Mobile alerting with tracking & escalation for Micro Focus SMAX

Why Enterprise Alert

Service Management Automation X (SMAX) is a ticket based ITSM that can send out alerts to incidents that are created, but all too often the emails that are sent from critical events are missed. Enterprise Alert ensures that all on duty members receive, acknowledge and resolve those critical alerts, all from their smartphones. With persistent notifications and escalation chains there will never be a critical alert that goes unattended. Enterprise Alert also offers ad-hoc collaboration between team members for each and every alert, so Subject Matter Experts can be looped in to help resolve issues.

How it works

This connector app adds 2-way integration with Micro Focus SMAX to your team. The app is polling an SMAX entity of your choice. Records matching a given criteria will be retrieved and notified to your team. On the other hand, the app can update the record when Alerts are acknowledged, closed or annotated.

Integration capabilities

Update tickets with updates such as status, assignee and annotations
Staff can acknowledge and take ownership for critical events that occur
Communicate within an alert to address a problem
Alerts are escalated in case of no response
On-call scheduling to alert the right people at the right time

Scenarios

Helpdesk Ticketing
Workflow Automation

HOW TO INTEGRATE

In our example we will create new ticket within SMAX. The smart connector from EA will receive this as an incoming event and raise an alert based on policy conditions.

Integration Steps

First we need to setup the connector within Enterprise Alert. Navigate to System > Event Sources and click on New Source at the bottom of the portal. This launches the gallery and select Azure Sentinel.

In the SMAX Studio (Administration -> Studio), select an entity that you wish to receive notifications for. In example, if you want to be notified about certain incidents in SMAX, select ‘Incident’.

Create three custom fields on that entity. Set each the multilingual label to match the name field and make sure to make it each hidden.

EnterpriseAlertForwarding_c, BOOLEAN
EnterpriseAlertStatus_c, SMALLTEXT
EnterpriseAlertUser_c, MEDIUMTEXT

On the same entity, click on ‘Processes and Rules’ and add a new workflow rule for the ‘After change’ event. It makes sure that according records are retrieved by Enterprise Alert. The rule criteria is up to you. The rule action is the manipulation of multiple entity fields. Specifically, EnterpriseAlertForwarding_c will be set to True, which causes an according entity instance to be received by the app. EnterpriseAlertStatus_c must get the value ‘New’. Expand the ‘After change’ event and klick ‘Add’, then select ‘If..then rule’. In the screen that appears, select ‘Set multiple fields’ and then click OK. Now use the hyperlinks in the rule that has been created for you, in order to set rule criteria and actions as explained earlier. At the end, your new rule should look as follows:

Trigger new Alert in Enterprise Alert
If
${current_update.Status.IsChanged && current_update.Status.NewValue!=null && current_update.Status.NewValue == ‘Ready’}
Set
EnterpriseAlertStatus_c: New
EnterpriseAlertForwarding_c: true

Create another workflow rule for the ‘After change’ event using the same approach as in the previous step. This rule will update according records in SMAX, when corresponding Alert in Enterprise Alert have been acknowledged. The field EnterpriseAlertStatus_c will be updated by the connector app with the new status of the corresponding Alert. The field EnterpriseAlertUser_c will contain the email of the team member who has acknowledged the Alert and can be used in the rule to e.g. assign an owner. An example looks as follows:

Update Status when Alert is acknowledged in Enterprise Alert
If
${current_update.EnterpriseAlertStatus_c.IsChanged && current_update.EnterpriseAlertStatus_c.NewValue!=null && current_update.EnterpriseAlertStatus_c.NewValue == ‘Acknowledged’}
Set
Status: InProgress
OwnedByPerson: ${identification.identify(‘Person’, ‘Upn’, entity.EnterpriseAlertUser_c)}

Create a third workflow rule which updates the record when the corresponding Alert is closed analog to the previously created rule. An example looks as follows:

Update Status when Alert is closed in Enterprise Alert
If
${current_update.EnterpriseAlertStatus_c.IsChanged && current_update.EnterpriseAlertStatus_c.NewValue!=null && current_update.EnterpriseAlertStatus_c.NewValue == ‘Closed’}
Set
Status: Complete
EnterpriseAlertUser_c: ${identification.identify(‘Person’, ‘Upn’, entity.EnterpriseAlertUser_c)}

Populate the connector in Enterprise Alert with the required fields.

Reading records and updating their status requires the above setup in SMAX. Adding mobile chat messages as comments to those records is done by the app itself without workflow logic in SMAX.

To be able to query records of an entity, the app requires a user account in SMAX with appropriate permissions. Its credentials and some other endpoints or preferences must be configured in this app’s settings.

Please use the help overlay for each config property as it contains a detailed description for each setting.

Most relevant setting is ‘Polling entity’.

It defines the entity in SMAX that is being polled. Polling is then based on the boolean value of that entity’s custom field, configured in ‘Custom field polling indication’: If it’s value changes to true, it will be polled by this app which does then ‘acknowledge’ receipt by setting its value back to false.

Once the connection is made you will start receiving Incoming Events for newly created incidents. You are able to create alert policies from these incidents and using the conditions to filter which events are critical and should be notified on.