Remediations are actions that the Bearer Agent has taken to recover from an API event. Much like Anomalies, remediations can be configured to match the criteria of certain types of API calls.
The remediations overview provides a running list of remediations that have been performed, grouped by API. You can drill down into an API to view individual remediations, and see details about each API request just as you would with logs.
Bearer uses Remediation Rules to set criteria for performing a remediation. To view existing rules and create your own, select the "Rules" tab from the top navigation.
Here you'll see all rules that are associated with the current application. You can modify rules, toggle their active status, and create new rules.
To create a custom Remediation Rule, select the "Custom Remediation" button on the Rules screen.
You'll be taken to the New Custom Remediation page. Here you can define the criteria an API call must meet to trigger the rule.
A rule can be broken down into four parts:
General: Information about the rule such as name, description, the APIs it applies to, the type of anomaly it detects, and active status.
Detection Conditions: Unique to each rule type, the detection conditions establish the base criteria for a rule to trigger.
Remediation Type: The type of remediation to perform. The latest version of the Bearer Agent supports call blocking, timeouts, and retry remediations.
Call Filtering: Once a potential remediation is detected by a rule, you can further narrow the criteria with filtering. Filters allow you to limit rules to certain headers, status codes, HTTP methods, and more.
Notification Settings: How would you like to be notified when a remediation is triggered? Your notification settings are application-wide, but each rule can choose to use some, all, or none of the configured notification types.