Populate an external database

About this task

Adding an IBM Db2 integration enables your organization to store alert and incident data in a Db2 database. With this template, you can create policies for historical archiving or audit purposes, or send the data from Cloud Pak for AIOps to populate an external database in IBM Cognos® Analytics.

In this example, you want to send alerts to populate a dashboard when a new alert is created or when an alert severity level changes. The policy should look for and match only alerts that have an alert summary.

Example

1. Click the navigation icon at the upper-left corner of the screen to go to the main navigation menu.

2. In the main navigation menu, click Operate > Automations.

3. Click Create policy.

4. Click the Populate an external database tile.

5. Enter a name in the Policy name, for example, "Alerts Dashboard". You can also add an explanation of the policy in the Description to help you and others understand the purpose of the policy.

6. Set the Execution order to 50.

7. Define how the policy is triggered to invoke a dashboard policy. Once triggered, it looks for alerts or incidents that match the conditions you specify in order to take action. First, select the entity that this policy acts on. Choose either Alert or Incident properties. The default trigger entity is Alert.

   The policy triggers are when an alert or incident is created, updated, or both. Updated means the alert or incident state changes. For example, if an alert changes from Severity 1 to Severity 6, or if an incident escalates from Priority 5 to Priority 1 (this is an escalation as Priority 1 is the highest priority level).

   Note: Switching between alert and incident entities resets the input fields for triggers, condition sets, and actions.

   For this example, we select After an alert is created and After an alert has been updated.

8. In the alert property drop-down list, select alert.severity. You can type "sev" and the system will show in the property drop-down list all alert properties that contain the text "sev", which in this case is only alert.severity.

   

9. Define the following conditions for alerts that trigger your dashboard policy:

   1. Click Add condition and select Alert property.
   2. From the Property drop-down list, select alert.summary. From the Operator drop-down list, select not empty.

   

10. In Populate an external database, specify the Dashboard connection instance and table to invoke the policy. If you don't see anything in the Dashboard connection dropdown list, see IBM Db2 integration.

11. Select your Dashboard table from the drop-down list. You can start typing the table name in the field that is provided and the matching table names are suggested. When selecting the default tables ALERTS_REPORTER_STATUS or INCIDENTS_REPORTER_STATUS, a default mapping is provided that matches table columns with relevant alert and incident fields. Ensure that you include the columns "ID" and "TENANTID".

    Note: The database schemas must be installed so that the relevant reporting tables are in place. For more information, see Data flow configuration.

    

12. Select from the following dashboard policy parameter-mapping options:

    • Send default alert column mapping
    • Customize

Customize

Select this option if you want to customize alert or incident field parameters that are used as input for your Dashboard table. Click Edit parameter mapping to continue.

In this example, alert fields are being mapped as parameters to a Dashboard table. If incidents are selected as the policy trigger entity (see step 7 in the preceding example), then incident fields are mapped as parameters here. The editor is divided into three sections. You can click and drag the vertical and horizontal middle lines to resize the sections.

• Section 1: Sample alert

  Use the Select alert drop-down menu to load a sample alert, or go to the Alert Viewer to copy and paste a raw alert by opening Alert details > Information > Raw > Copy to clipboard . For more information, see Alert details.

  The sample alert provides variables available for use in your mapping, including the alert that the policy is acting on. You can modify the variables to test out different possible inputs to your dashboard policy, for example, by overriding the alert with one from your alert list.

  Note: The sample alert is only used to test your transformation and has no bearing on the execution of your policy.

• Section 2: JSONata transformation

  A JSONata expression translates between the variables available to the Cloud Pak for AIOps policy and the dashboard table columns from a given connection. To avoid max transfer sizes the number of transformation key/value pairs is limited to 100.

  Instances of "string" and "number" indicate the type of data that a given column supports. Columns with type "number" only support integer values, any string sent to these columns will cause errors. Ensure that you replace instances of "string" and "number" in the transformation or remove the column if not needed, otherwise, those values are sent to the column.

  The keys "ID" and "TENANTID" are required when using the default tables.

  Use the JSONata transformation section to include your own arguments for dashboard table columns by making a selection from the Select template drop-down menu. Choose between Show sample column mapping or Use columns from table. When you start typing in the JSONata transformation (or press Ctrl + Space), a suggestion panel with alert properties is shown. Move the cursor into the panel to scroll and select from the list of properties. As you make changes in this section, the Input for dashboard table (section 3) shows a preview of your transformation.

  

  Warning: Any changes that you make to the source alert are reset if you reedit the parameter mapping.

• Section 3: Input for dashboard table

  This section shows the results of your transformation and what the content of the table columns contain based on the current sample alert and transformation rules that are used above. For columns that rely on date/time, such as "FIRSTOCCURRENCETIME", use the value from the selected entity (that is, "FIRSTOCCURRENCETIME": alert.firstOccurrenceTime).

13. Click Save input to save your changes and close the editor. Then, click Create policy to save the policy.

    New and updated policies can take up to 2 minutes to take effect.