Example: IBM SevOne Network Management System (NMS) generic webhook event mappings
Review the following example mappings for a generic webhook connection between IBM Cloud Pak for Watson AIOps and IBM SevOne Network Management System (NMS). Use these mappings to help you configure your own event mapping for a generic webhook connection
- Example event (alert) JSON
- Example event mapping JSONata expression
- Example event result JSON
- Example Curl Command
Example event (alert) JSON
{
"deviceName": "IBM SevOne NMS",
"occurrences": "5",
"triggeringConditions": [
{
"aggregationOperation": "Average",
"dataUnits": "Centiseconds",
"comparisonUnits": ">",
"thresholdValue": "13.00",
"dataValue": "15.66",
"comparisonValue": "13",
"baselineValue": "0.00",
"sigmaValue": "nan",
"indicatorDescription": "System CPU Time",
"aggregationDuration": "1.00",
"indicatorName": "ssCpuRawSystem",
"sigmaDirection": "above or below",
"comparisonOperation": ">"
}
],
"thresholdId": "29",
"check": "CPU_Alerts - CPU Total0",
"host": "SevOne NMS",
"assignedTo": "unassigned",
"pluginDescription": "SNMP Poller",
"groupName": "All Device Groups",
"objectName": "CPU Total0",
"routes": [
"Netcool"
],
"alertMessage": "Threshold triggered -- IBM SevOne NMS CPU Total0 System CPU Time: 15.66 Centiseconds > 13 Centiseconds averaged over 1.00 minutes",
"policyId": "53",
"deviceId": "1",
"alertState": "Error",
"objectAltName": "",
"thresholdName": "CPU_Alerts - IBM SevOne NMS - CPU Total0",
"alertType": "system",
"alertId": "4002",
"objectId": "17",
"cluster": "All Device Groups",
"description": "Threshold triggered -- IBM SevOne NMS CPU Total0 System CPU Time: 15.66 Centiseconds > 13 Centiseconds averaged over 1.00 minutes",
"deviceIp": "127.0.0.1",
"policyName": "CPU_Alerts",
"objectDescription": "CPU Total",
"pluginName": "SNMP",
"deviceAltName": "localhost"
}
Example event mapping JSONata expression
(
{
"severity": alertState="Alert"?6:alertState="Emergency"?6:alertState="Critical"?6:alertState="Error"?5:alertState="Warning"?3:alertState="Notice"?2:alertState="Info"?2:alertState="Debug"?2:1,
"summary": description,
"resource": {
"name": deviceName
},
"type": {
"classification": policyName,
"eventType": alertState = "Cleared" ? "resolution" : "problem"
},
"sender": {
"name": "IBM SevOne NMS",
"type": "Webhook Connector"
},
"expirySeconds": alertId="-1"?300
}
)
Example event result JSON
{
"severity": 5,
"summary": "Threshold triggered -- IBM SevOne NMS CPU Total0 System CPU Time: 15.66 Centiseconds > 13 Centiseconds averaged over 1.00 minutes",
"resource": {
"name": "IBM SevOne NMS"
},
"event": {
"classification": "CPU_Alerts",
"type": "problem"
},
"sender": {
"name": "IBM SevOne NMS",
"type": "Webhook Connector"
},
"occurrenceTime": "2023-05-10T07:43:38.290Z"
}
Example Curl Command
-
Create a payload json file
cat << EOF | tee > sevone-payload.json | cat { "deviceName": "IBM SevOne NMS", "occurrences": "5", "triggeringConditions": [ { "aggregationOperation": "Average", "dataUnits": "Centiseconds", "comparisonUnits": ">", "thresholdValue": "13.00", "dataValue": "15.66", "comparisonValue": "13", "baselineValue": "0.00", "sigmaValue": "nan", "indicatorDescription": "System CPU Time", "aggregationDuration": "1.00", "indicatorName": "ssCpuRawSystem", "sigmaDirection": "above or below", "comparisonOperation": ">" } ], "thresholdId": "29", "check": "CPU_Alerts - CPU Total0", "host": "IBM SevOne NMS", "assignedTo": "unassigned", "pluginDescription": "SNMP Poller", "groupName": "All Device Groups", "objectName": "CPU Total0", "routes": [ "Netcool" ], "alertMessage": "Threshold triggered -- IBM SevOne NMS CPU Total0 System CPU Time: 15.66 Centiseconds > 13 Centiseconds averaged over 1.00 minutes", "policyId": "53", "deviceId": "1", "alertState": "Error", "objectAltName": "", "thresholdName": "CPU_Alerts - IBM SevOne NMS - CPU Total0", "alertType": "system", "alertId": "4002", "objectId": "17", "cluster": "All Device Groups", "description": "Threshold triggered -- IBM SevOne NMS CPU Total0 System CPU Time: 15.66 Centiseconds > 13 Centiseconds averaged over 1.00 minutes", "deviceIp": "127.0.0.1", "policyName": "CPU_Alerts", "objectDescription": "CPU Total", "pluginName": "SNMP", "deviceAltName": "localhost" } EOFcat << EOF | tee > sevone-payload-clear.json | cat { "deviceName": "IBM SevOne NMS", "occurrences": "5", "triggeringConditions": [ { "aggregationOperation": "Average", "dataUnits": "Centiseconds", "comparisonUnits": ">", "thresholdValue": "13.00", "dataValue": "15.66", "comparisonValue": "13", "baselineValue": "0.00", "sigmaValue": "nan", "indicatorDescription": "System CPU Time", "aggregationDuration": "1.00", "indicatorName": "ssCpuRawSystem", "sigmaDirection": "above or below", "comparisonOperation": ">" } ], "thresholdId": "29", "check": "CPU_Alerts - CPU Total0", "host": "IBM SevOne NMS", "assignedTo": "unassigned", "pluginDescription": "SNMP Poller", "groupName": "All Device Groups", "objectName": "CPU Total0", "routes": [ "Netcool" ], "alertMessage": "Threshold triggered -- IBM SevOne NMS CPU Total0 System CPU Time: 15.66 Centiseconds > 13 Centiseconds averaged over 1.00 minutes", "policyId": "53", "deviceId": "1", "alertState": "Cleared", "objectAltName": "", "thresholdName": "CPU_Alerts - IBM SevOne NMS - CPU Total0", "alertType": "system", "alertId": "4002", "objectId": "17", "cluster": "All Device Groups", "description": "Threshold triggered -- IBM SevOne NMS CPU Total0 System CPU Time: 15.66 Centiseconds > 13 Centiseconds averaged over 1.00 minutes", "deviceIp": "127.0.0.1", "policyName": "CPU_Alerts", "objectDescription": "CPU Total", "pluginName": "SNMP", "deviceAltName": "localhost" } EOF -
Send the payload with a
curlcommand# Webhook details WEBHOOK_URL=https://webhook-connector-1a2bc34d-1ab2-1abc-1a2b-1234a56bc789-aiops.apps.mysite.com/webhook-connector/abcdefgh1jk AUTH=test:test # Send alert curl -X POST -u ${AUTH} --insecure \ -H 'Content-Type: application/json' ${WEBHOOK_URL} \ -d @./sevone-payload.json # Send clear event curl -X POST -u ${AUTH} --insecure \ -H 'Content-Type: application/json' ${WEBHOOK_URL} \ -d @./sevone-payload-clear.json