Script library
IW
Iain Waddingham
Β·Posted in Script library

Create Alert Function via API

#Function created by Iain Waddingham - Aug 14th 2023

function CreateSuperOpsAlert {
    # Set any parameters that are needed
    param (
        [string]$alertSubject, # Subject for the Alert
        [string]$alertText, # Message body of the Alert
        [string]$Severity, # Severity can be Critical, High, Medium or Low
        [string]$filePath # Path to where the alert subject and ID will be held for resolving later
    )
    
     # Check if the alert subject already exists in the file
    $escapedAlertSubject = [regex]::Escape($alertSubject)
    if (Get-Content -Path $filePath -ErrorAction SilentlyContinue | Select-String -Pattern $escapedAlertSubject) {
    Write-Output "Alert with subject '$alertSubject' already exists. Skipping writing response."
    return
    }
    
    # Set your API Key and Customer Subdomain
    $apiKey = "YOUR-API-KEY-HERE"
    $customerSubDomain = "YOUR SUDOMAIN HERE"
    
    # Construct headers
    $headers = @{
        "CustomerSubDomain" = $customerSubDomain
        "Authorization" = "Bearer $apiKey"
        "Content-Type" = "application/json"
    }
    
    # Set the GraphQL query
    $query = @'
mutation CreateAlert($input: CreateAlertInput!) {
    createAlert(input: $input) {
        id
        asset
        createdTime
        message
        description
        severity
        policy
    }
}
'@
    
    # Set the Variables
    $variables = @{
        "input" = @{
            "assetId" = $assetId
            "message" = "$alertSubject"
            "description" = "$alertText"
            "severity" = "$Severity"
        }
    }
    
    # Construct the body
    $body = @{
        "query" = $query
        "variables" = $variables
    }
    
    # Make the API request
    $response = Invoke-RestMethod -Uri 'https://api.superops.ai/msp' -Method 'POST' -Headers $headers -Body ($body | ConvertTo-Json)
    
    # Retrieve and save the Alert ID
    $alertId = $response.data.createAlert.id
    Write-Output $alertId
    
    #Creates the alert file if it doesn't exist
    if (-not (Test-Path $filePath)) {
    New-Item -Path $filePath -ItemType File
    }
    
    #Appends the alert details to the file
    "$alertSubject,$alertId" | Out-File -FilePath $filePath -Append
   
    # Output the response
    $response | ConvertTo-Json
    Write-Output $response
}


# Call the function example
CreateSuperOpsAlert -alertSubject "Test Alert" -alertText "This is an alert message" -Severity "Low" -filePath "C:\Alerts.txt"

Script data

Language - PowerShell

Run as - System / Root User

Script timeout duration - 5 Mins

Script variables

Placeholder Variables - assetId - asset.defaultField.assetId

Read me

Use the "Resolve Alert Function via API" in conjunction with this to get the function for resolving the alerts later. You'll need to fill in your API Key and Customer Subdomain. Placeholder variable of "assetId" to "asset.defaultField.assetId" needs to be set. Copy the function to an existing script to easily create alerts in a script. See the "API Alert Functions Example - Check File Exists" script for usage in a full script.