GET /alerts/history
Bearer auth

Returns paginated resolved alert history scoped to the caller's hierarchy (no organization_id), a single tenant (organization_id=X), or a sub-tree (organization_id=X&include=descendants). Mirrors the scope rules of /alerts/totals and /alerts/trend.

Supports date range (from_date/to_date, RFC3339) and multi-value label filters (alertname, severity, status). All multi-value filters: OR within the same filter, AND across filters.

Customer callers are always pinned to their own organization regardless of params.

Query parameters

  • organization_id string

    Target organization ID. Optional for all roles except Customer (where it is ignored).

  • include string

    Set to descendants together with organization_id to drill down on a sub-tree.

    Value is descendants.

  • page integer

    Page number

    Minimum value is 1. Default value is 1.

  • page_size integer

    Items per page

    Minimum value is 1, maximum value is 200. Default value is 20.

  • sort_by string

    Values are id, alertname, severity, status, starts_at, ends_at, or created_at. Default value is created_at.

  • sort_direction string

    Sort direction

    Values are asc or desc. Default value is asc.

  • from_date string(date-time)

    Lower bound on created_at (inclusive). RFC3339 timestamp.

  • to_date string(date-time)

    Upper bound on created_at (exclusive). RFC3339 timestamp. Must be after from_date.

  • alertname array[string]

    Filter by alertname. Supports multiple values.

  • severity array[string]

    Filter by severity. Supports multiple values.

    Values are critical, warning, or info.

  • status array[string]

    Filter by status. Supports multiple values.

Responses

  • 200 application/json

    Paginated alert history

    Hide response attributes Show response attributes object
    • code integer
    • message string
    • data object
      Hide data attributes Show data attributes object
      • alerts array[object]
        Hide alerts attributes Show alerts attributes object

        A single resolved or inactive alert stored from an Alertmanager webhook

        • id integer(int64)

          Auto-incrementing record ID

        • system_key string

          System key extracted from alert labels

        • alertname string

          Alert name from labels

        • severity string | null

          Severity from alert labels

        • status string

          Alert status at time of receipt

          Values are resolved or inactive.

        • fingerprint string

          Alertmanager fingerprint for the alert

        • starts_at string(date-time)

          When the alert started firing

        • ends_at string(date-time) | null

          When the alert resolved. Null when the end time is unknown.

        • summary string | null

          Human-readable summary from alert annotations

        • labels object

          All labels from the alert

          Hide labels attribute Show labels attribute object
          • * string Additional properties
        • annotations object

          All annotations from the alert

          Hide annotations attribute Show annotations attribute object
          • * string Additional properties
        • receiver string | null

          Alertmanager receiver that handled this alert

        • created_at string(date-time)

          When the record was created in the database

      • pagination object
        Hide pagination attributes Show pagination attributes object
        • page integer

          Current page number

          Minimum value is 1.

        • page_size integer

          Number of items per page

          Minimum value is 1, maximum value is 200.

        • total_count integer

          Total number of items

          Minimum value is 0.

        • total_pages integer

          Total number of pages

          Minimum value is 0.

        • has_next boolean

          Whether there is a next page

        • has_prev boolean

          Whether there is a previous page

        • next_page integer | null

          Next page number if available

        • prev_page integer | null

          Previous page number if available

        • sort_by string | null

          Field used for sorting

        • sort_direction string | null

          Sort direction

          Values are asc or desc.
  • 400 application/json

    Bad request - validation error

    Hide response attributes Show response attributes object
    • code integer

      HTTP error code

    • message string

      Error message

    • data object
      Hide data attributes Show data attributes object
      • type string

        Type of error

        Values are validation_error or external_api_error.

      • errors array[object]
        Hide errors attributes Show errors attributes object
        • key string

          Field name that failed validation

        • message string

          Error code or message

        • value string

          Value that failed validation

      • details

        Additional error details
  • 401 application/json

    Unauthorized - invalid or missing token

    Hide response attributes Show response attributes object
    • code integer
    • message string
    • data object | null
  • 403 application/json

    Forbidden - insufficient permissions

    Hide response attributes Show response attributes object
    • code integer
    • message string
    • data object | null
GET /alerts/history 
curl \
 --request GET 'https://collect.your-domain.com/api/alerts/history' \
 --header "Authorization: Bearer $ACCESS_TOKEN"
Response examples (200) 
{
  "code": 200,
  "message": "alert history retrieved successfully",
  "data": {
    "alerts": [
      {
        "id": 1,
        "system_key": "NETH-F5D2-5E69-A174-45A9-B1AB-2BB9-03F5-F1B4",
        "alertname": "DiskFull",
        "severity": "critical",
        "status": "resolved",
        "fingerprint": "ac193fc966f036ca",
        "starts_at": "2026-04-08T13:28:38Z",
        "ends_at": "2026-04-08T13:33:39Z",
        "summary": "Disk usage above 90%",
        "labels": {
          "alertname": "DiskFull",
          "severity": "critical",
          "system_key": "NETH-F5D2-5E69-A174-45A9-B1AB-2BB9-03F5-F1B4"
        },
        "annotations": {
          "summary": "Disk usage above 90%"
        },
        "receiver": "severity-critical-receiver",
        "created_at": "2026-04-08T13:33:40Z"
      }
    ],
    "pagination": {
      "page": 1,
      "page_size": 20,
      "total_count": 156,
      "total_pages": 8,
      "has_next": true,
      "has_prev": false,
      "next_page": 2,
      "prev_page": 42,
      "sort_by": "name",
      "sort_direction": "asc"
    }
  }
}
Response examples (400) 
{
  "code": 400,
  "message": "validation failed",
  "data": {
    "type": "validation_error",
    "errors": [
      {
        "key": "username",
        "message": "required",
        "value": "string"
      }
    ]
  }
}
Response examples (401) 
{
  "code": 401,
  "message": "invalid token",
  "data": {}
}
Response examples (403) 
{
  "code": 403,
  "message": "insufficient permissions",
  "data": {}
}