Skip to main content
POST
/
orgs
/
{orgId}
/
anomaly-rules
cURL
curl --request POST \
  --url https://api.useanima.sh/v1/orgs/{orgId}/anomaly-rules \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "threshold": 1,
  "severity": "WARNING",
  "quarantineAction": "NONE",
  "cooldownMinutes": 60,
  "enabled": true
}
'
{
  "id": "<string>",
  "orgId": "<string>",
  "name": "<string>",
  "threshold": 123,
  "cooldownMinutes": 123,
  "enabled": true,
  "createdAt": "<string>",
  "updatedAt": "<string>"
}

Authorizations

Authorization
string
header
required

JWT Bearer token obtained from authentication. Pass as: Authorization: Bearer

Path Parameters

orgId
string
required

Organization identifier

Body

application/json

Input for creating an anomaly detection rule

name
string
required

Human-readable rule name

Required string length: 1 - 200
metric
enum<string>
required

Type of metric being tracked

Available options:
email_send_rate,
sms_send_rate,
vault_access_rate,
api_call_rate,
unique_recipients
condition
enum<string>
required

Detection condition type

Available options:
zscore_gt,
rate_multiplier_gt,
absolute_gt,
time_violation
threshold
number
required

Threshold value for the condition

Required range: x >= 0
severity
enum<string>
default:WARNING

Severity level of the anomaly alert

Available options:
INFO,
WARNING,
CRITICAL
quarantineAction
enum<string>
default:NONE

Quarantine action to take when rule triggers

Available options:
NONE,
SOFT,
HARD
cooldownMinutes
integer
default:60

Minutes between alerts

Required range: 0 <= x <= 10080
enabled
boolean
default:true

Response

200 - application/json

OK

An anomaly detection rule

id
string
required

Unique rule identifier

orgId
string
required

Organization identifier

name
string
required

Human-readable rule name

metric
enum<string>
required

Type of metric being tracked

Available options:
email_send_rate,
sms_send_rate,
vault_access_rate,
api_call_rate,
unique_recipients
condition
enum<string>
required

Detection condition type

Available options:
zscore_gt,
rate_multiplier_gt,
absolute_gt,
time_violation
threshold
number
required

Threshold value for the condition

severity
enum<string>
required

Severity level of the anomaly alert

Available options:
INFO,
WARNING,
CRITICAL
quarantineAction
enum<string>
required

Quarantine action to take when rule triggers

Available options:
NONE,
SOFT,
HARD
cooldownMinutes
integer
required

Minutes to wait between alerts for this rule

enabled
boolean
required

Whether the rule is active

createdAt
string
required

ISO 8601 creation timestamp

updatedAt
string
required

ISO 8601 last update timestamp