# `LogpointApi.Data.Rule`
[🔗](https://github.com/MikaelFangel/logpoint_api/blob/v2.2.0/lib/logpoint_api/data/rule.ex#L1)

Builder for alert rule structs.

Start with `LogpointApi.rule/1` and pipe through the builder functions
to set fields. Pass the result to `AlertRule.create/2`.

# `t`

```elixir
@type t() :: %LogpointApi.Data.Rule{
  aggregation_type: String.t() | nil,
  apply_jinja_template: boolean(),
  assignee: String.t() | nil,
  delay_interval: non_neg_integer() | nil,
  description: String.t() | nil,
  flush_on_trigger: boolean(),
  foureyes: boolean(),
  jinja_template: String.t() | nil,
  limit: non_neg_integer() | nil,
  log_sources: [String.t()],
  metadata: map(),
  mitre_tags: [String.t()],
  name: String.t(),
  query: String.t() | nil,
  repos: [String.t()] | nil,
  risk_level: String.t() | nil,
  search_interval: non_neg_integer() | nil,
  simple_view: boolean(),
  threshold_option: String.t() | nil,
  threshold_value: number() | nil,
  throttling_enabled: boolean(),
  throttling_field: String.t() | nil,
  throttling_time_range: non_neg_integer() | nil,
  time_range_day: non_neg_integer() | nil,
  time_range_hour: non_neg_integer() | nil,
  time_range_minute: non_neg_integer() | nil,
  user_groups: [String.t()]
}
```

# `aggregation_type`

# `assignee`

# `delay_interval`

# `description`

# `flush_on_trigger`

# `foureyes`

# `jinja_template`

# `limit`

# `log_sources`

# `metadata`

# `mitre_tags`

# `new`

# `query`

# `repos`

# `risk_level`

# `search_interval`

# `simple_view`

# `threshold`

# `throttling`

# `time_range`

# `to_map`

Convert a `Rule` struct into the nested map format expected by the Logpoint API.

# `user_groups`

# `validate`

```elixir
@spec validate(t()) :: :ok | {:error, [String.t()]}
```

---

*Consult [api-reference.md](api-reference.md) for complete listing*