2017-10-06 06:57 AM
I am working on a fresh install of OCUM 7.2 and WFA 4.1 and looking to have an alert trigger a workflow.
Previously in scripts you would have the WFA credentials coded into the script and make the API calls.
I am curious if integration is any tighter now, or ever will be - to the point where when OCUM and WFA are linked together you can select a WFA workflow directly as the action for an event rather than needing a script in the middle.
2017-10-08 05:10 PM
Currently WFA requires authentication to invoke a workflow via REST. A script attached to an OCUM alarm must provide credentials to invoke the WFA workflow. You can encrypt and decrypt credentials within a script as a work around to the security risk of including credentials in clear text within a script. There are several methods to achieve this depending on the version of OCUM you have installed (Windows, RHEL or vAPP). Ultimately your question relates to the security architecture of both WFA and OCUM which would require significant changes to achieve your end goal. I'm not aware of any plans to change the existing method of application integration between OCUM and WFA.
2017-10-09 06:00 AM
Authentication is used between OCUM and the clusters it monitors. Authentication occurs between WFA and the systems it can execute workflows against. Authentication occurs between WFA and OCUM when it polls OCUM as a data source. Why can't the integration be better?
What would prevent OCUM from having a set of WFA credentials stored in the config which would allow the actions area of an alert config to have drop down menus that allow you to select a workflow to execute when an alert happens and have OCUM send the REST call using the stored credentials and a set of parameters just as the powershell scripts we write do?
My concern is that given the nature of the scripts that we have to write to get alerts to talk to WFA that as things change in future versions of both tools, there is a rather high chance that a minor software update could break these scripts, and there is no real easy way to know if they broke - since you can't readily alert on the return code of a script called by an alert.