Automations
Security teams need immediate, consistent responses to critical events. Manual monitoring is time-consuming, error-prone, and doesn't scale.
This guide shows you how to build automated alert systems using Eagle Eye Networks' Automations API. You'll learn to create workflows that automatically detect events (motion, intrusions, device failures), trigger appropriate responses (notifications, webhooks, integrations), and provide visibility into alert delivery status.
What you'll build: A complete automation workflow that monitors security events and automatically notifies your team when incidents occur.
Before You Begin
- Obtain an access token by following the Login Guide.
- Retrieve the Base URL from API URLs.
- Ensure you have the necessary third-party service credentials (e.g., Slack tokens, webhook URLs) if you plan to integrate with external systems.
With these prerequisites, you can build complete automation workflows.
Available endpoints:
- The /eventAlertConditionRules API is used for defining when alerts should trigger.
- The /alertActions API is used for creating automated response actions.
- The /alertActionRules API is used to link conditions to actions.
- The /alerts API is used to view generated alerts and their delivery status.
1. Create an Event Alert Condition Rule
Start by defining when your automation should trigger. Use /eventAlertConditionRules to create rules based on event types, actors (cameras, devices), schedules, and event data.
The key parameters are: name, priority, eventFilter, enabled, notes, and humanValidation.
name(required): A descriptive name for the rule.priority(required): Priority level (1-10) for the alerts this rule generates.eventFilter(optional): Defines which events trigger the rule (event types, actors, schedule, data filters).enabled(optional, default: false): Whether the rule is active.notes(optional): A verbose explanation of the rule.humanValidation(optional): Object withenabledandserviceproperties for human review validation before alerts are triggered.
Example - Create a rule for person detection:
curl --request POST \
--url 'https://{BaseUrl}/api/v3.0/eventAlertConditionRules' \
--header 'accept: application/json' \
--header 'authorization: Bearer <access-token>' \
--header 'content-type: application/json' \
--data '
{
"enabled": true,
"eventFilter": {
"eventTypes": [
"een.personDetectionEvent.v1"
],
"schedule": {
"sunday": [
{
"start": "00:00",
"end": "23:59"
}
],
"monday": [
{
"start": "00:00",
"end": "23:59"
}
],
"tuesday": [
{
"start": "00:00",
"end": "23:59"
}
],
"wednesday": [
{
"start": "00:00",
"end": "23:59"
}
],
"thursday": [
{
"start": "00:00",
"end": "23:59"
}
],
"friday": [
{
"start": "00:00",
"end": "23:59"
}
],
"saturday": [
{
"start": "00:00",
"end": "23:59"
}
]
},
"resourceFilter": {
"actors": [
"camera:1010aeaf",
"camera:10023e10",
"camera:10083b54",
"camera:1009a3a5",
"camera:10104a1d"
]
}
},
"priority": 9,
"name": "Person Detection Alert Rule",
"notes": "Notes"
}
'Response:
{
"id": "c2565b00-275c-4168-97db-4839a1be017a",
"name": "Person Detection Alert Rule",
"priority": 9,
"notes": "Notes",
"enabled": true,
"createTimestamp": "2025-09-04T12:30:45.123+00:00",
"eventFilter": {
"eventTypes": ["een.personDetectionEvent.v1"],
"schedule": {
"monday": [{"start": "00:00", "end": "23:59"}],
"tuesday": [{"start": "00:00", "end": "23:59"}],
"wednesday": [{"start": "00:00", "end": "23:59"}],
"thursday": [{"start": "00:00", "end": "23:59"}],
"friday": [{"start": "00:00", "end": "23:59"}],
"saturday": [{"start": "00:00", "end": "23:59"}],
"sunday": [{"start": "00:00", "end": "23:59"}]
},
"resourceFilter": {
"actors": ["camera:1010aeaf", "camera:10023e10", "camera:10083b54", "camera:1009a3a5", "camera:10104a1d"]
}
},
"outputAlertTypes": ["een.personDetectionAlert.v1"]
}2. Create an Alert Action
Next, define what should happen when your condition rule triggers. Use /alertActions to create actions such as webhooks, notifications, or integrations with third-party services.
The key parameters are: type, name, enabled, settings, and notes.
type: The type of action (webhook, slack, smtp, notification, etc.).name: A descriptive name for the action.enabled: Whether the action is active.settings: Configuration specific to the action type.notes(optional): A description of when and how this action should be used.
Example - Create a webhook action:
curl --request POST \
--url 'https://{BaseUrl}/api/v3.0/alertActions' \
--header 'accept: application/json' \
--header 'authorization: Bearer <access-token>' \
--header 'content-type: application/json' \
--data '
{
"type": "webhook",
"enabled": true,
"settings": {
"url": "https://your-webhook-endpoint.com/alerts"
},
"name": "Notify all technical support staff.",
"notes": "Notify everyone with the technical support role. Useful in cases where a device goes offline."
}
'Response:
{
"id": "72d34073-106f-44c1-a25a-bb9f7d4447bc",
"createTimestamp": "2025-09-22T13:56:43.254+00:00",
"type": "webhook",
"settings": {
"url": "https://your-webhook-endpoint.com/alerts",
},
"name": "Notify all technical support staff.",
"notes": "Notify everyone with the technical support role. Useful in cases where a device goes offline.",
"enabled": true,
"current_status": 1,
"failure_count": 0,
"cool_off_until": null,
"cool_off_trigger_at": null,
"replay_enabled": false,
"health_updated_at": null,
"last_failure_timestamp": null,
"last_success_timestamp": null,
"total_executions": 0,
"total_failures": 0,
"total_successes": 0,
"cool_off_reason": "",
"cool_off_config": null
}Example - Create an SMTP email action:
curl --request POST \
--url 'https://{BaseUrl}/api/v3.0/alertActions' \
--header 'accept: application/json' \
--header 'authorization: Bearer <access-token>' \
--header 'content-type: application/json' \
--data '
{
"type": "smtp",
"enabled": true,
"settings": {
"email": "[email protected]",
"url": "https://smtp.domain.com",
"port": 587,
"username": "username",
"password": "password",
"tls": true
},
"name": "Notify all technical support staff.",
"notes": "Notify everyone with the technical support role. Useful in cases where a device goes offline."
}
'Response:
{
"id": "8cb65a25-5336-4619-9871-d6d0f32d8ba2",
"createTimestamp": "2025-09-22T13:37:49.536+00:00",
"type": "smtp",
"settings": {
"email": "[email protected]",
"url": "https://smtp.domain.com",
"port": 587,
"username": "username",
"password": "********",
"tls": true
},
"name": "Notify all technical support staff.",
"notes": "Notify everyone with the technical support role. Useful in cases where a device goes offline.",
"enabled": true,
"current_status": 1,
"failure_count": 0,
"cool_off_until": null,
"cool_off_trigger_at": null,
"replay_enabled": false,
"health_updated_at": null,
"last_failure_timestamp": null,
"last_success_timestamp": null,
"total_executions": 0,
"total_failures": 0,
"total_successes": 0,
"cool_off_reason": "",
"cool_off_config": null
}3. Retrieve Your Rule and Action IDs
Before linking, you need the IDs of your created condition rules and actions. Use these commands to list your existing configurations:
List your Event Alert Condition Rules:
curl --request GET \
--url 'https://{BaseUrl}/api/v3.0/eventAlertConditionRules?pageSize=100' \
--header 'accept: application/json' \
--header 'authorization: Bearer <access-token>'Response:
{
"nextPageToken": "",
"prevPageToken": "",
"results": [
{
"name": "Person Detection Alert Rule",
"priority": 10,
"notes": "",
"enabled": true,
"cooldownSeconds": 10,
"humanValidation": {
"enabled": false,
"service": null,
"maxWaitTimeSeconds": 10
},
"eventFilter": {
"ioPorts": [],
"eventTypes": [
"een.personDetectionEvent.v1"
],
"schedule": {
"sunday": [
{
"start": "00:00",
"end": "23:59"
}
],
"monday": [
{
"start": "00:00",
"end": "23:59"
}
],
"tuesday": [
{
"start": "00:00",
"end": "23:59"
}
],
"wednesday": [
{
"start": "00:00",
"end": "23:59"
}
],
"thursday": [
{
"start": "00:00",
"end": "23:59"
}
],
"friday": [
{
"start": "00:00",
"end": "23:59"
}
],
"saturday": [
{
"start": "00:00",
"end": "23:59"
}
]
},
"resourceFilter": {
"actors": [
"camera:1010aeaf",
"camera:10023e10",
"camera:10083b54",
"camera:1009a3a5",
"camera:10104a1d"
]
}
},
"id": "c2565b00-275c-4168-97db-4839a1be017a",
"createTimestamp": "2025-04-09T07:51:22.968+00:00",
"updateTimestamp": "2025-07-14T06:02:56.461+00:00",
"outputAlertTypes": [
"een.personDetectionAlert.v1"
]
}
],
"totalSize": 1
}List your Alert Actions:
curl --request GET \
--url 'https://{BaseUrl}/api/v3.0/alertActions?pageSize=100' \
--header 'accept: application/json' \
--header 'authorization: Bearer <access-token>'Response:
{
"totalSize": 2,
"nextPageToken": "",
"prevPageToken": "",
"results": [
{
"id": "6f76c911-8363-466e-be5f-92a17c19a1fd",
"createTimestamp": "2024-10-21T10:45:36.217+00:00",
"type": "webhook",
"settings": {
"url": "https://your-webhook-endpoint.com/alerts",
"rearmSeconds": 60,
"maxPerHour": 60
},
"name": "External System Webhook",
"notes": null,
"enabled": true
},
{
"id": "8a91d722-4f73-5279-c8fe-4b50e2d8c3a1",
"createTimestamp": "2024-10-21T10:46:15.423+00:00",
"type": "smtp",
"settings": {
"email": "[email protected]",
"url": "https://smtp.domain.com",
"port": 587,
"username": "username",
"password": "********",
"tls": true
},
"name": "Security Team Email Alerts",
"notes": null,
"enabled": true
}
]
}From the responses, note the id values for the condition rule and alert action you want to link together.
4. Link Condition Rule to Action
Link the condition rule to the action using /alertActionRules. This creates the complete automation workflow.
The parameters are: ruleIds, alertActionIds, and enabled.
ruleIds: Array of condition rule IDs from step 3.alertActionIds: Array of action IDs from step 3.enabled: Whether this rule is active.
Example:
curl --location --request POST 'https://{BaseUrl}/api/v3.0/alertActionRules' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <access-token>' \
--data '{
"ruleIds": ["c2565b00-275c-4168-97db-4839a1be017a"],
"alertActionIds": ["6f76c911-8363-466e-be5f-92a17c19a1fd"],
"enabled": true,
"name": "Person Detection Webhook Alert"
}'Response:
{
"id": "abc12345-def6-7890-ghij-klmnopqrstuv",
"ruleIds": ["c2565b00-275c-4168-97db-4839a1be017a"],
"alertActionIds": ["6f76c911-8363-466e-be5f-92a17c19a1fd"],
"enabled": true,
"name": "Person Detection Webhook Alert",
"createTimestamp": "2025-09-04T12:40:10.789+00:00"
}5. Monitor Alert Delivery
Use /alerts to monitor which alerts have been generated and verify that your automated actions are working correctly. You can filter by time range, alert type, and include action delivery status.
Check recent alerts with action status:
curl --request GET \
--url 'https://{BaseUrl}/api/v3.0/alerts?actorId__in=&include=data,actions&sort=-timestamp&pageSize=100' \
--header 'accept: application/json' \
--header 'authorization: Bearer <access-token>'Response:
{
"nextPageToken": "cD0yMDI1LTA5LTA0KzExJTNBNTAlM0EzNS44OTkwMDAlMkIwMCUzQTAw",
"prevPageToken": "",
"results": [
{
"id": "698fd1c0-8999-11f0-94b5-3814a878be5d",
"timestamp": "2025-09-04T14:14:04.252+00:00",
"createTimestamp": "2025-09-04T14:14:07.529+00:00",
"creatorId": "een.events",
"eventId": "00055548-bfa33270-6dd81061-2272-4971-95b1-268cd920d228",
"alertType": "een.personDetectionAlert.v1",
"alertName": "Person Detection Alert",
"actorId": "10023e10",
"actorType": "camera",
"actorName": "01.FrontDoor",
"actorAccountId": "00053518",
"locationId": "aed41de9-6624-413f-97b1-3c0f138d8e52",
"locationName": "MainOffice",
"accountId": "00053518",
"priority": 9,
"serviceRuleId": "c2565b00-275c-4168-97db-4839a1be017a",
"category": "video",
"actions": {
"6f76c911-8363-466e-be5f-92a17c19a1fd": {
"name": "Notify all technical support staff",
"type": "webhook",
"status": "success",
"success": true,
"timestamp": "2025-09-04T14:14:07.970+00:00"
}
},
"eventType": "een.personDetectionEvent.v1"
}
]
}By using these five main steps - creating condition rules, defining actions, retrieving IDs, linking them together, and monitoring results - you can build comprehensive automation workflows that handle security events end-to-end. This approach gives you complete control over when alerts trigger and how your system responds, ensuring critical events never go unnoticed.
Updated about 6 hours ago