Sending tickets via HelixITSM.bat
You can track correlation threads that trigger an emergency alert with tickets in BMC Helix ITSM.
To raise an automated ticket alert in BMC Helix ITSM, administrators can customize the HelixITSM.bat file in the installationDirectory/t-actions folder.
Replace the following placeholders in the HelixITSM.bat file:
- <BASEURL>—BMC Helix Portal URL that supports REST API endpoints for your installed BMC Helix ITSM Server (AR Server)
- <USER>—BMC Helix ITSM server user with permission to create incidents on the BMC Helix ITSM Server
- <PASSWORD>—Password for the BMC Helix ITSM server user
- <FIRSTNAME>—First name for the Customer field of the created incident, as defined in the BMC Helix ITSM server
- <LASTNAME>— Last name for the Customer field of the created incident, as defined in the BMC Helix ITSM server
The HelixITSM.bat file has the following default values:
- Description (displayed as Summary in the user interface) is fetched from the Alert Message / Ticket Text field (Alerts > Counters tab).
Urgency is prioritized from the Alert/Ticket Severity (Messages > Catalogs > Severities) as follows:
BMC Helix ITSM Urgency value
BMC AMI Command Center for Security Severity value
4-Low
debug and info
3-Medium
notice and warning
2-High
error and critical
1-Critical
alert and emergency
- Impact is set as 3-Moderate/Limited.
- Reported Source is set as Other.
Service_Type (displayed as Incident Type in the user interface) is set as Security Incident.
You can customize the default values in the HelixITSM.bat file:@echo OFF
REM: # Helix ITSM Incident Creation Program.
REM: Used variables
set baseurl="<BASEURL>"
set user="<USER>"
set pwd="<PASSWORD>"
set firstname="<FIRSTNAME>"
set lastname="<LASTNAME>"
REM: Incident Urgency
set tsev=%T_SEVERITY%
set tmsg=%T_MESSAGE%
REM: Decide urgency as per severity of the ticket
if "%tsev%"=="debug" set turgency="4-Low"
if "%tsev%"=="info" set turgency="4-Low"
if "%tsev%"=="notice" set turgency="3-Medium"
if "%tsev%"=="warning" set turgency="3-Medium"
if "%tsev%"=="error" set turgency="2-High"
if "%tsev%"=="critical" set turgency="2-High"
if "%tsev%"=="alert" set turgency="1-Critical"
if "%tsev%"=="emergency" set turgency="1-Critical"
REM: Check whether curl is available
where curl
if not errorlevel 0 (
echo curl not available!
exit 1
)
for /F %%I in ('curl.exe -s -X POST %baseurl%/api/jwt/login -H "Content-type: application/x-www-form-urlencoded" -d "username=%user%&password=%pwd%"') do set authtoken=%%I
REM: Call Complete
REM: echo %authtoken%
REM: Incident Creation using HPD:IncidentInterface_Create Interface
curl -s -X POST %baseurl%/api/arsys/v1/entry/HPD:IncidentInterface_Create/ ^
-H "Content-type:application/json" ^
-H "Authorization:%authtoken%" ^
-d "{\"values\": {\"First_Name\": \"%firstname%\",\"Last_Name\": \"%lastname%\",\"Description\": \"%tmsg%\",\"Impact\": \"3-Moderate/Limited\",\"Urgency\": \"%turgency%\",\"Status\": \"New\",\"Reported Source\": \"Other\",\"Service_Type\": \"Security Incident\" }}"
REM: Expire the used auth token
curl -s -X POST %baseurl%/api/jwt/logout -H "Authorization:%authtoken%"
echo Execution complete.
exit 0