The content of email and command notifications can include information
from events in the following form:
'${objectname/objectattribute}'
Note
Do not escape event command messages and event summaries. For example,
write this command as: ${evt/summary} (rather
than echo '$evt/summary').
Object names can be
evt, evtSummary, or
urls; or for clearing event context,
clearEvt and
clearEventSummary. For each object name, the
following lists show valid attributes (for example,
'${evt/DevicePriority}' ):
Attributes of evt and clearEvt
Value
Description
DevicePriority
value of the priority of the device
agent
Typically the name of the daemon that generated the event. For example, an SNMP threshold event has zenperfsnmp as its agent.
clearid
id of the event this clear event will clear
component
component this event is related to
count
how many times this event occurred
created
when the event was created
dedupid
dynamically generated fingerprint that allows the system to perform de-duplication on repeating events that share similar characteristics
device
device this event is related to
eventClass
class of this event
eventClassKey
Free-form text field that is used as the first step in mapping an unknown event into an event class.
eventGroup
Free-form text field that can be used to group similar types of events. This is primarily an extension point for customization. Currently not used in a standard system.
eventKey
Free-form text field that allows another specificity key to be used to drive the de-duplication and auto-clearing correlation process.