Overview of automation policies

An automation policy consists of a set of actions that are executed in a sequence to remediate an event.

When the trigger conditions in an open event received by BMC Helix Intelligent Automation matches the conditions defined in the policy, the policy is run. Whenever a policy is executed, the event data contained in that policy is saved in the BMC Helix Intelligent Automation database. When you create a new policy, you can either choose from the existing saved events or specify a new event in the JSON format.

Connection with BMC Helix AIOps

BMC Helix Intelligent Automation connects with BMC Helix AIOps to show automation policies as available remediation actions for open events in BMC Helix AIOps. If an event does not show relevant policies, operators can request automation. Such requests appear on the Automation Requests page. If an administrator has permission to create policies in BMC Helix Intelligent Automation, the administrator can cross-launch into BMC Helix Intelligent Automation for creating policies for a selected event. 

Event structure

An event is a JSON structure with one or more name/value pairs. The following event shows the structure for a simple event:

Event structure
{
"param1" : "<value>",
"param2" : "<value>",
"param3" : "<value>",
 .
 .
 .
"paramN" : "<value>",
}

You can also nest data within the JSON format by using JavaScript arrays that are passed as a value.  

Sample event

The following example shows a sample Service Down event, which is received by BMC Helix Intelligent Automation when a Windows service is down. 

Service Down Event
{
"al_agent_os" : "Windows Server 2016 Standard" ,
"al_agent_port" : "3181" ,
"al_alarm_id" : "8bc82a7" ,
"al_avg_value" : "" ,
"al_baseline_daily_high" : "" ,
"al_baseline_daily_low" : "" ,
"al_baseline_hourly_high" : "" ,
"al_baseline_hourly_low" : "" ,
"al_baseline_type" : "" ,
"al_baseline_weekly_high" : "" ,
"al_baseline_weekly_low" : "" ,
"al_device_ipaddress" : "2.81.98.x" ,
"al_end_time" : "4294967295" ,
"al_event_score" : "" ,
"al_extremeness" : "0" ,
"al_highest_severity" : "CRITICAL" ,
"al_is_predicted" : "FALSE" ,
"al_last_time" : "" ,
"al_old_severity" : "UNKNOWN" ,
"al_parameter_name" : "ServiceStatus" ,
"al_parameter_threshold" : "0.0" ,
"al_parameter_unit" : "#" ,
"al_parameter_value" : "3.0" ,
"al_predict_to_occur_time" : "" ,
"al_prediction_severity" : "UNKNOWN" ,
"al_pts_exceeded" : "" ,
"al_pts_total" : "" ,
"al_thresh_above" : "TRUE" ,
"al_thresh_duration" : "0" ,
"al_thresh_id" : "NT_SERVICES:ServiceStatus:CRITICAL:bmc:ALL" ,
"al_thresh_type" : "USERDEFINED" ,
"alias" : "['BMC_ComputerSystem']" ,
"category" : "" ,
"cdmclass" : "NT6.2" ,
"componentalias" : "" ,
"creation_time" : "1591626421" ,
"cross_launch_uri" : "" ,
"details" : "" ,
"eis_consumed" : "1591627463" ,
"eis_ingest" : "1591627463" ,
"eps_consumed" : "1591627463" ,
"eps_persist" : "1591627463" ,
"incident_category" : "" ,
"incident_company" : "" ,
"incident_id" : "" ,
"incident_item" : "" ,
"incident_operational_category1" : "" ,
"incident_operational_category2" : "" ,
"incident_operational_category3" : "" ,
"incident_type" : "" ,
"instancename" : "SERVICES_BAO-REPO" ,
"location" : "" ,
"modelname" : "NT_SERVICES" ,
"msg" : "ServiceStatus for NT_SERVICES/SERVICES_BAO-REPO is in ALARM current value is 3.000000" ,
"object" : "SERVICES_BAO-REPO" ,
"object_class" : "NT_SERVICES" ,
"object_id" : "SERVICES_BAO-REPO" ,
"priority" : "PRIORITY_5" ,
"severity" : "CRITICAL" ,
"source_address" : "<IPAddress>" ,
"source_hostname" : "<hostName>" ,
"source_identifier" : "8b494b57-ffdd-4913-8709-049303bb82a7" ,
"source_port" : "" ,
"status" : "OPEN" ,
"sub_category" : "OTHER" ,
"tag" : "[]" ,
"user_assigned" : ""
}

The Service Down event matches with the Remediate Windows Service Down policy. This policy contains a single action that when executed, starts the service that is down.

Trigger conditions

You define trigger conditions in a policy. If an incoming event matches the trigger conditions, the policy executes the actions as defined in the policy. While specifying a trigger condition, consider the following points: 

  • A policy gets triggered only if the event exactly matches the trigger condition.
    For example, if the value for a parameter in the condition is defined as a number and the event contains the value in a string format, the policy does not match and hence, does not run.  
  • You can define numbers (up to 16 digits only), a string with special characters, null values, and boolean values along with the string data types. 
  • Escape characters such as \r or \n are unsupported. 

For more information about how to define trigger conditions, see Trigger condition expression

Where to go from here

To view automation requests that are received from event management applications, see Viewing-automation-requests. To create a new policy, see Creating-automation-policies

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*