From ninjaone-rmm
Manages NinjaOne alerts: view active device conditions via API, dismiss alerts, interpret severity/priority levels for hardware, service, security issues.
npx claudepluginhub wyre-technology/msp-claude-plugins --plugin ninjaone-rmmThis skill uses the workspace's default tool permissions.
Alerts in NinjaOne indicate conditions on devices that require attention. They're generated by monitoring policies when thresholds are exceeded or conditions are detected.
Searches, retrieves, and installs Agent Skills from prompts.chat registry using MCP tools like search_skills and get_skill. Activates for finding skills, browsing catalogs, or extending Claude.
Searches prompts.chat for AI prompt templates by keyword or category, retrieves by ID with variable handling, and improves prompts via AI. Use for discovering or enhancing prompts.
Guides agent creation for Claude Code plugins with file templates, frontmatter specs (name, description, model), triggering examples, system prompts, and best practices.
Alerts in NinjaOne indicate conditions on devices that require attention. They're generated by monitoring policies when thresholds are exceeded or conditions are detected.
Conditions persist until resolved; alerts can be dismissed independently.
GET /api/v2/device/{id}/alerts
Authorization: Bearer {token}
Returns active alerts for a specific device.
DELETE /api/v2/alert/{uid}
Authorization: Bearer {token}
Dismisses an alert by its unique identifier. The underlying condition may still exist if not resolved.
{
"uid": "alert-uuid-12345",
"deviceId": 123,
"message": "Disk space on C: below 10%",
"severity": "CRITICAL",
"priority": "HIGH",
"sourceType": "CONDITION",
"sourceConfigUid": "condition-config-id",
"createTime": "2024-02-15T10:30:00Z"
}
| Severity | Description | Typical Response |
|---|---|---|
CRITICAL | Service impacting, requires immediate attention | Immediate |
MAJOR | Significant issue, high priority | Within 1 hour |
MODERATE | Notable issue, medium priority | Within 4 hours |
MINOR | Low impact issue | Within 24 hours |
NONE | Informational only | As time permits |
| Priority | Description |
|---|---|
HIGH | Escalate immediately |
MEDIUM | Standard priority |
LOW | Address when convenient |
NONE | No action required |
| Condition | Typical Threshold | Severity |
|---|---|---|
| Disk space low | < 10% free | CRITICAL |
| Disk space warning | < 20% free | MAJOR |
| Memory pressure | > 90% used | MAJOR |
| CPU sustained high | > 95% for 15 min | MODERATE |
| SMART disk warning | Any SMART error | MAJOR |
| Condition | Description | Severity |
|---|---|---|
| Service stopped | Critical service not running | CRITICAL |
| Service restart loop | Multiple restarts detected | MAJOR |
| Service degraded | Running but errors detected | MODERATE |
| Condition | Description | Severity |
|---|---|---|
| Antivirus disabled | Protection not running | CRITICAL |
| Definitions outdated | AV definitions old | MAJOR |
| Failed login attempts | Multiple failures | MODERATE |
| Firewall disabled | Windows firewall off | MAJOR |
| Condition | Description | Severity |
|---|---|---|
| Device offline | No agent contact | CRITICAL |
| Intermittent connection | Frequent reconnects | MODERATE |
| High latency | Network performance issues | MINOR |
Configure webhooks to receive real-time alert notifications:
PUT /api/v2/webhook
Content-Type: application/json
{
"url": "https://your-server.com/webhook/ninjaone",
"events": ["ALERT_TRIGGERED", "ALERT_CLEARED"]
}
DELETE /api/v2/webhook
{
"event": "ALERT_TRIGGERED",
"alert": {
"uid": "alert-uuid",
"deviceId": 123,
"message": "Disk space critical",
"severity": "CRITICAL"
},
"device": {
"id": 123,
"displayName": "SERVER-01",
"organizationId": 456
},
"timestamp": "2024-02-15T10:30:00Z"
}
After scheduled maintenance:
| Code | Description | Resolution |
|---|---|---|
| 404 | Alert not found | May already be dismissed |
| 403 | Access denied | Check organization permissions |
| 400 | Invalid request | Verify alert UID format |