Creating an External Script Automatic Reaction

To add an External Script:

1. Create the script.
2. Put the script on the SmartEvent Server:
   1. In $RTDIR/bin, create the folder ext_commands. Run:
      mkdir $RTDIR/bin/ext_commands
   2. Put the script in $RTDIR/bin/ext_commands/ or in a folder under that location. The path and script name must not contain any spaces.
   3. Give the script executable permissions. Run:
      chmod +x <script_filename>
3. In the SmartEvent GUI client Policy tab, in Automatic Reactions, Select Add > External Script.
4. In the Add Automatic Reaction window:
   1. Give the automatic reaction object a significant Name.
   2. In Command line, enter the name of the script to run. Specify the name of the script that is in $RTDIR/bin/ext_commands/ directory. Use the relative path if needed. Do not specify the full path of $RTDIR/bin/ext_commands/.
   3. Select Save.

Guidelines for creating the script

• Run the script manually and make sure it works as expected
• Make sure the script runs for no longer than 10 minutes, otherwise it will be terminated by the SmartEvent Server.
• Use the event fields in the script:

  To refer to the event in the script, define this environment variable:

  EVENT=$(cat)

  and use $EVENT

  Use line editor commands like awk or sed to parse the event and refer to specific fields. You can print the $EVENT one time to see its format.

  The format of the event content is a name-value set – a structured set of fields that have the form:

  (name: value ;* );

  where name is a string and value is either free text until a semicolon, or a nested name-value set.

  This is a sample event:

If you need to add more fields to the event:

1. In the SmartEvent GUI client, in the Policy tab, right click the event, and select Properties > Event Format tab
2. In the Display column, select the Event fields to have in the Event.
3. Install the Event Policy on the SmartEvent Correlation Unit.