Cisco Secure Access Alerting API, Alert Rules and Alerts, Overview

Alerting

The Cisco Secure Access Alerting API enables you to manage Alert Rules and configure alerts. You can proactively monitor certain conditions on the resources in a Secure Access organization.

Organizations can add, update, delete, and view the Alert Rules in the organization. Configure an Alert Rule to send the notifications to a list of email recipients or Webhook target. You can list the alerts recorded by Secure Access and view the details about individual alerts.

You can find the Secure Access Alerting API endpoints under the admin scope.

To get started, set up an Alert Rule in Secure Access for one of the supported alert categories:

Overview

Rate Limits for Alert Rules and Alerts

Secure Access enables rate limits on the Alert Rules and Alerts API endpoints. For more information, see Rate Limits > Admin.

Request Headers

Unless specified, the Secure Access API endpoints use JSON for all requests and responses.

Note: For POST, PUT, and PATCH operations, set the HTTP Content-Type header to application/json in your API request.

How to Set Up Alerts with Webhooks

  1. For alert rules where the type of notification is Webhook, deploy an HTTP listener in your organization's on-premises or cloud environment. The target system of the Webhook must support Basic authentication with a username and password and accept HTTP POST messages.
  2. Add a Webhook in Secure Access as a Third-party integration. Configure the Webhook with the URL and Basic authentication credentials of the target listener. For more information, see Third-Party Integrations API.
    • You can add a total of ten Webhooks in your Secure Access organization.
  3. Validate that your target system receives the Secure Access alerts.

Alerting API Endpoints