This documentation supports releases of BMC Helix Intelligent Automation up to December 31, 2021. To view the latest version, select version 23.1 from the Product version menu.

Creating automation policies

Automation engineers create automation policies for a requested event, by using a new event JSON, or for existing events saved in the database.

Automation policies contain actions that connect with the automation applications supported by BMC Helix Intelligent Automation to perform remediation actions for events. When you create a policy, you can test it during the creation so that you do not encounter any issues when events that match the trigger conditions appear. A policy can be run only if it is in a Published state. 

To create an automation policy

  1. In the BMC Helix Intelligent Automation console, go to Policies and click Create Automation Policy.
  2. In the Policy Information section, enter a unique name and an optional description for the policy. 
  3. Select the execution mode as Manual or Automatic depending upon whether you want to execute the policy manually or automatically based on the incoming events.

    Can I change the execution mode later?

    Yes, you can edit the policy and change the mode anytime.

  4. In the Trigger section, click Browse, and do one of the following:
    • From the Select Event Type tab, select an existing event type and click Done.
      The trigger condition from the event is listed in the following format: <eventCategory>: <eventName>.

      Why don't I see any existing event types to choose from?

      BMC Helix Intelligent Automation has not received any event from an event source such as BMC Helix Operations Management or BMC Helix Service Monitoring so far.

    • On the Paste Event JSON tab, enter the event information in the JSON format, and click Done.
    When you select an event, all parameters in the event appear in the right pane. 
  5. Click anywhere in the Trigger Condition box to start building the expression for a trigger condition, and use the suggested parameters, values, and operators to complete the expression.

    For sample expressions, see Trigger condition expression.

  6. To add system or custom tags to the policy, perform the following steps:
    1. System tags: Select one or more tags from the list of available system tags. 
      Based on the event, some system tags are displayed.
    2. Custom tags: In the Tags (Optional) section, enter a key-value pair. 
      Tag key should start with an alphabet and end with an alphanumeric character. Key supports alphanumeric characters and periods, dashes, and underscores. 
  7. To add action to the policy, click Add Action and perform the following steps using the action wizard:
    1. From the Pick an automation tool section, click the connector name.
      Only configured connectors are displayed here. The wizard takes you to the next step to select an action. 
    2. (For Ansible and TrueSight Orchestration only) Click Sync Actions
      All actions available in the selected connector appear. 
    3. Click Select against the action that you want to add to the policy.
      The wizard takes you to the next step to configure an action.
    4. Depending on the selected action, provide the information and click Done.
      The added action appears in the Action Configuration section. You can add multiple actions in a policy. 

      Adding action for supported applications

      To add action for a specific automation application, see the following documentation for an example for each of the supported connections:

  8. In the Estimated Savings section, enter an approximate time (in minutes) and money (in USD) that you may save by automating the actions. 
  9. (Optional) Before you save a policy, do the following steps to test a policy to ensure that the event and the policy match and can be run later:

    1. Click Test Policy.
      You are prompted to save the policy. 

    2. Click Confirm.

    3. On the Test Inputs tab, enter parameter values for testing (if required by the policy being tested), and click Execute
      The results appear in the Test Results tab.
      If the policy test is successful, the policy instance is created and executed on the resource you provide during testing.

      Can I test a policy later?

      Yes, however, you need to change a policy status to draft and edit the policy to test it. BMC recommends that you test a policy while creating it.

  10. Select Publish Policy and click Save to publish the policy.

Trigger condition expression

To build a trigger condition expression, you can use the expression builder provided by BMC Helix Intelligent Automation while creating an automation policy. The following table lists sample conditions and the events that will match to those conditions.

Trigger conditionDescriptionSample matching event
( tags.event_type == "IDLE_VM_RECOMMENDATION" )Matches any event with event_type having value, IDLE_VM_RECOMMENDATION{
  "tags": {
( tags.event_type == OVERALLOCATED_CONTAINER_RECOMMENDATION ) && ( tags.platform == kubernetes )Matches any event with event_type having value, OVERALLOCATED_CONTAINER_RECOMMENDATION and platform having value, kubernetes.

  "tags": {
    "platform""kubernetes", "event_type""OVERALLOCATED_CONTAINER_RECOMMENDATION "

( event.eventID == '749f50e3-015f-44b0-9acc-c737c337af4a' ) || ( event.userIdentity.type != 'AWSService' ) && ( event.resources[*].accountId == '262766734334' )

Matches any event with eventID having value, 749f50e3-015f-44b0-9acc-c737c337af4a or event.userIdentity.type not equal to AWSService and event.resources[*].accountId having value, 262766734334.


"eventVersion": "1.05",

"userIdentity": {

"type": "AWSService",

"invokedBy": ""


"eventTime": "2020-08-07T13:29:01Z",

"eventSource": "",

"eventName": "GenerateDataKey",

"awsRegion": "us-east-1",

"sourceIPAddress": "",

"userAgent": "",

"requestParameters": {

"keyId": "arn:aws:kms:us-east-1:262766734334:key/8c98fc0d-ed8d-4b52-a3b1-4b5df006c5c6",

"keySpec": "AES_256",

"encryptionContext": {

"aws:cloudtrail:arn": "arn:aws:cloudtrail:us-east-1:262766734334:trail/all-security-events",

"aws:s3:arn": "arn:aws:s3:::security-event-log/secops/AWSLogs/262766734334/CloudTrail/us-east-1/2020/08/07/262766734334_CloudTrail_us-east-1_20200807T1320Z_lV0WaHLWquJdkQpK.json.gz"



"responseElements": null,

"requestID": "f28e9855-fc86-4d62-a1a2-0876fe1399ea",

"eventID": "749f50e3-015f-44b0-9acc-c737c337af4a",

"readOnly": true,

"resources": [


"accountId": "262766734334",

"type": "AWS::KMS::Key",

"ARN": "arn:aws:kms:us-east-1:262766734334:key/8c98fc0d-ed8d-4b52-a3b1-4b5df006c5c6"



"eventType": "AwsApiCall",

"recipientAccountId": "262766734334",

"sharedEventID": "1209b4c9-33f6-4244-8edd-008d4198744f"


Where to go from here

After successfully creating policies, you can view the automation policies in the console, see Viewing, editing, and copying automation policies

Was this page helpful? Yes No Submitting... Thank you