Dynamically assign fields from alerts to its associated task

Use the EvtMgmtCustomIncidentPopulator script to dynamically assign fields from an alert or the CMDB to the task template.

Before you begin

Role required: evt_mgmt_admin

About this task

Use of the task template limits you to using the available hard-coded values for the task fields. To provide the flexibility of the input of dynamic information into tasks, add a custom script to the EvtMgmtCustomIncidentPopulator placeholder. This enables you to assign fields from the alert information to fields that you specify in the task. For example, use the custom script to query any table and to assign the value of the alert Severity field to the Short description field in the task. Other examples would be to set the Assignment Group to the Windows group, in cases where the description contains the word Windows, or set the assignment group to the Database Group, in cases where the Resource contains the word Database.

The custom script that you add can run together with a task template being used on the incident by an alert rule. In such a case, the script runs after the template is activated. The task template populates the incident with the required static values and the script include inserts the dynamic values.

Procedure

  1. Navigate to Event Management > Settings > Advanced scripts.
  2. Edit the EvtMgmtCustomIncidentPopulator script to assign fields from the alert to the task that is opened by default to an incident.
  3. Click Update.

Result

The custom script runs against each alert when an incident is created.

Example

Assume that the current resource type must appear in the Short description field of the alert. Enter this script in the EvtMgmtCustomIncidentPopulator placeholder:
task.short_description += ' resource: ' + alert.resource;
return true;