Send to BMC Event Manager
Send SNMP Trap
Send to TrueSight Intelligence
Send to Moogsoft
Send to Splunk
Send to Slack
Send to Remedy ITSM
Send to BMC Helix
Send to BigPanda
Send to ServiceNow
In Entuity, EMS actions define the operations that can be performed by event rules and incident triggers. You can select from preconfigured actions or defined new actions. You can also edit and delete actions.
There are two places in which you can specify action steps:
- triggers - the incident triggers the action.
- rules - rules are applied during the processing of events.
There are two types of actions:
- Standard Actions - these are the standard, system actions.
- Custom Actions - these are custom actions that you can add to (e.g. through configuration changes to reflect integrations).
Standard actions:
Standard Action | Description |
---|---|
Discard Event | discards the current event. An example of its use is in the Pre-Storage rule, Filter Port Status Events, where trap-based events are not raised against ports where Status Events is set to No. |
Set Attribute |
you can set a value against a new or existing event/incident attribute. This enrichment is through 2 attribute types:
You can assign static values to attributes, or access the database values, variables and function calls. For example, an event related to a device might look up the location of that device and include it in one of the event attributes. |
Set Event Type | allows you to change the event type. This action is used with the unify rules that are used in the default flapping solution. |
Set Severity |
enter the internal severity level values to reset the current event: 2 - Information or Cleared. 4 - Minor. 6 - Major. 8 - Severe. 10 - Critical. |
Increase Severity | increases the severity by one level. |
Decrease Severity | decreases the severity by one level. |
Create Event | generates a new event type, based on the selected event type and using the same source. This new event is processed in addition to the original event. Any of the standard attributes can be set and new ones defined. |
Derive Event | generates a new event type, based upon the selected event type and using the same source. This new event is processed in addition to the original event. For example, selecting Show Details on the derived event also shows the details of the original event. |
Groovy Script | expressions developed using Groovy Script (an object-oriented programming langauge for the Java platform). Through Groovy, you can access the database, e.g. the Filter Port Status Events rule evaluates whether Entuity is configured to raise status events against the current port. |
Process | allows Entuity to execute a process, utility or script as though it were run from the command line. You can pass parameters to a process using a configurable list of arguments. |
Custom actions:
Named Action | Description |
---|---|
Send e-mail | send an email containing event and incident attributes. |
Send to BMC Event Manager | forward event and incident attributes to TrueSight Operations Management Events Server. |
Send SNMP Trap | send SNMP traps generated from events and incidents to third-party trap receivers. |
Send to TrueSight Intelligence | forward incidents to TrueSight Intelligence |
Send to Moogsoft | forward incidents to Moogsoft integration. |
Send to Splunk | forward events and incidents to Splunk integration. |
Send to Slack | forward events and incidents to a specified Slack channel or channels. |
Send to Remedy ITSM | For ENA v17.0 P07 upwards: forward events and incidents to BMC Remedy ARSystem as ITSM incidents. |
Send to ServiceNow | forward incidents to ServiceNow |
Send e-mail:
Parameter | Description |
---|---|
recipients | recipients of the email. If there are multiple email recipients, addresses can be separated by either a comma , or semicolon ; |
subject | subject name of the email. |
body | body of the email, including standard attributes available against events and incidents, e.g. "Source: " + source + "\nSourceName: " + sourceName + "\nSourceCompId-String: " |
throttle | allows the server to combine emails that are going to the same recipient when they are raised within a defined period. By default, the throttling period is 5 minutes, and can be adjusted via emailThrottlingPeriodSec under the events section entuity.cfg. |
Note, the email client used to forward event and incident attributes includes support for secure servers.
Send to BMC Event Manager:
Parameter | Description |
---|---|
cname | connection name. If you do not enter a value in cname, leave it with its default single quotes. Entuity will then use the TrueSight Infrastructure Management Server details entered through configure. |
Send SNMP Trap:
Parameter | Description |
---|---|
host | resolved hostname or IP address of the receiving third-party software. |
port | trap-receiving port of the receiving third-party software. This is provided as a string (even though it is a number), and therefore must be enclosed within quotes. |
version | SNMP trap version, i.e. 1, 2, or 3. |
community | SNMPv1/2c setting. Read community string. |
username | SNMPv3 setting. Security username. |
authProtocol |
SNMPv3 setting. There are 3 levels of authentication, specifying the authentication protocol:
|
authPassword | SNMPv3 setting. Authentication password required when authProtocol is set to 'MD5' or 'SHA'. The password must be at least 8 characters long. The parameter value must be enclosed in quotes, so the minimum entered length is 10 characters. |
privProtocol |
SNMPv3 setting. There are 3 levels of authentication, specifying the privacy protocol:
|
privPassword | SNMPv3 setting. Encryption password required when privProtocol is set to 'DES' or 'AES'. The password must be at least 8 characters long. The parameter value must be enclosed in quotes, so the minimum entered length is 10 characters. |
Send to TrueSight Intelligence:
Parameter | Description |
---|---|
cname | connection name. |
tsiAppId | defines the App ID from which TrueSight Intelligence will see events being forwarded by Entuity. |
Send to Moogsoft:
Parameter | Description |
---|---|
cname | connection name. To connect with Moogsoft using values that are specified in a section other than 'default' in Moogsoft.cfg, you will need to specify the desire value for the cname parameter. |
See this section on Entuity's integration with Moogsoft.
Send to Splunk:
Parameter | Description |
---|---|
cname | connection name. This relates to the config file needed to send the request. |
token | the Splunk HttpEventCollector token required to send data to Splunk. |
See this section on Entuity's integration wtih Splunk.
Send to Slack:
Parameter | Description |
---|---|
cname | connection name. This relates to the config file needed to send the request. |
path | webhook path that defines the Slack channel to which events/incidents will be forwarded. |
See this section on Entuity's integration with Slack.
Send to Remedy ITSM:
[There are no parameters]
Send to BMC Helix:
Parameter | Description |
---|---|
cname | connection name. |
apiKey | value of the API Key retrieved from the BMC Helix server. |
See this section on Entuity's integration with BMC Helix.
Send to BigPanda:
Parameter | Description |
---|---|
app_key | the app_key that is configured in BigPanda. |
bearer_token | the bearer token provided by BigPanda. |
See this section on Entuity's integration with BigPanda.
Send to ServiceNow:
Parameter | Description |
---|---|
cname | connection name. |
See this section on Entuity's integration with ServiceNow.
Comments
0 comments
Please sign in to leave a comment.