Start an Indeni server with the new auto-triage service

This is just an example – you should use the relevant build version, not necessarily 0.0.0.develop.

• Run imanage install → command 10 → develop → y → 0.0.0.develop

• Run imanage install → command 11 → y → ik-0.0.0.develop

• Run imanage install → command 3 → yes

• Make sure automation service is up and running: sudo service indeni-automation status

Start automation job 

In order to start automation job we can use the curl command:

curl -k -i -H "Content-Type: application/json" --data '{"alert_id":"14fc1690-3e5d-4699-b527-d4e80f6d0138","device_id":"ba32a71c-3c18-41be-ba5c-71250f6009b8","rule_name":"cross_vendor_uptime_low","vendor_name":"paloaltonetworks", “trigger_type”: “Automated”  }' https://localhost:9002/api/v1/autotriage/register -X POST

vendor_name: pass the vendor name (paloaltonetworks)

Rule_name: pass the rule name according to the playbook catalog.

alert id: An actual alert id from the system - you can  pass any alert that you want. For example for uptime_low rule/playbook you can pass high_cpu alert. The alert will be used to view the playbook through the ui.

• On alert page → click on alert  → click more info 

• Copy alert id from the address bar

Open

Open

Device id: An actual device id from the system

• On device page → click on device  → click more info

• Copy device id from the address bar

Trigger_type: should be Automated

Troubleshooting an automation job

https://indeni.atlassian.net/wiki/spaces/IKP/pages/817594385

View automation job output

• Run the curl to get the automation result:

curl -ik -H "Content-Type: application/json" 'https://localhost:9009/api/v1/automation/ff43d11e-a746-4c59-85ae-3208f333b1c2'