Hello,
When fetching the episodes from ITSI via REST (https://hostname:8089/servicesNS/fsspl06/itsi/event_management_interface/notable_event_group?filter={"status":"1","severity":{"$gte":"3"}}) a list of several episodes with status "New" is obtained. However, in the ITSI GUI, in the Episode Review tab, a search for all new episodes over all time returns no results. How is this possible? Any clues on how to debug this? Thanks
If you are sure that even in the itsi_summary index that the groupid's for the ones retrieved via rest are NOT there, then I'd open a support case.
Need more info on your filter. What is set for Status Filter and Severity Filter?
In ITSI GUI the Status is set to New and the severity is not set
Also if you search the. index=itsi_grouped_alerts do you see the groupID of the same episodes you got from the REST API?
No, the episodes returned via REST are not found in the index.