Versions Compared

Old Version 1

changes.mady.by.user James Greenwood

Saved on

compared with

New Version 2

changes.mady.by.user James Greenwood

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languageperl
titleMinimal Example
package Event_State_Example;
our $VERSION="0.0.0";

use lib "/usr/local/omk/lib";
use strict;

use OMK::Common;
use OMK::opEvents;
use OMK::Log;
# arguments: the line (currently being parsed),
# and reference to the live event properties
# returns: (status-or-error)
#
# zero or undef: parsing for this event is aborted, 
# and no event is created.
# 1: indicates success, event is created and changed event
# properties are incorporated.
# any other value: treated as error message, changed event
# properties are NOT incorporated but event parsing continues.


sub parse_enrich
{
	my ($line, $event) = @_;

	my $confCommon = loadOmkConfTable(conf=> "opCommon", dir=> "/usr/local/omk/conf");

	my $logger = OMK::Log->new(level => $confCommon->{"omkd_log_level"} || 'info',
															path => $confCommon->{'<omk_logs>'}."/opEvents.log");

	my $OPE = OMK::opEvents->new(config => $confCommon,
                              	logprefix => "Plugin::Event_State_Example"
								log => $logger);
	$OPE->getDb();
  
	$event->{Plugin_Used} = "Event_State_Example";

	return 1;
}

Getting a singular event


getEventLogsModel

# args: at least log_name (=db collection, log_name can be: events, rawLogs, logArchive, or actionlog)
# and time_start/end AND/OR a set of any
# of id, node_uuid or node_name,
# type/element/details/action/archive/entry/acknowledged/escalate/priority/event_id
# to select events
#
# arg sort: mongo sort criteria
# arg limit: return only N records at the most
# arg skip: skip N records at the beginning. index N in the result set is at 0 in the response
# arg paginate: sets the pagination mode, in which case the result array is fudged up sparsely to
# return 'complete' result elements without limit! - a dummy element is inserted at the 'complete' end,
# but only 0..limit are populated

In this example we are getting an event by its ID

log_name is required and should be "events"

getEventLogsModel will always return an array and should be expected to not have any values

...

Code Block
languagejs
{"_id":{"$oid":"60516246c6c2b17094225a9c"},"acknowledged":0,"action_checked":1,"actions":[{"action":"tag","comment":"set to FALSE","date":"2021-03-18T10:49:59","details":"outageCurrent","event":"SNMP Down","node_uuid":"3f49619e-b8ae-4e96-b56a-a7331baf71d3","time":1616028599}],"count":1,"date":"2021-03-18T10:48:28","delayedaction":1616028598,"details":"get SNMP Service Data: No response from remote host \"13.56.2.146\"","element":"","escalate":null,"event":"SNMP Down","friendly_acknowledged":0,"friendly_element":"","friendly_escalate":"","host":"demo.opmantek.com","lastupdate":1616028599,"level":"Major","node":"demo.opmantek.com","node_uuid":"3f49619e-b8ae-4e96-b56a-a7331baf71d3","nodeinfo":{"configuration_group":"DataCentre","configuration_location":"test"},"priority":6,"state":"down","stateful":"SNMP","status_history":[[1616028509.42444,null,"received",null],[1616028599.84117,null,"action_processing","complete"]],"tag_outageCurrent":"FALSE","time":1616028508,"type":"nmis_eventlog"}

Multiple events

getEventLogsModel needs time_start and time_end if you are searching for events not by id, this is for safety and performance .

In this example we are looking for events with the name 'My_Monkey_Event' which have not been acknowledged and from the last 24 hours. These arguments are compounded into a AND query, some arguments are faster to find that others depending on indexes. If the query takes too long opEvents action parser might kill the script before anything is returned.

Code Block
languageperl
my $toBeAcknowledged = $OPE->getEventLogsModel(log_name => "events", event => 'My_Monkey_Event', acknowledged => 0,  time_start=> time - 86400, time_end => time);
foreach my $e (@{$toBeAcknowledged}){
	
}
Full list of arguments to search by
Code Block
languageperl
'_id' => $arg{id},
'time' => { '$gte' => $time_start, '$lt' => $time_end },
'event' => $arg{event},
'node_uuid' => $arg{node_uuid},
'type' => $arg{type},
'element' => $arg{element},
'details' => $arg{details},
'eventid' => $arg{event_id}, # only useful in actionlog
'action' => $arg{action}, # only useful in actionlog
'archive' => $arg{archive}, # only useful in archive log
'entry' => $arg{entry}, # only in raw log
'state' => $arg{state},
'nodeinfo.configuration.location' => {'$regex' => $arg{'nodeinfo.configuration_location'} || $arg{location}},
'nodeinfo.configuration.group' => {'$regex' => $arg{'nodeinfo.configuration_group'} || $arg{group}},
'acknowledged' => numify($arg{acknowledged}),
'escalate' => numify($arg{escalate}),
'priority' => numify($arg{priority}), });