Unofficial RT Ticketing Integration for ArcSight ESM

Unofficial RT Ticketing Integration for ArcSight ESM

I moved Marius' article to this board where it will remain rather than getting lost in all the discussions.

-------------------------------------------------------------------------------------------------------------------

Even though freetime wasn't exactly on my side the last few weeks, i managed to compile the initial version of the ESM integration with Request Tracker.

As a part of the ongoing community integrations, where the community can request certain integrations to be added to the ESM by other community members, the first version of the RT Ticketing System integration has been released, as requested by @Frenjd

More information about RT can be found Here.

The initial release comes with functionality to automatic create tickets in RT based on rule actions or manual integration commands in the ESM Console, and documentation on how to install and configure it.

It also supports mapping any information from the correlated event to the ticket created through the basic but easy to use template system.

It has now undergone testing, and following the documentation will now get you from start to finish without issues.

As an initial release, it also means that while all functionality might be in place, there is always room for improvements, some of them would be:

  • Adding new events to existing tickets (Almost done)
  • Proper logging and configurable logging directory.
  • Better templating, or support for multiple template files.
  • Better error checking on API requests.
  • Debug mode.
  • Better README format, better explanations and proof reading.

If you want to try it out, but do not have a RT test environment, a complete finished RT image exists for docker here (which is what i used while developing the integration, so it works just fine!):

https://hub.docker.com/r/netsandbox/request-tracker/

If there is any questions, issues, feedback or anything else, do not hesitate to post it either here, or in a github issue for the project. Contributions through PR's are always welcome as well!

The files and documentation can be found at the current location:

https://github.com/arcsight-unofficial/arcsight-esm-requesttracker

PS: All new and cool integrations will also be released on the arcsight-unofficial github, so follow it to keep yourself up 2 date! Anything i upload there will also be posted here in this community.

 

Labels (1)

DISCLAIMER:

Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.
Top Contributors
Version history
Revision #:
2 of 2
Last update:
‎2018-12-19 09:22
Updated by:
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.