7.2.4 Auto execution of response action

Organization of this subsection

(1) Auto Response Action definition Object

(1) Auto Response Action definition Object

Description

An json object representing information about automated Response action definition. The size of this object is limited to less than 10MB.

Format

{
  "meta":{
    "version":"Version information"
  },
  "actions":[
    {"actionGroup":"Action grouping",
     "actionId":"Action ID",
     "label":"Action name",
     "description":"Comment",
     "valid":"Enable /Disable",
     "conditions":[
       {"type":"type",
        "key":"Attribute name",
        "ope":"Operators",
        "val":["Attribute value",...]
       },
       ...
     ],
     "action":{
       "type":"Action type",
       "params":"Action Description"
     }
    },
  ...
  ]
}

When specifying a character string in the items in the above definition, if " or \ is included as a normal character, it is preceded by \, and it is set to \", \\.

Definitions

Members

Members are listed in the following table.

Table 7‒25: Members of Auto Response Action Definition Objects
No.	Member			Data type	Needing to specify	Description
1	`meta`			`object`	Required	Objects that Setup Common data for the entire auto response Action
`2`		`version`		`string`	Required	Specify Version. Specify 1 as the fixed Value.
`3`	`actions`			`object[]`	Optional	Array of auto Response Action Setup that Setup the conditions that trigger Response Action to Execute and Execute content of Response Action The number of items that can be specified is 0 to 1000 (the default Value).
`4`		`actionGroup`		`int`	Required	specifies the number of the Response Action grouping as an integer from 0 to 9. The size of the number in Response Action group is independent of the precedence of Execute conditional determination and Response Action's Execute condition. You can specify one execution of Response Action per group, allowing you to execute up to 10 Response Action at the same time for a single system status change.
`5`		`actionId`		`int`	Required	Specifies Action ID to be uniquely allocated for each automated ResponseAction Setup. Value can be an integer from 0 to 2,147,483,647.
`6`		`label`		`string`	Required	Specifies Action name to identify the auto Response Action Setup as a character string from 1 to 50 bytes. You can specify any character other than the control character (0x00 to 0x1F,0x7F to 0x9F).
`7`		`description`		`string`	Optional	Specify Comment (explanation of Response Action to Execute) for the auto Response Action Setup as a character string from 1 to 1040 bytes. You can specify any character other than the control character (0x00 to 0x1F,0x7F to 0x9F). This field has no effect on auto execution of response Action.
`8`		`valid`		`boolean`	Optional	Specifies whether to Enable the applicable auto Response Action Setup. True: Enable False: Disabled By default, "true" is used.
`9`		`conditions`		`object[]`	Required	Specifies the criteria that triggers execution of Response Action. The number of conditions that can be specified is 1 to 256. If more than one execution condition is specified, it is determined that execution condition is Match when all event conditions are met (AND condition).
`10`			`type`	`string`	Required	Specifies type of execution criteria. Specify "event" as the fixed Value.
`11`			`key`	`string`	Required	Specifies Attribute name of execution criteria. The following Attribute name can be specified: B.ID (Event ID) B.REASON (Registered reason) B.PROCESSID (Source user ID) B.USERID (Source user ID) B.GROUPID (Source group ID) B.TIME (Registered time) B.ARRIVEDTIME (Arrived time) B.USERNAME (Source user name) B.GROUPNAME (Source group name) B.SOURCEIPADDR (Source IP address) B.SOURCESERVER (Source event server name) B.MESSAGE (Message) E. START_TIME (Start time) E.END_TIME (End time) E.PRODUCT_NAME (Product name) E.OBJECT_TYPE (Object type) E.OBJECT_NAME (Object name) E.ROOT_OBJECT_TYPE (Root object type) E.ROOT_OBJECT_NAME (Root object name) E.OBJECT_ID (Object ID) E.OCCURRENCE (Occurrence) E.USER_NAME (User name) E. RESULT_CODE (Result code) E.SEVERITY (Event level) E.* (Unique extended attributes) E.@JP1IM_DISPLAY_MESSAGE (Display Message)
`12`			`ope`	`string`	Required	Specifies the criteria for comparing Attribute name specified in key. The comparison condition can be one of the following: BEGIN (starts with) IN (Match to) NOTIN (not Match with) SUBSTR (including) NOTSUBSTR (not including) REGEX (regular expressions) For details about the comparison conditions that can be specified for each Attribute name, see the table ■Combination of Setup Value that can be specified in execution criteria below.
`13`			`val`	`string[]`	Required	Specifies the compare Value (string) of Attribute name specified in key. It is case sensitive. If you do not specify regular expressions for the compare Value, you can specify more than one (up to 100). If more than one condition is specified, it is determined as execution condition has matched when Match has occurred in one of the conditions (OR condition). The comparison Value can be a string that meets the following criteria: Up to 4096 bytes per compare Value, up to a total of 4096 bytes (total bytes of compare Value described in Execute condition) per execution condition Compare Value of Attribute name specified in key For details about the comparison conditions that can be specified for each Attribute name, see the table ■Combination of Setup Value that can be specified in execution criteria below.
`14`		`action`		`object`	Required	Objects that Setup the content of execution when it is Match in execution criteria
`15`			`type`	`string`	Required	Specifies type of Action to Execute. Cmd : Specifies that OS command is to Execute. Restapi: Specifies that REST API is to Execute.
`16`			`params`	object	Required	Specifies the content of Action to Execute. This field can be an Value that contains event-takeover credentials. When type of Action is "cmd" For the members that can be specified, see the table ■Members that can be specified when type is cmd below. When type of Action is "restapi" For the members that can be specified, see the table ■Members that can be specified when type is restapi below.

■Combination of Setup Value that can be specified in execution criteria

Key(Attribute name)	Type"	Ope (Compare)	Val (Compare Value)
B.ID (Event ID)	Numeric	IN (Match to) NOTIN (not Match with)	You specify Event ID. Case is not distinguished. The range is 0 to 7FFFFFFFF. When Event ID basic part or Event ID extension part is a Value of less than 8 digits, the leading part is padded with 0s and the character string is going to be 8 digits.
B.REASON (Registered reason)	Numeric		Specifies registered reason. The range is -2,147,483,648 to 2,147,483,648.
B.PROCESSID (Source process ID)	Numeric		Specifies the process ID of the issuing application. The range is -2,147,483,648 to 2,147,483,648.
B.USERID (Source user ID)	Numeric		Specifies the numerical ID of the issuing process. The range is- 2,147,483,648 to 2,147,483,648.
B.GROUPID (Source group ID)	Numeric		Specifies the group ID (number) of the issuing process. The range is -2,147,483,648 to 2,147,483,648.
B.TIME (Registered time)	Time	REGEX (regular expressions)	Specifies the time that JP1 event was registered to event database of the issuing host. You specify in regular expressions in the form of `YYYYMMDDhhmmss`.
B.ARRIVEDTIME (Arrived time)	Time	REGEX (regular expressions)	Specifies the time JP1 event arrived at the issuing host's event database. You specify in regular expressions in the form of `YYYYMMDDhhmmss`.
B.USERNAME (Source user name)	String	BEGIN (starts with) IN (Match to) NOTIN (not Match with) REGEX (regular expressions)	Specifies User name of the issuing process.
B.GROUPNAME (Source group ID)	String		Specifies the group name of the issuing process.
B.SOURCEIPADDR (Source IP address)	String		Specifies IP address corresponding to the issuing event Server. For details about IP address specification format, see ■Value that can be specified in execution crieteria of Action below.
B.SOURCESERVER (Source event server name)	String		Specifies Host name (event Server) of the host where JP1 event occurred.
B.MESSAGE (Message)	String		Specifies Message of the event base attribute.
E.START_TIME (Start time)	String	REGEX (regular expressions)	Specifies the time of start or restart of execution. Specify in the regular expression specification of total seconds.
E.END_TIME (End time)	String	REGEX (regular expressions)	Specifies the time when execution ends. Specify in the regular expression specification of total seconds.
E.PRODUCT_NAME (Product name)	String	BEGIN (starts with) IN (Match to) NOTIN (not Match with) SUBSTR (including) NOTSUBSTR (not including) REGEX (regular expressions)	Specifies the name of the programs that issued JP1 event.
E.OBJECT_TYPE (Object type)	String		Specifies the type of JP1 event object.
E.OBJECT_NAME (Object name)	String		Specifies object name of JP1 event.
E.ROOT_OBJECT_TYPE (Root object type)	String		Specifies Root object type of JP1 event.
E.ROOT_OBJECT_NAME (Root object name)	String		Specifies Root object name of JP1 event.
E.OBJECT_ID (Object ID)	String		Specifies Object ID of JP1 event.
E.OCCURRENCE (Occurrence)	String		Specifies Occurrence of JP1 event.
E.USER_NAME (User name)	String		Specifies username that issued JP1 event.
E.RESULT_CODE (Result code)	String		Specifies an exit code.
E.SEVERITY (Event level)	String	IN (Match to) REGEX (regular expressions)	Specifies Event level of JP1 event. When you set IN (match to) in Ope, specify in one of "Emergency", "Alert", "Critical", "Error", "Warning", "Notice", "Information", or "Debug".
E.* (Unique extended attributes)	String	BEGIN (starts with) IN (Match to) NOTIN (not Match with) SUBSTR (including) NOTSUBSTR (not including) REGEX (regular expressions)	Specify Value of Attribute name specified in the E.* format in key.
E.@JP1IM_DISPLAY_MESSAGE (Display message)	String		Specifies Message of IM attribute in JP1 event.

■Value that can be specified in execution criteria of Action

For Source IP address event conditions, in addition to IPv4 address conditions, you can specify IPv6 address conditions in IPv6 address notation (alphabetic characters in IPv6 notation must be specified in lowercase).

The following table lists IP address conditions that can be specified for Source IP address event conditions:

Source IP address		Example of specification	Can be specified?
IPv4 addressing		`11.22.33.44`	Yes
IPv6 addressing		`0011:2233:4455:6677:8899:aabb:cccdd:eeff`	Yes
		`0011:2233:4455:6677:8899:AABB:CCDD:EEFF`	No
		`2012:7:8::a:b`	No
Special IPv6 address	IPv4 projection addressing	`::ffff:11.22.33.44`	No
Special IPv6 address	IPv6 projection addressing	`::11.22.33.44`	No

■Members that can be specified when type is cmd

Member name	Data Type	Can be specified?	Description
`host`	string	Required	Specify execution destination Host name of the command. The range is 1 to 255.
`cmd`	string	Required	Specify Command and arguments between 1 and 4096 bytes. If the command name contains spaces, enclose it in double quotation marks (").
`envFile`	string	Optional	Specifies the absolute path of Environment variable file of execution destination, from 1 to 255. For details about Environment variable file, see Environment variable file (any file name) in Chapter 2. Definition Files.

Member name

Data Type

Can be specified?

Description

host

string

Required

Specify execution destination Host name of the command. The range is 1 to 255.

cmd

string

Required

Specify Command and arguments between 1 and 4096 bytes.

If the command name contains spaces, enclose it in double quotation marks (").

envFile

string

Optional

Specifies the absolute path of Environment variable file of execution destination, from 1 to 255.

For details about Environment variable file, see Environment variable file (any file name) in Chapter 2. Definition Files.

■Members that can be specified when type is restapi

Member name	Data Type	Can be specified?	Description
`method`	string	Required	Specifies the method of REST API.
`url`	string	Required	Specifies URL of REST API. When the URL including host name is specified, register the host name to the integrated manager's `hosts` file and DNS so as to enable name resolution on the integrated manager host. Configuration in the `jp1hosts` file and the `jp1hosts2` file are not referred.
`headers`	object	Required	Specify the request header for REST API in the following format: `{` `"Element-name-1": "Value of the element 1",` `"Element name 2"; "Value of the element 2"` `}`
`body`	string	Optional	Specifies the request body of REST API in any string-format.

Output example

{
  "meta":{
    "version":"1"
  },
  "actions":[
    {"actionGroup":0,
     "actionId":"0",
     "label":"Event error for collecting data",
     "description":"To execute collecting data when an error is detected by a particular Event ID",
     "valid":true,
     "conditions":[
       {"type":"event",
        "key":"B.ID",
        "ope":"IN",
        "val":["00004860","00004861"]
       },
       {"type":"event",
        "key":"E.SEVERITY",
        "ope":"IN",
        "val":["Error","Emergency"]
       }
     ],
     "action":{
       "type":"cmd",
       "params":{
         "host":"${event:EVHOST:}",
         "cmd":"\"C:\\Program Files (x86)\\Hitachi\\JP1IMM\\tools\\jim_log\" -f C:\\temp -q",
         "envFile":"C:\\tmp\\envFile.txt"
       }
     }
    }
  ]
}

To Page Top