Some event actions allow you to include event-specific information as part of
the text message. Including event information is referred to as event data
substitution. Refer to the help associated with a specific event action
template for information on where event data substitution can be used.
The text of an event message is divided into keywords. When used
in a message, a keyword must be preceded by the ampersand symbol (&). The
keywords are:
- &date
- Specifies the date the event occurred.
- &time
- Specifies the time the event occurred.
- &text
- Specifies the event text, if supplied by the event.
- &type
- Specifies the event type
criteria used to trigger the event.
- &severity
- Specifies the severity level
of the event.
- &system
- Specifies the name of the system for which the event was generated.
- &sender
- Specifies the name of the system from which the event was sent. This keyword
returns null if unavailable.
- &group
- Specifies the group to which the target system belongs and is being
monitored. This keyword returns null if unavailable.
- &category
- Specifies the category of
the event.
- &pgmtype
- Specifies a dotted representation of the event type using internal type
strings.
- ×tamp
- Specifies the coordinated time of the event (milliseconds since 1/1/1970 12:00
AM GMT).
- &rawsev
- Specifies the non-localized string of event severity (FATAL, CRITICAL, MINOR,
WARNING, HARMLESS, UNKNOWN).
- &rawcat
- Specifies the non-localized string of event category (ALERT, RESOLVE).
- &corr
- Specifies the correlator string of the event. Related events, such as those
from the same monitor threshold activation, will match this.
- &snduid
- Specifies the unique ID of the event sender.
- &sysuid
- Specifies the unique ID of the system associated with the event.
- &prop:filename#propname
- Specifies the value of the property string propname from property
file filename (relative to \tivoliWg\classes).
- &sysvar:varname
- Specifies the event system variable varname. This keyword returns
null if a value is unavailable.
- &slotid:slot-id
- Specifies the value of the event detail slot with the non-localized ID slot_id.
- &md5hash
- Specifies the MD5 hash code (CRC) of the event data (good event specific
unique ID).
- &hashtxt
- Specifies a full replacement for the field with an MD5 hashcode (32-character
hex code) of the event text.
- &hashtxt16
- Specifies a full replacement for the field with a short MD5 hashcode (16-character
hex code) of the event text.
- &otherstring
- Specifies the value of the detail slot with the localized label that matches otherstring.
This keyword returns OTHERSTRING if unavailable.
Note: When you specify an event data substitution keyword containing
more than one word, substitute the underscore character ("_") for each
space between words. For example, to use the keyword "User Logon" you
must enter "User_Logon" in the text of the event message. A sample
entry containing this keyword might be: "User &User_Logon just logged
on to the system."
Example of message text with event data substitutions:
Please respond to the event generated for &system, which occurred &date.
The text of the event was &text with a severity of &severity.