Varonis · JSON Structure

Varonis Datalert Get Alerts Request Structure

GetAlertsRequest schema from Varonis DatAlert API

Type: object Properties: 12
Cloud SecurityComplianceData AnalyticsData GovernanceData SecurityThreat Detection

GetAlertsRequest is a JSON Structure definition published by Varonis, describing 12 properties. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.

Properties

threatModelName startTime endTime alertStatus alertSeverity deviceName userName lastDays extraFields descendingOrder maxResults offset

Meta-schema: https://json-structure.org/meta/core/v0/#

JSON Structure

Raw ↑ 
{
  "$schema": "https://json-structure.org/meta/core/v0/#",
  "$id": "https://raw.githubusercontent.com/api-evangelist/varonis/refs/heads/main/json-structure/varonis-datalert-get-alerts-request-structure.json",
  "name": "GetAlertsRequest",
  "description": "GetAlertsRequest schema from Varonis DatAlert API",
  "type": "object",
  "properties": {
    "threatModelName": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "description": "Filter by threat model names. Supports pipe-separated values."
    },
    "startTime": {
      "type": "datetime",
      "description": "Start of the time range for alert retrieval in ISO 8601 format."
    },
    "endTime": {
      "type": "datetime",
      "description": "End of the time range for alert retrieval in ISO 8601 format."
    },
    "alertStatus": {
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "Open",
          "Under Investigation",
          "Closed"
        ]
      },
      "description": "Filter by alert status values."
    },
    "alertSeverity": {
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "Low",
          "Medium",
          "High"
        ]
      },
      "description": "Filter by alert severity levels."
    },
    "deviceName": {
      "type": "string",
      "description": "Filter by the name of the device associated with the alert."
    },
    "userName": {
      "type": "string",
      "description": "Filter by the user name associated with the alert."
    },
    "lastDays": {
      "type": "int32",
      "minimum": 1,
      "description": "Retrieve alerts from the last N days. Alternative to using startTime and endTime."
    },
    "extraFields": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "description": "Additional fields to include in the response beyond default fields."
    },
    "descendingOrder": {
      "type": "boolean",
      "description": "When true, results are returned in descending order by time."
    },
    "maxResults": {
      "type": "int32",
      "minimum": 1,
      "maximum": 5000,
      "description": "Maximum number of alerts to return in the response."
    },
    "offset": {
      "type": "int32",
      "minimum": 0,
      "description": "Number of alerts to skip for pagination."
    }
  }
}