CEvents API
Moogsoft AIOps uses the CEvents API to pass data to LAMbot functions.
This API uses the following methods.
contains
Check to see whether the payload of the CEvent contains the given key.
Request Arguments
Name | Type | Description |
|---|---|---|
nm | String | The name of a potential key in the payload. |
Return Parameter
Type | Description |
|---|---|
boolean | Returns true if the provided key was found in the payload, or false if it was not. |
evaluateFilter
Allow an event/alert/Situation to be easily evaluated against a filter.
Request Arguments
Name | Type | Description |
|---|---|---|
Filter | String | A JSON or SQL-like filter for events, alerts or Situations. |
Return Parameter
Type | Description |
|---|---|
Boolean | Whether the filter matches the event, alert or Situation. Returns true if the filter matches the event, alert or Situation. Returns false if the filter has a correct syntax but doesn't match the event, alert or Situation. Returns null if the filter syntax is incorrect. |
Example
var is_matching = situation.evaluateFilter("description LIKE 'Created Situation'");forward(moobot)
Forwards the CEvent down the chain configured in the moog_farmd.conf (using process_output_of configuration), usual way of calling this is CEvent.forward(this) where this is the Moobot that's processing the CEvent object.
Request Arguments
Name | Type | Description |
|---|---|---|
| NativeObject | The instance of the Moobot which is handling the CEvent object. |
Return Parameter
None.
forward(target,....)
Takes any number of target moolets names as strings and forwards the CEvent to each of them. For example CEvent.forward("moolet1") or CEvent.forward("moolet1", "moolet2").
Request Arguments
Name | Type | Description |
|---|---|---|
| Stringvarargs | Any number of String Moolet names which the CEvent is going to be forwarded to. |
Return Parameter
None.
getActionDetails
A utility helper method provided to retrieve the entire alert or Situation contained in the payload of a CEvent.
Request Arguments
None
Return Parameter
Type | Description |
|---|---|
JS NativeObject | The whole of the alert or Situation contained in the payload of the CEvent, as a NativeObject ready for use in the Javascript for a Moobot. |
getCorrelationInfo
Returns the correlation info for a Situation, which lists all of the services which are interested in this Situation.
Request Arguments
Name | Type | Description |
|---|---|---|
replacementValue | String/integer/boolean/object/map | The string or string/integer/boolean/object/map value to replace the value stored in the custom_info field. |
Return Parameter
Type | Description |
|---|---|
JS NativeObject | An object which contains the sig_id, service_name, external_id and properties for all the correlation info for the sig. sig_correlation_info is a one to many relationship of sigs to services. |
getCustomInfo
A helper method provided to retrieve the whole custom info object for an alert or Situation.
Request Arguments
None
Return Parameter
Type | Description |
|---|---|
JS NativeObject | The whole custom info map for an alert or Situation as a NativeObject ready for use in the Javascript for a Moobot. |
Bot.getType
Return the Moolet type
Request Arguments
None.
Return Parameter
Type | Description |
|---|---|
Enumerated type | Can be one of the following: |
Examples
After de-assigning a Situation, the previous moderator_id and status are displayed.
{moderator_id=2, last_state_change=1537794561, status=1}After resolving a Situation, the previous status 4 (acknowledged) is displayed.
{last_state_change=1537867302, status=4}getSummaryData
Fetches a summary of information about a system, such as the number of alerts or the service count bundled up as key/value pairs.
Request Arguments
Name | Type | Description |
|---|---|---|
replacementValue | String/integer/boolean/object/map | The string or string/integer/boolean/object/map value to replace the value stored in the custom_info field. |
Return Parameter
Type | Description |
|---|---|
JS NativeObject | The summary of information about a system: summary.alert_count - number summary.service_count - number summary.sig_summaries - map (contains "categories" and "queues") summary.sig_summaries.categories - (array of objects) summary.sig_summaries.queues - (array of objects) categories and queues contain the following: sig_total - number, alert_total - number, name - string summary.sigs_down - number summary.sigs_up - number summary.total_events - number summary.total_sigs - number |
getTopic
Returns the topic that the data was received on, for example "alerts" or "Situations".
Request Arguments
None.
Return Parameter
Type | Description |
|---|---|
String | The name of the topic that the data came from or relates to, e.g. "Situations" or "alerts". |
payload
Retrieves the whole data payload that was sent in the CEvent object. In most cases the data contained in the payload is going to represent either a Situation or an alert, and as such will have key/value pairs which match the data columns for each.
Request Arguments
None.
Return Parameter
Type | Description |
|---|---|
CMooMsg | Enum value specifying the type of data that the Event contains and/or which topic the data was received on from the bus. |
Example
Example CEvent payload request:
logger.warning(cevent.payload().getData());
Example CEvent payload response:
{active=true, competencies=[], contact_num=, department=null, description=Online, email=, fullname=cyber, groupname=End-User, invitations=[], joined=1516963803, only_ldap=0, photo=-1, primary_group=1, profile_image=null, realms=[DB], roles=[1, 3, 4, 5], session_expiry=null, status=1, teams=[], timezone=SYSTEM, uid=6, username=cyber}set
Used to insert or update a value in the payload of the CEvent.
Name | Type | Description |
|---|---|---|
| String | The key to insert or change a value at. |
| Object | The new value to store against the key. |
Return Parameter
Type | Description |
|---|---|
Boolean | Whether or not the value was successfully changed. |
setCustomInfo
Set or update the whole custom info object for an alert or Situation.
Request Arguments
Name | Type | Description |
|---|---|---|
| Js NativeObject | Thewhole custom info objectto set for an alert or Situation. |
Return Parameter
None.
setCustomInfoValue
Updates the custom information in the database for the specified Situation or alert.
Request Arguments
Name | Type | Description |
|---|---|---|
| String | The dot-formatted field within the custom_info of the reference alert or Situation to update. |
| String/integer/boolean/object/map | The string or string/integer/boolean/object/map value to replace the value stored in the custom_info field. |
Return Parameter
Type | Description |
|---|---|
Boolean | Indicates if the operation was successful: true = success, false = fail |
setTopic
Set or update the topic value in the payload of the CEvent object.
Request Arguments
Name | Type | Description |
|---|---|---|
topic | String | The name of a topic to set or update in the payload data. |
Return Parameter
None.
stringValue
Fetch a value from inside the payload which matches the provided key as a string value.
Name | Type | Description |
|---|---|---|
name | String | The key for a value stored in the payload which will be used to fetch the data. |
Return Parameter
Type | Description |
|---|---|
String | The value from the payload that was stored alongside the key (or null if no value was found to for the provided key) which has been converted to string format. |
type
Retrieves the type stored on the CEvent, this value indicates type of information in the payload and/or which topic the data came from.
Request Arguments
None.
Return Parameter
Type | Description |
|---|---|
EBotEvent | Enum value specifying the type of data that the Event contains and/or which topic the data was received on from the bus. |
value
Fetch a value from inside the payload which matches the provided key.
Request Arguments
Name | Type | Description |
|---|---|---|
| String | The key for a value stored in the payload which will be used to fetch the data. |
Return Parameter
Type | Description |
|---|---|
Object | The value from the payload that was stored alongside the key (or null if no value was found to for the provided key) as an Object. |
Common fields for both Situations and alerts in the payload are:
custom_info
description
first_event_time
last_event_time
last_state_change