Palo Alto Networks · JSON Structure

Iot Security Api Alert Structure

Alert schema from Palo Alto Networks IoT Security API

Type: object Properties: 11
Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR

Alert is a JSON Structure definition published by Palo Alto Networks, describing 11 properties. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.

Properties

id type severity description deviceid device_ip device_profile resolved resolved_reason timestamp details

Meta-schema: https://json-structure.org/meta/core/v0/#

JSON Structure

Raw ↑ 
{
  "$schema": "https://json-structure.org/meta/core/v0/#",
  "$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/iot-security-api-alert-structure.json",
  "name": "Alert",
  "description": "Alert schema from Palo Alto Networks IoT Security API",
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "description": "Unique alert identifier."
    },
    "type": {
      "type": "string",
      "description": "Alert type classification."
    },
    "severity": {
      "type": "string",
      "description": "Alert severity level.",
      "enum": [
        "critical",
        "high",
        "medium",
        "low",
        "info"
      ]
    },
    "description": {
      "type": "string",
      "description": "Human-readable alert description."
    },
    "deviceid": {
      "type": "string",
      "description": "Identifier of the affected device."
    },
    "device_ip": {
      "type": "string",
      "description": "IP address of the affected device."
    },
    "device_profile": {
      "type": "string",
      "description": "Profile of the affected device."
    },
    "resolved": {
      "type": "string",
      "description": "Whether the alert has been resolved.",
      "enum": [
        "yes",
        "no"
      ]
    },
    "resolved_reason": {
      "type": "string",
      "description": "Resolution reason if resolved."
    },
    "timestamp": {
      "type": "datetime",
      "description": "Timestamp when the alert was generated."
    },
    "details": {
      "type": "object",
      "description": "Additional alert-specific details."
    }
  }
}