/alerts/history - Org-level paginated alert history

Add MCP server to your AI tool

Allow AI tools and LLMs to interact with the API documentation portal through MCP.

MCP server URL

https://api.my.nethesis.it/mcp

Standard setup for AI tools providing an mcp.json file

mcp.json 
{
  "my.nethesis.it MCP server": {
    "url": "https://api.my.nethesis.it/mcp"
  }
}
Close
GET /alerts/history
Bearer auth

Returns paginated resolved alert history scoped to the caller's hierarchy (no organization_id), a single tenant (organization_id=X), or a sub-tree (organization_id=X&include=descendants). Mirrors the scope rules of /alerts/totals and /alerts/trend.

Supports date range (from_date/to_date, RFC3339) and multi-value label filters (system_key, alertname, severity, status). All multi-value filters: OR within the same filter, AND across filters.

Customer callers are always pinned to their own organization regardless of params.

Query parameters

  • organization_id array[string]

    Target organization ID(s). Repeat the param to pass multiple values. Optional for all roles except Customer (where it is ignored).

  • include string

    Set to descendants together with organization_id to expand each value to its sub-tree.

    Value is descendants.

  • page integer

    Page number

    Minimum value is 1. Default value is 1.

  • page_size integer

    Items per page

    Minimum value is 1, maximum value is 200. Default value is 20.

  • sort_by string

    Values are id, alertname, severity, status, starts_at, ends_at, or created_at. Default value is created_at.

  • sort_direction string

    Sort direction. Unlike the shared default of asc, this endpoint defaults to desc so the natural "most recent first" ordering is applied when the caller omits the param.

    Values are asc or desc. Default value is desc.

  • from_date string(date-time)

    Lower bound on created_at (inclusive). RFC3339 timestamp.

  • to_date string(date-time)

    Upper bound on created_at (exclusive). RFC3339 timestamp. Must be after from_date.

  • system_key array[string]

    Filter by one or more system keys. Repeat the param to pass multiple values; results are matched as system_key IN (...).

  • alertname array[string]

    Filter by alertname. Supports multiple values.

  • severity array[string]

    Filter by severity. Supports multiple values.

    Values are critical, warning, or info.

  • status array[string]

    Filter by status. Supports multiple values.

Responses

  • 200 application/json

    Paginated alert history

    Hide response attributes Show response attributes object
    • code integer
    • message string
    • data object
      Hide data attributes Show data attributes object
      • alerts array[object]

        A single resolved or inactive alert stored from an Alertmanager webhook

        Hide alerts attributes Show alerts attributes object

        A single resolved or inactive alert stored from an Alertmanager webhook

        • id integer(int64)

          Auto-incrementing record ID

        • organization_id string

          Tenant the alert belongs to (logto_id of the owning org)

        • system_key string

          System key extracted from alert labels

        • alertname string

          Alert name from labels

        • severity string | null

          Severity from alert labels

        • status string

          Alert status at time of receipt

          Values are resolved or inactive.

        • fingerprint string

          Alertmanager fingerprint for the alert

        • starts_at string(date-time)

          When the alert started firing

        • ends_at string(date-time) | null

          When the alert resolved. Null when the end time is unknown.

        • summary string | null

          Human-readable summary from alert annotations

        • labels object

          All labels from the alert

          Hide labels attribute Show labels attribute object
          • * string Additional properties
        • annotations object

          All annotations from the alert

          Hide annotations attribute Show annotations attribute object
          • * string Additional properties
        • receiver string | null

          Alertmanager receiver that handled this alert

        • created_at string(date-time)

          When the record was created in the database

      • pagination object
        Hide pagination attributes Show pagination attributes object
        • page integer

          Current page number

          Minimum value is 1.

        • page_size integer

          Number of items per page

          Minimum value is 1, maximum value is 200.

        • total_count integer

          Total number of items

          Minimum value is 0.

        • total_pages integer

          Total number of pages

          Minimum value is 0.

        • has_next boolean

          Whether there is a next page

        • has_prev boolean

          Whether there is a previous page

        • next_page integer | null

          Next page number if available

        • prev_page integer | null

          Previous page number if available

        • sort_by string | null

          Field used for sorting

        • sort_direction string | null

          Sort direction

          Values are asc or desc.
  • 400 application/json

    Bad request - validation error

    Hide response attributes Show response attributes object
    • code integer

      HTTP error code

    • message string

      Error message

    • data object
      Hide data attributes Show data attributes object
      • type string

        Type of error

        Values are validation_error or external_api_error.

      • errors array[object]
        Hide errors attributes Show errors attributes object
        • key string

          Field name that failed validation

        • message string

          Error code or message

        • value string

          Value that failed validation

      • details

        Additional error details
  • 401 application/json

    Unauthorized - invalid or missing token

    Hide response attributes Show response attributes object
    • code integer
    • message string
    • data object | null
  • 403 application/json

    Forbidden - insufficient permissions

    Hide response attributes Show response attributes object
    • code integer
    • message string
    • data object | null
GET /alerts/history 
curl \
 --request GET 'https://collect.your-domain.com/api/alerts/history' \
 --header "Authorization: Bearer $ACCESS_TOKEN"
Response examples (200)
Result for a Customer caller. Same `system_key` appears in both rows because they were fired against the same NS8 host. Each row is a discrete event (firing → resolved) captured by the history webhook at dispatch time; `created_at` records when the row landed in `alert_history`. 
{
  "code": 200,
  "message": "alert history retrieved successfully",
  "data": {
    "alerts": [
      {
        "id": 55,
        "organization_id": "m4m3mdjdiizs",
        "system_key": "NETH-D417-A2C2-7810-43D2-984B-2164-34C1-B22E",
        "alertname": "PlainBodyTest",
        "severity": "critical",
        "status": "resolved",
        "fingerprint": "11a9302b0fa6526e",
        "starts_at": "2026-05-12T07:46:50Z",
        "ends_at": "2026-05-12T07:51:50Z",
        "summary": "plain body check",
        "labels": {
          "alertname": "PlainBodyTest",
          "severity": "critical",
          "system_key": "NETH-D417-A2C2-7810-43D2-984B-2164-34C1-B22E"
        },
        "annotations": {
          "summary": "plain body check",
          "description": "checking html:'' fix"
        },
        "receiver": "severity-critical-receiver",
        "created_at": "2026-05-12T07:52:00Z"
      },
      {
        "id": 54,
        "organization_id": "m4m3mdjdiizs",
        "system_key": "NETH-D417-A2C2-7810-43D2-984B-2164-34C1-B22E",
        "alertname": "HistFlowTest",
        "severity": "critical",
        "status": "resolved",
        "fingerprint": "9c1a23e87f4d0a11",
        "starts_at": "2026-05-12T08:01:07Z",
        "ends_at": "2026-05-12T08:06:06Z",
        "summary": "history flow check",
        "labels": {
          "alertname": "HistFlowTest",
          "severity": "critical",
          "system_key": "NETH-D417-A2C2-7810-43D2-984B-2164-34C1-B22E"
        },
        "annotations": {
          "summary": "history flow check",
          "description": "resolved"
        },
        "receiver": "severity-critical-receiver",
        "created_at": "2026-05-12T08:11:30Z"
      }
    ],
    "pagination": {
      "page": 1,
      "page_size": 50,
      "total_count": 2,
      "total_pages": 1,
      "has_next": false,
      "has_prev": false
    }
  }
}
{
  "code": 200,
  "message": "alert history retrieved successfully",
  "data": {
    "alerts": [],
    "pagination": {
      "page": 1,
      "page_size": 50,
      "total_count": 0,
      "total_pages": 0,
      "has_next": false,
      "has_prev": false
    }
  }
}
Response examples (400) 
{
  "code": 400,
  "message": "validation failed",
  "data": {
    "type": "validation_error",
    "errors": [
      {
        "key": "username",
        "message": "required",
        "value": "string"
      }
    ]
  }
}
Response examples (401) 
{
  "code": 401,
  "message": "invalid token",
  "data": {}
}
Response examples (403) 
{
  "code": 403,
  "message": "insufficient permissions",
  "data": {}
}