Applicable to Entuity v23.0 GA. If you are using an earlier version of Entuity, please see this article.
Send SNMP Trap
Send to Moogsoft
Send to Splunk
Send to Slack
Send to BMC Helix
Send to BigPanda
Send to ServiceNow
In Entuity, EMS actions define the operations that can be performed by event rules and incident triggers. You can select from preconfigured actions or defined new actions. You can also edit and delete actions.
There are two places in which you can specify action steps:
- triggers - the incident triggers the action.
- rules - rules are applied during the processing of events.
There are two types of actions:
- Standard Actions - these are the standard, system actions.
- Custom Actions - these are custom actions that you can add to (e.g. through configuration changes to reflect integrations).
Standard actions:
| Standard Action | Description |
|---|---|
| Discard Event | discards the current event. An example of its use is in the Pre-Storage rule, Filter Port Status Events, where trap-based events are not raised against ports where Status Events is set to No. |
| Set Attribute |
you can set a value against a new or existing event/incident attribute. This enrichment is through 2 attribute types:
You can assign static values to attributes, or access the database values, variables and function calls. For example, an event related to a device might look up the location of that device and include it in one of the event attributes. |
| Set Event Type | allows you to change the event type. This action is used with the unify rules that are used in the default flapping solution. |
| Set Severity |
enter the internal severity level values to reset the current event: 2 - Information or Cleared. 4 - Minor. 6 - Major. 8 - Severe. 10 - Critical. |
| Increase Severity | increases the severity by one level. |
| Decrease Severity | decreases the severity by one level. |
| Create Event | generates a new event type, based on the selected event type and using the same source. This new event is processed in addition to the original event. Any of the standard attributes can be set and new ones defined. |
| Derive Event | generates a new event type, based upon the selected event type and using the same source. This new event is processed in addition to the original event. For example, selecting Show Details on the derived event also shows the details of the original event. |
| Groovy Script | expressions developed using Groovy Script (an object-oriented programming language for the Java platform). Through Groovy, you can access the database, e.g. the Filter Port Status Events rule evaluates whether Entuity is configured to raise status events against the current port. |
| Process | allows Entuity to execute a process, utility or script as though it were run from the command line. You can pass parameters to a process using a configurable list of arguments. |
Custom actions:
| Named Action | Description |
|---|---|
| Send e-mail | send an email containing event and incident attributes. |
| Send SNMP Trap | send SNMP traps generated from events and incidents to third-party trap receivers. |
| Sent to Moogsoft | forward incidents to Moogsoft integration. |
| Sent to Splunk | forward events and incidents to Splunk integration. |
| Sent to Slack | forward events and incidents to a specified Slack channel or channels. |
| Sent to ServiceNow | forward incidents to ServiceNow. |
Send e-mail:
| Parameter | Description |
|---|---|
| recipients | recipients of the email. If there are multiple email recipients, addresses can be separated by either a comma ( , ) or semicolon ( ; ). |
| subject body | |
| throttle | emailThrottlingPeriodSec under the events section in entuity.cfg. |
Note, the email client used to forward event and incident attributes includes support for secure servers.
Send SNMP Trap:
| Parameter | Description |
|---|---|
| host | |
| port | |
| version | |
| community | |
| username | |
| authProtocol |
SNMPv3 setting. There are three levels of authentication, specifying the authentication protocol:
|
| authPassword | authProtocol is set to 'MD5' or 'SHA'. The password must be at least eight characters long. The parameter value must be enclosed in quotes, so the minimum entered length is 10 characters. |
| privProtocol |
SNMPv3 setting. There are three levels of authentication, specifying the privacy protocol:
|
| privPassword | PrivProtocol is set to 'DES' or 'AES'. The password must be at least eight characters long. The parameter value must be enclosed in quotes, so the minimum entered length is 10 characters. |
Send to Moogsoft:
| Parameter | Description |
|---|---|
| cname | connection name. To connect with Moogsoft using values that are specified in a section other than 'default' in Moogsoft.cfg, you will need to specify the desired value for the cname parameter. |
See this section on Entuity's integration with Moogsoft.
Send to Splunk:
| Parameter | Description |
|---|---|
| cname | connection name. This relates to the config file needed to sent the request. |
| token | the Splunk HttpEventCollector token required to send data to Splunk. |
See this section on Entuity's integration with Splunk.
Send to Slack:
| Parameter | Description |
|---|---|
| cname | connection name. This relates to the config file needed to send the request. |
| path | webhook path that defines the Slack channel to which events/incidents will be forwarded. |
See this section on Entuity's integration with Slack.
Send to BMC Helix:
| Parameter | Description |
|---|---|
| cname | connection name. |
| apiKey | value of the API Key retrieved from the BMC Helix server. |
See this section on Entuity's integration with BMC Helix.
Send to BigPanda:
| Parameter | Description |
|---|---|
| app_key | the app_key that is configured in BigPanda. |
| bearer_token | the bearer token provided in BigPanda. |
See this section on Entuity's integration with BigPanda.
Send to ServiceNow:
| Parameter | Description |
|---|---|
| cname | connection name. |
See this section on Entuity's integration with ServiceNow.
Comments
0 comments
Please sign in to leave a comment.