opEvents Views

The opEvents home page gives you a snapshot of all the nodes, events, and issues in your environment in a simple, easy-to-grasp graphical and tabular formats. It displays the Events by Node, filtered according to the specified time and event filters. From this page, you can also access the current/escalated events, actions taken, summary reports, unprocessed/raw logs, archived logs, etc. 

Dashboard View

By default, opEvents opens in the Dashboard view that displays the Events by Node. It lists the devices that are generating the most number of events. 

• Use the time Filter function located at the top right corner of the chart to specify the particular time period you want to look for the events in.
• Hover over a segment of the pie chart to see the device name.
• Click on a segment for a comprehensive look at the events on the specific device, occurred during the indicated time period.
• If you don't want to display a specific device on the chart/graph, you can filter it out by clicking on its name in the legend below the chart/graph. 

In the table below the charts, you can see the time of the event, the node, the event name, description of the event, the number of times the event occurred, the priority, and the most recent state of the node.

• Click on a column name/heading to sort the events list by ascending or descending order and find the required events more easily.
• Use the Search field above the table to find a specific event quickly. You can also narrow the search by selecting a column name from the drop-down list beside the Search field.  

On any of the pages in the menu -> Views drop down menu you can click on the event Name, Node, Last Seen, Title, etc. and drill into more granular details. In the example below I am clicking the link to the device "asgard" which opens up the "Node Context" page.

If you click on an event an "Event Context" page would open giving you more granular details about the specific event as well. As you can see there is much more useful and specific information provided from this page.

Using the example below, there are six menu options at the top: Details, View Node in NMIS, Show Address Configuration, Show Node Performance, Show Node Configuration, and More.

Clicking the "Details" menu item displays the complete raw details for the specific node or event.

Clicking on "View Node in NMIS" opens up an NMIS Node Details menu.

Clicking on "Show Address Configuration" will open up our opAddress module that gives information on the IP addresses for this device.

Clicking on "Show Node Performance" will open the device information screen in our opCharts module.

Clicking on "Show Node Configurations" will open our opConfig module displaying recent commands and configuration changes, etc. for the device.

The "More" drop down menu gives you the ability to edit the node or view more events if you happen to be viewing an Event Context page.

Other information provided on this screen is a Node Summary, Recent events for this device, Elements Up, and Elements Down. Clicking the Event Up and Event Down buttons will open the Event Context page for that event. Clicking the Edit State icons you can either Toggle the State Up or Down, or Remove the State.

Notice in the image above in the Recent Events for asgard section there is some blue text indicating that there are too many events for the table. If you click on this link it will open the Events view for this Node displaying all of the nodes events on one page. In this same section there is a blue "Overview" button. Clicking on this will open the Node Events Overview page for this device. This page is similar to the default Dashboard page however, it is only displaying the events for this particular device. Same as the Dashboard page you can filter the time you want to view Events, filter events displayed on the charts, search for Events, and drill into each Event by clicking the Event link in the table below.

Events View

Navigating to menu Views -> Events you can see a bit more detailed view of the table on the Dashboards page. Notice above the table in the top left displays the total number of events along with the date and time period reported on. With added editions of the State and Acknowledged columns you see which events need action and which have already been acknowledged by another member of your team. This page has the search box and time filter options as well.

If desired, you can change the page to display more than 25 events at a time by scrolling to the bottom of the page and selecting the drop down Show menu item. To the left of the Show menu item is a button which allows for this page to be exported to CSV granting you and your team the ability to share a detailed report of the events across your devices.

Each Date, Node, and Event are clickable and open up a more detailed view of them.

Current Events View

In this view you can Acknowledge events that have recently occurred and may not have been looked at yet. It allows for quick event acknowledgement by the bulk acknowledge feature which is accomplished by clicking the boxes next to each event then clicking the blue Acknowledge button. You can also acknowledge all of the events on this page at one time by clicking the box in the top left of the table which selects all of the events.

As in the previous views you may show more than 10 events on the page as well as search for events and filter the time period shown. As in the other Views, each Date, Node, and Event are clickable links allowing you to drill deeper into them for more information.

Actions View

The actions view located at menu -> Views -> Actions displays the actions that have been taken for any given event. Event actions are the conditions an event must conform to and what actions to take in case of a match.

The event Date, Name, Node, Action, Details, and Comment section is displayed on the table. The items on the table can be customized to your liking by adding or taking away information displayed on the page. These changes can be made by navigating to /usr/local/omk/conf/table_schemas (on the servers' filesystem) and editing the opEvents_action-log.json file. We have a Wiki page written up on how to edit these values here: opEvents 2.4.x - Customizing Table Columns.

You can sort these events clicking each Table header and click their links as well for detailed information.

Similar to the Events view you can download it as a CSV and choose to display more events on the page from the Show drop down menu.

For example, the image below shows the default menu bar for the Actions view in opEvents.

After editing the opEvents_action-log.json file the extra column was added to the end of the row labelled "New Custom Column". This process can be replicated to display custom information in as many columns as you would like on this page.

More detail on which Actions can be managed can be found here: Event Actions and Escalation

Raw Logs View

The Raw Logs view displays the current raw event logs. This view is useful for viewing what the full event message says within the Entry column. Clicking the Event ID link will open up the Event Details page for the chosen event.

As with other views, you can export this information to CSV by clicking the Export to CSV button to the left of the Show drop down menu which of course allows for more events to be displayed on the page.

For a new type to be displayed in the Raw Logs View, a entry needs to be added to the "opevents_logs" section in opCommon.json, as well as in EventParserRules.json. You can find more information by reviewing opEvents input sources. 

The time filter in the top right of the page will also make viewing specific events quicker.

The items on the table can be customized to your liking by adding or taking away information displayed on this page. These changes can be made by navigating to /usr/local/omk/conf/table_schemas and editing the opEvents_raw-log.json file. We have a Wiki page written up that goes into more detail on how to edit these values here: opEvents 2.4.x - Customising Table Columns.

Clicking on the link in the Date column will open up the Raw Log Details page providing you with more details of the selected log. An example of this page is provided below:

More information on opEvents and its logging system view this page here: opEvents - Centralized Logging Solution

Archive Logs View

Archive Logs view lets you see the archived logs along with their type of log and an Entry description. The Filter on the top right of the page lets you choose how many days you want to look back for these logs depending on your log rotation setup. As with other views, this page can be Exported to CSV by clicking the Export to CSV by clicking the button to the left of the Show drop down menu which will allow for more events to be displayed on the page. Clicking the links within the Archive column will open up an Archive Logs Details page that displays the _id of the event along with the details from the Archive Logs view pertaining to that particular event. These items on the table can also be customized to your liking by adding or taking away information displayed on this page. These changes can be made by navigating to /usr/local/omk/conf/table_schemas and editing the opEvents_archive-log.json file. For more information on this process we have documentation that goes into more detail on how to edit these values here: opEvents 2.4.x - Customising Table Columns.

Nodes View

To view a list of all the Nodes in your environment and a summary of their properties (including their Group, Location, Customer, Business Services, and their Host), from the top menu bar, click Views > Nodes.

• The Nodes View allows you to quickly search for a specific node and view it's events using the search box above the Nodes table.
• You can generate a copy of this page in CSV format by clicking the Export to CSV icon below the table. 
• Specify the number of devices to display in the table, using the Show drop-down menu.
• Click on a node Name to open the device's Node Context page, where you can view more detailed information about the device.
• You can customize the information displayed on this page, including the columns of the table, by editing the opEvents_node-log.json file at /usr/local/omk/conf/table_schemas (on the server filesystem). For more information on how to edit these settings, see opEvents 2.4.x - Customising Table Columns.

Summary Reports View

For a summary report about all of the reports generated, from the top menu bar, choose Views > Nodes.

These reports can be downloaded in an XLSX file by clicking the download button in the XLSX column.

The Show drop down menu chooses how many summaries to show on this page. Similar to other pages mentioned above, these items on the table can also be customized to your liking by adding or taking away information displayed on this page. These changes can be made by navigating to /usr/local/omk/conf/table_schemas (on the servers' filesystem) and editing the opEvents_summary-reports.json. For more information on this process we have documentation that goes into more detail on how to edit these values here: opEvents 2.4.x - Customising Table Columns.

By clicking the "New Report" button you can create a custom report. Simply enter a Report Title and the Report Period to report on and click Generate Report.

To view a report click on a link in the Title column or Download the file. The Summary displays: Overview, Top 10 nodes by event count, Top 10 events by count, Event Priorities by count, Top 10 nodes and events by event count, Top 10 nodes by event weight, Top 10 nodes by incident duration, Top 10 nodes and incidents by duration, Incident Duration Summary, Events Summary for 1h Periods, and Incidents Summary for 1h Periods. To see what the full report looks like you can download an example report HERE.

Time Filter

The top right hand corner of the Event views has a Filter widget with three buttons:

1. Filter for Advanced Filters - Time Filters, Event Filter and Summarisation
2. Period for Quick Time Period Filters
3. Toggle for Toggle Auto Refresh