sonar-batch-rules
Enumerate batch rules in Logpresso Sonar.
sonar-batch-rules [keywords=KEYWORDS] [enabled=ENABLED]
- keywords=KEYWORDS
- Search term for filtering rule names
- enabled=ENABLED
- Filter by enabled status (t/f)
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| guid | String | GUID | Rule GUID |
| name | String | Name | Rule name |
| description | String | Description | Rule description |
| priority | String | Priority | Rule priority |
| enabled | Bool | Enabled | Whether rule is enabled |
| msg | String | Message | Message template. Macro in the $field format available |
| schedule | String | Schedule | Execution schedule in CRON format |
| duration | Integer | Duration | Time window for data analysis (in seconds) |
| datetrunc | Integer | Date truncation | Date truncation unit (in seconds) |
| dataset_guid | String | Dataset GUID | Dataset's unique identifier |
| dataset_name | String | Dataset name | Name of the dataset |
| query | String | Query | Batch query string |
| category_name | String | Category name | Name of the batch rule category |
| category_guid | String | Category GUID | Unique identifier for batch rule category |
| ticket_repo_guid | String | Ticket repository GUID | Ticket repository's unique identifier |
| suppress_key | String | Suppression key | Suppress key field with macro support |
| event_suppress_interval | Integer | Event suppression interval | Suppression period for duplicate events (seconds) |
| ticket_suppress_interval | Integer | Ticket suppression interval | Suppression period for duplicate tickets (seconds) |
| keep_alive | Bool | Keep alive | Whether to maintain timer or reset it |
| ticket_assignee_names | List | Ticket assignee names | Name of ticket assignee |
| ticket_assignee_guids | List | Ticket assignee GUIDs | Ticket assignee's unique identifier |
| alarm_group_guid | String | Alarm group GUID | Alarm group's unique identifier |
| alarm_group_name | String | Alarm group name | Name of alarm group |
| address_group_guid | String | Address group GUID | Address group's unique identifier |
| address_field | String | Address field | Target field for address group |
| blacklist_expire_minute | Integer | Blacklist expiration | Blacklist expiration time in minutes |
| field_order | List | Field order | Evidence file output order |
| employee_key_field | String | Employee key field | Employee number field |
| auditor_guid | String | Auditor GUID | Auditor's unique identifier |
| auditor_name | String | Auditor name | Name of the auditor |
| audit_days | Integer | Audit retention days | Audit due date (in days) |
| audit_category_name | String | Audit category name | Name of audit category |
| audit_category_guid | String | Audit category GUID | Audit category's unique identifier |
| user_note | String | User note | Audit request details |
| user_guid | String | User GUID | User who created batch rule's identifier |
| user_name | String | User name | Name of user who created batch rule |
| created | Date | Created | Creation timestamp |
| updated | Date | Updated | Last modification timestamp |
| app_code | String | App code | App identifier |
| app_built_in | Bool | App object | Batch rule object included in app |