An asterisk * in the title indicates the field is mandatory.
If a field has a default value, it is shown in the Description column.
If the field type is an array, the Field Name has a .[n] suffix, where n is the array index placeholder.
Object and array field names are listed to provide context. If a field belongs to an object or an array, the full field name is shown in dot separated notation.

Title			Description	Details
Policy *			The alerting policy this rule belongs to.	Field Name: policy Type: String Target: data/AlertingPolicy Target attr: name Format: uri
Rule Name *			Name of the alerting rule. This must be unique per policy.	Field Name: name Type: String MaxLength: 255
Description			Provide a brief description of this Alerting Rule.	Field Name: description Type: String MaxLength: 8192
Rule Type				Field Name: rule_type Type: String Choices: ["Simple", "Compound"]
Alarm Id				Field Name: alarm_id Type: Integer
Coorelation Type				Field Name: coorelation_type Type: String Choices: ["Simple", "Complex"]
Enabled				Field Name: enabled Type: Boolean
Inherit Output			If you want filter data included?	Field Name: inherit Type: Boolean
Halt Processing			Halt processing in this policy group on match?	Field Name: halt_processing_on_match Type: Boolean
Window				Field Name: window Type: Integer Choices: ["30 seconds", "1 minute", "5 minutes", "10 minutes", "30 minutes", "1 hour", "2 hours", "4 hours", "8 hours", "12 hours", "24 hours"]
Severity				Field Name: severity Type: String Choices: ["Informational", "Minor", "Major", "Critical"]
Threshold				Field Name: threshold Type: Integer
Search Filter				Field Name: search_filter Type: String
	Definitions		Definitions.	Field Name: rule_definitions.[n] Type: Array
		Name		Field Name: rule_definitions.[n].description Type: String
		Location *		Field Name: rule_definitions.[n].location Type: String Choices: ["Header", "Raw log"]
		Pattern Type *		Field Name: rule_definitions.[n].pattern_type Type: String Choices: ["Match", "Match/Extract"]
		Pattern	Header name or regular expression for raw logs.	Field Name: rule_definitions.[n].pattern Type: String
		Function		Field Name: rule_definitions.[n].function Type: String Choices: ["Greater Than", "Less Than", "Same"]
		Function Value		Field Name: rule_definitions.[n].function_value Type: Integer
		Token	used for alert message output order	Field Name: rule_definitions.[n].token Type: Integer
	Enrichment		Enrich the alert with table details or additional verbage.	Field Name: enrichment.[n] Type: Array
		Location *		Field Name: enrichment.[n].location Type: String Choices: ["table", "custom"]
		Item		Field Name: enrichment.[n].item Type: String
		Token	used for alert message output order	Field Name: enrichment.[n].token Type: Integer
Response Procedure *			The response procedure for this alert rule.	Field Name: response_procedure Type: String Target: data/AlertingResponseProcedure Target attr: name Format: uri
Grafana Rule			The grafana rule for this for this alert rule. TODO reference new model.	Field Name: grafana_rule Type: String

Model: data/AlertingRule

Model Details: data/AlertingRule