ManageEngine Opmanager
ManageEngine OpManager is an end-to-end network management software for heterogeneous, multi-vendor enterprise IT networks.
Route detailed alerts from ManageEngine OpManager to the right users in Incident Response.
How to integrate OpManager with Incident Response
In Incident Response: Using ManageEngine OpManager as an Alert Source
-
Navigate to Services -> Service Overview -> select or search for your Service. Expand the accordion -> In the Alert Sources section, click Add.
-
Select ManageEngine OpManager. Copy the displayed Webhook URL to configure it within ManageEngine OpManager. Finish by clicking Add Alert Source -> Done.
When an alert source turns Active, it’ll show up under Configured Alert Sources, you can either generate a test alert from the integration or wait for a real-time alert to be generated by the Alert Source. An Alert Source is active if there is a recorded incident via that Alert Source for the Service.
In ManageEngine OpManager: Create a Incident Response webhook (Setup guide for ManageEngine OpManager running on a Linux machine)
-
In
/opmanager/binfolder, run the following command
sudo wget https://raw.githubusercontent.com/squadcastHub/squadcast-opmanager-script/master/sq-opmanager-script.py
-
Once the file is downloaded, kindly ensure that the file has executable permissions for your OpManager user. If not, you will have to provide the same using the following command
sudo chmod +x sq-opmanager-script.py
-
To add a Notification Profile, go to Settings tab > Notifications > Add Profile
-
Select Run Program.
-
(a) In Command Name, paste the following
./sq-opmanager-script.py
-
(b) In Program Arguments paste the following
"<COPIED_WEBHOOK_URL_FROM_SQUADCAST>" "$alarmid" "$message" "$displayName" "$category" "$stringseverity" "IP Address:$DeviceField(ipAddress)" "$strModTime" "$eventType" "Entity: $entity"
-
(c) Click on Next
-
Choose the appropriate criteria for which alerts should be generated and click on Next
-
Select the devices for which this particular Notification Profile should be applied and click on Next
-
Define additional custom settings for this profile as per your preferences and click on Next
-
Give the profile a name, click on Test Action to generate a test alert. Verify that a test incident was created in Incident Response for the same
-
Once you have verified this, click on Save to save this profile
In ManageEngine OpManager: Create a Incident Response webhook (Setup guide for ManageEngine OpManager running on a Windows machine)
-
Download the latest version of Python3 in your system. Make note of the absolute path of where your python.exe file is stored
This has been tested and documented for Python version 3.9
Pro Tip:
To get the absolute path of python.exe file run the command where python.exe in your Command Prompt
-
Open the URL given below in a browser and copy the contents of this file into a file locally on your system and name the file
sq-opmanager-script.pyMake note of the absolute path of wheresq-opmanager-script.pyis stored
https://raw.githubusercontent.com/squadcastHub/squadcast-opmanager-script/master/sq-opmanager-script.py
-
To add a Notification Profile, go to Settings tab > Notifications > Add Profile
-
Select Run Program.
-
(a) In Command Name, paste the absolute path to python.exe
-
(b) In Program Arguments, paste the absolute path to
sq-opmanager-script.py, followed by the copied webhook URL from Incident Response, followed by the parameters
<ABSOLUTE_PATH_TO_SCRIPT> <COPIED_WEBHOOK_URL_FROM_SQUADCAST> "$alarmid" "$message" "$displayName" "$category" "$stringseverity" "$DeviceField(ipAddress)" "$strModTime" "$eventType" "$entity"
-
(c) Click on Next
-
Choose the appropriate criteria for which alerts should be generated and click on Next
-
Select the devices for which this particular Notification Profile should be applied and click on Next
-
Define additional custom settings for this profile as per your preferences and click on Next
-
Give the profile a name, click on Test Action to generate a test alert. Verify that a test incident was created in Incident Response for the same
-
Once you have verified this, click on Save to save this profile
That is it, you are now good to go!
Whenever OpManager sends an alert, an incident will be created in Incident Response for it. When the alert recovers in OpManager, the corresponding incident will automatically get resolved in Incident Response as well.