Versions Compared

Old Version 9

changes.mady.by.user Keith Sinclair

Saved on

compared with

New Version 10

changes.mady.by.user Josune Cordoba

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Creating an opEvents Object inside a parser plugin

opEvents Object is the object core to process and parse all the events. 

This example shows how we can create the opEvents object for use inside a parser plugin.

...

Code Block
languageperl
titleMinimal Example
package Event_State_Example;
our $VERSION="0.0.0";

use lib "/usr/local/omk/lib";
use strict;

use OMK::Common;
use OMK::opEvents;
use OMK::Log;
# arguments: the line (currently being parsed),
# and reference to the live event properties
# returns: (status-or-error)
#
# zero or undef: parsing for this event is aborted, 
# and no event is created.
# 1: indicates success, event is created and changed event
# properties are incorporated.
# any other value: treated as error message, changed event
# properties are NOT incorporated but event parsing continues.


sub parse_enrich
{
	my ($line, $event) = @_;

	my $confCommon = loadOmkConfTable(conf=> "opCommon", dir=> "/usr/local/omk/conf");

	my $logger = OMK::Log->new(level => $confCommon->{"omkd_log_level"} || 'info',
															path => $confCommon->{'<omk_logs>'}."/opEvents.log");

	my $OPE = OMK::opEvents->new(config => $confCommon,
                              	logprefix => "Plugin::Event_State_Example",
								log => $logger);
	$OPE->getDb();
  
	$event->{Plugin_Used} = "Event_State_Example";

	return 1;
}

getEventLogsModel

...


Getting events: getEventLogsModel

We can get a list of events using getEventLogsModel. This method takes the following arguments: 

  • log_name (=db collection, log_name can be: events, rawLogs, logArchive, or actionlog)

...

  • time_start/end

...

  • and/

...

  • or a set of any

...

  • of id, node_uuid or node_

...

  • name type/element/details/action/archive/entry/acknowledged/escalate/priority/event_id

...

  • to select events

...

Optional arguments: 

...

  • sort: mongo sort

...

  • criteria 

...

  • limit:

...

  • Return only N records at the most

...

  • skip: skip N records at the beginning.

...

  • Index N in the result set is at 0 in the response

...

  • paginate:

...

  •  sets the pagination mode, in which case the result array is fudged up sparsely

...

  • to return 'complete' result elements without limit! - a dummy element is inserted at the 'complete' end,

...

  •  but only 0..limit are populated

In this example we are getting an event by its ID

getEventLogsModel will always return an array and should be expected to not have any values

In this example we are getting an event by its ID: 

Code Block
languageperl
my $modelData = $OPE->getEventLogsModel(log_name => "events", id => '60516246c6c2b17094225a9c');
my $otherEvent = $modelData->[0];
#Lets set a new property on our newly parsed event to the nodes_uuid of a unrelated event.
$event->{other_event_nodeuuid} = $otherEvent->{node_uuid};

...

Code Block
languagejs
{"_id":{"$oid":"60516246c6c2b17094225a9c"},"acknowledged":0,"action_checked":1,"actions":[{"action":"tag","comment":"set to FALSE","date":"2021-03-18T10:49:59","details":"outageCurrent","event":"SNMP Down","node_uuid":"3f49619e-b8ae-4e96-b56a-a7331baf71d3","time":1616028599}],"count":1,"date":"2021-03-18T10:48:28","delayedaction":1616028598,"details":"get SNMP Service Data: No response from remote host \"13.56.2.146\"","element":"","escalate":null,"event":"SNMP Down","friendly_acknowledged":0,"friendly_element":"","friendly_escalate":"","host":"demo.opmantek.com","lastupdate":1616028599,"level":"Major","node":"demo.opmantek.com","node_uuid":"3f49619e-b8ae-4e96-b56a-a7331baf71d3","nodeinfo":{"configuration_group":"DataCentre","configuration_location":"test"},"priority":6,"state":"down","stateful":"SNMP","status_history":[[1616028509.42444,null,"received",null],[1616028599.84117,null,"action_processing","complete"]],"tag_outageCurrent":"FALSE","time":1616028508,"type":"nmis_eventlog"}

...

Getting multiple events

getEventLogsModel needs time_start and time_end if you are searching for events not by id, this is for safety and performance .

...

Code Block
languageperl
'_id' => $arg{id},
'time' => { '$gte' => $time_start, '$lt' => $time_end },
'event' => $arg{event},
'node_uuid' => $arg{node_uuid},
'type' => $arg{type},
'element' => $arg{element},
'details' => $arg{details},
'eventid' => $arg{event_id}, # only useful in actionlog
'action' => $arg{action}, # only useful in actionlog
'archive' => $arg{archive}, # only useful in archive log
'entry' => $arg{entry}, # only in raw log
'state' => $arg{state},
'nodeinfo.configuration.location' => {'$regex' => $arg{'nodeinfo.configuration_location'} || $arg{location}},
'nodeinfo.configuration.group' => {'$regex' => $arg{'nodeinfo.configuration_group'} || $arg{group}},
'acknowledged' => numify($arg{acknowledged}),
'escalate' => numify($arg{escalate}),
'priority' => numify($arg{priority}), });

...

Creating Events

...

opEvents object provides an easy way to create an event: 


Code Block
# Tell opEvents object to create the event
my ($error, $eventid) = $OPE->createEvent(event => $event);

It will return an error in case the event hasn't been created, or the eventId otherwise. 

We first need to create the event. This is an example:

Code Block
# Create Event Object
my $event = {};

my @maybeprops = grep($_ !~ /^(act|debug|quiet|conf|confdir|baseurl|username|password)$/, keys %$Q);
if (@maybeprops)
{
	my @rawinputs;
	for my $key (@maybeprops)
	{
		next if ($Q->{$key} eq ''); # supress empty properties
		die "argument $key cannt be set multiple times!\n" if (ref($Q->{$key}) eq "ARRAY");

		# ensure numeric values for anything numeric, or mongo comparison ops will
		# fail badly (especially true for time, which breaks the gui)
		$event->{$key} = numify($Q->{$key});
		push @rawinputs, "'$key=$Q->{$key}'";
	}
	$event->{entry} = join(" ", @rawinputs);
}


Updating Events

opEvents object also provides an easy way to update an event. We will need to pass the following arguments:

  • _id: for identify the event to be updated
  • _constraints: to disable db key munging

Everything else will be recorded as content, as-is, except "status_history" and "trigger_eventids"

  • status_history: optional but special: must be array and this array will be ADDED to an existing status_history array.
  • trigger_eventids: always saved as array, and a new value is ADDED.
  • buttons: always saved as array, and a new value is ADDED.

returns undef if ok, error message otherwise (also logged)

As an example:

Code Block
my $failure = $OPE->updateEvent( "_id" => $e->{_id},
								priority => 5,
								status_history => [ $now, $thisuser, "priority", 5 ], );
Acknowledging an event

We can acknowledge an event by setting acknowledged => 1, and give it status history so we know who and when triggered the event to be acknowledged

...

Code Block
languageperl
package Event_State_Example;
our $VERSION="0.0.0";

use lib "/usr/local/omk/lib";
use strict;
#use func;
use OMK::Common;
use Data::Dumper;
use OMK::opEvents;
use OMK::Log;
# arguments: the line (currently being parsed),
# and reference to the live event properties
# returns: (status-or-error)
#
# zero or undef: parsing for this event is aborted, 
# and no event is created.
# 1: indicates success, event is created and changed event
# properties are incorporated.
# any other value: treated as error message, changed event
# properties are NOT incorporated but event parsing continues.

sub parse_enrich
{
	my ($line, $event) = @_;

	my $confCommon = loadOmkConfTable(conf=> "opCommon", dir=> "/usr/local/omk/conf");

	my $logger = OMK::Log->new(level => $confCommon->{"omkd_log_level"} || 'info',
															path => $confCommon->{'<omk_logs>'}."/opEvents.log");

	my $OPE = OMK::opEvents->new(config => $confCommon,
                              	logprefix => "Plugin::Event_State_Example",
								log => $logger);
	$OPE->getDb();
	
	#We can get an event with an id
	my $modelData = $OPE->getEventLogsModel(log_name => "events", id => '60516246c6c2b17094225a9c');
	my $otherEvent = $modelData->[0];


	$event->{other_event_ack} = [];
	my $thisuser = "Plugin::Event_State_Example";
	#lets get an event by name and mark them acknowledged
	#you must pass time start and end if we are looking for events and not and event by an id
		
	#lets ack them
	foreach my $e (@{$toBeAcknowledged}){
			my $now = time;
			my $failure = $OPE->updateEvent( "_id" => $e->{_id},
												acknowledged => 1,
											status_history => [ $now, $thisuser, "acknowledged", 1 ], );
																					
			push @{$event->{other_event_ack}}, $e->{_id}->to_string;
			#TODO better error handling
			return if($failure);
	}

	$event->{Plugin_Used} = "Event_State_Example";
	$event->{node} = "fulla-localhost";
	$event->{host} = "127.0.0.1";
	$event->{other_event} = $otherEvent->{_id}->to_string;
	return 1;
}

Lookup node by node name

The first option, Build up a search hash and pass this to getEventLogsModel

Code Block
my $search = {
    node => "MYNODENAME"
};
$OPE->getEventLogsModel(event => "SNMP Down", search => $search

...

After checking the logs you would then send an up event.

Process is.:

  • Edit plugin.
  • Restart daemon
  • Send “down” event.
  • Check opEvents log
  • Send “up” event.
  • Check opEvents log
  • Repeat as needed.

...