Skip to main content
Glama
Sign In

Panther MCP Server

Official
by panther-labs
GitHub
Python
Apache 2.0
16
  • Apple
OverviewInspectNewSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

get_rule_alert_metrics

Retrieve alert metrics grouped by detection rules for all alert types within a specified time period. Analyze trends, identify hotspots, and monitor alert activity using filtered data aggregation and detailed time intervals.

Instructions

Gets alert metrics grouped by detection rule for ALL alert types, including alerts, detection errors, and system errors within a given time period. Use this tool to identify hot spots in alerts and use list_alerts for specific alert details.

Returns: Dict: - alerts_per_rule: List of series with entityId, label, and value - total_alerts: Total number of alerts in the period - from_date: Start date of the period - to_date: End date of the period - interval_in_minutes: Grouping interval for the metrics - rule_ids: List of rule IDs if provided

Input Schema

NameRequiredDescriptionDefault
from_dateNoThe start date of the metrics period.
interval_in_minutesNoIntervals for aggregating data points. Smaller intervals provide more granular detail of when events occurred, while larger intervals show broader trends but obscure the precise timing of incidents.
rule_idsNoA valid JSON list of Panther rule IDs to get metrics for
to_dateNoThe end date of the metrics period.

Input Schema (JSON Schema)

{ "properties": { "from_date": { "anyOf": [ { "format": "date-time", "type": "string" }, { "type": "null" } ], "default": null, "description": "The start date of the metrics period.", "title": "From Date" }, "interval_in_minutes": { "default": 15, "description": "Intervals for aggregating data points. Smaller intervals provide more granular detail of when events occurred, while larger intervals show broader trends but obscure the precise timing of incidents.", "enum": [ 15, 30, 60, 180, 360, 720, 1440 ], "title": "Interval In Minutes", "type": "integer" }, "rule_ids": { "anyOf": [ { "items": { "description": "A Panther detection rule ID", "pattern": "^[A-Za-z0-9][A-Za-z0-9!'_\\-)(\\'*]*(\\.[A-Za-z0-9][A-Za-z0-9!'_\\-)(\\'*]*)*$", "type": "string" }, "type": "array" }, { "type": "null" } ], "default": null, "description": "A valid JSON list of Panther rule IDs to get metrics for", "title": "Rule Ids" }, "to_date": { "anyOf": [ { "format": "date-time", "type": "string" }, { "type": "null" } ], "default": null, "description": "The end date of the metrics period.", "title": "To Date" } }, "type": "object" }

You must be authenticated.

Other Tools from Panther MCP Server

Related Tools

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/panther-labs/mcp-panther'

If you have feedback or need assistance with the MCP directory API, please join our Discord server