Palo Alto Networks · Capability
Palo Alto Networks IoT Security API — Alerts
Palo Alto Networks IoT Security API — Alerts. 3 operations. Lead operation: Palo Alto Networks Get Alert Details. Self-contained Naftiko capability covering one Palo Alto Networks business surface.
What You Can Do
GET
Getalertdetail
— Palo Alto Networks Get Alert Details
/v1/alert/detail
GET
Listalerts
— Palo Alto Networks List Security Alerts
/v1/alert/list
PUT
Updatealert
— Palo Alto Networks Update Alert Status
/v1/alert/update
MCP Tools
palo-alto-networks-get-alert
Palo Alto Networks Get Alert Details
read-only
idempotent
palo-alto-networks-list-security
Palo Alto Networks List Security Alerts
read-only
idempotent
palo-alto-networks-update-alert
Palo Alto Networks Update Alert Status
idempotent
Capability Spec
naftiko: 1.0.0-alpha2
info:
label: Palo Alto Networks IoT Security API — Alerts
description: 'Palo Alto Networks IoT Security API — Alerts. 3 operations. Lead operation: Palo Alto Networks Get Alert Details.
Self-contained Naftiko capability covering one Palo Alto Networks business surface.'
tags:
- Palo Alto Networks
- Alerts
created: '2026-05-19'
modified: '2026-05-19'
binds:
- namespace: env
keys:
PALO_ALTO_NETWORKS_API_KEY: PALO_ALTO_NETWORKS_API_KEY
capability:
consumes:
- type: http
namespace: palo-alto-iot-security-alerts
baseUri: https://{customer}.iot.paloaltonetworks.com/pub/v4.0
description: Palo Alto Networks IoT Security API — Alerts business capability. Self-contained, no shared references.
resources:
- name: alert-detail
path: /alert/detail
operations:
- name: getalertdetail
method: GET
description: Palo Alto Networks Get Alert Details
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: customerid
in: query
type: string
description: Customer tenant identifier.
required: true
- name: id
in: query
type: string
description: Unique alert identifier.
required: true
- name: alert-list
path: /alert/list
operations:
- name: listalerts
method: GET
description: Palo Alto Networks List Security Alerts
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: customerid
in: query
type: string
description: Customer tenant identifier.
required: true
- name: offset
in: query
type: integer
description: Pagination offset for results.
- name: pagelength
in: query
type: integer
description: Number of alerts to return per page.
- name: stime
in: query
type: string
description: Start time filter as a Unix epoch timestamp in seconds.
- name: etime
in: query
type: string
description: End time filter as a Unix epoch timestamp in seconds.
- name: resolved
in: query
type: string
description: Filter by alert resolution status.
- name: alert-update
path: /alert/update
operations:
- name: updatealert
method: PUT
description: Palo Alto Networks Update Alert Status
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: customerid
in: query
type: string
description: Customer tenant identifier.
required: true
- name: id
in: query
type: string
description: Unique alert identifier to update.
required: true
- name: resolved
in: query
type: string
description: New resolution status for the alert.
required: true
- name: reason
in: query
type: string
description: Reason for the status change.
authentication:
type: apikey
key: X-Key-Id
value: '{{env.PALO_ALTO_NETWORKS_API_KEY}}'
placement: header
exposes:
- type: rest
namespace: palo-alto-iot-security-alerts-rest
port: 8080
description: REST adapter for Palo Alto Networks IoT Security API — Alerts. One Spectral-compliant resource per consumed
operation, prefixed with /v1.
resources:
- path: /v1/alert/detail
name: alert-detail
description: REST surface for alert-detail.
operations:
- method: GET
name: getalertdetail
description: Palo Alto Networks Get Alert Details
call: palo-alto-iot-security-alerts.getalertdetail
with:
customerid: rest.customerid
id: rest.id
outputParameters:
- type: object
mapping: $.
- path: /v1/alert/list
name: alert-list
description: REST surface for alert-list.
operations:
- method: GET
name: listalerts
description: Palo Alto Networks List Security Alerts
call: palo-alto-iot-security-alerts.listalerts
with:
customerid: rest.customerid
offset: rest.offset
pagelength: rest.pagelength
stime: rest.stime
etime: rest.etime
resolved: rest.resolved
outputParameters:
- type: object
mapping: $.
- path: /v1/alert/update
name: alert-update
description: REST surface for alert-update.
operations:
- method: PUT
name: updatealert
description: Palo Alto Networks Update Alert Status
call: palo-alto-iot-security-alerts.updatealert
with:
customerid: rest.customerid
id: rest.id
resolved: rest.resolved
reason: rest.reason
outputParameters:
- type: object
mapping: $.
- type: mcp
namespace: palo-alto-iot-security-alerts-mcp
port: 9090
transport: http
description: MCP adapter for Palo Alto Networks IoT Security API — Alerts. One tool per consumed operation, routed inline
through this capability's consumes block.
tools:
- name: palo-alto-networks-get-alert
description: Palo Alto Networks Get Alert Details
hints:
readOnly: true
destructive: false
idempotent: true
call: palo-alto-iot-security-alerts.getalertdetail
with:
customerid: tools.customerid
id: tools.id
outputParameters:
- type: object
mapping: $.
- name: palo-alto-networks-list-security
description: Palo Alto Networks List Security Alerts
hints:
readOnly: true
destructive: false
idempotent: true
call: palo-alto-iot-security-alerts.listalerts
with:
customerid: tools.customerid
offset: tools.offset
pagelength: tools.pagelength
stime: tools.stime
etime: tools.etime
resolved: tools.resolved
outputParameters:
- type: object
mapping: $.
- name: palo-alto-networks-update-alert
description: Palo Alto Networks Update Alert Status
hints:
readOnly: false
destructive: false
idempotent: true
call: palo-alto-iot-security-alerts.updatealert
with:
customerid: tools.customerid
id: tools.id
resolved: tools.resolved
reason: tools.reason
outputParameters:
- type: object
mapping: $.