×

GET /v1/notifiers/{id}

GetNotifier returns the notifier configuration given its ID.

Description

Parameters

Path Parameters

Name Description Required Default Pattern

id

X

null

Return Type

Content Type

  • application/json

Responses

Table 1. HTTP Response Codes
Code Message Datatype

200

A successful response.

StorageNotifier

0

An unexpected error response.

GooglerpcStatus

Samples

Common object reference

EmailAuthMethod

Enum Values

DISABLED

PLAIN

LOGIN

GooglerpcStatus

Field Name Required Nullable Type Description Format

code

Integer

int32

message

String

details

List of ProtobufAny

JiraPriorityMapping

Field Name Required Nullable Type Description Format

severity

StorageSeverity

UNSET_SEVERITY, LOW_SEVERITY, MEDIUM_SEVERITY, HIGH_SEVERITY, CRITICAL_SEVERITY,

priorityName

String

MicrosoftSentinelClientCertAuthConfig

client certificate which is used for authentication
Field Name Required Nullable Type Description Format

clientCert

String

PEM encoded ASN.1 DER format.

privateKey

String

PEM encoded PKCS #8, ASN.1 DER format.

MicrosoftSentinelDataCollectionRuleConfig

DataCollectionRuleConfig contains information about the data collection rule which is a config per notifier type.

Field Name Required Nullable Type Description Format

streamName

String

dataCollectionRuleId

String

enabled

Boolean

ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field Name Required Nullable Type Description Format

@type

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

StorageAWSSecurityHub

Field Name Required Nullable Type Description Format

region

String

credentials

StorageAWSSecurityHubCredentials

accountId

String

StorageAWSSecurityHubCredentials

Field Name Required Nullable Type Description Format

accessKeyId

String

secretAccessKey

String

stsEnabled

Boolean

StorageCSCC

Field Name Required Nullable Type Description Format

serviceAccount

String

The service account for the integration. The server will mask the value of this credential in responses and logs.

sourceId

String

wifEnabled

Boolean

StorageEmail

Field Name Required Nullable Type Description Format

server

String

sender

String

username

String

password

String

The password for the integration. The server will mask the value of this credential in responses and logs.

disableTLS

Boolean

DEPRECATEDUseStartTLS

Boolean

from

String

startTLSAuthMethod

EmailAuthMethod

DISABLED, PLAIN, LOGIN,

allowUnauthenticatedSmtp

Boolean

StorageGeneric

Field Name Required Nullable Type Description Format

endpoint

String

skipTLSVerify

Boolean

caCert

String

username

String

password

String

The password for the integration. The server will mask the value of this credential in responses and logs.

headers

List of StorageKeyValuePair

extraFields

List of StorageKeyValuePair

auditLoggingEnabled

Boolean

StorageJira

Field Name Required Nullable Type Description Format

url

String

username

String

password

String

The password for the integration. The server will mask the value of this credential in responses and logs.

issueType

String

priorityMappings

List of JiraPriorityMapping

defaultFieldsJson

String

disablePriority

Boolean

StorageKeyValuePair

Field Name Required Nullable Type Description Format

key

String

value

String

StorageMicrosoftSentinel

Field Name Required Nullable Type Description Format

logIngestionEndpoint

String

log_ingestion_endpoint is the log ingestion endpoint.

directoryTenantId

String

directory_tenant_id contains the ID of the Microsoft Directory ID of the selected tenant.

applicationClientId

String

application_client_id contains the ID of the application ID of the service principal.

secret

String

secret contains the client secret.

alertDcrConfig

MicrosoftSentinelDataCollectionRuleConfig

auditLogDcrConfig

MicrosoftSentinelDataCollectionRuleConfig

clientCertAuthConfig

MicrosoftSentinelClientCertAuthConfig

StorageNotifier

Next Tag: 21
Field Name Required Nullable Type Description Format

id

String

name

String

type

String

uiEndpoint

String

labelKey

String

labelDefault

String

jira

StorageJira

email

StorageEmail

cscc

StorageCSCC

splunk

StorageSplunk

pagerduty

StoragePagerDuty

generic

StorageGeneric

sumologic

StorageSumoLogic

awsSecurityHub

StorageAWSSecurityHub

syslog

StorageSyslog

microsoftSentinel

StorageMicrosoftSentinel

notifierSecret

String

traits

StorageTraits

StoragePagerDuty

Field Name Required Nullable Type Description Format

apiKey

String

The API key for the integration. The server will mask the value of this credential in responses and logs.

StorageSeverity

Enum Values

UNSET_SEVERITY

LOW_SEVERITY

MEDIUM_SEVERITY

HIGH_SEVERITY

CRITICAL_SEVERITY

StorageSplunk

Field Name Required Nullable Type Description Format

httpToken

String

The HTTP token for the integration. The server will mask the value of this credential in responses and logs.

httpEndpoint

String

insecure

Boolean

truncate

String

int64

auditLoggingEnabled

Boolean

derivedSourceType

Boolean

sourceTypes

Map of string

StorageSumoLogic

Field Name Required Nullable Type Description Format

httpSourceAddress

String

skipTLSVerify

Boolean

StorageSyslog

Field Name Required Nullable Type Description Format

localFacility

SyslogLocalFacility

LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7,

tcpConfig

SyslogTCPConfig

extraFields

List of StorageKeyValuePair

messageFormat

SyslogMessageFormat

LEGACY, CEF,

StorageTraits

Field Name Required Nullable Type Description Format

mutabilityMode

TraitsMutabilityMode

ALLOW_MUTATE, ALLOW_MUTATE_FORCED,

visibility

TraitsVisibility

VISIBLE, HIDDEN,

origin

TraitsOrigin

IMPERATIVE, DEFAULT, DECLARATIVE, DECLARATIVE_ORPHANED,

SyslogLocalFacility

Enum Values

LOCAL0

LOCAL1

LOCAL2

LOCAL3

LOCAL4

LOCAL5

LOCAL6

LOCAL7

SyslogMessageFormat

Enum Values

LEGACY

CEF

SyslogTCPConfig

Field Name Required Nullable Type Description Format

hostname

String

port

Integer

int32

skipTlsVerify

Boolean

useTls

Boolean

TraitsMutabilityMode

EXPERIMENTAL. NOTE: Please refer from using MutabilityMode for the time being. It will be replaced in the future (ROX-14276). MutabilityMode specifies whether and how an object can be modified. Default is ALLOW_MUTATE and means there are no modification restrictions; this is equivalent to the absence of MutabilityMode specification. ALLOW_MUTATE_FORCED forbids all modifying operations except object removal with force bit on.

Be careful when changing the state of this field. For example, modifying an object from ALLOW_MUTATE to ALLOW_MUTATE_FORCED is allowed but will prohibit any further changes to it, including modifying it back to ALLOW_MUTATE.

Enum Values

ALLOW_MUTATE

ALLOW_MUTATE_FORCED

TraitsOrigin

Origin specifies the origin of an object. Objects can have four different origins: - IMPERATIVE: the object was created via the API. This is assumed by default. - DEFAULT: the object is a default object, such as default roles, access scopes etc. - DECLARATIVE: the object is created via declarative configuration. - DECLARATIVE_ORPHANED: the object is created via declarative configuration and then unsuccessfully deleted(for example, because it is referenced by another object) Based on the origin, different rules apply to the objects. Objects with the DECLARATIVE origin are not allowed to be modified via API, only via declarative configuration. Additionally, they may not reference objects with the IMPERATIVE origin. Objects with the DEFAULT origin are not allowed to be modified via either API or declarative configuration. They may be referenced by all other objects. Objects with the IMPERATIVE origin are allowed to be modified via API, not via declarative configuration. They may reference all other objects. Objects with the DECLARATIVE_ORPHANED origin are not allowed to be modified via either API or declarative configuration. DECLARATIVE_ORPHANED resource can become DECLARATIVE again if it is redefined in declarative configuration. Objects with this origin will be cleaned up from the system immediately after they are not referenced by other resources anymore. They may be referenced by all other objects.

Enum Values

IMPERATIVE

DEFAULT

DECLARATIVE

DECLARATIVE_ORPHANED

TraitsVisibility

EXPERIMENTAL. visibility allows to specify whether the object should be visible for certain APIs.

Enum Values

VISIBLE

HIDDEN