Forwarding rules

Prerequisites

Before configuring a forwarding rule, ensure that the monitoring system for which the forwarding rule you want to configure has been connected to Data Sources.

Scenarios

Manage forwarding rules. You can customize rules for incidents and alarms based on forwarding rules.

Procedure for Adding a Forwarding Rule

1. Log in to COC.
2. In the navigation pane on the left, choose Fault Management > Incident Forwarding Rules.
3. In the upper part of the list, click Create Incident Forwarding Rule.
   Figure 1 Creating an incident forwarding rule
   

   If the information in the two forwarding rules is similar, click Copy in the Operation column of the forwarding rule you want to copy to quickly create a forwarding rule.

4. Enter basic information such as the rule name and application name as prompted.
   Figure 2 Entering basic information
   

5. In the Trigger Criteria area, select the Trigger Type, select the Data Source for triggering the rule, configure the Triggering Conditions, and select the Incident Level.
   Figure 3 Entering a trigger criteria
   
   

   1. After an incident is generated based on such a rule, if the incident meets another rule before it is completed or closed, the incident will no longer be generated. This rule is enabled by default and can be disabled.

   2. If you receive no raw alarms within the window period, the system considers the alarms generated in the previous window period as historical alarms (that is, the current alarm status is set to Handled by default).

   Figure 4 Converting alarms to incident tickets
   

   The key in the trigger conditions is described as follows:

   Parameter	Description	CES Alarm Field	AOM Alarm Field
   alarmId	Alarm ID	alarm_id	id
   alarmName	Alarm name	alarm_name	event_name in metadata
   alarmLevel	Specifies the alarm severity, which can be Critical, Major, Minor, or Suggestion.	AlarmLevel	event_severity
   time	Time when an alarm is generated	time	starts_at
   nameSpace	Service namespace	namespace	namespace
   region	Region	Region in template_variable	/
   application	Application name	/	/
   resourceName	Resource name	ResourceName in template_variable	resource_id in metadata
   resourceId	Resource ID	ResourceId in template_variable	/
   alarmDesc	Alarm description	AlarmDesc in template_variable	/
   URL	Original alarm URL	Link in template_variable	/
   alarmStatus	Alarm status. The value can be alarm or ok.	alarm_status	/
   alarmSource	Alarm source name. For example, if an alarm is reported from CES, the value of this field is CES.	/	/
   additional	Additional alarm information. The format is additional.xxx.	Except the preceding parameters, other parameters are contained in this parameter and are represented by additional.xxx. For more information about Cloud Eye fields, click here.	Except the preceding parameters, other parameters are contained in this parameter and are represented by additional.xxx. For more information about AOM fields, click here.

6. In the Contingency Plan area, select the scripts, jobs, and contingency plans associated with the forwarding rule. For details about how to add a script or job, see Automated O&M.

   Scripts, jobs, and automated contingency plans support automatic fault recovery. After you select a script, job, or an automated contingency plan, the Automatic Execution check box is displayed. After you select the check box, the parameters corresponding to the script or job are displayed.

   Figure 5 Specifying a contingency plan
   
   

   The parameter value, region ID, and target instance are in the format of ${}. You need to use this expression to parse the corresponding value. For details, see Example of Automatic Parameter Execution.

7. In the Assignment Details area, configure required parameters and click Submit.
   Figure 6 Filling the assignment rule
   

Example of Automatic Parameter Execution

The parameter value, region ID, and target instance are in the format of ${}. You need to use this expression to parse the corresponding value. The example of automatic parameter execution is listed as follows.

Example:

Alarm information:

{

"alarmId": "al1696664837170EWbvx24kW",

"alarmName": "alarm-4z39coctest1007",

......

"URL": "https://console.ulanqab.huawei.com/ces/?region=cn-north-7#/alarms/detail?alarmId=al16849986549022X5Vp4pxr",

"additional": {

"dimension": "instance_id:29d99a09-2d15-4ced-8723-6e94ae1c1472",

......

},

......

}

1. To obtain the value of alarmId in the current alarm information, use the following expression::

${currentAlarm.alarmId}

2. To obtain the UUID of instance_id from the additional.dimension string, use the following expression:

${string.substring(currentAlarm.additional.dimension, string.indexOf(currentAlarm.additional.dimension, 'instance_id:') + 12)}

Alternatively, use the following expression.

${string.substring(currentAlarm.additional.dimension, 12)}

3. To obtain the region ID of cn-north-7 from the URL string, use the following expression:

${string.substring(currentAlarm.URL, string.indexOf(currentAlarm.URL, 'region=') + 7, string.indexOf(currentAlarm.URL, '#/alarms'))}

In the expression, "currentAlarm." is a fixed prefix, which indicates that the data is obtained from the current alarm data.

Procedure for Editing, Enabling, Disabling, and Deleting a Forwarding Rule

1. Log in to COC.
2. In the navigation pane on the left, choose Fault Management > Incident Forwarding Rules.
3. To edit or delete a forwarding rule on the incident forwarding rule list page, locate a forwarding rule and click More and choose Edit or click More and choose Delete in the Operation. To enable or disable a forwarding rule, locate a desired forwarding rule and click Enable or disable in the Operation column. After a forwarding rule is disabled, no incidents or alarms will be triggered.