OpenTicket.exe command-line executable

If you need to open a ticket through a script or at a command-line prompt, the OpenTicket.exe program can be used. This program resides in the system directory of the BMC Defender Server distribution and is used by the TICKET.bat correlation action. The script must be executed in the system directory (in order to locate the ../ticket folder). Otherwise, there are no special requirements to execute this program.

Example

To open a ticket at a command prompt, change working directories to the  system directory, and execute the following command:

OpenTicket.exe admin -This is the ticket text 4.

The previous command causes a new ticket, assigned to admin with a severity of a warning (4), to be created in the Tickets tab. The first argument to the OpenTicket.exe program is the assigned user, the second argument is the ticket content, and the third argument is the severity of the ticket ranging from 0=emergency to 7=debug.

The operator can execute the OpenTicket.exe program with no arguments to receive brief help.

If the OpenTicket.exe program is executed as a correlation action program (such as using the TICKET.bat action program discussed in the previous section) the related message is added to the ticket. If the program is executed at a command prompt (without benefit of the BMC Defender Server environment) no related message are associated with the ticket.

When opening tickets through  the Correlation > Actions facility, the associated message exists. The administrator can configure Alert Variables, such as $T_RELATED_MESSAGE as well as the $T_PARSE() variable as part of the ticket text, especially useful for correlating the message further. One application of this feature is to add Data Enrichment using the $T_PARSE function with the $maplist() parse function, such as the following ticket text:

$T_PARSE ( $maplist ( $1, @@mylist@@ ) ) - Ticket opened.

Finally, because it is possible for an errant script to flood the system with tickets, the OpenTicket.exe program makes use of a throttle value, that limits the number of executions per minute. This throttle value is found on the Tickets > Config > Parms screen and by default has a value of max 20 executions per minute.

Related topic

BMC-Defender-Server-tickets


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*