Moogsoft Docs

CEvents API

Methods

type

type()

Retrieves the type stored on the CEvent, this value indicates type of information in the payload and/or which topic the data came from.

Request Arguments

Name

Type

Description

N/A

N/A

N/A

Return Parameter

Type

Description

EBotEvent

Enum value specifying the type of data that the Event contains and/or which topic the data was received on from the bus

value

value()

Fetch a value from inside the payload which matches the provided key.

Request Arguments

Name

Type

Description

nm

String

The key for a value stored in the payload which will be used to fetch the data.

Return Parameter

Type

Description

Object

The value from the payload that was stored alongside the key (or null if no value was found to for the provided key) as an Object.

payload

payload()

Retrieves the whole data payload that was sent in the CEvent object. In most cases the data contained in the payload is going to represent either a Situation or an Alert, and as such will have key/value pairs which match the data columns for each.

Request Arguments

Name

Type

Description

N/A

N/A

N/A

Return Parameter

Type

Description

CMooMsg

Enum value specifying the type of data that the Event contains and/or which topic the data was received on from the bus.

Example

Example CEvent payload request:

logger.warning(cevent.payload().getData());

Example CEvent payload response:

{active=true, competencies=[], contact_num=, department=null, description=Online, email=, fullname=cyber, groupname=End-User, invitations=[], joined=1516963803, only_ldap=0, photo=-1, primary_group=1, profile_image=null, realms=[DB], roles=[1, 3, 4, 5], session_expiry=null, status=1, teams=[], timezone=SYSTEM, uid=6, username=cyber}
evaluateFilter

evaluateFilter()

Allow an event/alert/situation to be easily evaluated against a filter.

Request Arguments

Name

Type

Description

filter

String

a JSON or SQL LIKE filter for events, alerts or situations.

Return Parameter

Type

Description

Boolean

Whether the filter matches the event/alert/situation or not.

Return true if the filter matches event/alert/situation.

Return false if the filter has a correct syntax but doesn't match the event/alert/situation.

Return null if the filter has an incorrect syntax.


Example

var is_matching = situation.evaluateFilter("description LIKE 'Created Situation'");



stringValue

stringValue()

Fetch a value from inside the payload which matches the provided key as a string value.

Request Arguments

Name

Type

Description

name

String

The Key for a value stored in the payload which will be used to fetch the data.

Return Parameter

Type

Description

String

The value from the payload that was stored alongside the key (or null if no value was found to for the provided key) which has been converted to string format.

contains

contains()

Check to see whether the payload of the CEvent contains the given key.

Request Arguments

Name

Type

Description

nm

String

The name of a potential key in the payload that we will check for the presence of.

Return Parameter

Type

Description

boolean

Returns TRUE if the provided key was found in the payload, or FALSE if it was not.

set

set ()

Used to insert or update a value in the payload of the CEvent

Request Arguments

Name

Type

Description

nm

String

The key to insert or change a value at.

val
Object The new value to store against the key.

Return Parameter

Type

Description

boolean

Whether or not we successfully wrote the new value against the key.

getActionDetails

get Action Details()

A utility helper method provided to easily retrieve the whole Alert or Situation contained in the payload of a CEvent.

Request Arguments

Name

Type

Description

N/A

N/A

N/A

Return Parameter

Type

Description

JS NativeObject

The whole of the Alert or Situation contained in the payload of the CEvent, in a format ready to use from the Javascript Moobots.

getCustomInfo

getCustomInfo()

A helper method provided to retrieve the whole custom info object for an Alert or Situation.

Request Arguments

Name

Type

Description

N/A

N/A

N/A

Return Parameter

Type

Description

JS NativeObject

The whole custom info map for an Alert or Situation as a NativeObject ready for use in the javascript for a Moobot.

setCustomInfo

setCustomInfo()

Set or update the whole custom info object for an alert or Situation.

Request Arguments

Name

Type

Description

customInfo

Js NativeObject

The whole custom info object to set for an alert or Situation.

Return Parameter

Type

Description

N/A

N/A

setCustomInfoValue

setCustomInfoValue()

Updates the custom information in the database for the specified Situation or alert.

Request Arguments

Name

Type

Description

field

String

The dot-formatted field within the custom_info of the reference alert or Situation to update.

replacementValue
String/integer/boolean/object/map The string or string/integer/boolean/object/map value to replace the value stored in the custom_info field.

Return Parameter

Type

Description

Boolean

Indicates if the operation was successful: true = success, false = fail

Boolean Indicates if the operation was successful: true = success, false = fail
getCorrelationInfo

getCorrelationInfo()

Returns the correlation info for a Situation, which lists all of the services which are interested in this Situation.

Request Arguments

Name

Type

Description

N/A

N/A

N/A

replacementValue
String/integer/boolean/object/map The string or string/integer/boolean/object/map value to replace the value stored in the custom_info field.

Return Parameter

Type

Description

JS NativeObject

An object which contains the sig_id, service_name, external_id and properties for all the correlation info for the sig. sig_correlation_info is a one to many relationship of sigs to services.

getSummaryData

getSummaryData()

Fetches a summary of information about a system, such as the number of alerts or the service count bundled up as key/value pairs.

Request Arguments

Name

Type

Description

N/A

N/A

N/A

replacementValue
String/integer/boolean/object/map The string or string/integer/boolean/object/map value to replace the value stored in the custom_info field.

Return Parameter

Type

Description

JS NativeObject

The summary of information about a system:
summary.alert_count - number
summary.service_count - number
summary.sig_summaries - map (contains "categories" and "queues")
summary.sig_summaries.categories - (array of objects)
summary.sig_summaries.queues - (array of objects)
categories and queues contain the following:
sig_total - number, alert_total - number, name - string
summary.sigs_down - number
summary.sigs_up - number
summary.total_events - number
summary.total_sigs - number

getTopic

getTopic()

Returns the topic that the data was received on, for example "alerts" or "Situations".

Request Arguments

Name

Type

Description

N/A

N/A

N/A

Return Parameter

Type

Description

String

The name of the topic that the data came from or relates to, e.g. "Situations" or "alerts".

setTopic

setTopic()

Set or update the topic value in the payload of the CEvent object.

Request Arguments

Name

Type

Description

topic

String

The name of a topic to set or update in the payload data.

Return Parameter

Type

Description

N/A

N/A

forward(moobot)

forward(moobot)

This will forward the CEvent down the chain configured in the moog_farmd.conf (using process_output_of configuration), usual way of calling this is CEvent.forward(this) where this is the Moobot that's processing the CEvent object.

Request Arguments

Name

Type

Description

moobot

NativeObject

The instance of the Moobot which is handling the CEvent object.

Return Parameter

Type

Description

N/A

N/A

forward(target,...)

forward(target,...)

This will take any number of target moolets names as strings and will forward the CEvent to each of them, eg CEvent.forward("moolet1") or CEvent.forward("moolet1", "moolet2").

Request Arguments

Name

Type

Description

targets

String Varargs

Any number of String Moolet names which the CEvent is going to be forwarded to.

Return Parameter

Type

Description

N/A

N/A

Common fields for both Situations and Alerts in the payload:

·         custom_info

·         description

·         first_event_time

·         last_event_time

·         last_state_change