{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "title": "Alert",
  "description": "A XSIAM alert representing a detection from any ingested data source.",
  "$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cortex-xsiam-api-alert-schema.json",
  "type": "object",
  "properties": {
    "alert_id": {
      "type": "string"
    },
    "detection_timestamp": {
      "type": "integer"
    },
    "name": {
      "type": "string"
    },
    "category": {
      "type": "string"
    },
    "description": {
      "type": "string"
    },
    "severity": {
      "type": "string",
      "enum": [
        "critical",
        "high",
        "medium",
        "low",
        "informational",
        "unknown"
      ]
    },
    "source": {
      "type": "string",
      "description": "Data source that generated this alert."
    },
    "host_name": {
      "type": "string"
    },
    "user_name": {
      "type": "string"
    },
    "action": {
      "type": "string"
    },
    "alert_type": {
      "type": "string"
    },
    "resolution_status": {
      "type": "string"
    }
  }
}