Event Mapping
We are making use of an entity called Event mapping to convert an alert into an incident. At the moment, we are employing this entity as a mapping tool for the Priority, Category, and sub Category fields, as well as the Assigned To field.
Event Mapping Form
| Fields | Description |
|---|---|
| Source | Event monitoring software that generated the event. |
| Key | what would be the Key value for Mapping. |
| Active | True/false |
| Type | In this we have two options
|
| From Field | From Which field we are mapping like here we are mapping Priority from Severity. |
| To Field | Field name in which we are mapping. |
| Value | Define the Actual value for this mapping. |
priority mapping
The severity of the event serves as the metric for determining the mapping priority.
If we are not sending severity value then we use default Priority Like this:
Category Mapping
In order to create incidents, we are mapping this entity's Category value into the incident creation process.
Subcategory Mapping
The value of the Subcategory field from this entity is being mapped into an incident so that it can be created.
Assigned to Mapping
The value of the Assigned To field from this entity is being mapped into an incident so that it can be created.
Alert Status Mapping
In order to create alert we are mapping Alert status field value Down to New, Down escalation repeat to New and Ok to Closing Like this:
** **