IBM Security Resilient

Hi ,

is there any option to notify user when the function in the circuits stops because if an error, the default notifications has only option to push notications only for incidents, tasts, or artifacts. 

our scenario is, we are developing a function to pull the incidents from an itsm tool automatically, to create incidents in resilient. so looking for a mechanism to notify users when any error occurs in pulling incidents.
instead of doing a manual check on logs

thanks in advance,

------------------------------
sudheer kumar
------------------------------

You could catch the error, and in the return sent to FunctionResult results include something like results['was_successful'] = False ... then you could check the condition and trigger a follow-up function in the workflow (like Exchange send email) if it failed.

There is not currently an option to notify on function or workflow failures. You could post the idea to the aha.io idea portal, as I do agree that this functionality could be a useful addition. Creating objects of type 'Function' and 'Workflow' that could have conditions applied to them like 'Begins' / 'Ends in Success' / 'Ends in Failure' / 'Has name of xyz ' ... etc ... would be useful for sure.

------------------------------
Jared Fagel
Cyber Security Analyst Intern
Public Utility
------------------------------

Original Message:
Sent: Thu October 10, 2019 06:13 AM
From: sudheer kumar
Subject: get Notification when any of the function in circuits stops because of error

Hi ,

is there any option to notify user when the function in the circuits stops because if an error, the default notifications has only option to push notications only for incidents, tasts, or artifacts. 

our scenario is, we are developing a function to pull the incidents from an itsm tool automatically, to create incidents in resilient. so looking for a mechanism to notify users when any error occurs in pulling incidents.
instead of doing a manual check on logs

thanks in advance,

------------------------------
sudheer kumar
------------------------------

thanks @Jared Fagel,

that's a good option to return failure or success in the function. there are two challenges with that,

• does already available functions in IBM repo has  has this option.
• it would increase the size of playbook. because we are looking for maximum automation, so there will be lot of fucntions and we cannot put condition after each function to check if it got failed or succeeded

so   if any error entry goes into the log file then there should be a way we should receive the notification


​

------------------------------
sudheer kumar
------------------------------

Original Message:
Sent: Thu October 10, 2019 10:50 AM
From: Jared Fagel
Subject: get Notification when any of the function in circuits stops because of error

You could catch the error, and in the return sent to FunctionResult results include something like results['was_successful'] = False ... then you could check the condition and trigger a follow-up function in the workflow (like Exchange send email) if it failed.

There is not currently an option to notify on function or workflow failures. You could post the idea to the aha.io idea portal, as I do agree that this functionality could be a useful addition. Creating objects of type 'Function' and 'Workflow' that could have conditions applied to them like 'Begins' / 'Ends in Success' / 'Ends in Failure' / 'Has name of xyz ' ... etc ... would be useful for sure.

------------------------------
Jared Fagel
Cyber Security Analyst Intern
Public Utility

Original Message:
Sent: Thu October 10, 2019 06:13 AM
From: sudheer kumar
Subject: get Notification when any of the function in circuits stops because of error

Hi ,

is there any option to notify user when the function in the circuits stops because if an error, the default notifications has only option to push notications only for incidents, tasts, or artifacts. 

our scenario is, we are developing a function to pull the incidents from an itsm tool automatically, to create incidents in resilient. so looking for a mechanism to notify users when any error occurs in pulling incidents.
instead of doing a manual check on logs

thanks in advance,

------------------------------
sudheer kumar
------------------------------