Event Exclusion Schema
- 04 Jul 2025
- 1 Minute to read
- Print
- DarkLight
- PDF
Event Exclusion Schema
- Updated on 04 Jul 2025
- 1 Minute to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback!
{
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Event Exclusion Filter Configuration",
"type": "object",
"required": ["eventExclusionFilterConfig"],
"properties": {
"eventExclusionFilterConfig": {
"type": "array",
"description": "Array of event exclusion filter configurations",
"items": {
"type": "object",
"required": ["description"],
"properties": {
"description": {
"type": "string",
"description": "Human-readable description of the event exclusion filter configuration"
},
"AND": {
"type": "array",
"description": "Array of conditions that must all be true (AND logic)",
"items": {
"$ref": "#/definitions/condition"
}
},
"OR": {
"type": "array",
"description": "Array of conditions where at least one must be true (OR logic)",
"items": {
"$ref": "#/definitions/condition"
}
}
},
"oneOf": [
{ "required": ["AND"] },
{ "required": ["OR"] }
]
}
}
},
"definitions": {
"condition": {
"oneOf": [
{
"type": "object",
"required": ["field", "values", "operator"],
"properties": {
"field": {
"type": "string",
"description": "Field name to evaluate",
"enum": ["acknowledgetime_conv", "acknowledgetimetext_conv", "agentip_conv", "alert_conv", "created_date_conv", "description_conv",
"devicename_conv", "displayname_conv", "enterprise_conv", "eventid_conv", "last_text_time_conv", "last_time_conv", "last_time_in_conv",
"location_conv", "origination_conv", "rawdevicename_conv", "source_conv", "source_id", "subdevicename_conv", "text_time_conv",
"time_conv", "time_in_conv", "tenant", "trapname_conv", "servername_conv"]
},
"values": {
"type": "array",
"description": "Array of values to compare against",
"items": {
"type": "string"
}
},
"operator": {
"type": "string",
"enum": ["EQUALS", "CONTAINS", "STARTS_WITH", "NOT_EQUALS",
"GREATER_THAN", "LESS_THAN", "DATE_EQUALS", "DATE_GREATER_THAN", "DATE_LESS_THAN"],
"description": "Comparison operator"
}
}
},
{
"type": "object",
"required": ["AND"],
"properties": {
"AND": {
"type": "array",
"description": "Nested AND conditions",
"items": {
"$ref": "#/definitions/condition"
}
}
}
},
{
"type": "object",
"required": ["OR"],
"properties": {
"OR": {
"type": "array",
"description": "Nested OR conditions",
"items": {
"$ref": "#/definitions/condition"
}
}
}
}
]
}
}
}Was this article helpful?