Event Notifications Configuration(3.0)
A notifier is a selected target, receiving event data when one or several selected event types are generated in the system. In addition, filters may be applied for each selected event type. Notifiers are configured in the Event Notification Editor.
To create a new Event Notification configuration, click the Configuration button in the upper left part of the 
Desktop window, and then select Event Notification from the menu.
| Item | Description |
|---|---|
Event Notifier Enabled | Select this check box to enable the event notification. Note! Undirected events are not saved by the system, and can therefore not be retrieved. |
Notifier Setup | A notifier is the target where event messages, configured in the Event Setup, are sent. For instance, to a database table, a log file or to the System Log. The overall appearance of the message string is also defined in this tab. |
Event Setup | In the Event Setup tab, events to catch are defined. If necessary, the message string defined in the Notifier Setup is also modified. |
The Notifier Setup Tab
A notifier is defined as the target where event messages are sent. A notifier may output information to any type of database table, log file, SNMP trap, mail, SNS topic or the standard System Log.
| Item | Description |
|---|---|
Notification Type | Select the output type for the notification in this drop-down-list. See the detailed descriptions of the notification types in the section below, Notification Type Configuration. |
Duplicate Suppression (sec) | Enter the number of seconds during which an identical event is suppressed from being logged. The default value is 0. |
Base Configuration | The Base Configuration settings includes everything needed for the selected Notification Type, such as location of a log file, database profile, or credentials, etc. For further information, see the section below, Notification Type Configuration. |
Target Field Configuration | The Target Field Configuration settings are used for constructing the content of the notification, and they vary depending on which Notification Type you have selected. See the section below, Target Field Configuration. |
Notification Type Configuration
The event notification types that you can configure in are:
Database
Event fields may be inserted into database tables using either plain SQL statements or calls to stored procedures.
| Item | Description |
|---|---|
Database | The name of the database in which the table is present. Databases are defined in the Database profile configuration. |
SQL Statement | Type in any SQL statement, using '?' for variables which are to be mapped against event fields in the Event Setup tab. Trailing semicolons are not used. In case of running several statements, they must be embedded in a block. |
Log File
Messages may be routed to ordinary text files on the local file system.
| Item | Description |
|---|---|
Directory | The path to the directory where the file in which events are to be logged resides. |
Filename | The name of the file in which events are to be logged. In case the file does not exist, it will be created when the first message for the specific event map arrives. New messages are appended. |
Size | The maximum size of the file. When this parameter is exceeded, the existing file is renamed and a new is created upon the arrival of the next event. The old file will receive an extension to the file name, according to |
Time | The maximum lifetime of a file before it is rotated. When this parameter is exceeded, the existing file is renamed and a new is created upon the arrival of the next event. If the time is set to rotate every:
The old file will receive an extension to the file name, according to If both Size and Time are set, both behaviors apply. |
Separator | Indicates how logged events are separated from one another. Valid options are:
|
Log Line | The text to go into the log file. For further information, see the section below, Target Field Configuration. |
Note!
Do not configure two different Event Notifiers to log information to the same file. Messages may be lost since only one notifier at a time can write to a file. Define one Event Notifier with several Event Setups instead.
Send Mail
It is also possible to send mails to one or several recipients when the specified events occur. Make sure the correct mail parameters have been configured in the platform.conf. You must enter a value for the property mz.notifier.mailfrom. See Platform Properties(3.0) in the System Administrator's Guide for further information about the mail properties.
| Item | Description |
|---|---|
| Sender | The label or name to be displayed in the Sender of the mail. The text in the Sender field will not replace the value of the For further information about how to obtain the text, see the section below, Target Field Configuration. |
Recipient | Mail address to one or several recipients. Use comma to separate, if several. Select Add to select mail addresses, configured for available users. For further information about how to obtain the text, see the section below, Target Field Configuration. |
Subject | The subject/heading of the mail. If Event Contents is selected, newlines will be replaced with spaces to make the subject readable. If the string exceeds 100 characters, it is truncated. For further information about how to obtain the text, see the section below, Target Field Configuration. |
Message | The body of the mail message. For further information about how to obtain the text, see the section below, Target Field Configuration. |
Send SNMP Trap
Events may be sent in form of SNMP traps to systems configured to receive such information. For the MIB definition, see the $MZ_HOME/etc/mz_trap_mib.txt file.
Note!
A new SNMP trap format is now available. For backward compatibility purposes, the previous invalid format will still be used by default. However, if you want to use the new format you can add the property
snmp.trap.format.b to the platform.conf and set it to true to activate the new values.
The value of the agent Address field will be taken from the Container property pico.rcp.server.host .
| Item | Description |
|---|---|
IP Address | The IP address of the target host. |
Port | The port on the target host defined for the SNMP communication. |
Community | The community name string used for the authentication process. |
Version | A list containing the supported SNMP versions. |
User Message | A string which will be sent out as SNMP traps. For further information about how to obtain the text, see the section below, Target Field Configuration. |
Send SNMP Trap, Alarm
This notification type is similar to the section above, Send SNMP Trap, with one difference; It is specifically designed to work for Alarm events.
| Item | Description |
|---|---|
Target Field Configuration alarm* | Here you configure the content for each field in the alarms. See Target Field Configuration - Log Line, in the section below, Target Field Configuration. |
SNS Topic
Selecting this type routes messages, produced by the selected events, as SNS topics to the specified Amazon S3 region.
| Item | Description |
|---|---|
Access Key | Enter the access key for the user who owns the Amazon S3 account in this field. |
Secret Key | Enter the secret key for the stated access key in this field. |
| Region | Enter the name of the Amazon S3 region in this field. |
| Topic | The SNS topic. For further information about how to obtain the text, see the section below, Target Field Configuration. |
| Message | The body of the topic. For further information about how to obtain the text, see the section below, Target Field Configuration. |
System Log
Selecting this type routes messages, produced by the selected events, to the standard System Log. The Contents field from each event is used as the message in the log.
Note!
Do not route frequent events to the System Log. Purging a large log might turn into a performance issue. If still doing that, keep the log size at a reasonable level by applying the System Task System Log Cleaner. For further details see System Log Cleaner in /wiki/spaces/MD/pages/3222673.
Target Field Configuration
Some of the notifier types have one or many parameters that may be dynamically populated by data from an event. These parameters are configured in the Target Field Configuration panel.
Depending on the parameter type, there will be one or several population types available in the list next to it.
Manual
Selecting Manual allows the user to hard code a value, and thus gives no possibility to select any dynamic values to be embedded in the message. The value entered will be assigned to the parameter exactly as typed.
Event Field
Selecting Event Field allows the user to assign the value of one specific event field to the parameter. For further information about fields valid for selections, see the section below, Event Fields.
Event Contents
Selecting Event Contents assigns the event value of each event's Contents field to the parameter. All event types have a suitable event content text. For instance, referring to the example in the figure Events Can Be Customized to Suit Any Target in Event Notifications(3.0), the Event Contents string will be:
Username: mzadmin3, Action: Notifier AnumberEvents updated.
Another example; the following string is reported for a User Defined Event:
Workflow name: <name>, Agent name: <name>, Message: <string>
The Message string originates from the dispatchMessage function. Note that nothing will be logged unless dispatchMessage is used. Also in this case, the Field Maps in the Event Setup will be disabled.
Note!
The same result is achieved when selecting Event Field/strong as Log Line, and then selecting Contents as mapping (the Event Setup tab).
Formatted
Selecting Formatted allows the user to enter text combined with variable names, which are assigned event field values in the Event Setup tab.
For each variable entered in a field with the Formatted option selected, a notifier field will be added in the Event Setup tab where you can then assign event field values.
Variable names must be preceded by a $, started with a letter, and be comprised of a sequence of letters, digits, or underscores.
Event Setup Tab
In the Event Setup tab, parameters that are populated by using the type Event Field, Formatted (with variables) or SQL, can be assigned with their values from selected event fields. Also, the event types to catch are configured.
| Item | Description |
|---|---|
| Filter | The Filter table enables you to configure the event types to catch. For each event type, a filter may be defined to allow, for instance, a specific Workflow and two specific event severities to pass. Besides filtering on existing values (for instance Workflow name) it is possible to filter using regular expressions and hard coded strings. Regular expressions according to Java syntax applies. For further information see, http://java.sun.com/javase/6/docs/api/java/util/regex/Pattern.html. |
| Event Field Name | The contents of this column varies depending on the selected event type. For further information about different events, see the section below, Event Fields. Note that only fields of type |
| Match Value(s) | The filtering criteria that defines what events to catch. Double-click a cell to open the Edit Match Value dialog box and select a value. However, these values are only suggestions. You can also use hard coded strings and regular expressions. Example For example, entering: .*idle.* will match any single lines containing "idle". Some fields also contain several lines, so entering: (?s).*idle.* will match any multi-line content containing "idle". The default value for each of the components is All. Note! Some of the Event Fields let you select from four Match Value types: Information, Warning, Error, or Disaster. For the rest of the Event Fields Match Value you use a string. Make sure you enter the exact string format of the relevant Match value. For example: the Event Field timeStamp can be matched against the string format yyyy-mm-dd. |
| Field Map | Maps variables against event fields. The Field Map table exists only if any of the parameters for the selected notifier type is set to Formatted, Event Field or SQL. |
| Notifier Field | States the Notifier parameter available in the Notifier Setup tab. If a specific parameter has more than one variable, it will claim one line per variable. |
| Variable | The name of the variable, as entered in the Notifier Setup tab. If the parameter type is Event Field, this field will be empty. |
| Event Field | Double-clicking a cell will display a list, from which the event field, to obtain values from, is selected. |
| Add Event... | Enables you to add an event that you generate by a call from an APL- or Ultra code in the workflow configuration. Click Add Event to configure your event; the new event type is added as a separate tab in the Event Setup. |
| Remove Event... | Removes the currently selected event type tab in the Event Setup dialog. |
| Refresh Field Map | Updates the Field Map table. Required if parameter population types or formatting fields have been modified in the Notifier Setup tab. |
Event Fields
An event is an object containing information related to an event in . For example, there are Workflow State events that are emitted each time the state of a workflow is changed.
The Event Notification configuration subscribes to these events and routes them to notifiers, for example, log files or a database.
An Event Type is comprised of a set of fields containing the original event message, a set of standard workflow related information, and event specific fields that are the parameters the original event message.
All event types in the system inherit fields from the Base event type. Workflow related events inherit fields related to the Workflow event as well, such as agentName. In addition to these, User Defined Events will receive any fields as defined by the user.
There are two types (hierarchies) of events:
User Defined events.
Events inherited from a Base event (all other events), with additional information added.
The user-defined event must be configured in an Ultra Format configuration. Other than the fields entered by the user, will automatically add basic fields. User Defined Events may only be dispatched from an agent using APL, i.e. Analysis or Aggregation.
Fields added by the user must be populated manually by using APL commands, while the basic fields are populated automatically. From the basic fields, only category and severity may be assigned values. The other basic fields are read only, hence it is not possible to assign values to them.
Enable/Disable Event Notifications
For a configured event notification to become active it needs to be activated using a toggle button which is present both in the desktop and in the web interface UI.
Activation mode is independent of the rest of the profile configuration and you do not need to press Save after enabling or disabling an event notification.
In Desktop
In the desktop, this toggle button is greyed out if there are no Event Notifiers present. You can see this button only after an event notification is saved.
The toggle button for the Event Notifier in the desktop is available on top of the event notification configuration details.
Note!
When you use the toggle button to enable or disable an alarm detection, you are notified to confirm the operation.
In Web Interface UI
The event notifier enable/disable toggle button in the web interface looks like:
You can enable or disable individual Event Notifiers using the toggle button available next to the name of the Event Notifiers or you can also enable or disable all available Event Notifiers at one go.
Note!
When importing an Event Notification profile using system import or as part of workflow packages, the profile is disabled.