Integrating an IT Ops Event Correlation Manager with Third-Party Apps and Tools
Event, Alert, Entity and Maintenance Management with the ECM REST API
You can use the ECM REST API to harness all of the power of ECM within your own IT Ops management app. You can use the ECM REST API to manage and manipulate events, alerts, entities, and entity maintenance. Event and Alert functionality includes getting alerts, filters and breached SLAs; getting a list of events that have occurred between a specified time interval; changing alert priority, alert severity and alert ownership; unassigning, acknowledging, annotating, invoke an action on, and closing alerts; and creating incidents for specified alerts. Entity maintenance functionality includes getting, setting, and removing maintenance windows. Entity management features include creating, reading, updating and deleting entities in a multitude of ways and focuses. See the IT Operations REST API post at http://www.rightitnow.com/operations-management/it-operations-rest-api/ for complete details.
Publishing ECM RSS Feeds to Third-Party Applications
The paged alert filters that you create and save from the Alerts Console are available as RSS feeds. Access the feed by clicking the RSS icon in the alerts console filter pane. RightITnow ECM returns feeds in RSS 2.0 format. You can control the look of the RSS Feeds by configuring the RSS feed template. The feed’s channel elements are derived from the filter’s specifications and each item in the feed represents an alert.
Publishing Alerts to Third-Party Applications
The ECM Alert Publisher connector allows you to export alerts to an external JMS queue or topic, so that these alerts can be processed by your external system. You need to setup the queue or topic, and ECM will publish alerts to it. You can configure publishing to occur automatically whenever an alert is created or any of its fields updated. You can also define a filter so that only alerts that match the filter are published. Apart from auto-publishing of alerts, an ECM action can be used to manually trigger publishing of alerts from the alerts console or through correlation rules and the alert workflow. Alerts are published as a JSON formatted string and include all the alert fields that are available in the ECM user interface, as well as some additional fields used internally by ECM. Only one Alert Publisher connector can run at a time.
IT Ops Data Crunching via CSV
Aside from ECM’s more sophisticated integration points, including built-in and custom connectors, RSS feeds, and the ECM REST API; ECM can export audit log, entity, and alerts data to good old reliable CSV (Comma Separated Values) files that you can import into any of your analytics, reporting, spreadsheet, or other applications that import CSV files. This affords you direct access to the raw, pure data within ECM for analysis and manipulation in your favorite and most familiar applications.