Есть бот на python. Он собирает инциденты в SIEM
Нужно добавить фильтр инфраструктуры, но не понимаю куда. ID инфраструктуры такое: 1a6ca328-5600-a001-0000-000000000005 Пробовал сделать groups": {"filterType": "1a6ca328-5600-a001-0000-000000000005_filter"}, не сработало
url = settings.base_url + "/api/v2/incidents/"
# фильтр инцидентов
payload = {
"offset": 0,
"limit": 50,
"groups": {"filterType": "no_filter"},
"timeFrom": last_incident_time.get(),
"timeTo": None,
"filterTimeType": "creation",
"filter": {
"select": ["key", "name", "category", "type", "status", "created", "assigned"],
"orderby": [
{
"field": "created",
"sortOrder": "descending"
},
{
"field": "status",
"sortOrder": "ascending"
},
{
"field": "severity",
"sortOrder": "descending"
}
]
},
"queryIds": ["all_incidents"]
}
headers = {
**settings.default_header,
**{"Content-Type": "application/json", "Authorization": "Bearer {0}".format(token)}
}
response = requests.request("POST", url, json=payload, headers=headers, verify=False)
if response.status_code == 401:
return 401
return response.json()['incidents']
Простой