Common Request Parameters

A set of Common Request Parameters are required for each of the Alert Service

operations. When using the CreateAlert or UpdateAlert operations, you must specify the ^alertRules parameter.

Common Request Parameters usage must follow several rules:

• You must specify a value for all Required Common Request Parameters.

• All Common Request parameters must be implemented in the order in which they appear in the Request Parameters section for each of the Alert Service operations.

• For Common Request Parameters, you must specify the value of the parameter only.

Note that LogLogic expects the values in the order defined in this document.

• All values for Common Request Parameters must be enclosed by double quotation marks (“^value”).

Table 4 Alert Service Common Request Parameters

Parameter Description Values Required Type

authToken Token string returned from the authentication service or the

“username/password”.

yes string

applianceIp The managed Appliance on which you perform the operation.

If the value is blank, it retrieves the Appliance IP address from the local Appliance.

This parameter is available only for Management Station Appliances using operations with Remote in the name.

IP address of a managed Appliance. To specify an IP address, use the standard IP address format. For example:

10.1.2.3

yes

(for xxxxRemote operations only)

string

alertType Type of alert, such as Network Policy Alert or System Alert.

For a list of alert types, see Alert Types on page 172.

yes string

name Name of the alert. Any text up to 64 characters in

length.

yes string

desc Description for the remote device. Any text up to 64 characters in length.

optional string

priorityName Priority level of the alert. Possible values:

low, medium, and, high

yes string

enabled Determines if the alert is enabled or

deviceNames List of devices. Valid entries contain one or more devices and/or device groups.

To see a list of all available devices and device groups, use the Devices tab in the LogLogic Appliance user interface. To access the Devices tab, click Alerts > Manage Alerts Rules, click the Add New button, select an alert type, and then click the Devices tab.

List of valid devices and/or groups. Use a forward slash (/) as a delimiter for multiple entries. For example:

10.1.1.1/10.1.1.7

If a device has a forward slash (/) in the name, such as HP/UX or IBM i5/OS, you must replace the forward slash with %2F. (The F is

case-sensitive.) For example:

HP%2FUX

yes string

usernames User names for the alerts. Specify a single user or a user group.

Use a forward slash (/) as a delimiter for multiple entries.

For example:

user1/usergroup7

yes string

trapIds Trap name or IP Address to send the SNMP messages when the alert is triggered.

Use a forward slash (/) as a delimiter for multiple entries.

For example:

trap1/trap2/trap3

yes string

resetTime Time to wait between alerts that are generated.

The Appliance does not issue an additional alert of the same type until the resetTime elapses.

Any positive integer.

The value is in seconds. For example, the value 120 represents two minutes.

yes number

trackIndividual

Device Enables or disables individual device tracking. Table 4 Alert Service Common Request Parameters

Parameter Description Values Required Type

Common Request Parameters

|

²⁹

alertRules Alert rule specific to the alert type. See Alert-Specific Request Parameters on page 31 for a list of specific alert rules for each alert type.

yes string

snmpOId Specifies an SNMP OID to identify the originator of this alert.

Any valid SNMP OID no string

changeNameTo New name of the alert.

If empty, the object name is unchanged.

Any text up to 64 characters in length.

filters List of expressions applied to narrow down affected alert logs.

Filters are used only in getAlertHistory and removeAlertHistory operations.

The priority and type filters work the same way as the drop-down boxes in alert viewer. For example,

/Priority/=/All_System/ returns all system alerts.

The New_Entry, Offset and Count filters are used only in getAlertHistory operation. When New_Entry is set to true. It will return only new logs since the last call to getAlertHistory with New_Entry turned on. If this is the first time, then all alert logs will be returned.

Count allows you to specify how many alert logs will be returned. The maximum count is 10,000.

Offset allows you to specify the start offset. It is zero-based. Because you cannot return all alert logs at once if the total amount exceeds the maximum value. You have to use offset to get remaining alert logs.

Values must use the format:

/filtername/=/Value/

The valid filter names are

"Type", "Priority", "Offset",

"Count" and "New_Entry".

"Type" supports

"Unacknowledged",

"Acknowledged" and "All".

"Priority" supports "High",

"Medium", "Low",

“All_System” and "All".

“Count” and “Offset” can not be negative.

"New_Entry" supports "True"

or "False".

If the filters are not present, the default is all types, all priorities, 0, 1000 and New_Entry set to false.

no Array of

string Table 4 Alert Service Common Request Parameters

Parameter Description Values Required Type

keyList A list consists of keys returned from getAlertHistory operation.

With getAlertHistory operation, you will retrieve a list of alert logs. The key value can be obtained from the key attribute of an alert log.

yes Array of

string Table 4 Alert Service Common Request Parameters

Parameter Description Values Required Type

在文檔中 TIBCO LogLogic® Log Management Intelligence (LMI) Web Services API Implementation Guide (頁 39-43)