Limited supportBMC provides limited support for this version of the product. As a result, BMC no longer accepts comments in this space. If you encounter problems with the product version or the space, contact BMC Support.BMC recommends upgrading to the latest version of the product. To see documentation for that version, see BMC AMI Command Center for Security 6.2.

OpenTicket.exe command-line executable

You can use the OpenTicket.exe program to open a ticket through a script or command-line prompt. The program is located in the installationDirectory/system directory of the BMC Defender Server.Replace installationDirectory with the directory in which you installed the product. The default directory is C:\Program Files\BMC Software\BMC Defender.

The OpenTicket.exe program is used by the TICKET.bat correlation action. Execute the script in the system directory to located the ../ticket directory.

Example

To open a ticket at a command prompt, change working directories to the system directory and run the following command:

OpenTicket.exe admin "This is the ticket text" 4

This command creates a new ticket in the Tickets tab. The ticket is assigned to admin and has a severity of Warning (4)

The OpenTicket.exe program uses the following arguments:

  • Assigned user
  • Ticket content
  • Ticket severity (from 0=emergency to 7=debug)

You can execute the OpenTicket.exe program with no arguments to receive brief help.

If the OpenTicket.exe program is executed as a correlation action program, such as using the TICKET.bat action program, the related message is added to the ticket. If the program is executed at a command prompt, without benefit of the BMC Defender Server environment, a related message is not associated with the ticket.

When you open tickets through the Correlation > Actions facility, the associated message exists. The administrator can configure Alert Variables, such as $T_RELATED_MESSAGE as well as the $T_PARSE() variable as part of the ticket text, which is especially useful for correlating the message further. One application of this feature is to add data enrichment using the $T_PARSE function with the $maplist() parse function, such as the following ticket text:

$T_PARSE ( $maplist ( $1, @@mylist@@ ) ) - Ticket opened.

Finally, because it is possible for an errant script to flood the system with tickets, the OpenTicket.exe program uses a throttle value that limits the number of executions per minute. The throttle value is on the Tickets > Config > Parms page and, by default, has a maximum value of 20 executions per minute.

Related topic

BMC-Defender-Server-tickets


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*