LAM and Integration Reference
This is a reference for the LAMs and UI integrations. The LAM configuration files are located at
$MOOGSOFT_HOME/config/
. See the individual LAM and integration
configuration pages for the names of the files.
The configuration options for LAMs contain the following sections and properties. Some of these properties are configurable in UI integrations.
Monitor
name
Name of the LAM.
Type: String
Required: Yes
Default: Each LAM configuration contains a default name. Do not change.
class
Class of the LAM.
Type: String
Required: Yes
Default: Each LAM configuration contains a default class. Do not change.
expose_request_headers
Determines whether to include request HTTP headers in Moogsoft AIOps
events. If set to true, exposed headers are listed under the key moog_request_headers
in events.
Type: Boolean
Required: No
Default: False
use_ssl
Enables Secure Sockets Layer (SSL) certification. If you set this to True, provide SSL certificate details.
Type: Boolean
Required: No
Default: False
path_to_ssl_files
Path to the directory that contains the SSL certificates. You can use a relative path based upon
the $MOOGSOFT_HOME
directory. For example the default config
indicates $MOOGSOFT_HOME/config
.
Type: String
Required: If use_ssl = true
Default: "config"
ssl_key_filename
Name of the SSL server key file.
Type: String
Required: If use_ssl
is
set to True
Default: N/A
ssl_cert_filename
Name of the SSL root CA file. Must reside in the location contained in path_to_ssl_files
.
Type: String
Required: If use_ssl = true
Default: N/A
use_client_certificates
Defines whether to use SSL client certification.
Type: Boolean
Required: If use_ssl = true
.
Default: False
client_ca_filename
Name of the SSL client CA file. Must reside in the location contained in path_to_ssl_files
.
Type: String
Required: If use_client_certificates = true
.
Default: N/A
ssl_protocols
Sets the allowed SSL protocols.
Type: Array
Required: If protocol = POP3S
or IMAPS
.
Valid protocols: SSLv3, TLSv1, TLSv1.1, TLSv1.2
.
Default: [ "TLSv1.2" ]
auth_token
Authentication token in the request body. Can only be used when accept_all_json = false
. If you define a token you must include it in the
body of all requests. You can define auth_token
or header_auth_token
but not both.
Type: String
Required: No
Default: N/A
header_auth_token
Authentication token in the request header. Can only be used when accept_all_json = false
. If you define a token you must include it in the
header of all requests. You can define auth_token
or header_auth_token
but not both.
Type: String
Required: No
Default: N/A
encrypted_auth_token
Encrypted authentication token in the request body. Can only be used when accept_all_json = false
. If you define a token you must include it in the
body of all requests. Overrides auth_token
.
Type: String
Required: No
Default: N/A
encrypted_header_auth_token
Encrypted authentication token in the request header. Can only be used when accept_all_json = false
. If you define a token you must include it in the
header of all requests. Overrides header_auth_token
.
Type: String
Required: No
Default: N/A
authentication_type
Defines the authentication type the LAM uses.
Type: String
Required: Yes
basic
- LAM uses the Graze login.
basic_auth_static
- Use the static username and password set in the
basic_auth_static
property.
none
- No authentication.
jwt
- JSON Web Token authentication.
Default: Varies. See the individual LAM and integration configuration documents.
basic_auth_static
Defines the username and password used for authentication when authentication_type
is set to basic_auth_static
.
Type: String
Required: If authentication_type = basic_auth_static
.
Default: N/A
jwt
Defines the claims the LAM uses when it creates JSON Web Tokens (JWT).
Type: String
Required: If authentication_type = jwt
Example:
jwt: { secretKey : "secret", sub : "moogsoft", iss : "moogsoft", aud : "moogsoft", jti : "" }
secretKey
Key the LAM uses to validate JSON Web Tokens.
Type: String
Required: If authentication_type = jwt
.
Default: N/A
sub
Subject the LAM uses to identify JSON Web Tokens.
Type: String
Required: No
Default: N/A
iss
Issuer the LAM uses to identify JSON Web Tokens.
Type: String
Required: No
Default: N/A
aud
Audience the LAM uses to identify JSON Web Tokens.
Type: String
Required: No
Default: N/A
jti
Identifier the LAM uses to iMoogsoft AIOpsdentify JSON Web Tokens.
Type: String
Required: No
Default: N/A
authentication_cache
Defines whether a hashed version of a user's password is kept in the internal cache for the duration of the connection. If set to true it enables faster event handling. If set to false users are authenticated with each request.
Type: Boolean
Required: If authentication_type = basic
.
Default: True
accept_all_json
When set to true, the LAM can read and process incoming requests using any valid form of JSON. The LAM and LAMbot configurations define the structure of the event. Set this property to false when you can structure incoming messages in the Moogsoft AIOps format. Using the Moogsoft AIOps format allows you to use the default LAM and LAMbot configuration to accept, convert and send incoming requests to the Message Bus. See REST LAM Examples for more information.
Type: Boolean
Required: No
Default: True
lists_contain_multiple_events
Defines whether a JSON list is interpreted as multiple events. Set to true
to allow the LAM to accept structured events from a third party and
convert them into Moogsoft AIOps events.
Type: Boolean
Required: If accept_all_json = true
.
Default: False
num_threads
Number of worker threads to use for processing events. If you have a large number of events and javascript logic, increase the number of threads. Also increase the thread count if a queue builds up in the LAMs. You can use the heartbeat monitor or Graze API to check the queue size.
Type: Integer
Required: No
Default: The number of available CPUs, up to a maximum of 8
rest_response_mode:
Determines when a REST response is sent for a request.
Type: String
Required: Yes
One of: on_receipt
-
Send a response when a valid event is received.
event_forwarded
- Send a response when an event is sent to the Message
Bus.
event_processed
- Send a response when an event is processed by the
Moogfarmd AlertBuilder Moolet.
Default: "event_processed"
rpc_response_timeout
The length of time to wait for a REST response from the Moogfarmd AlertBuilder Moolet, in seconds.
Type: Integer
Required: If rest_response_mode = event_processed
.
Default: 20
event_ack_mode
Determines when Moogfarmd acknowledges events from the LAM.
Type: String
Required: Yes
One of: queued_for_processing
: Acknowledge events when Moogsoft
AIOps adds them to the Moolet queue.
event_processed
: Acknowledge events when a Moolet processes them.
Default: "queued_for_processing"
request_interval
Length of time to wait between requests, in seconds. Can be overridden by request_interval
in individual targets.
Type: Integer
Required: No
Default: 60
max_retries
Number of times the LAM attempts to reconnect after connection failure. Used in conjunction with
retry_interval
.
Type: Integer
Required: No
Default: -1
(infinite
retries)
retry_interval
Length of time to wait between reconnection attempts, in seconds. Used in conjunction with max_retries
.
Type: Integer
Required: No
Default: 60
timeout
Length of time to wait before halting a connection or read attempt, in seconds.
Type: Integer
Required: No
Default: 120
max_lookback
Period of time for which to recover missed events, in seconds, when the LAM re-establishes a connection after a failure.
Type: Integer
Required: No
Default: -1
(recover
all events since the last successful poll).
retry_recovery
Object containing properties which allow you to specify how the LAM recovers events that were missed during a connection outage. Comment out this object to recover all missed events with no imposed waiting time.
Type: Object
Required: No
Default: N/A
recovery_interval
Length of time to wait between requests, in seconds, when the LAM re-establishes a connection after a failure.
Type: Integer
Required: No
Default: 20
disable_certificate_validation
Specifies whether to disable SSL certificate validation. If set to true the data transmission between Moogsoft AIOps and the external system is not protected by the encryption protocol.
Type: Boolean
Required: No
Default: False
proxy
Specifies connection details for a proxy server, if you want to connect to the external system through a proxy. To use, uncomment the proxy section of the file and define the host, user, port, and password or encrypted password for the proxy. Not all properties are configurable in every LAM and integration.
Type: String
Required: No
Default: N/A
targets
This property is available in multi-target LAMs. It is a top-level container defining one or more target sources. You can specify the configuration for each target. If you don't specify a request_interval the target uses the globally defined interval.
Type: JSON Object
Required: Yes
Default: N/A
requests_overlap
If events meet the overlap_identity_fields matching criteria during this interval (in seconds), they are not treated as duplicates. Used to ensure that Moogsoft AIOps does not miss valid events.
Type: Integer
Required: No
Default: N/A
overlap_identity_fields
A list of payload tokens the LAM uses to identify duplicate events when the source returns all
open events and not just updated events. After the requests_overlap
period the LAM treats events with the same overlap identity
fields as duplicate events. The LAM identifies duplicates for each payload event in the previous
request only. Identification is based on the token names of the returned payload, not the mapped
names. For example, including $signature
refers to this value in the
payload, not event.value("signature")
.
Type: String
Required: If requests_overlap
is enabled
Default: N/A
Datadog Polling LAM Example:
overlap_identity_fields: [ "id", "alert_type", "priority" ]
SevOne LAM Example:
overlap_identity_fields: [ "id", "severity", "closed", "number" ]
Agent
name
Identifies events the LAM sends to the Message Bus.
Type: String
Required: Yes
Default: "DATA_SOURCE"
log
Location of the LAM's capture log file. See Configure Logging for more information.
Type: String
Required: No
Default: N/A
Log Config
configuration_file
File that specifies the configuration of the LAM's process log. See Configure Logging for more information.
Type: String
Required: No
Default: "$MOOGSOFT_HOME/config/logging/integrations.log.json"