Jump to

• Request
• Response

Create a CAPE Node

post

/api/event/Nodes

Creates a new CAPE node.

Request

There are no request parameters for this operation.

Supported Media Types

• application/json

Request Body - application/json ()

Root Schema : schema

Type: object

Show Source

• NodeActionText: string
  Content of CAPE Node Rule

  Example: use JSON; my $EventDBH = DBConnect($Config, 'Event', {AutoCommit => 1}); my $CurrentTime = sprintf "%.3f", Time::HiRes::time; # Get Anomaly EventID and Details my $AnomalyEventID = $EventData->{EventID}; my $AnomalyDetails; eval { local $SIG{__DIE__}; $AnomalyDetails = decode_json($EventData->{Details}); }; if ($@) { $Log->Message("ERROR", "Failed to decode Details: $@"); } # Get ML job my $AnomalyJobID = $AnomalyDetails->{MLJobID}; # Get Filter | Node ='xyz' AND SubNode='eth0' my $AnomalyFilter = $AnomalyDetails->{EventFilter}; my $AnomalyDuration = $CurrentTime - $EventData->{FirstReported}; # Mark Anomaly Event to prevent duplicate processing my ($ErrorFlag, $Message) = UpdateEvent({ DBH => \$EventDBH, EventID => $AnomalyEventID, Values => { Action => 'EscalateByAnomaly', Actor => 'CAPE', Duration => $AnomalyDuration, LastChanged => $CurrentTime, RootCauseFlag => 1, Severity => 0 } }); $Log->Message("WARN", "-> EscalateByAnomaly -> Marked Anomaly Event [$AnomalyEventID] as Cleared"); $Log->Message("WARN", "-> EscalateByAnomaly -> Escalating filter [$AnomalyFilter]"); # Retrieve alarms in filter with timeframe my ($ErrorFlag1, $Message1, $EventRef) = FindEventID({ DBH => \$EventDBH, Filter => $AnomalyFilter }); my $EventList = join(',', @$EventRef); $Log->Message("WARN", "-> EscalateByAnomaly -> Escalating filter returns [$EventList]"); # Set Severity Setting my $SymptomNewSeverity = 5; my $i = 0; foreach my $SymptomEventID (@$EventRef) { $i++; # Get symptom my $SymptomEvent = GetEventHash({ DBH => \$EventDBH, EventID => $SymptomEventID, ShardID => 1 }); my $SymptomOrigSeverity = $SymptomEvent->{Severity}; my $SymptomDuration = $CurrentTime - $SymptomEvent->{FirstReported}; # Suppress Events my ($ErrorFlag, $Message) = UpdateEvent({ DBH => \$EventDBH, EventID => $SymptomEventID, Values => { Action => 'EscalateByAnomaly', Actor => 'CAPE', Duration => $SymptomDuration, LastChanged => $CurrentTime, OrigSeverity => $SymptomOrigSeverity, RootCauseID => $AnomalyEventID, Severity => $SymptomNewSeverity } }); # EventJournal for suppression my ($ErrorFlag, $Message) = AddJournal({ DBH => \$EventDBH, EventID => $SymptomEventID, TimeStamp => $CurrentTime, Username => 'api', Entry => 'Escalate Abnormal Activity via event [' . $AnomalyEventID . '] due to [' . $AnomalyJobID . ']' }); } $EventDBH->disconnect();
• NodeAlias: string
  CAPE Node Alias (optional) used for referencing another CAPE node

  Example: oracle.doceng.json.BetterJsonNull@53086bdc
• NodeDescription: string
  CAPE Node Description

  Example: Take anomaly event by Machine Learning Policy and escalated Severity
• NodeName: string
  CAPE Node Name

  Example: EscalateByAnomaly
• NodeNextNode: integer
  NodeID of the next node IF a node is set as the next to be executed.

  Example: oracle.doceng.json.BetterJsonNull@55a29589
• NodeStateVerify: string
  CAPE Node "next node" test statement. If this evaluates to "true", the event will be passed to $NodeNextNode

  Example:

{
    "type":"object",
    "properties":{
        "NodeActionText":{
            "$ref":"#/components/schemas/eventNodesRead/properties/NodeActionText"
        },
        "NodeAlias":{
            "$ref":"#/components/schemas/eventNodesRead/properties/NodeAlias"
        },
        "NodeDescription":{
            "$ref":"#/components/schemas/eventNodesRead/properties/NodeDescription"
        },
        "NodeName":{
            "$ref":"#/components/schemas/eventNodesRead/properties/NodeName"
        },
        "NodeNextNode":{
            "$ref":"#/components/schemas/eventNodesRead/properties/NodeNextNodeID"
        },
        "NodeStateVerify":{
            "$ref":"#/components/schemas/eventNodesRead/properties/NodeStateVerify"
        }
    }
}

Back to Top

Response

Supported Media Types

• application/json

200 Response

Successful operation

Body ()

Root Schema : schema

Match All

Show Source

• object SuccessfulAddOperation
• object type

{
    "allOf":[
        {
            "$ref":"#/components/schemas/SuccessfulAddOperation"
        },
        {
            "type":"object",
            "properties":{
                "data":{
                    "description":"The properties of the new cape node.",
                    "type":"array",
                    "items":{
                        "$ref":"#/components/schemas/eventNodesRead"
                    }
                },
                "total":{
                    "description":"The total number of results regardless of paging.",
                    "type":"integer",
                    "example":"1"
                }
            }
        }
    ]
}

Nested Schema : SuccessfulAddOperation

Type: object

Show Source

• message: string
  The response message.

  Example: Added record
• success: boolean
  Whether the operation was a success (true) or a failure (false).

  Example: true

{
    "properties":{
        "success":{
            "description":"Whether the operation was a success (<b>true</b>) or a failure (<b>false</b>).",
            "type":"boolean",
            "example":"true"
        },
        "message":{
            "description":"The response message.",
            "type":"string",
            "example":"Added record"
        }
    },
    "type":"object"
}

Nested Schema : type

Type: object

Show Source

• data: array data
  The properties of the new cape node.
• total: integer
  The total number of results regardless of paging.

  Example: 1

{
    "type":"object",
    "properties":{
        "data":{
            "description":"The properties of the new cape node.",
            "type":"array",
            "items":{
                "$ref":"#/components/schemas/eventNodesRead"
            }
        },
        "total":{
            "description":"The total number of results regardless of paging.",
            "type":"integer",
            "example":"1"
        }
    }
}

Nested Schema : data

Type: array

The properties of the new cape node.

Show Source

• Array of: object eventNodesRead

{
    "description":"The properties of the new cape node.",
    "type":"array",
    "items":{
        "$ref":"#/components/schemas/eventNodesRead"
    }
}

Nested Schema : eventNodesRead

Type: object

Show Source

• NodeActionText: string
  Content of CAPE Node Rule

  Example: use JSON; my $EventDBH = DBConnect($Config, 'Event', {AutoCommit => 1}); my $CurrentTime = sprintf "%.3f", Time::HiRes::time; # Get Anomaly EventID and Details my $AnomalyEventID = $EventData->{EventID}; my $AnomalyDetails; eval { local $SIG{__DIE__}; $AnomalyDetails = decode_json($EventData->{Details}); }; if ($@) { $Log->Message("ERROR", "Failed to decode Details: $@"); } # Get ML job my $AnomalyJobID = $AnomalyDetails->{MLJobID}; # Get Filter | Node ='xyz' AND SubNode='eth0' my $AnomalyFilter = $AnomalyDetails->{EventFilter}; my $AnomalyDuration = $CurrentTime - $EventData->{FirstReported}; # Mark Anomaly Event to prevent duplicate processing my ($ErrorFlag, $Message) = UpdateEvent({ DBH => \$EventDBH, EventID => $AnomalyEventID, Values => { Action => 'EscalateByAnomaly', Actor => 'CAPE', Duration => $AnomalyDuration, LastChanged => $CurrentTime, RootCauseFlag => 1, Severity => 0 } }); $Log->Message("WARN", "-> EscalateByAnomaly -> Marked Anomaly Event [$AnomalyEventID] as Cleared"); $Log->Message("WARN", "-> EscalateByAnomaly -> Escalating filter [$AnomalyFilter]"); # Retrieve alarms in filter with timeframe my ($ErrorFlag1, $Message1, $EventRef) = FindEventID({ DBH => \$EventDBH, Filter => $AnomalyFilter }); my $EventList = join(',', @$EventRef); $Log->Message("WARN", "-> EscalateByAnomaly -> Escalating filter returns [$EventList]"); # Set Severity Setting my $SymptomNewSeverity = 5; my $i = 0; foreach my $SymptomEventID (@$EventRef) { $i++; # Get symptom my $SymptomEvent = GetEventHash({ DBH => \$EventDBH, EventID => $SymptomEventID, ShardID => 1 }); my $SymptomOrigSeverity = $SymptomEvent->{Severity}; my $SymptomDuration = $CurrentTime - $SymptomEvent->{FirstReported}; # Suppress Events my ($ErrorFlag, $Message) = UpdateEvent({ DBH => \$EventDBH, EventID => $SymptomEventID, Values => { Action => 'EscalateByAnomaly', Actor => 'CAPE', Duration => $SymptomDuration, LastChanged => $CurrentTime, OrigSeverity => $SymptomOrigSeverity, RootCauseID => $AnomalyEventID, Severity => $SymptomNewSeverity } }); # EventJournal for suppression my ($ErrorFlag, $Message) = AddJournal({ DBH => \$EventDBH, EventID => $SymptomEventID, TimeStamp => $CurrentTime, Username => 'api', Entry => 'Escalate Abnormal Activity via event [' . $AnomalyEventID . '] due to [' . $AnomalyJobID . ']' }); } $EventDBH->disconnect();
• NodeAlias: string
  CAPE Node Alias (optional) used for referencing another CAPE node

  Example: oracle.doceng.json.BetterJsonNull@53086bdc
• NodeAliasDisplay: string
  UI-Only field that is either the NodeAlias if one exists or "[None]" if no alias is set

  Example: [None]
• NodeDescription: string
  CAPE Node Description

  Example: Take anomaly event by Machine Learning Policy and escalated Severity
• NodeID: integer
  Node ID specified for individual CRUD operations

  Example: 1
• NodeName: string
  CAPE Node Name

  Example: EscalateByAnomaly
• NodeNextNodeID: integer
  NodeID of the next node IF a node is set as the next to be executed.

  Example: oracle.doceng.json.BetterJsonNull@55a29589
• NodeNextNodeName: string
  NodeName of the next node IF a node is set as the next to be executed

  Example: oracle.doceng.json.BetterJsonNull@155767a7
• NodeStateVerify: string
  CAPE Node "next node" test statement. If this evaluates to "true", the event will be passed to $NodeNextNode

  Example:

{
    "type":"object",
    "properties":{
        "NodeID":{
            "description":"Node ID specified for individual CRUD operations",
            "type":"integer",
            "example":"1"
        },
        "NodeName":{
            "description":"CAPE Node Name",
            "type":"string",
            "example":"EscalateByAnomaly"
        },
        "NodeAlias":{
            "description":"CAPE Node Alias (optional) used for referencing another CAPE node",
            "type":"string",
            "example":null,
            "nullable":true
        },
        "NodeDescription":{
            "description":"CAPE Node Description",
            "type":"string",
            "example":"Take anomaly event by Machine Learning Policy and escalated Severity"
        },
        "NodeActionText":{
            "description":"Content of CAPE Node Rule",
            "type":"string",
            "example":"use JSON;\n\nmy $EventDBH = DBConnect($Config, 'Event', {AutoCommit => 1});\n\nmy $CurrentTime = sprintf \"%.3f\", Time::HiRes::time;\n\n# Get Anomaly EventID and Details\nmy $AnomalyEventID = $EventData->{EventID};\nmy $AnomalyDetails;\n\neval {\n\tlocal $SIG{__DIE__};\n\n\t$AnomalyDetails = decode_json($EventData->{Details});\n};\nif ($@) {\n  $Log->Message(\"ERROR\", \"Failed to decode Details: $@\");\n}\n\n# Get ML job\nmy $AnomalyJobID = $AnomalyDetails->{MLJobID};\n\n# Get Filter | Node ='xyz' AND SubNode='eth0'\nmy $AnomalyFilter = $AnomalyDetails->{EventFilter};\n\nmy $AnomalyDuration = $CurrentTime - $EventData->{FirstReported};\n\n# Mark Anomaly Event to prevent duplicate processing\nmy ($ErrorFlag, $Message) = UpdateEvent({\n\tDBH      => \\$EventDBH,\n\tEventID  => $AnomalyEventID,\n\tValues   => {\n\t\tAction        => 'EscalateByAnomaly',\n\t\tActor         => 'CAPE',\n\t\tDuration      => $AnomalyDuration,\n\t\tLastChanged   => $CurrentTime,\n\t\tRootCauseFlag => 1,\n\t\tSeverity      => 0\n\t}\n});\n\n$Log->Message(\"WARN\", \"-> EscalateByAnomaly -> Marked Anomaly Event [$AnomalyEventID] as Cleared\");\n\n$Log->Message(\"WARN\", \"-> EscalateByAnomaly -> Escalating filter [$AnomalyFilter]\");\n\n# Retrieve alarms in filter with timeframe\nmy ($ErrorFlag1, $Message1, $EventRef) = FindEventID({\n\tDBH    => \\$EventDBH,\n\tFilter => $AnomalyFilter\n});\n\nmy $EventList = join(',', @$EventRef);\n\n$Log->Message(\"WARN\", \"-> EscalateByAnomaly -> Escalating filter returns [$EventList]\");\n\n# Set Severity Setting\nmy $SymptomNewSeverity = 5;\n\nmy $i = 0;\nforeach my $SymptomEventID (@$EventRef) {\n\t$i++;\n\n\t# Get symptom\n\tmy $SymptomEvent = GetEventHash({\n\t\tDBH     => \\$EventDBH,\n\t\tEventID => $SymptomEventID,\n\t\tShardID => 1\n\t});\n\n\tmy $SymptomOrigSeverity = $SymptomEvent->{Severity};\n\tmy $SymptomDuration     = $CurrentTime - $SymptomEvent->{FirstReported};\n\n\t# Suppress Events\n\tmy ($ErrorFlag, $Message) = UpdateEvent({\n\t\tDBH      => \\$EventDBH,\n\t\tEventID  => $SymptomEventID,\n\t\tValues   => {\n\t\t\tAction       => 'EscalateByAnomaly',\n\t\t\tActor        => 'CAPE',\n\t\t\tDuration     => $SymptomDuration,\n\t\t\tLastChanged  => $CurrentTime,\n\t\t\tOrigSeverity => $SymptomOrigSeverity,\n\t\t\tRootCauseID  => $AnomalyEventID,\n\t\t\tSeverity     => $SymptomNewSeverity\n\t\t}\n\t});\n\n\t# EventJournal for suppression\n\tmy ($ErrorFlag, $Message) = AddJournal({\n\t\tDBH       => \\$EventDBH,\n\t\tEventID   => $SymptomEventID,\n\t\tTimeStamp => $CurrentTime,\n\t\tUsername  => 'api',\n\t\tEntry     => 'Escalate Abnormal Activity via event [' . $AnomalyEventID . '] due to [' . $AnomalyJobID . ']'\n\t});\n}\n\n$EventDBH->disconnect();"
        },
        "NodeStateVerify":{
            "description":"CAPE Node \"next node\" test statement.  If this evaluates to \"true\", the event will be passed to $NodeNextNode",
            "type":"string",
            "example":""
        },
        "NodeAliasDisplay":{
            "description":"UI-Only field that is either the NodeAlias if one exists or \"[None]\" if no alias is set",
            "type":"string",
            "example":"[None]"
        },
        "NodeNextNodeName":{
            "description":"NodeName of the next node IF a node is set as the next to be executed",
            "type":"string",
            "example":null,
            "nullable":true
        },
        "NodeNextNodeID":{
            "description":"NodeID of the next node IF a node is set as the next to be executed.",
            "type":"integer",
            "example":null,
            "nullable":true
        }
    }
}

Default Response

Failed operation

Body ()

Root Schema : schema

Type: object

Show Source

• errors: array errors
  The list of errors reported. Validation errors will be keyed by record field.
• message: string
  The response message.

  Example: Exception thrown
• success: boolean
  Whether the operation was a success (true) or a failure (false).

  Example: false

{
    "properties":{
        "success":{
            "description":"Whether the operation was a success (<b>true</b>) or a failure (<b>false</b>).",
            "type":"boolean",
            "example":"false"
        },
        "message":{
            "description":"The response message.",
            "type":"string",
            "example":"Exception thrown"
        },
        "errors":{
            "description":"The list of errors reported. Validation errors will be keyed by record field.",
            "type":"array",
            "items":{
                "type":"object"
            }
        }
    },
    "type":"object"
}

Nested Schema : errors

Type: array

The list of errors reported. Validation errors will be keyed by record field.

Show Source

• Array of: object items

{
    "description":"The list of errors reported. Validation errors will be keyed by record field.",
    "type":"array",
    "items":{
        "type":"object"
    }
}

Nested Schema : items

Type: object

Back to Top