Event functions

Event functions are also known as void functions and do not return a value.

DropNewEvent

This function drops incoming events as they occur. After execution, the dropped events are not saved and are not available on the UI.

Important

You cannot add actions after this function in the policy workflow.

GenerateNewEvent

This function generates events for a specific event class. The following table lists the parameters and slots for the selected class that are displayed as inputs for the function. After execution, the generated event is displayed on the Events page.

Important

If you use an Enrich action after this function in the policy workflow, the enrichment applies to incoming events and not the generated event.
Manually specify variables (wherever applicable) for function inputs; for example, $dbname, $tablespace.
When the policy is applied, the variable names are replaced with the variable values that you have configured in the policy workflow.
This function does not apply to an event if that event itself is generated from the GenerateNewEvent function.

Input

	Input	Type	Description
1	Event Class	ENUM	Out-of-the-box or custom class for which you want to generate the event. Default: Event Note: The Anomaly event class is not supported.
2	Event Severity	ENUM	Severity for the generated event. Default: Minor
3	Event Priority	ENUM	Priority for the generated event. Default: Moderate
4	Source Hostname	String	Host name of the event provider. We recommend a character limit of 256 characters.
5	Message	String	Message that you want to include in the generated event. Use the % character to include slot placeholders. When the policy is applied, the placeholders are replaced with values from the incoming event. We recommend a character limit of 1024 characters.
6	Source Identifier	String	Unique event source identifier which can be used for associating the event with the Entity/CI. We recommend a character limit of 256 characters.
7	Mandatory and dedup slots	String, Integer, List of string, ENUM	Mandatory and dedup slots for the selected class. Dedup slots may or may not be mandatory. If you do not mention a value in dedup slots, a blank value is considered for enrichment. For more information on mandatory and dedup slots, see Slot-facets. For example: If you select the Alarm class, Alarm ID is displayed as a dedup slot which is a mandatory slot. If you haven’t set a default value for a slot in the event class definition, the function considers the slot value that you enter. The date and List of integer data types are not supported for slots.
8	Non-mandatory slots	String, Integer, List of string, ENUM	Choose additional slots to add in the generated event for the selected class by using the option. This option does not list the read-only or internal slots. If you haven’t set a default value for a slot in the event class definition, the function considers the slot value that you enter. If you have set a default value for a slot in the event class definition, but you haven’t added the slot in the function. In this case, the default value for the slot is considered the slot value. Use the delete icon to delete the added slot. Once you add and save a slot from the list, the slot is disabled for selection. To enable the slot, delete and add it again. The date and List of integer data types are not supported for slots.

To understand a use case for this function, see Example-Generate-events-to-check-application-availability.

Important

You can add or modify a note in existing events. In the Update old events flow on the policy workflow, use the following functions after the Lookup action:

AddOperationNote
AddNote
SetNote

AddOperationNote

This function adds a note in an incoming or existing event when an event is assigned, acknowledged, unacknowledged, closed, owned, declined, or prioritized. A note is a list of strings that contains information such as the timestamp, owner, and note content. The following table lists the parameters that are displayed as inputs for the function. After execution, the note is displayed on the Event Details page.

Important

We recommend that you use this function after enriching the event status by using an Enrich action. If you enrich the event status to ASSIGN_TO, ensure that you assign an owner for the event by using an Enrich action.

Input

	Input	Type	Description
1	Operation name	ENUM	Indicates the following event operations: Assign Acknowledge Unacknowledge Take ownership Decline ownership Set priority Close
2	Note	String	Inserts a note that you want to include in the event. We recommend a character limit of 256 characters. Important If you want to specify a comma in the note content, use the backslash (\) character before the comma. You can specify the following value for this input: Slot placeholders For example, %msg%, %severity%. When the policy is applied, the slot names in the existing or incoming events are replaced with appropriate slot values (not slot display values) from the incoming event. Variables For example, $dbname, $tablespace. When the policy is applied, the variable names are replaced with the variable values that you have configured in the policy workflow.

To understand a use case for this function, see Example-Add-operation-note-for-event-assignment.

AddNote

This function adds a note in an incoming or existing event. The following table lists the parameters that are displayed as inputs for the function. The owner of the note is set to the event policy name. After execution, the note is displayed on the Event Details page.

Input

	Input	Type	Description
1	Note	String	Inserts a note that you want to include in the event. We recommend a character limit of 256 characters. Important If you want to specify a comma in the note content, use the backslash (\) character before the comma. You can specify the following values for this input: Slot placeholders For example, %msg%, %severity%. When the policy is applied, the slot names in the existing or incoming events are replaced with appropriate slot values (not slot display values) from the incoming event. Variables For example, $dbname, $tablespace. When the policy is applied, the variable names are replaced with the variable values that you have configured in the policy workflow. You cannot specify global variables directly. Instead, store them as local variables by using the Variable action and access the stored global variables through local variables. Existing or incoming event slot variables For example, $NEW.location or $OLD.msg. The variables are replaced with event slot values from the existing or incoming event.

To understand a use case for this function, see Example-Add-notes-to-incoming-events-to-indicate-event-generation.

SetNote

This function modifies the note content for a specific note from a list of notes in an incoming or existing event. After execution, the modified note is displayed on the Event Details page.

Important

You can modify only the text of the note but not the author and timestamp of the note.

Input

	Input	Type	Description
1	Position	Integer	The sequence number of the note that you want to modify. Notes are numbered, starting from 1 for the oldest note. To modify the most recent note, specify the position as 0. If you specify an incorrect position, an exception message is displayed in the _errors slot for the event.
2	Note	String	The new text of the note that you want to set in the existing note of the event. We recommend a character limit of 256 characters. Important If you want to specify a comma in the note content, use the backslash (\) character before the comma. You can specify the following values for this input: Slot placeholders For example, %msg%, %severity%. When the policy is applied, the slot names in the existing or incoming events are replaced with appropriate slot values (not the slot display values) from the incoming event. Variables For example, $dbname, $tablespace. When the policy is applied, the variable names are replaced with the variable values that you have configured in the policy workflow.

To understand a use case for this function, see Example-Retrieve-and-modify-notes-in-incoming-events.

LookupNodeDetails

This function fetches node details, such as node IP address, source, location, and so on, from BMC Discovery according to the Node ID (_node_id)slot and the topology lookup slots for an event class present in the incoming event. The fetched node details can further be used to enrich events. This function returns String or List of String node attribute values.

Important

This function can be used only once and we recommend using it at the start of the policy workflow.
If the _node_id value is empty for an event, the event enrichment is skipped and the _errors slot in the event is populated with the reason for failure.

Input

	Input	Type	Description
1	Node Attributes to fetch	List	Comma-separated list of node attributes that you want to fetch from BMC Discovery. To refer to node attributes in BMC Discovery, run the GET/data/nodes/{node_id} endpoint by using the _node_id value present in an existing event. For more information, see Endpoints in the REST API. The state attribute returned in the API response contains the node attribute details that you could specify for this input. Example API response { "destroyed": false, "kind": "Host", "modified": "2022-02-09T07:41:09.342211+00:00", "state": { "__all_dns_names": [ "hostA.bmc.com" ], "__all_ip_addrs": [ "<IP_address>", "fe80::250:56ff:feab:648a" ], "__all_mac_addrs": [ "<Mac_address>" ], "__package_checksum": "m93tWP6dsxzyrPgqDgmWig==", "__patch_checksum": "11FxOYiYfpMxmANj4kGJzg==", "_tw_meta_data_attrs": [ "cpe_string", "cpe_string_23", "cpe_id" ], "access_failure_count": 0, "age_count": 3, "cdm_virtual_system_type": 4, "cores_per_processor": 1, "cpe_id": "", "cpe_string": "cpe:/o:novell:suse_linux:11", "cpe_string_23": "cpe:2.3:o:novell:suse_linux:11:::::::", "cpu_resource_type": "VIRTUAL", "cpu_threading_enabled": false, "dns_domain": "bmc.com", "host_type": "UNIX Server", "hostname": "hostA", "kernel": "2.6.32.59-0.19.1.14514.1.PTF-default", "key": "hCNMEDtfRcF7pUWzPxX8vw==", "last_access_response": "Successful access", "last_update_failure": null, "last_update_success": "2021-01-18T17:47:20.377012+00:00", "local_fqdn": "hostA.bmc.com", "logical_ram": 15956, "model": "VMware Virtual Platform", "name": "aio-hostA", "new_endpoint_identity_count": 0, "no_response_count": 0, "num_cores": 2, "num_logical_processors": 2, "num_processors": 2, "nvd_url_part": "cpe%3A%2Fo%3Anovell%3Asuse_linux%3A11", "os": "SUSE Linux Enterprise Server 11 (x86_64) VERSION = 11 PATCHLEVEL = 1", "os_arch": "x86_64", "os_class": "UNIX", "os_type": "SuSE Linux", "os_vendor": "Novell", "os_version": "11", "package_count": 857, "patch_count": 0, "processor_speed": 2199, "processor_type": "Intel(R) Xeon(R) CPU E5-2660 0 @ 2.20GHz", "processor_vendor": "Intel Corporation", "service_pack": 1, "threads_per_core": 1, "type": "UNIX Server", "vendor": "VMware, Inc.", "virtual": true, "vm_class": "VMware" } } The attributes can be specified by using standard JSON path conventions. For example, the following attribute list can be used to retrieve node attributes: ["kernel", "os", "model", "kind", "__all_ip_addrs[0]"] After the attributes are fetched, you can use these attributes as local variables in the function input by using the $NODE prefix to further enrich events. For example, $NODE. kernel and $NODE.os. Important* Make sure that you provide the node attribute name as present in BMC Discovery. If you provide an attribute name for which there is no value present in BMC Discovery, the variable name is set as the variable value in the enriched event. For example, assuming that the kernel value is not present in BMC Discovery, the detailed message slot is set to $NODE. kernel in the enriched event instead of the actual value and the _errors slot in the event is populated with the reason for failure.

To understand a use case for this function, see Example-Enrich-events-with-node-details.

Event functions

DropNewEvent

GenerateNewEvent

Input

AddOperationNote

Input

AddNote

Input

SetNote

Input

LookupNodeDetails

Input

On this page