SELECT statements and their associated clauses are evaluated in the order they appear in the CDS file. If all the clauses of a SELECT statement are evaluated successfully, the incoming event matches the corresponding class.

After an event is matched with a class because of successful SELECT statement evaluation, processing continues with the FETCH statement, unless the class is *DISCARD*, in which case the event is discarded. If the evaluation of a SELECT statement fails, the kernel tries to match the event with the SELECT statement of the next class. If the incoming event cannot be matched with any class, it is discarded.

Each time a SELECT statement is evaluated successfully, the adapter kernel layer creates three temporary pseudo-variables: $Nn, $Kn, $Vn (where n is the identification number of a clause in the SELECT statement). These variables contain the name, key, and value of the attribute specified in the clause, respectively. The pseudo-variables can then be used in any following SELECT, FETCH, or MAP statement.

By default, the attribute name specified in an ATTR() expression is a string, and the attribute matching this name is searched for sequentially in the incoming event. For most adapters, every incoming event contains a minimum set of mandatory fields. For this reason, each adapter supports built-in keywords that can be used to reference these mandatory attributes and thereby directly access their values. These keywords have the format $attribute_name. Examples of keywords supported by the SNMP adapter are: $AGENT_ADDRESS, $COMMUNITY, $ENTERPRISE, $TYPE, and $SPECIFIC. These keywords refer to the mandatory fields of an SNMP Trap-PDU. Each adapter can also define global variables, such as RECEPTION TIME, SVARBIND, and so forth.

Using the $ notation, a clause for SNMP authentication failure traps can be written as follows:

1: ATTR(=,$TYPE),VALUE(=,4);

This notation is not simpler than the format shown in the previous example, ATTR(=, type), but evaluation will be faster since it results in direct access to the variable instead of a linear search.

The syntax shown in the preceding example is generic, and as such, it can be rather verbose for commonly used criteria. Several shortcuts are provided in order to alleviate the notation. For example, the previous example can be written as follows:

1:$TYPE=4;

Output from the class selection process is the name of the event class, a table of pseudo-variables $Nn, $Kn, $Vn, and all adapter-specific variables (for example, $TYPE, $VARBIND, and so forth).

FETCH Statement

The FETCH statement of a class definition statement allows manipulation and modification to the attribute names, keys, and values retrieved by the SELECT statement for the incoming event. Sometimes it is necessary to perform tasks such as extracting a substring from an attribute value, adding two values, and so forth.

158IBM Tivoli Enterprise Console: Adapters Guide

Page 169 Page 171
Page 170
Image 170
IBM Enterprise Console manual Fetch Statement
Page 169 Page 171

Enterprise Console specifications

IBM Enterprise Console is a robust solution designed to centralize and streamline IT operational monitoring and management. As organizations increasingly rely on complex IT infrastructures, including cloud services, on-premise systems, and hybrid environments, the need for an effective monitoring tool has become paramount. IBM Enterprise Console addresses these needs by providing a comprehensive view of IT operations, enabling organizations to respond to incidents with agility and precision.

One of the key features of IBM Enterprise Console is real-time monitoring. The solution offers a single pane of glass through which IT teams can observe the performance of various systems and applications. This capability allows organizations to detect and respond to incidents promptly, minimizing downtime and ensuring that services remain available for end users. The console integrates seamlessly with multiple data sources, allowing for the aggregation of alerts, events, and logs from diverse IT environments.

Another significant aspect of IBM Enterprise Console is its automation capabilities. The platform supports automated workflows and incident management processes, helping to reduce the workload on IT teams. Automation not only enhances efficiency but also ensures consistency in incident response. By leveraging predefined rules and actions, organizations can standardize their operational protocols, leading to faster resolution times and improved service quality.

The IBM Enterprise Console utilizes advanced analytics and artificial intelligence to enhance operational insights. Machine learning algorithms can help identify patterns and anomalies in system performance, allowing organizations to anticipate potential issues before they escalate into critical incidents. This proactive approach to IT monitoring not only improves reliability but also fosters a culture of continuous improvement across the organization.

Security features are also integrated into the IBM Enterprise Console, allowing for the monitoring of security incidents alongside IT operations. This unified approach helps organizations to respond more effectively to security threats, enabling them to correlate operational and security data for a comprehensive view of their infrastructure.

In conclusion, IBM Enterprise Console stands out as a powerful tool for IT operations management. Its real-time monitoring, automation capabilities, advanced analytics, and integrated security features make it an ideal solution for organizations looking to enhance operational efficiency and responsiveness. By leveraging this technology, businesses can ensure that their IT environments remain stable, secure, and aligned with their strategic goals.
Top Page Image Contents