Previous Topic: Architecture Supporting CA IT PAM Integration

Next Topic: How CA IT PAM Integration Works

Process of Working with Event/Alert Output Processes

An overview of the work flow for leveraging a CA IT PAM event/alert output process follows:

  1. Determine whether to set up CA IT PAM integration with or without the sample process. The advantage of using the sample process is that it lets you see results right away. You can defer updating your own process until you become familiar with integration results. Using the sample process requires CA Service Desk.
  2. Do one or both of the following:
  3. Gather details for CA IT PAM integration from the sample process or the process you created.
  4. Configure CA IT PAM integration for event/alert output.
  5. Ensure that users who monitor event/alert output process results at the third-party product have user accounts in CA Enterprise Log Manager and know the credentials with which to log in. You can assign the role of Auditor to such accounts.

    Note: When users log in, all they can do is view the page with the associated query results.

  6. Prepare to automate the running of an event/alert output process:
    1. Identify the query or queries that return data on which the third-party product can take action according to the configured CA IT PAM process.
    2. If the query uses a keyed list, ensure the keyed list is populated with the values you need.
    3. Run the event/alert output process on the query results, and verify that the process runs successfully.
  7. Schedule an action alert using the documented procedure and the following guidelines.
    1. On the Alert Selection step:
      • Type a job name.
      • Verify selection type is Queries.
      • Select the query or queries you identified during planning.
    2. On the Destination step, select the IT PAM Process tab and specify event/alert output details as follows:
      • Select the queries on which to base the alert.
      • Specify whether to run the process once per query that returns results or once per returned row.
      • Specify IT PAM process parameter values. You can include field values and text for the Summary and Description parameter values only if running the process per row.
    3. Specify details for the remaining steps as with any action alert you schedule, then save and close the wizard.
  8. Monitor the results:
    1. Verify the Action Alert Jobs list includes this job.
    2. Monitor self-monitoring events, Event Notification action, to verify that the result of running the IT PAM process was successful.
    3. (Optional) Log on to the third-party product that responded to the event/alert output information from CA Enterprise Log Manager that was passed to it by the IT PAM process.

More information:

Import the Sample Event/Alert Output Process

Guidelines for Creating an Event/Alert Output Process

Example: Run an Event/Alert Output Process with Selected Query Results

Design Queries for Events to Send to the Event/Alert Output Process

Set Notification Destinations

Example: Send an Alert that Runs an IT PAM Process Per Row