Forum Discussion

mlavhey's avatar
mlavhey
5 years ago

External Python Script/App to mass check specific alert states - Question on LM Alert functionality

 

Hello!

I've been toying around with the idea of coding up a basic app in the Windows 10 environment that has the following purpose/ functionality:

The Goal:

    - Produce a simple program that lists all assigned tickets by ticket number in a Descending column.  While having a LED icon of sorts next to each ticket number... RED/ GREEN to distinguish if that ticket has any active alerts.

In Progress / Coding Flow:

    - Parse currently assigned tickets that are tracking alerts for various devices. (Ticket system being used is AutoTask)

    - Throw the parsed ticket results into a list/ dictionary.

    - Scan through the list of ticket references and validate if all the alerts associated to each ticket are active or clear. (Would like to keep it as a simple boolean logic approach of True/False). That would decide whether the LED icon above would be green or red.

    - Possibly add a single button that updates the list to see the current state per ticket.  / Or have it in a delayed loop until the app is closed for updates.

My Question / Problem:

     - My understanding of Logic Monitor when searching for items under the "Alerts" tab and using a specific search string value .. say like, the ticket # that the alert was tagged to is going to show all alerts associated to that value that was search.

    - Knowing that each alert will have it's own conditions for clearing (example: value exceeds defined value .. so throw the alert) -- Is there any specific LogicMonitor Documentation that may help in checking multiple "LMDXXXXX' numbers and whether its active/clear?

 

Thanks in advance for any thoughts!

Project Progress:

https://github.com/LavheyM/pyStateOfAlert

 

 

 

 

 

3 Replies

Sort By
  • Anonymous's avatar
    Anonymous
    5 years ago

    I'm sure I exactly follow your logic. My understanding is that when using the AutoTask integration, each alarm in LM would create a ticket in AT, meaning there would be a one-to-one ratio. Is your intent just to list all open tickets in AT and indicate whether or not the corresponding LM alarm is open/cleared?

    I'd start with the REST API. Look at the /santaba/rest/alert/alerts resource. This returns JSON that looks like this. The "items" object is a list of alarms. You could cycle through that looking only at the alarms where "cleared" is equal to "true". There should be an ##EXTERNAL_TICKET_ID##, but it's not showing in the documentation and I need to fix my Postman so i can do a pull against a system that actually has that field. 

    {
  "items": [
    {
      "SDT": {},
      "ackComment": "string",
      "acked": true,
      "ackedBy": "string",
      "ackedEpoch": 0,
      "alertValue": "string",
      "chain": "string",
      "chainId": 0,
      "clearValue": "string",
      "cleared": true,
      "customColumns": {},
      "dataPointId": 0,
      "dataPointName": "string",
      "detailMessage": {},
      "endEpoch": 0,
      "id": "string",
      "instanceDescription": "string",
      "instanceId": 0,
      "instanceName": "string",
      "internalId": "string",
      "monitorObjectGroups": {},
      "monitorObjectId": 0,
      "monitorObjectName": "string",
      "monitorObjectType": "string",
      "nextRecipient": 0,
      "receivedList": "string",
      "resourceId": 0,
      "resourceTemplateId": 0,
      "resourceTemplateName": "string",
      "resourceTemplateType": "string",
      "rule": "string",
      "ruleId": 0,
      "sdted": true,
      "severity": 0,
      "startEpoch": 0,
      "subChainId": 0,
      "threshold": "string",
      "type": "string"
    }
  ],
  "searchId": "string",
  "total": 0
}

     

  • mlavhey's avatar
    mlavhey
    5 years ago

    Hey Stuart,

    Thank you for the input on this, it's much appreciated!

    Acknowledging an alert in LM does associate the alert with the AutoTask ticket creating that 1 to 1 ratio. My team generally further acknowledges additional alerts to that same ticket, so you will have possibly one ticket with a multitude of alerts associated with it.
    These additional alerts acknowledged are related - For example ... T20200213.XXXX ... has Host Status, PingLoss alerts associated to the ticket for 3 or 4 different WiFi Access Points.

    Excuse my attempt at a bad ascii picture of the planned app itself:

    x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x
    x  -tickets in your inbox-   / associated alerts cleared?   x
    x T2020XXXX.XXXX                         cleared                    x
    x T2020XXXX.XXXX                         active                      x
    x T2020XXXX.XXXX                         cleared                    x
    x T2020XXXX.XXXX                         cleared                    x
    x T2020XXXX.XXXX                         cleared                    x
    x T2020XXXX.XXXX                         active                      x
    x                           <update button here>                       x
    x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x

    So the contents of the window would be your list of tickets assigned to your username above, with the state of the associated alerts on the right to each ticket. Say one active alert is enough to keep it flagged as `active`

    Hopefully this functionality doesn't already exist somewhere in LM's frontend GUI!  :)/emoticons/smile@2x.png 2x" title=":)" width="20">

  • Anonymous's avatar
    Anonymous
    5 years ago

    I don't think this kind of functionality is built in today, so it's good to pursue something.

    So, multiple alerts in LM will be associated with a single ticket in AutoTask. How is that relationship stored? Does the AutoTask ticket contain the LM alarm IDs?  Each alarm should have an ##EXTERNALTICKETID## pointing to the AT ticket, but they'd each point to a different one. Do you open a parent ticket in AT and associate the ones LM opens with that parent ticket? And the status of the parent ticket would be dependent on the child tickets?  I guess I'm missing how they are associated together because your ASCII pic has what appears to be 6 identical AT ticket numbers.