Returns active alert counts by severity (from Mimir, per-tenant) and total resolved
alert history count (from DB). Requires read:systems permission.
Three scope modes (selected by query params):
organization_id |
include |
Result |
|---|---|---|
| omitted | — | Caller's full hierarchy (recursive). For Customer it's just self. |
X |
omitted | Single tenant X only. Resellers/Distributors hold no alerts on their own tenant — those live on their customer tenants — so single-tenant queries on a non-leaf org typically return zero. |
X |
descendants |
X plus everything under X (drill-down). Use this to view a sub-tree. |
Active counts are aggregated across the resolved scope by fanning out to Mimir,
one request per tenant, with bounded concurrency and a global timeout. Per-tenant
failures (timeout, 5xx, parse error) are non-fatal: their counts simply don't
contribute, and the failure is reported in the warnings array. The history
total comes from a single SQL query scoped to the same set of organization IDs.
Customer callers are always pinned to their own organization regardless of
organization_id/include (Mimir tenant is fixed to user.organization_id).
Query parameters
-
Target organization ID. Optional for all roles except Customer (where it is ignored). Distributors/Resellers receive
403ifXis not in their hierarchy. -
Set to
descendantstogether withorganization_idto aggregate over the target org's full sub-tree. Ignored whenorganization_idis omitted (the caller's own hierarchy is already used) and when caller is a Customer.Value is
descendants.
curl \
--request GET 'https://collect.your-domain.com/api/alerts/totals' \
--header "Authorization: Bearer $ACCESS_TOKEN"{
"code": 200,
"message": "alert totals retrieved successfully",
"data": {
"active": 42,
"critical": 42,
"warning": 42,
"info": 42,
"history": 42,
"warnings": [
"string"
]
}
}{
"code": 401,
"message": "invalid token",
"data": {}
}{
"code": 403,
"message": "insufficient permissions",
"data": {}
}