Action program configuration

At the beginning of this section, Actions were identified as the principle output of the system. The Correlation > Actions screen permits you to create various actions, including the execution of predefined actions and customized actions. Execution of actions can be one of the central uses of the BMC Defender Server. The precise type of action taken by BMC Defender Server depends upon the integration strategy and objectives of the organization.

Action programs monitor the input stream of messages, in a similar way identical to threads. When a message occurs, possibly qualified as a complex match expression along with other factors, the action program immediately executes. The specific arguments to the action program pass to the program as either environmental variables to a batch file or as command-line arguments. These arguments include the message content, device address, facility, severity, and other useful parameters.

The message that triggers the action can come directly from a device or can come from a configured BMC Defender Server Alert, or any combination of these including triggers.

The actions facility constitutes one of the most extensible features of the system and opens the door to certain creative applications. 

Each time an action program executes, it maintains a log of its execution. The output of this log is available by clicking the View Debug Log File, that shows a list of the most recent execution errors. This provides a simple way of testing the validity of any action program.