To define an incident that triggers an email when raised
Introduction:
In Entuity, you can define an incident that triggers an email when raised. This is useful when designing an event system with an inbuilt escalation process, e.g. to immediately email a senior network administrator if an incident of a specific severity is raised, or after a specified delay if the incident has open for a certain length of time.
For further help and information on triggers in Entuity, please see this article.
To define an incident that triggers an email when raised:
- Click Main Menu and then Administration. This will open the Administration page.
- Click Event Administration. This will open the Event Administration page.
- Click the Variables tab and Add two variables that will be used with the email action:
- a variable with the Name: email_boolean_send_control. This can contain one of two Values:
- true when you want the email action with which it will be associated to run.
- false when you want the email action with which it will be associated to not run.
- a variable with the Name: email_network_admin. Set the Value to the email address of the recipient:
- e.g. john.smith@entuity.com
- a variable with the Name: email_boolean_send_control. This can contain one of two Values:
- Click the Actions tab and Add a new event action.
- enter an appropriate Name and Description.
- Add a new email parameter.
- click Choose, and for Value Kind select Variable Reference.
- for Variable select email_network_admin.
- Add the body of the email in a parameter. The following example includes all standard attributes available against events and incidents, with each attribute labelled and starting on its own line:
"Source: " + source + "\nSourceName: " + sourceName + "\nSourceCompIdString: " + sourceCompIdString + "\nSourceExternalId: " + sourceExternalId + "\nContext:" + context + "\nType: " + type + "\nreportId: " +
reportId + "\nReason: " + reason - Add the throttle parameter and set it to true.
- Add an Action Step:
- set the Type to Groovy Script.
- enter the following example that tests if email_boolean_send_control is set true, and within the sendEmail section specifies the email content:
if (var("email_boolean_send_control") == true ) {
sendEmail (
param('recipients'),
param('subject'),
param('body'),
param('throttle')
)
}
- Save the action. The action is now available as a Named Action that you can select when adding triggers to incidents.
Example groovy scripts:
The following example groovy scripts can be specifed as Actions Steps (see above).
Email subject:
def stateString = " ";
if(state == 1) {
stateString=" - OPEN"
} else if (state == 2) {
stateString=" - CLOSED"
}
"Entuity Alert - " + name + stateString + " on " + sourceName
Email body:
def severityString = " "
if(severity == 10) {
severityString="Critical"
} else if (severity == 8) {
severityString ="Severe"
} else if (severity == 6) {
severityString ="Major"
} else if (severity == 4) {
severityString ="Minor"
} else if (severity == 2) {
severityString ="Info"
}
def ipString =""
if (source) {
def ip=""
ip = source.devPolledIpAddr
if ((ip == null) && (source.device != null)) ip = source.device.devPolledIpAddr
if (ip != null) ipString = "\nPolled IP=" + ip
}
// Primary consolidation server - Compute a callback URL for the the object that is the source of the incident
def constructUrl = { sourceDescriptor ->
def url = "";
def classicType = sourceDescriptor?.classicType
if (source == null) return("") // System event/incident so no monitored component
def OBJ_TYPE_SYSTEM = com.entuity.events.event.ObjType.OBJ_TYPE_SYSTEM.toInt()
def OBJ_TYPE_VIEW = com.entuity.events.event.ObjType.OBJ_TYPE_VIEW.toInt()
if(classicType != OBJ_TYPE_VIEW) {
def proto = getConfigProperty("server.ssl_enabled") == "true" ? "https" : "http"
def swId = source.id;
if (swId != null) {
url = "${proto}://"
def consolidationServerName = getConfigProperty("consolidation_server_name")
def consolidationServerWebPort = getConfigProperty("consolidation_server_web_port")
if (consolidationServerName) {
if (consolidationServerWebPort) {
url += "${consolidationServerName}:${consolidationServerWebPort}"
} else {
url += consolidationServerName
}
} else {
url += shortHostname
}
if (classicType != OBJ_TYPE_SYSTEM) {
url += "/dashboard?dashboardName=Summary&contextPath=${sourceDescriptor?.eyeServerId}%2C%2Csw%3A${sourceDescriptor?.eyeServerId}%3A${swId}"
} else {
url = ""
}
}
}
return url.toString()
}
// Second consolidation server - Compute a callback URL for the the object that is the source of the incident
def constructUrl2 = { sourceDescriptor ->
def url = "";
def classicType = sourceDescriptor?.classicType
if (source == null) return("") // System event/incident so no monitored component
def OBJ_TYPE_SYSTEM = com.entuity.events.event.ObjType.OBJ_TYPE_SYSTEM.toInt()
def OBJ_TYPE_VIEW = com.entuity.events.event.ObjType.OBJ_TYPE_VIEW.toInt()
if(classicType != OBJ_TYPE_VIEW) {
def proto = getConfigProperty("server.ssl_enabled") == "true" ? "https" : "http"
def swId = source.id;
if (swId != null) {
url = "${proto}://"
def consolidationServerName = getConfigProperty("alt_consolidation_server_name")
def consolidationServerWebPort = getConfigProperty("alt_consolidation_server_web_port")
if (consolidationServerName) {
if (consolidationServerWebPort) {
url += "${consolidationServerName}:${consolidationServerWebPort}"
} else {
url += consolidationServerName
}
} else {
url += shortHostname
}
if (classicType != OBJ_TYPE_SYSTEM) {
url += "/dashboard?dashboardName=Summary&contextPath=${sourceDescriptor?.eyeServerId}%2C%2Csw%3A${sourceDescriptor?.eyeServerId}%3A${swId}"
} else {
url = ""
}
}
}
return url.toString()
}
// enrich source descriptor with device id
def sd = sourceDescriptor
sd.enrich(facilities)
def callbackUrl = constructUrl(sourceDescriptor) + "\r\n"
if (getConfigProperty("alt_consolidation_server_name")) {
callbackUrl += "If you're unable to use the above link use the following link instead\r\n" + constructUrl2(sourceDescriptor) + "\r\n"
}
def sourceType = "ENA System"
if (source) {
sourceType = source.type
} else {
callbackUrl = ""
}
"Device Name=" + sourceName + ipString + "\r\nIncident Type=" + name +"\r\nSource Type=" + sourceType +"\r\nSeverity=" + severityString +"\r\nDetails=" + reason + "\r\nLast Updated=" + new Date(lastUpdatedMs).toString() +"\r\nFirst Opened=" + new Date(firstOpenedMs).toString() + "\r\n" + callbackUrl + "\r\n"
Comments
0 comments
Please sign in to leave a comment.