event notification destination create

Contributors

Create an event notification destination

Availability: This command is available to cluster administrators at the admin privilege level.

Description

The event notification destination create command creates a new event notification destination of either email or syslog type.

The following system-defined notification destination is configured for your use:

  • snmp-traphost - This destination reflects the configuration in "system snmp traphost".

Parameters

-name <text> - Destination Name

Use this mandatory parameter to specify the name of the notification destination that is to be created. An event notification destination name must be 2 to 64 characters long. Valid characters are the following ASCII characters: A-Z, a-z, 0-9, "_", and "-". The name must start and end with: A-Z, a-z, or 0-9.

{ -email <mail address> - Email Destination

Use this parameter to specify the email address event notifications are sent to. For events to properly generate email notifications, the event system must also be configured with an address and mail server from which the mail will be sent. See event config modify command for more information.

| -syslog <text> - Syslog Destination

Use this parameter to specify the syslog server host name or IP address syslog messages are sent to.

[-syslog-port <integer>] - Syslog Port

Use this parameter to specify the syslog server port value syslog messages are sent to. The default port used depends on the syslog-transport value. If the syslog-transport is set to tcp-encrypted , the syslog-port has the default value 6514. If the syslog-transport is set to tcp-unencrypted , the syslog-port has the default value 601. Otherwise, the default syslog-port is set to 514.

[-syslog-transport {udp-unencrypted|tcp-unencrypted|tcp-encrypted}] - Syslog Transport

Use this parameter to specify the transport protocol that is used to send the syslog messages.

The syslog-transport can be one of the following values:

  • udp-unencrypted - User Datagram Protocol with no security

  • tcp-unencrypted - Transmission Control Protocol with no security

  • tcp-encrypted - Transmission Control Protocol with Transport Layer Security (TLS)

The default protocol is udp-unencrypted . + If tcp-encrypted transport is specified, then ONTAP verifies the identity of the destination host by validating its certificate. If the Online Certificate Status Protocol (OCSP) is enabled for Event Management System (EMS), then ONTAP uses that protocol to determine the certificate’s revocation status. Use the (privilege: advanced) security config ocsp show -application ems command to determine if the OCSP-based certificate revocation status check is enabled for EMS.

[-syslog-message-format {legacy-netapp|rfc-5424}] - Syslog Message Format

Use this parameter to specify the message format to be used for EMS syslog messages.

The syslog-message-format can be one of the following values:

  • legacy-netapp - Variation of RFC-3164 Syslog format (format: <PRIVAL>TIMESTAMP [HOSTNAME:Event-name:Event-severity]: MSG)

  • rfc-5424 - Syslog format as per RFC-5424 (format: <PRIVAL>VERSION TIMESTAMP HOSTNAME Event-source - Event-name - MSG)

Refer to the respective RFCs for detailed information on the syslog message formats. + The default message format is legacy-netapp .

[-syslog-timestamp-format-override {no-override|rfc-3164|iso-8601-utc|iso-8601-local-time}] - Syslog Timestamp Format Override

Use this parameter to override the default timestamp format (based on the syslog-message-format parameter) used for EMS syslog messages.

The syslog-timestamp-format-override can be one of the following values:

  • no-override - Timestamp format based on the syslog-message-format parameter (rfc-3164 if message format is legacy-netapp , iso-8601-local-time if message format is rfc-5424 )

  • rfc-3164 - Timestamp format as per RFC-3164 (format: Mmm dd hh:mm:ss)

  • iso-8601-utc - Timestamp format as per ISO-8601 in UTC (format: YYYY-MM-DDThh:mm:ssZ)

  • iso-8601-local-time - Timestamp format as per ISO-8601 in local time (format: YYYY-MM-DDThh:mm:ss+/-hh:mm)

The default value is no-override . When this parameter is modified, its value persists even when syslog-message-format is updated. +

[-syslog-hostname-format-override {no-override|fqdn|hostname-only}] - Syslog Hostname Format Override

Use this parameter to override the default hostname format (based on the syslog-message-format parameter) used for EMS syslog messages.

The syslog-hostname-format-override can be one of the following values:

  • no-override - Hostname format based on the syslog-message-format parameter (fqdn if message format is rfc-5424 , hostname-only if message format is legacy-netapp )

  • fqdn - Fully Qualified Domain Name (e.g., myhost.example.com)

  • hostname-only - Hostname only, without the domain name (e.g., myhost)

The default value is no-override . When this parameter is modified, its value persists even when syslog-message-format is updated. +

| -rest-api-url <text> - REST API Server URL

Use this parameter to specify the REST API server URL to which event notifications are sent. Enter the full URL, which must start either with an http:// or https:// prefix. To specify a URL that contains a question mark, press ESC followed by the "?". + If a https:// URL is specified, then ONTAP verifies the identity of the destination host by validating its certificate. If the Online Certificate Status Protocol (OCSP) is enabled for Event Management System (EMS), then ONTAP uses that protocol to determine the certificate’s revocation status. Use the (privilege: advanced) security config ocsp show -application ems command to determine if the OCSP-based certificate revocation status check is enabled for EMS.

[-certificate-authority <text>] - Client Certificate Issuing CA

Use this parameter to specify the name of the certificate authority (CA) that signed the client certificate that will be sent in case mutual authentication with the REST API server is required. + There can be multiple client certificates installed for the admin vserver in the cluster, and this parameter, along with the certificate-serial parameter, uniquely identifies which one. + Use the security certificate show command to see the list of certificates installed in the cluster.

[-certificate-serial <text>] - Client Certificate Serial Number }

Use this parameter to specify the serial number of the client certificate that will be sent in case mutual authentication with the REST API server is required.

Examples

The following example shows the creation of a new event notification destination of type email called "StorageAdminEmail":

cluster1::> event notification destination create -name StorageAdminEmail -email StorageAdmin@example.com

cluster1::> event notification destination show

Name            Type        Destination
--------------  ----------  ---------------------
StorageAdminEmail
                email       StorageAdmin@example.com
snmp-traphost   snmp        10.30.40.10 (from "system snmp traphost")
2 entries were displayed.

The following example shows the creation of a new event notification destination of type rest-api called "RestApi":

cluster1::> event notification destination create -name RestApi -rest-api-url https://rest.example.com/rest
-certificate-authority cluster1-root-ca -certificate-serial 052213E60B7088

cluster1::> event notification destination show -name RestApi -instance
Destination Name: RestApi
             Type of Destination: rest-api
              Destination Values: https://rest.example.com/rest
   Client Certificate Issuing CA: cluster1-root-ca
Client Certificate Serial Number: 052213E60B7088