> For the complete documentation index, see [llms.txt](https://docs.spike.sh/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.spike.sh/spike-api-docs/alert-rules.md).
# Alert Rules
## Fetch all alert rules
> Get a list of all alert rules configured for a team. Returns both enabled and disabled rules.\
> \
> Each rule contains:\
> \- \`name\`: Rule name\
> \- \`conditions\`: Array of condition groups (OR logic between groups, AND logic within a group)\
> \- \`actions\`: Array of actions to execute when conditions match\
> \- \`enabled\`: Whether the rule is currently active
```json
{"openapi":"3.1.0","info":{"title":"Spike API","version":"1.0.0"},"tags":[{"name":"Alert Rules"}],"servers":[{"url":"https://api.spike.sh","description":"API server"}],"paths":{"/automation/rules":{"get":{"summary":"Fetch all alert rules","description":"Get a list of all alert rules configured for a team. Returns both enabled and disabled rules.\n\nEach rule contains:\n- `name`: Rule name\n- `conditions`: Array of condition groups (OR logic between groups, AND logic within a group)\n- `actions`: Array of actions to execute when conditions match\n- `enabled`: Whether the rule is currently active\n","tags":["Alert Rules"],"responses":{"200":{"description":"Successful response","content":{"application/json":{"schema":{"type":"object"}}}},"401":{"description":"Unauthorized","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}},"parameters":[{"name":"x-api-key","in":"header","required":true,"schema":{"type":"string"},"description":"Your API key. Find it in your Spike dashboard under Settings > API."},{"name":"x-team-id","in":"header","required":true,"schema":{"type":"string"},"description":"Team ID of the team you are making the request to."}]}}},"components":{"schemas":{"Error":{"type":"object","properties":{"message":{"type":"string","description":"Error message describing the problem"},"error":{"type":"string","description":"Error type or code"}}}}}}
```
## Get alert rule details
> Get full details of a specific alert rule by its ID, including all conditions and actions.
```json
{"openapi":"3.1.0","info":{"title":"Spike API","version":"1.0.0"},"tags":[{"name":"Alert Rules"}],"servers":[{"url":"https://api.spike.sh","description":"API server"}],"paths":{"/automation/rules/{ruleId}":{"get":{"summary":"Get alert rule details","description":"Get full details of a specific alert rule by its ID, including all conditions and actions.","tags":["Alert Rules"],"parameters":[{"name":"x-api-key","in":"header","required":true,"schema":{"type":"string"},"description":"Your API key. Find it in your Spike dashboard under Settings > API."},{"name":"x-team-id","in":"header","required":true,"schema":{"type":"string"},"description":"Team ID of the team you are making the request to."},{"name":"ruleId","in":"path","required":true,"schema":{"type":"string"},"description":"ruleId parameter"}],"responses":{"200":{"description":"Successful response","content":{"application/json":{"schema":{"type":"object"}}}},"401":{"description":"Unauthorized","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"404":{"description":"Not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}},"components":{"schemas":{"Error":{"type":"object","properties":{"message":{"type":"string","description":"Error message describing the problem"},"error":{"type":"string","description":"Error type or code"}}}}}}
```
## Create an alert rule
> Create a new alert rule for a team. An alert rule automatically executes actions when incoming incidents match the specified conditions.\
> \
> \*\*Request Body:\*\*\
> \- \`name\` (required): A descriptive name for the rule.\
> \- \`conditions\` (required): A 2D array of condition objects. The outer array represents \*\*OR\*\* groups — if any group matches, the rule triggers. Each inner array contains conditions combined with \*\*AND\*\* logic — all must match.\
> \- \`actions\` (required): An array of action objects to execute when conditions are met.\
> \
> \---\
> \
> \*\*Condition Types:\*\*\
> \
> \| \`conditionType\` | Description | Additional Fields |\
> \|---|---|---|\
> \| \`allIncidents\` | Matches every incident (wildcard) | — |\
> \| \`incidentMessage\` | Match on the incident title/message | \`comparator\`, \`text\` |\
> \| \`incidentDetails\` | Match on a specific key in the incident metadata | \`comparator\`, \`text\`, \`keypair\` |\
> \| \`incidentOccurrence\` | Match when total occurrences exceed a threshold | \`occurrences\` |\
> \| \`incidentOccurrenceTimeframe\` | Match when occurrences exceed a threshold within a time window | \`occurrences\`, \`timeframe\` (in minutes) |\
> \| \`priority\` | Match on incident priority | \`priority\` (one of \`p1\`, \`p2\`, \`p3\`, \`p4\`, \`p5\`) |\
> \| \`severity\` | Match on incident severity | \`severity\` (one of \`sev1\`, \`sev2\`, \`sev3\`) |\
> \| \`regexMatch\` | Match incident message against a regex pattern | \`regex\` |\
> \| \`incidentTiming\` | Match based on time of day the incident occurred | \`start\` (HH:mm), \`end\` (HH:mm), \`timezone\` (optional, e.g., \`America/New\_York\`) |\
> \| \`incidentDayOfWeek\` | Match based on day of the week | \`days\` (array of day numbers: 0=Sunday, 6=Saturday), \`timezone\` (optional) |\
> \
> \*\*Comparators\*\* (for \`incidentMessage\` and \`incidentDetails\`):\
> \`contains\`, \`doesNotContain\`, \`equals\`, \`doesNotEqual\`, \`startsWith\`, \`endsWith\`, \`greaterThan\`, \`lessThan\`, \`greaterThanOrEqual\`, \`lessThanOrEqual\`, \`regexMatch\`\
> \
> \> \*\*Note:\*\* \`greaterThan\`, \`lessThan\`, \`greaterThanOrEqual\`, \`lessThanOrEqual\` are only available for \`incidentDetails\`.\
> \
> \---\
> \
> \*\*Action Types:\*\*\
> \
> \| \`actionType\` | Description | Additional Fields |\
> \|---|---|---|\
> \| \`reassignIncident\` | Reassign the incident to a specific user | \`user\` (user ID) |\
> \| \`suppressIncident\` | Suppress the incident (do not create) | — |\
> \| \`acknowledgeIncident\` | Auto-acknowledge the incident | \`sendAlert\` (\`\\"true\\"\` or \`\\"false\\"\`) |\
> \| \`resolveIncident\` | Auto-resolve the incident | \`sendAlert\` (\`\\"true\\"\` or \`\\"false\\"\`) |\
> \| \`changeEscalation\` | Override the escalation policy | \`escalation\` (escalation policy ID) |\
> \| \`priority\` | Set incident priority | \`priority\` (one of \`p1\`, \`p2\`, \`p3\`, \`p4\`, \`p5\`) |\
> \| \`severity\` | Set incident severity | \`severity\` (one of \`sev1\`, \`sev2\`, \`sev3\`) |\
> \| \`outboundWebhook\` | Trigger an outbound webhook | \`outboundWebhook\` (webhook ID) |\
> \| \`executePlaybook\` | Execute a playbook | \`playbook\` (playbook ID) |\
> \| \`timerResolve\` | Auto-resolve after a timer | timer config |\
> \
> \---\
> \
> \*\*Example:\*\* The sample body creates a rule that matches all incidents whose message starts with \\"test\\" AND whose metadata key \\"test\\" has a value greater than 8, then reassigns the incident to a specific user.
```json
{"openapi":"3.1.0","info":{"title":"Spike API","version":"1.0.0"},"tags":[{"name":"Alert Rules"}],"servers":[{"url":"https://api.spike.sh","description":"API server"}],"paths":{"/automation/rules/create":{"post":{"summary":"Create an alert rule","description":"Create a new alert rule for a team. An alert rule automatically executes actions when incoming incidents match the specified conditions.\n\n**Request Body:**\n- `name` (required): A descriptive name for the rule.\n- `conditions` (required): A 2D array of condition objects. The outer array represents **OR** groups — if any group matches, the rule triggers. Each inner array contains conditions combined with **AND** logic — all must match.\n- `actions` (required): An array of action objects to execute when conditions are met.\n\n---\n\n**Condition Types:**\n\n| `conditionType` | Description | Additional Fields |\n|---|---|---|\n| `allIncidents` | Matches every incident (wildcard) | — |\n| `incidentMessage` | Match on the incident title/message | `comparator`, `text` |\n| `incidentDetails` | Match on a specific key in the incident metadata | `comparator`, `text`, `keypair` |\n| `incidentOccurrence` | Match when total occurrences exceed a threshold | `occurrences` |\n| `incidentOccurrenceTimeframe` | Match when occurrences exceed a threshold within a time window | `occurrences`, `timeframe` (in minutes) |\n| `priority` | Match on incident priority | `priority` (one of `p1`, `p2`, `p3`, `p4`, `p5`) |\n| `severity` | Match on incident severity | `severity` (one of `sev1`, `sev2`, `sev3`) |\n| `regexMatch` | Match incident message against a regex pattern | `regex` |\n| `incidentTiming` | Match based on time of day the incident occurred | `start` (HH:mm), `end` (HH:mm), `timezone` (optional, e.g., `America/New_York`) |\n| `incidentDayOfWeek` | Match based on day of the week | `days` (array of day numbers: 0=Sunday, 6=Saturday), `timezone` (optional) |\n\n**Comparators** (for `incidentMessage` and `incidentDetails`):\n`contains`, `doesNotContain`, `equals`, `doesNotEqual`, `startsWith`, `endsWith`, `greaterThan`, `lessThan`, `greaterThanOrEqual`, `lessThanOrEqual`, `regexMatch`\n\n> **Note:** `greaterThan`, `lessThan`, `greaterThanOrEqual`, `lessThanOrEqual` are only available for `incidentDetails`.\n\n---\n\n**Action Types:**\n\n| `actionType` | Description | Additional Fields |\n|---|---|---|\n| `reassignIncident` | Reassign the incident to a specific user | `user` (user ID) |\n| `suppressIncident` | Suppress the incident (do not create) | — |\n| `acknowledgeIncident` | Auto-acknowledge the incident | `sendAlert` (`\\\"true\\\"` or `\\\"false\\\"`) |\n| `resolveIncident` | Auto-resolve the incident | `sendAlert` (`\\\"true\\\"` or `\\\"false\\\"`) |\n| `changeEscalation` | Override the escalation policy | `escalation` (escalation policy ID) |\n| `priority` | Set incident priority | `priority` (one of `p1`, `p2`, `p3`, `p4`, `p5`) |\n| `severity` | Set incident severity | `severity` (one of `sev1`, `sev2`, `sev3`) |\n| `outboundWebhook` | Trigger an outbound webhook | `outboundWebhook` (webhook ID) |\n| `executePlaybook` | Execute a playbook | `playbook` (playbook ID) |\n| `timerResolve` | Auto-resolve after a timer | timer config |\n\n---\n\n**Example:** The sample body creates a rule that matches all incidents whose message starts with \\\"test\\\" AND whose metadata key \\\"test\\\" has a value greater than 8, then reassigns the incident to a specific user.\n","tags":["Alert Rules"],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"name":{"type":"string"},"conditions":{"type":"array","items":{"type":"array","items":{"type":"object","properties":{"conditionType":{"type":"string"},"comparator":{"type":"string"},"text":{"type":"string"}}}}},"actions":{"type":"array","items":{"type":"object","properties":{"actionType":{"type":"string"},"user":{"type":"string"}}}}}}}}},"responses":{"200":{"description":"Successful response","content":{"application/json":{"schema":{"type":"object"}}}},"400":{"description":"Bad request","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"401":{"description":"Unauthorized","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}},"parameters":[{"name":"x-api-key","in":"header","required":true,"schema":{"type":"string"},"description":"Your API key. Find it in your Spike dashboard under Settings > API."},{"name":"x-team-id","in":"header","required":true,"schema":{"type":"string"},"description":"Team ID of the team you are making the request to."}]}}},"components":{"schemas":{"Error":{"type":"object","properties":{"message":{"type":"string","description":"Error message describing the problem"},"error":{"type":"string","description":"Error type or code"}}}}}}
```
## Update an alert rule
> Update an existing alert rule by its ID. You must send the \*\*complete rule\*\* — partial updates are not supported. The existing rule will be fully replaced with the provided data.\
> \
> \*\*Request Body:\*\*\
> \- \`name\` (required): Updated rule name.\
> \- \`conditions\` (required): Full 2D array of condition groups (same format as Create).\
> \- \`actions\` (required): Full array of action objects (same format as Create).\
> \
> See \*Create an alert rule\* for all available \`conditionType\`, \`comparator\`, and \`actionType\` values.
```json
{"openapi":"3.1.0","info":{"title":"Spike API","version":"1.0.0"},"tags":[{"name":"Alert Rules"}],"servers":[{"url":"https://api.spike.sh","description":"API server"}],"paths":{"/automation/rules/{ruleId}/update":{"put":{"summary":"Update an alert rule","description":"Update an existing alert rule by its ID. You must send the **complete rule** — partial updates are not supported. The existing rule will be fully replaced with the provided data.\n\n**Request Body:**\n- `name` (required): Updated rule name.\n- `conditions` (required): Full 2D array of condition groups (same format as Create).\n- `actions` (required): Full array of action objects (same format as Create).\n\nSee *Create an alert rule* for all available `conditionType`, `comparator`, and `actionType` values.\n","tags":["Alert Rules"],"parameters":[{"name":"x-api-key","in":"header","required":true,"schema":{"type":"string"},"description":"Your API key. Find it in your Spike dashboard under Settings > API."},{"name":"x-team-id","in":"header","required":true,"schema":{"type":"string"},"description":"Team ID of the team you are making the request to."},{"name":"ruleId","in":"path","required":true,"schema":{"type":"string"},"description":"ruleId parameter"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"name":{"type":"string"},"conditions":{"type":"array","items":{"type":"array","items":{"type":"object","properties":{"conditionType":{"type":"string"},"comparator":{"type":"string"},"text":{"type":"string"}}}}},"actions":{"type":"array","items":{"type":"object","properties":{"actionType":{"type":"string"},"user":{"type":"string"}}}}}}}}},"responses":{"200":{"description":"Successful response","content":{"application/json":{"schema":{"type":"object"}}}},"400":{"description":"Bad request","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"401":{"description":"Unauthorized","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"404":{"description":"Not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}},"components":{"schemas":{"Error":{"type":"object","properties":{"message":{"type":"string","description":"Error message describing the problem"},"error":{"type":"string","description":"Error type or code"}}}}}}
```
## Archive an alert rule
> Archive (soft-delete) an alert rule by its ID. Archived rules will no longer evaluate against incoming incidents.\
> \
> Pass the alert rule \`\_id\` as a path parameter. No request body is required.
```json
{"openapi":"3.1.0","info":{"title":"Spike API","version":"1.0.0"},"tags":[{"name":"Alert Rules"}],"servers":[{"url":"https://api.spike.sh","description":"API server"}],"paths":{"/automation/rules/{ruleId}/archive":{"delete":{"summary":"Archive an alert rule","description":"Archive (soft-delete) an alert rule by its ID. Archived rules will no longer evaluate against incoming incidents.\n\nPass the alert rule `_id` as a path parameter. No request body is required.\n","tags":["Alert Rules"],"parameters":[{"name":"x-api-key","in":"header","required":true,"schema":{"type":"string"},"description":"Your API key. Find it in your Spike dashboard under Settings > API."},{"name":"x-team-id","in":"header","required":true,"schema":{"type":"string"},"description":"Team ID of the team you are making the request to."},{"name":"ruleId","in":"path","required":true,"schema":{"type":"string"},"description":"ruleId parameter"}],"responses":{"200":{"description":"Successful response","content":{"application/json":{"schema":{"type":"object"}}}},"401":{"description":"Unauthorized","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"404":{"description":"Not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}}}},"components":{"schemas":{"Error":{"type":"object","properties":{"message":{"type":"string","description":"Error message describing the problem"},"error":{"type":"string","description":"Error type or code"}}}}}}
```
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:
```
GET https://docs.spike.sh/spike-api-docs/alert-rules.md?ask=&goal=
```
`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.