Increasingly often, monitoring tools are the recipients of the notifications that are sent when problems arise, in order to guarantee the resolution of those problems quickly.
In some circumstances, we need to extend the default type of communication that has historically been used: email. In this blog post I will describe how we integrated NetEye and an ITSM Tool using just such an augmented communication method.
In our use case, communication with the customer’s ITSM tool takes place via a SOAP call. For this purpose we were provided with a WSDL template which we used to communicate with the ITSM tool.
We selected the zeep library (for more information: https://docs.python-zeep.org/en/master/) which uses the python programming language.
Our resulting script accepts as input a series of parameters needed by the WSDL in order to manage the interaction between the communication request and the ticketing platform:
<xsd:element maxOccurs="1" minOccurs="1" name="Action" nillable="false" type="xsd:string"/>
<xsd:element maxOccurs="1" minOccurs="0" name="Summary" nillable="false" type="xsd:string"/>
<xsd:element maxOccurs="1" minOccurs="0" name="DetailedDescription" nillable="false" type="xsd:string"/>
<xsd:element maxOccurs="1" minOccurs="0" name="NetEye_Service" nillable="false" type="xsd:string"/>
<xsd:element maxOccurs="1" minOccurs="0" name="Impact" nillable="true" type="s0:ImpactType"/>
<xsd:element maxOccurs="1" minOccurs="0" name="Urgency" nillable="true" type="s0:UrgencyType"/>
<xsd:element maxOccurs="1" minOccurs="0" name="Assigned_Team" nillable="false" type="xsd:string"/>
<xsd:element maxOccurs="1" minOccurs="0" name="Assigned_User" nillable="false" type="xsd:string"/>
<xsd:element maxOccurs="1" minOccurs="0" name="IncidentNumber" nillable="false" type="xsd:string"/>
<xsd:element maxOccurs="1" minOccurs="0" name="StatusReason" nillable="true" type="s0:StatusReasonType"/>
<xsd:element maxOccurs="1" minOccurs="0" name="Resolution" nillable="false" type="xsd:string"/>
These parameters will be “arguments” which will be passed through a Notification Plugin Command in NetEye, which will then be assigned to the monitoring objects for which we would like to automatically open a ticket.
The first important argument is the Action, which can have one of these two possible values:
In this case you will initially be asked to open a ticket, and we will then receive the Incident number as a response:
def PROBLEM(self):
parser = argparse.ArgumentParser(
prog="{name} {action} {user} {password}".format(name=self.name, **vars(self.args)),
description="""Action for opening tickets"""
)
parser = self._json_to_args(arguments_PROBLEM, parser)
args = vars(parser.parse_args(sys.argv[4:]))
args.update({"Action":"PROBLEM"})
self.client.PROBLEM(args)
After that we can then set an awareness hook on the monitoring object by inserting the Incident number returned by the ITSM platform into the comment field:
# Make the call
result = self.client.service.Incident_Submit_Service(_soapheaders=self.header_value, **args)
print(result)
IncidentNumber = result['IncidentNumber']
print(IncidentNumber)
# Setup the request (comment or acknowledge)
request_url = "https://neteye.local:5665/v1/actions/acknowledge-problem"
headers = {
'Accept': 'application/json',
}
data = {
"type": "Host",
"filter": "host.name==\"%s\" && match(\"%s\", host.name)"%(HOSTR,HOSTR),
"author": "NetEye ITSM Integration",
"comment": "Ticket %s automatically open"%IncidentNumber
}
In the second case, the ticket closing function of the script will be invoked:
def RECOVERY(self):
parser = argparse.ArgumentParser(
prog="{name} {action} {user} {password}".format(name=self.name, **vars(self.args)),
description="""Action for recovering tickets"""
)
parser = self._json_to_args(arguments_RECOVERY, parser)
args = vars(parser.parse_args(sys.argv[4:]))
args.update({"Action":"RECOVERY"})
self.client.RECOVERY(args)
Thanks to this integration we are now able to communicate NetEye events in a structured way to third-party tools. In the example above we used a SOAP call, but we have also integrated ticketing with monitoring using a REST API with the same basic approach.