This page describes the predefined variables that can be used in an HTTP request action. The value of the variable is substituted at the run-time in the context of the triggering events when the actual request is sent.

Form Variable Names

To form a predefined variable name, combine the eventList array with a top level object and a corresponding context field or multiple nested context fields. You can also use the top level object only to fetch any information.

  • All the variables are accessed through the eventList array.
  • The eventList array contains a single event for a health rule violation or an anomaly.

For example:

  • To get the ID of a health rule violation event, use ${eventList[0].event_id}
  • To get the name of the violating conditions of a health rule, use ${eventList[0].event_details.condition_details[0].name}
  • To get the details of the child entity type in a health rollup, use ${eventList[0].event_details.rollup_details.child_entities[0].child_entity_type}
  • To get the metric value that triggered the health rule violation, use ${eventList[0].event_details.condition_details[0].triggering_value}
  • To get the metric type that cause the anomaly, use ${eventList[0].anomaly_type}
  • To get the summary of the top object on which anomaly is detected, use ${eventList[0].rca_result.top_impact_object}
  • To get the value of an attribute of an entity, use ${entityAttrList[0].<attribute_name>}


The following tables provide top level object and various context field details: 

Context Attributes

The following table provides a list of top level objects and corresponding details:

Top Level Object

DescriptionEvent TypeField Type
entity_idIdentifies the entity on which violation is detected.
  • Anomaly Detection
  • Health Rule
string
entity_type

Indicates the type of the entity on which violation is detected. The format is namespace:type.

For example, k8s:type.

  • Anomaly Detection
  • Health Rule
string
event_idIdentifies the event.
  • Anomaly Detection
  • Health Rule
string
event_typeIndicates the display name of different violation types. For example, VIOLATION_STARTED_WARNING, VIOLATION_STARTED_CRITICAL.
  • Anomaly Detection
  • Health Rule
string

violation_id

Identifies the violation incident.

  • Anomaly Detection
  • Health Rule
string

event_time

Indicates the timestamp of the violation incident. You can display the timestamp in date and time format, epoch format, or a valid custom format.

Use the following expression in the HTTP payload to display event_time in one of the formats:

FormatExpressionOutput Example
Date and Time${eventList[0].event_time}Sep 15 05:16:00 PDT 2023.
Epoch$format.epochTime(eventList[0].event_time)1694780160000
A valid Custom format such as such as yyyy-MM-dd HH:mm:ss$format.formattedTime('yyyy-MM-dd HH:mm:ss', $eventList[0].event_time)2023-09-15 05:16:00
  • Anomaly Detection
  • Health Rule
long

violation_start_time

Indicates the start time of the violation incident. You can display the timestamp in date and time format, epoch format, or a valid custom format.

Use the following expression in the HTTP payload to display violation_start_time in one of the formats:

FormatExpression

Output Example

Date and Time${eventList[0].violation_start_time}Sep 15 05:16:00 PDT 2023.
Epoch$format.epochTime(eventList[0].violation_start_time)1694780160000
A valid Custom format such as such as yyyy-MM-dd HH:mm:ss$format.formattedTime('yyyy-MM-dd HH:mm:ss', $eventList[0].violation_start_time)2023-09-15 05:16:00
  • Anomaly Detection
  • Health Rule
long

violation_end_time

Indicates the end time of the violation incident. You can display the timestamp in date and time format, epoch format, or a valid custom format.

Use the following expression in the HTTP payload to display violation_end_time in one of the formats:

FormatExpressionOutput Example
Date and Time${eventList[0].violation_end_time}Sep 15 05:16:00 PDT 2023.
Epoch$format.epochTime(eventList[0].violation_end_time)1694780160000
A valid Custom format such as such as yyyy-MM-dd HH:mm:ss$format.formattedTime('yyyy-MM-dd HH:mm:ss', $eventList[0].violation_end_time)2023-09-15 05:16:00
  • Anomaly Detection
  • Health Rule
long
violation_durationIndicates the duration of violation incident. It is the difference between the current time and the start time of the incident.
  • Anomaly Detection
  • Health Rule
long
violation_severityIndicates the severity of violation such as critical or warning.
  • Anomaly Detection
  • Health Rule
string
violation_statusIndicates whether the violation incident is open or close.
  • Anomaly Detection
  • Health Rule
string
violation_typeIndicates the type of MELT event for health rule or anomaly detection. For example, 

alerting:healthrule.violationtroubleshooting.

  • Anomaly Detection
  • Health Rule
string

config_id

Identifies the health rule or the Anomaly Detection configuration.

  • Anomaly Detection
  • Health Rule
string

config_name

Indicates the display name for the health rule or the Anomaly Detection configuration.

  • Anomaly Detection
  • Health Rule
string
event_detailsIndicates the details of the violation based on a health rule.
  • Health Rule
  • complex
  • object event_details
model_sensitivity

Indicates the alert sensitivity levels of the anomaly detection model. These are the sensitivity levels:

  • TEST
  • LOW
  • MEDIUM
  • HIGH
  • Anomaly Detection
string
anomaly_typeIndicates the metric type that causes the anomaly. For example, Errors per minute (EPM) and Average Response time (ART).
  • Anomaly Detection
string
rca_resultIndicates result of the root cause analysis performed by the Anomaly Detection algorithm.
  • Anomaly Detection
object

entity_context_path

Provides direct navigation to the entity page in your application for a health rule violation. Therefore, you can view the context of the entity at the time of the violation.

You need to append the entity_context_path variable to your tenant's base URL.

For example, https://your-appd-cloud-url.com/${eventList[0].entity_context_path}

  • Anomaly Detection
  • Health Rule
string


The following table provides a list of second level context fields and corresponding details for the rca_result variable:

Second Level Context Fields - rca_result

DescriptionEvent TypeField Type
top_impact_object

Indicates the deviating metrics and summary information of top-impacted object on which anomaly is generated.

  • Anomaly Detection

object

suspected_object_summaries

Indicates the deviating metrics and summary information of the root cause objects.

  • Anomaly Detection

array

list_of_suspected_cause_pathsIndicates the path of the suspected cause of the anomaly.
  • Anomaly Detection
array


The following table provides a list of second level context fields and corresponding details for the event_details variable:

Second Level Context Fields - event_details

Description

Event Type

Field Type

condition_details

Indicates the details of health rule violation. The details are available only for metric condition.

  • Health Rule

array of condition_details

rollup_details

Indicates the details of the rollup entities for the health rule violation.

  • Health Rule

complex

object rollup_details


The following table provides a list of third level context fields and corresponding details for the rollup_details variable:

Third Level Context Fields - rollup_details

DescriptionEvent TypeField Type
child_entitiesIdentifies the correlated incident and child entity.
  • Health Rule

array of rollup_result_details

violation_countIndicates the count of the violating child entities.
  • Health Rule
long


The following table provides a list of fourth level context fields and corresponding details for the condition_details variable:

Fourth Level Context Fields - condition_details

DescriptionEvent TypeField Type
name

Indicates the display name of the condition.

  • Anomaly Detection
  • Health Rule
string
data_pointsIndicates the number of data points used to evaluate the condition.
  • Health Rule
string
eval_win_sizeIndicates the health rule evaluation time frame over which the data used to evaluate the health rule is collected. 
  • Health Rule
string
resultIndicates the status of the condition evaluation. It returns true (1), false (0), or unknown (-1).
  • Health Rule
integer
baseline_meanIndicates the difference between the baseline and the mean value.
  • Health Rule
double
baseline_std_devIndicates the difference between the baseline and the standard deviation.
  • Health Rule
double
violation_countIndicates the number of condition violations during the evaluation time frame.
  • Health Rule
string
missing_dataIndicates the number of missing data points in the evaluation time frame.
  • Health Rule
string
expressionIndicates the mathematical expression used to evaluate the metric performance.
  • Health Rule
string
expression_valueIndicates the value present in the left side of the expression.
  • Health Rule
string
threshold_valueIndicates the value present in the right side of the expression.
  • Health Rule
string
threshold_typeIndicates the type of threshold (static or baseline).
  • Health Rule
string

triggering_value

Indicates the exact value of the metric that triggered the violation
  • Health Rule
double


The following table provides a list of fourth level context fields and corresponding details for the rollup_result_details variable:

Fourth Level Context Fields - rollup_result_details

Description

Event Type

Field Type

child_entity_idIdentifies the evaluation child entity.
  • Health Rule
string
child_entity_typeIndicates the evaluation child entity type name with namespace.
  • Health Rule
string
correlated_violation_idIndicates the violation ID of the child entity that caused the rollup rule violation.
  • Health Rule
string

Attribute Value of an Entity

To get the value of an attribute of an entity, use ${entityAttrList[0].<attribute_name>}.

You can get the values of only the attributes with names that contain dot (.), underscore (_), alphabets, and digits. If any attributes have colon ( : ) and hyphen ( - ) in their names, the value can not be fetched. For example, healthrule:0d3019af-6f5d-4d64-966d-e865836885fa.

For example:

  • To get the value of attribute k8s_pod_name, use ${entityAttrList[0].k8s_pod_name}.
  • To get the value of the attribute service.name, use ${entityAttrList[0].service_name}.
  • If the value of an attribute is dynamic, for example, health.status, you will not get the latest value of the attribute.
  • You can use the Query Builder to fetch the attribute names of your entities.
  • If any attributes have dot ( . ) in their names, replace the dots (.) with underscore (_). For example, use service_name for the attribute service.name.

Samples

HTTP request examples for the most recent triggering events:

Slack Event Sample


URL:

In your Slack app, you get the Incoming Webhook that looks like the following URL:

https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX
CODE


Payload:

{
  "blocks": [
    {
      "type": "section",
      "text": {
        "type": "mrkdwn",
        "text": "*New ${eventList[0].violation_severity} Alert from AppDynamics Cloud:* ${eventList[0].config_name}\n"
      }
    },
    {
      "type": "section",
      "fields": [
        {
          "type": "mrkdwn",
          "text": "*Entity Type:*\n${eventList[0].entity_type}"
        },
        {
          "type": "mrkdwn",
          "text": "*When:*\n${eventList[0].event_time}"
        },
        {
          "type": "mrkdwn",
          "text": "*Entity Id:*\n${eventList[0].entity_id}"
        }
      ]
    },
    {
      "type": "section",
      "text": {
        "type": "mrkdwn",
        "text": "*Violating Conditions*\n"
      }
    },
    #if(${eventList[0].event_details})
	    #foreach( $condition in ${eventList[0].event_details.condition_details} )
	      {
	        "type": "section",
	        "text": {
	          "type": "mrkdwn",
	          "text": "\n${condition.expression}"
	        }           
	      },
	      #end   
    #end
    {
      "type": "actions",
      "elements": [
        {
          "type": "button",
          "text": {
            "type": "plain_text",
            "emoji": true,
            "text": "Check in AppD Cloud"
          },
          "style": "danger",
          "value": "click_me_123",
          "url": "https://your-appd-cloud-url.com${eventList[0].entity_context_path}"
        }
      ]
    },
    {
      "type": "divider"
    }
  ]
}

CODE
  • If you are unable to fetch a variable, include the variable within the if condition. For information about the if condition, see the Apache Velocity documentation.
  • For information on how to configure incoming webhooks in Slack, see the Slack documentation.

PagerDuty Events API V2 Sample


URL:

https://events.pagerduty.com/v2/enqueue
CODE

Payload:

{
  "payload": {
    "summary": "${eventList[0].event_type} on ${eventList[0].config_name}",
    "source": "AppDynamics Cloud",
    "severity": "${eventList[0].violation_severity.toLowerCase()}",
    "component": "${eventList[0].entity_type}",
    "custom_details": {
      "Event Name": "${eventList[0].event_type}",
      "Event ID": "${eventList[0].event_id}",
      "Entity Type": "${eventList[0].entity_type}",
      "Event Time": "${eventList[0].event_time}",
      "Entity ID": "${eventList[0].entity_id}"
    }
  },
  "routing_key": "<your integration key>",
  "dedup_key": "${eventList[0].violation_id}",
  "event_action": "trigger",
  "client": "AppDynamics Cloud",
  "client_url": "https://your-appd-cloud-url.com${eventList[0].entity_context_path}"
}
CODE

The integration key (routing key) is available on the PagerDuty Events API V2 integration page.

For information on how to send an event to PagerDuty, see the PagerDuty documentation.

ServiceNow Event Sample


URL

https://<instance_name>.service-now.com/api/global/em/jsonv2
CODE

Authentication:

Use the Basic authentication option and enter your username and password.

Payload:

{
  "records": [
    {
      "source": "AppDynamics Cloud",
      "event_class": "your-controller",
      "resource": "${eventList[0].entity_id}",
      "node": "${eventList[0].entity_id}",
      "metric_name": "${eventList[0].config_name}",
      "type": "${eventList[0].event_type}",
      "message_key": "${eventList[0].violation_id}",
      "description": "*New ${eventList[0].violation_severity} Alert from AppDynamics Cloud:* ${eventList[0].config_name}. Check https://your-appd-cloud-url.com${eventList[0].entity_context_path}",
      #if( ${eventList[0].violation_severity} == "CRITICAL" )
      "severity": "1"
      #elseif( ${eventList[0].violation_severity} == "WARNING"  )
      "severity": "2"
      #else
      "severity": "0"
      #end   
    }
  ]
}
CODE

For information on how to send an event to ServiceNow, see the ServiceNow documentation.

OpsGenie Event Sample


URL:

https://api.opsgenie.com/v2/alerts
CODE

Custom Headers:

  • Key: Authorization
  • Value: GenieKey <your_API_key>

Payload:

{
  "source": "AppDynamics Cloud",
  "message": "${eventList[0].event_type} on ${eventList[0].config_name}",
  "alias": "${eventList[0].violation_id}",
  "description": "${eventList[0].event_type} on ${eventList[0].config_name}",
  "entity": "${eventList[0].entity_type}:${eventList[0].entity_id}",
  #if( ${eventList[0].violation_severity} == "CRITICAL" )
  "priority": "P1",
  #elseif( ${eventList[0].violation_severity} == "WARNING"  )
  "priority": "P3",
  #else
  "priority": "P5",
  #end
  "details": {
    "Event Name": "${eventList[0].event_type}",
    "Event ID": "${eventList[0].event_id}",
    "Entity Type": "${eventList[0].entity_type}",
    "Event Time": "${eventList[0].event_time}",
    "Entity ID": "${eventList[0].entity_id}",
    "Link": "https://your-appd-cloud-url.com${eventList[0].entity_context_path}"
  }
}
CODE

For information on how to create alerts in OpsGenie, see the OpsGenie documentation.

Webex

URL:

https://webexapis.com/v1/webhooks/incoming/<incoming_webhook_url>
CODE


Payload:

{"markdown": "   \n- - -  \n**${eventList[0].violation_severity}** Alert from Cisco CNAO: **${eventList[0].config_name}**   \n- - -  \n**Details**  \n _Event Type:_ ${eventList[0].event_type}  \n_Entity Type:_ ${eventList[0].entity_type}  \n_Entity Id:_ ${eventList[0].entity_id}  \n_Event Time:_ ${eventList[0].event_time}\n**Violation Details** #if(${eventList[0].event_details}) #foreach( $condition in ${eventList[0].event_details.condition_details} ) \n$esc.java(${condition.expression}) #end #end \n_Link:_[Click here](${appdURL}${eventList[0].entity_context_path})\n- - -  \n" }
CODE
  • If you are unable to fetch a variable, include the variable within the if condition. For information about the if condition, see the Apache Velocity documentation.
  • For information on how to configure incoming webhooks in Webex, see the Webex documentation.