Event Export

Table of contents

Open the Main Menu from the upper left-hand corner and choose the Notification Export option under the EventWatch section.

On the following page, you’ll see notification event export (3 tables). Click the pencil button on the right side of the first 2 tables if you’d like to edit the configuration.

In the upper right corner of the all the 3 tables, there are “+” buttons. Click them if you want to add new notification event export configuration/mechanism/lambdas.

(1) notification event export configuration:

Then, we can define a list of “match fields” on “eventSource”, “severity”, “category” and “subCategory”. An “Exclude” checkbox is available to “invert” the match result. Incoming event will be “selected” if all matches evaluated to be “true”. Press enter after typing in the “Match”.

(2) mechanism:

(3) lambdas:

In the third table (“Lambdas”), to create a new lambda script, click the “+” button.

Lambda scripts can be used to parse events that do not already have parsers configured. They can also be used to create flows using the data present in an event’s fields. They can be written in javascript or groovy.

At the top of the page, enter a name and description for the lambda script. After saving the script, the name cannot be changed.

Use the “Code” tab to write the script. The “Input” tab allows a sample input to be entered; it can be used for testing. The console logs will display any errors or print statements. The output will display the output data after parsing.

There’s also a “cat” button next to the “+” button which means “import from Github”.

Page last updated: 2023 Aug 14