Step-by-step procedure

  1. Authenticate to the cloud platform via the Python shell.

    The following variables should be available now:

    >>> base_url  # the base URL
    'https://eu8-cloud.acronis.com'
    >>> auth  # the 'Authorization' header value with the access token
    {'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImMwMD...'}
    
  2. Define a variable named alert_data, and then assign the information about the workload to this variable:

    >>> alert_data = {
    ...     "title": "Malware Quarantined",
    ...     "category": "Malware Detected",
    ...     "description": "Malicious file "trojan.exe" was put into quarantine.",
    ...     "fields": {
    ...         "Malware type": "Trojan:Win32/Caphaw.D!lnk",
    ...         "Device ID": "62aedd2b-6556-45d5-a76e-43db475068a7",
    ...         "Full path": "C:\Windows\System32   rojan.exe"
    ...     }
    ... }
    
  3. Convert the alert_data object to a JSON text:

    >>> alert_data = json.dumps(alert_data, indent=4)
    
  4. Send a POST request with the JSON text to the /api/alert_manager/v1/alerts endpoint:

    >>> response = requests.post(
    ...     f'{base_url}/api/alert_manager/v1/alerts',
    ...     headers={'Content-Type': 'application/json', **auth},
    ...     data=alert_data,
    ... )
    
  5. Check the status code of the response:

    >>> response.status_code
    200
    

    Status code 200 means that the alert was reported successfully and it should appear in the Cyber Protection console.

    Also, the response body contains the identifier of the alert, formatted as a JSON text. When converted to an object, it will look like this:

    >>> pprint.pprint(response.json())
    {
        "id": "31bd814f-f8ca-4691-a81f-c1d229fe1c17"
    }