If I understand this correctly, https://api.newrelic.com/v2/alerts_violations.json lists non-critical priority violations ONLY, and in order to get critical priority violations, one needs to use https://api.newrelic.com/v2/alerts_incidents.json. I think this is limiting especially since once I get IDs of critical priority violations via the alerts_incidents endpoint, I can’t do anything with them programmatically to get their details, the same details I get when using the alerts_violations endpoint. Ultimately, my question is, how can I get the details (i.e., label, policy_name, condition, etc.) of critical priority violations via the API?
@Linds - any update on this one?
Hi @alex.tulikumwenayo thanks for your question. Here is the expected behavior: all incidents are comprised of violations. Incidents can only be opened by critical violations so you will always find critical violations in incidents.
Other than violations being critical, the criteria with which violations open incidents depends on the incident preference you have configured for the Alerts policy. This is described here:
- Select incident preference
- Relic Solution: Alert Incident Preferences are the Key to Consistent Alert Notifications
If you would be willing to provide me with a permalink to your account in this post then I’d be happy to take a closer look in order to understand what you’re seeing when you query the incidents and violations.
@gjohnson thanks for the response. I am not using New Relic Web UI to view incidents and violations, and so there isn’t really a link to provide. I am trying to query the violations via REST API. While in APM, there is API Explorer option under the Help menu that opens New Relic REST API. This is my use case. The REST API allows me to query violations and incidents. The list of violations returned from the violations endpoint (https://api.newrelic.com/v2/alerts_violations.json) includes the violation details (e.g., policy, duration, time opened, etc.) that I am interested in. However, the list doesn’t include critical violations. The incidents endpoint (https://api.newrelic.com/v2/alerts_incidents.json) lists the IDs of the critical violations that opened the incident, but it doesn’t contain the same details I described above. My question is how can I get critical violations and their details via the REST API?
Hi @alex.tulikumwenayo thanks for clarifying. I think I see what you are saying. I’m going to go ahead and open a support ticket for you so that we can discuss this in further detail and so I can attach it to a feature request which I will open for you. Please keep an eye out for it.
Thanks @gjohnson. I really hope this goes somewhere, soon. The violations endpoint is really less than half useful since it doesn’t list the violations that open incidents and ultimately cause alerts to go out to notify people that something bad has happen.
@Linds, yes we did! Thanks for for checking.
Super, @alex.tulikumwenayo! If you have nuggets of wisdom to share about your solution, I am sure it will benefit others in the community who may bump into something similar.