Moogsoft Docs

CEvents API

Moogsoft AIOps uses the CEvents API to pass data to LAMbot functions.

The methods are as follows:


contains

contains()

Check to see whether the payload of the CEvent contains the given key.

Request Arguments

Name

Type

Description

nm

String

The name of a potential key in the payload.

Return Parameter

Type

Description

boolean

Returns true if the provided key was found in the payload, or false if it was not.

evaluateFilter

evaluateFilter()

Allow an event/alert/Situation to be easily evaluated against a filter.

Request Arguments

Name Type Description
Filter String A JSON or SQL-like filter for events, alerts or Situations.

Return Parameter

Type Description
Boolean

Whether the filter matches the event, alert or Situation.

Returns true if the filter matches the event, alert or Situation.

Returns false if the filter has a correct syntax but doesn't match the event, alert or Situation.

Returns null if the filter syntax is incorrect.

Example

var is_matching = situation.evaluateFilter("description LIKE 'Created Situation'");
forward(moobot)

forward(moobot)

This will forward the CEvent down the chain configured in the moog_farmd.conf (using process_output_of configuration), usual way of calling this is CEvent.forward(this) where this is the Moobot that's processing the CEvent object.

Request Arguments

Name Type Description
moobot NativeObject The instance of the Moobot which is handling the CEvent object.

Return Parameter

None.

forward(target)

forward(target,...)

Takes any number of target moolets names as strings and forwards the CEvent to each of them. For example CEvent.forward("moolet1") or CEvent.forward("moolet1", "moolet2").

Request Arguments

Name Type Description
targets Stringvarargs Any number of String Moolet names which the CEvent is going to be forwarded to.

Return Parameter

None.

getActionDetails

get Action Details()

A utility helper method provided to retrieve the entire alert or Situation contained in the payload of a CEvent.

Request Arguments

None

Return Parameter

Type

Description

JS NativeObject

The whole of the alert or Situation contained in the payload of the CEvent, as a NativeObject ready for use in the Javascript for a Moobot.

getCorrelationInfo

getCorrelationInfo()

Returns the correlation info for a Situation, which lists all of the services which are interested in this Situation.

Request Arguments

Name

Type

Description

replacementValue
String/integer/boolean/object/map The string or string/integer/boolean/object/map value to replace the value stored in the custom_info field.

Return Parameter

Type

Description

JS NativeObject

An object which contains the sig_id, service_name, external_id and properties for all the correlation info for the sig. sig_correlation_info is a one to many relationship of sigs to services.

getCustomInfo

getCustomInfo()

A helper method provided to retrieve the whole custom info object for an alert or Situation.

Request Arguments

None

Return Parameter

Type

Description

JS NativeObject

The whole custom info map for an alert or Situation as a NativeObject ready for use in the Javascript for a Moobot.

getPreviousData

getPreviousData()

Fetches the previous attribute data for a modified alert or Situation.

Request Arguments

None.

Return Parameter

Type Description
JS NativeObject The attribute data that existed immediately prior to the alert or Situation change. The timestamp last_state_change indicates when the change was made .

Ex amples

After de-assigning a Situation, the previous moderator_id and status are displayed.

{moderator_id=2, last_state_change=1537794561, status=1}

After resolving a Situation, the previous status 4 (acknowledged) is displayed.

{last_state_change=1537867302, status=4}
getSummaryData

getSummaryData()

Fetches a summary of information about a system, such as the number of alerts or the service count bundled up as key/value pairs.

Request Arguments

Name

Type

Description

replacementValue
String/integer/boolean/object/map The string or string/integer/boolean/object/map value to replace the value stored in the custom_info field.

Return Parameter

Type

Description

JS NativeObject

The summary of information about a system:
summary.alert_count - number
summary.service_count - number
summary.sig_summaries - map (contains "categories" and "queues")
summary.sig_summaries.categories - (array of objects)
summary.sig_summaries.queues - (array of objects)
categories and queues contain the following:
sig_total - number, alert_total - number, name - string
summary.sigs_down - number
summary.sigs_up - number
summary.total_events - number
summary.total_sigs - number

getTopic

getTopic()

Returns the topic that the data was received on, for example "alerts" or "Situations".

Request Arguments

None

Return Parameter

Type

Description

String

The name of the topic that the data came from or relates to, e.g. "Situations" or "alerts".

payload

payload()

Retrieves the whole data payload that was sent in the CEvent object. In most cases the data contained in the payload is going to represent either a Situation or an alert, and as such will have key/value pairs which match the data columns for each.

Request Arguments

None.

Return Parameter

Type

Description

CMooMsg

Enum value specifying the type of data that the Event contains and/or which topic the data was received on from the bus.

Example

Example CEvent payload request:

logger.warning(cevent.payload().getData());

Example CEvent payload response:

{active=true, competencies=[], contact_num=, department=null, description=Online, email=, fullname=cyber, groupname=End-User, invitations=[], joined=1516963803, only_ldap=0, photo=-1, primary_group=1, profile_image=null, realms=[DB], roles=[1, 3, 4, 5], session_expiry=null, status=1, teams=[], timezone=SYSTEM, uid=6, username=cyber}
set

set()

Used to insert or update a value in the payload of the CEvent.

Request Arguments

Name Type Description
nm String The key to insert or change a value at.
val Object The new value to store against the key.

Return Parameter

Type Description
Boolean Whether or not the value was successfully changed.
setCustomInfo

setCustomInfo()

Set or update the whole custom info object for an alert or Situation.

Request Arguments

Name Type Description
customInfo Js NativeObject The whole custom info object to set for an alert or Situation.

Return Parameter

None.

setCustomInfoValue

setCustomInfoValue()

Updates the custom information in the database for the specified Situation or alert.

Request Arguments

Name Type Description
field String The dot-formatted field within the custom_info of the reference alert or Situation to update.
replacementValue String/integer/boolean/object/map The string or string/integer/boolean/object/map value to replace the value stored in the custom_info field.

Return Parameter

Type Description
Boolean Indicates if the operation was successful: true = success, false = fail


setTopic

setTopic()

Set or update the topic value in the payload of the CEvent object.

Request Arguments

Name

Type

Description

topic

String

The name of a topic to set or update in the payload data.

Return Parameter

None

stringValue

stringValue()

Fetch a value from inside the payload which matches the provided key as a string value.

Request Arguments

Name

Type

Description

name

String

The key for a value stored in the payload which will be used to fetch the data.

Return Parameter

Type

Description

String

The value from the payload that was stored alongside the key (or null if no value was found to for the provided key) which has been converted to string format.

type

type()

Retrieves the type stored on the CEvent, this value indicates type of information in the payload and/or which topic the data came from.

Request Arguments

None.

Return Parameter

Type Description
EBotEvent Enum value specifying the type of data that the Event contains and/or which topic the data was received on from the bus.


value

value()

Fetch a value from inside the payload which matches the provided key.

Request Arguments

Name Type Description
nm String The key for a value stored in the payload which will be used to fetch the data.

Return Parameter

Type Description
Object The value from the payload that was stored alongside the key (or null if no value was found to for the provided key) as an Object.



Common fields for both Situations and alerts in the payload are:

  • custom_info
  • description
  • first_event_time
  • last_event_time
  • last_state_change