Example: Assign open events to specific people and change the event severity and status

To assign an owner to the event and enrich the event status and severity, perform the following steps:

1. Define the event selection criteria.
2. Build the policy workflow.

Actions involved

• If-Then-Else
• Enrich

To define the event selection criteria

1. Select Configuration > Event Policies and click Create.
2. In the Event Selection Criteria, define a condition to select events of the class EVENT with the status set to Open and a message that contains "DB Connection Issue".

The following image illustrates how the event selection criteria will look.

To build the policy workflow

On the Advanced Enrichment page, perform the following steps to build the policy workflow:

1. Add the If action. Under the If Settings, define a condition to check if the location is New York.
   
   
   
2. Under Then, add an Enrich action.
   You need to add 3 enrichment actions one after another:
   1. To assign the event to Mike.
      
      
      
   2. To change the event status to Assigned.
      
      
      
   3. To change the event severity to Major.
      
3. Under Else, add an If action. Define a condition to check if the location is Chicago (as shown in step 1). 
   Under the Then part, add Enrich actions to assign the event to Sheila, to change the event status to Assigned, and to change the event severity to Critical (as shown in step 2).

Results

The resulting policy workflow assigns an owner to the event, enriches the event status and severity based on the location as shown in the following image: