DX NetOps

  • 1.  Alarm on email content

    Posted Aug 09, 2018 09:30 AM

    Hi All,

     

    We got a new requirement where a third party tool can send email to Spectrum. There is no rest API/SNMP trap forwarding mechanism available within the tool.

     

    I am thinking of updating the set script which will read the mail content --> Assign the content to custom trap/OIDs and send the trap to Spectrum using trap forwarding utility we have on the server.

     

    Is it doable? or How best we can make spectrum to read the sent mail and generate the alarm?

     

    Look forward for guidance on this.

     

    Thank you.

    Rajashekar



  • 2.  Re: Alarm on email content

    Posted Aug 09, 2018 09:31 AM

    Matthew_Gay any suggestions?



  • 3.  Re: Alarm on email content
    Best Answer

    Broadcom Employee
    Posted Aug 09, 2018 09:48 AM

    Hi Rajashekar

     

    Spectrum does not have the ability to accept incoming emails and process those as events. Possibly if there is some 3rd party tool which can convert the emails or if you script something to convert the email into REST / CORBA CLI or SNMP then you may be able to have Spectrum generate events off the emails.

     

    Here is a Communities discussion with some ideas on the topic:

     

    https://communities.ca.com/thread/101982639

     

    HTH

    Jay V



  • 4.  Re: Alarm on email content

    Posted Aug 09, 2018 01:44 PM

    Thank you Jay. I will take a look at this.



  • 5.  Re: Alarm on email content

    Broadcom Employee
    Posted Aug 09, 2018 02:54 PM

    Also take a look at the following thread where I posted some content on this:  Converting emails into alarms-Spectrum  



  • 6.  Re: Alarm on email content

    Posted Aug 30, 2018 07:53 AM

    Thank you All for your inputs. I am able to read and convert the mail content to alarm using PowerShell script.

    Piece of code taken from Office Get Outlook Inbox email to have the script read the mail.

     

    The script reads the inbox items and then process the required mails (to be converted to trap) based on the given criteria (here, I am matching the subject).

     

    Pre-Requisites to get this script work:

    PowerShell and Outlook Client need to be installed on a windows server. Outlook need to be configured with the mail box of the mail ID to which you get the mail (Example: add the mail box for abcd@xyz.com if you get the mails to this mail ID)

    Also, set Outlook to allow the script to read the inbox. For this, open Outlook --> File --> Options --> Trust Center --> Trust Center Settings --> Programmatic Access --> Select the radio button for "Never warn me about suspicious activity (not recommended).

    Otherwise, the script will wait for the outlook program to allow it.

     

    Script Starts here

    *************************

    # Connect to OUTLOOK Client

    Add-type -assembly "Microsoft.Office.Interop.Outlook" | out-null
    $olFolders = "Microsoft.Office.Interop.Outlook.olDefaultFolders" -as [type]
    $outlook = new-object -comobject outlook.application
    $namespace = $outlook.GetNameSpace("MAPI")

     

    # Read the InBox

    $folder = $namespace.getDefaultFolder($olFolders::olFolderInBox)

     

    # Set the Target Folder to move the read Mails - Create a sub-folder with any name under Inbox - Replace <Processed> with that folder name 

    $target=$folder.Folders['Processed']

     

    # Processing Begins here based on the matching subject

    $Test=$folder.Items | ?{$_.subject -match "Requestor Lock Exception" }

     

    # Loop through the all matched mails and process

    foreach ($mail in $Test){
    $mail | sort receivedtime -desc |
    %{
             # Checks if the mail is in unread mode and processes it further to generate the trap

             if($_.Unread -eq $true)
             {
                   # Select only the Body content, process it to remove unwanted text & writes the content to a file

                   $Content=$mail | Select-Object Body
                   $Content=$Content -replace ' '.''
                   $Content > D:\test.txt

                   # Read the text file content and assign it to respective variables

                   Get-Content D:\test.txt | Select-String 'MsgID' -Context 0,2 | ForEach-Object {
                   $msgID = $_.Context.PostContext
                   }

     

                   Get-Content D:\test.txt | Select-String 'Critical Alert Count' -Context 0,2 | ForEach-Object {
                   $alertCount = $_.Context.PostContext
                   }

                   Get-Content D:\test.txt | Select-String 'Initial Action' -Context 0,2 | ForEach-Object {
                   $inAction = $_.Context.PostContext
                   $inAction=$inAction -replace '<mailto(.*?)>',''
                   }

                   Get-Content D:\test.txt | Select-String 'Last Action' -Context 0,2 | ForEach-Object {
                   $lastAction = $_.Context.PostContext
                   }

                   Get-Content D:\test.txt | Select-String 'Last Alert Occurred at' -Context 0,2 | ForEach-Object {
                   $lastOccur = $_.Context.PostContext
                   }

                   Get-Content D:\test.txt | Select-String 'Operator was' -Context 0,2 | ForEach-Object {
                   $Operator = $_.Context.PostContext
                   }

                   Get-Content D:\test.txt | Select-String 'Occurred on Node' -Context 0,2 | ForEach-Object {
                   $Node = $_.Context.PostContext
                   }

                  Get-Content D:\test.txt | Select-String 'KPI Value' -Context 0,2 | ForEach-Object {
                  $KPIValue = $_.Context.PostContext
                  }

                 Get-Content D:\test.txt | Select-String 'KPI Threshold' -Context 0,2 | ForEach-Object {
                 $KPIThreshold = $_.Context.PostContext
                 }

                Get-Content D:\test.txt | Select-String 'Problem Correlation' -Context 0,2 | ForEach-Object {
                $probCorrel = $_.Context.PostContext
                }

                Get-Content D:\test.txt | Select-String 'Line' -Context 0,2 | ForEach-Object {
                $lineDesc = $_.Context.PostContext
                }

                $Details=Get-Content D:\test.txt | Select-String 'For more details' -Context 0,1
                $Details=$Details -replace '> For more details about this Alert please see(.*?)<',''
                $Details=$Details -replace 'For more general information see PDC Portal (.*?)>',''
                $Details=$Details -replace '>(.*?.*)',''

                # Reading Variables Ended here

                # Sends the trap with the variables we parsed from mail - Use sendtrap (sysEDGE) or any 3rd party trap generators
                TrapGen.exe v2 -d 10.1.1.1 -c readOnly -o 1.3.6.1.4.1.546.9.6.1 -x -i 10.16.21.231 -v 1.3.6.1.4.1.546.9.6.0 S "$msgID" -v 1.3.6.1.4.1.546.9.6.1 I "$alertCount" -v 1.3.6.1.4.1.546.9.6.2 S "$inAction" -v 1.3.6.1.4.1.546.9.6.3 S "$lastAction" -v 1.3.6.1.4.1.546.9.6.4 S "$lastOccur" -v 1.3.6.1.4.1.546.9.6.5 S "$Operator" -v 1.3.6.1.4.1.546.9.6.6 S "$Node" -v 1.3.6.1.4.1.546.9.6.7 S "$KPIValue" -v 1.3.6.1.4.1.546.9.6.8 S "$KPIThreshold" -v 1.3.6.1.4.1.546.9.6.9 S "$probCorrel" -v 1.3.6.1.4.1.546.9.6.10 S "$lineDesc" -v 1.3.6.1.4.1.546.9.6.11 S "$Details"

                # Mark the mail as read after processing and generating the trap
                $_.Unread=$false

             

                # Move the mail from InBox to target folder
                $_.Move($target)
             }
       }
    }

     

     

    Please adjust the script as per your requirement.

    Hope this helps.

     

    Cheers..

    Rajashekar



  • 7.  Re: Alarm on email content

    Posted Aug 30, 2018 11:22 AM

    Good one will test and let you know how it goes .



  • 8.  Re: Alarm on email content

    Posted Aug 30, 2018 01:20 PM

    If you use sysEDGE to send the traps.... replace the installation path of the SysEDGE based on your installation path.


    C:\Program Files\CA\SystemEDGE\bin\sendtrap -v 1 -h 10.11.190.115 -c admin 1.3.6.1.4.1.546.9.6 6 1 1.3.6.1.4.1.546.9.6.0 -s "$msgID" 1.3.6.1.4.1.546.9.6.1 -i "$alertCount" 1.3.6.1.4.1.546.9.6.2 -s "$inAction" 1.3.6.1.4.1.546.9.6.3 -s "$lastAction" 1.3.6.1.4.1.546.9.6.4 -s "$lastOccur" 1.3.6.1.4.1.546.9.6.5 -s "$Operator" 1.3.6.1.4.1.546.9.6.6 -s "$Node" 1.3.6.1.4.1.546.9.6.7 -s "$KPIValue" 1.3.6.1.4.1.546.9.6.8 -s "$KPIThreshold" 1.3.6.1.4.1.546.9.6.9 -s "$probCorrel" 1.3.6.1.4.1.546.9.6.10 -s "$lineDesc" 1.3.6.1.4.1.546.9.6.11 -s "$Details"