How to use the ~ (includes) filter operator?

When I've used commas in Filters previously, I've had to specify the field after each comma, for example "filter=internalId~LMD1234567,clear:*" or "parentId:1,fullPath~Template" so I assume you may need to do something like "filter=internalId~LMD1234567,internalId~LMD7654321". BUT I would have expected it to attempt to search for an alert that has internalId of LMD1234567 AND LMD7654321 which would never exist. So I'm rather surprised it even get one result.

In my testing I get no results for "filter=internalId~LMD1234567,LMD7654321" but I get the first result when I use "filter=internalId~LMD1234567,internalId~LMD7654321", which I didn't expect. So I'm not exactly sure what is up. I do see that the doc doesn't show internalId as a valid filterable field but does seem to work anyway without commas.

Playing around and watching how to portal does it (F12 in browser, network tab) I was able to get a working solution using:

 /alert/alerts?needMessage=true&filter=_all~"*LMD1234567 OR LMD7654321*"

But really it looks hacky and undocumented. I would suggest just putting in two separate API calls for each LMD# and combine in code or get all the alerts and filter via code.

 

Thanks for your reply @Mike Moniz.

Yes, this has been my finding too, that only the first alert is returned.  I gave up after a while and resorted to looping through and making separately calls for each alert (can't pull all alerts as am only interested in alerts for a particular widget).  Annoyingly using get widget data call doesn't support the alert message detail option either, or there would be no need for the second calls to get alert details.

@Sarah Terry - for info.

I was trying to do an OR operator as well but in the audit/accesslogs. Mike's comment made me think of using the network tab of the developer tools in Firefox.

The browser uses this:

username:"user1@test.com"|"user2@test.com",_all~SAML

It also works without quotes:

username:user1@test.com|user2@test.com,_all~SAML