edited (email sent to the owner of each group for example) and wasting ARM operator time. Would  it be possible to create a REST API to deal with the alerts. 

The API would look like : 

GET /api/v1/alert -> get all alerts

PUT /api/v1/alert/{alertName} -> add or modify an alert

GET /api/v1/alert/{alertName}  -> get alert filtered by name

GET /api/v1/alert/?groupName=Domain Admin  -> get alerts filtered by groupName

GET /api/v1/alert/?type=group  -> get alerts filtered by alert type (AD group or directory trigger)

GET /api/v1/alert/?mail=alert-me@contoso.com -> get all alerts filtered by alert email address

DELETE /api/v1/alert/{alertName} -> delete an alert base on its name

An alert object would be something like:

{ "id": 1234556, "name": "domain-admin-alert" , "type": "group|directory", "monitored_item": "Domain Admins", "mail": ["alert-me@contoso.com"], "windows-event": "true", "syslog": {"server" : "10.10.10.10", "port": "514"}}

This would help to automate the alerting process and have the monitoring groups "configuration as code" enabled.