Varonis · Schema
GetAlertsRequest
GetAlertsRequest schema from Varonis DatAlert API
Cloud SecurityComplianceData AnalyticsData GovernanceData SecurityThreat Detection
Properties
| Name | Type | Description |
|---|---|---|
| threatModelName | array | Filter by threat model names. Supports pipe-separated values. |
| startTime | string | Start of the time range for alert retrieval in ISO 8601 format. |
| endTime | string | End of the time range for alert retrieval in ISO 8601 format. |
| alertStatus | array | Filter by alert status values. |
| alertSeverity | array | Filter by alert severity levels. |
| deviceName | string | Filter by the name of the device associated with the alert. |
| userName | string | Filter by the user name associated with the alert. |
| lastDays | integer | Retrieve alerts from the last N days. Alternative to using startTime and endTime. |
| extraFields | array | Additional fields to include in the response beyond default fields. |
| descendingOrder | boolean | When true, results are returned in descending order by time. |
| maxResults | integer | Maximum number of alerts to return in the response. |
| offset | integer | Number of alerts to skip for pagination. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://raw.githubusercontent.com/api-evangelist/varonis/refs/heads/main/json-schema/varonis-datalert-get-alerts-request-schema.json",
"title": "GetAlertsRequest",
"description": "GetAlertsRequest schema from Varonis DatAlert API",
"type": "object",
"properties": {
"threatModelName": {
"type": "array",
"items": {
"type": "string"
},
"description": "Filter by threat model names. Supports pipe-separated values."
},
"startTime": {
"type": "string",
"format": "date-time",
"description": "Start of the time range for alert retrieval in ISO 8601 format."
},
"endTime": {
"type": "string",
"format": "date-time",
"description": "End of the time range for alert retrieval in ISO 8601 format."
},
"alertStatus": {
"type": "array",
"items": {
"type": "string",
"enum": [
"Open",
"Under Investigation",
"Closed"
]
},
"description": "Filter by alert status values."
},
"alertSeverity": {
"type": "array",
"items": {
"type": "string",
"enum": [
"Low",
"Medium",
"High"
]
},
"description": "Filter by alert severity levels."
},
"deviceName": {
"type": "string",
"description": "Filter by the name of the device associated with the alert."
},
"userName": {
"type": "string",
"description": "Filter by the user name associated with the alert."
},
"lastDays": {
"type": "integer",
"minimum": 1,
"description": "Retrieve alerts from the last N days. Alternative to using startTime and endTime."
},
"extraFields": {
"type": "array",
"items": {
"type": "string"
},
"description": "Additional fields to include in the response beyond default fields."
},
"descendingOrder": {
"type": "boolean",
"description": "When true, results are returned in descending order by time."
},
"maxResults": {
"type": "integer",
"minimum": 1,
"maximum": 5000,
"description": "Maximum number of alerts to return in the response."
},
"offset": {
"type": "integer",
"minimum": 0,
"description": "Number of alerts to skip for pagination."
}
}
}