createalert 函数可创建定制警报,postalert 函数可发布警报。可以从脚本或工作流中调用 createalert 函数。必须从工作流中调用 postalert 函数。请参见从工作流中创建和发布定制警报。
createalert([{'handler': 'syslog', 'args': {}}], {description: 'Writes to syslog'});
需要返回值来发布警报。虽然此脚本中显示了 postalert 调用,但是需要从工作流中调用 postalert,以响应工作流中发生的事件。
script
("." to run)> var actions = [{
("." to run)> handler: 'email',
("." to run)> args: {
("." to run)> address: 'admin@example.com',
("." to run)> subject: 'Custom Alert Response'
("." to run)> }
("." to run)> }];
("." to run)> var params = {
("." to run)> severity: 'Minor',
("." to run)> description: 'Custom alert description',
("." to run)> response: 'What the alert action does',
("." to run)> impact: 'What happened to the appliance',
("." to run)> recommended_action: 'What the administrator should do'
("." to run)> };
("." to run)> var cuuid = createalert(actions, params);
("." to run)> print(cuuid);
("." to run)> var puuid = postalert(cuuid);
("." to run)> .
54c24732-b9c5-4b57-9aee-aeaf195afdae