event notification destination create
Create an event notification destination
Availability: This command is available to cluster administrators at the admin privilege level.
Description
The event notification destination create
command creates a new event notification destination of either email or syslog type.
The following system-defined notification destination is configured for your use:
-
snmp-traphost - This destination reflects the configuration in "system snmp traphost".
Parameters
-name <text>
- Destination Name-
Use this mandatory parameter to specify the name of the notification destination that is to be created. An event notification destination name must be 2 to 64 characters long. Valid characters are the following ASCII characters: A-Z, a-z, 0-9, "_", and "-". The name must start and end with: A-Z, a-z, or 0-9.
- {
-email <mail address>
- Email Destination -
Use this parameter to specify the email address event notifications are sent to. For events to properly generate email notifications, the event system must also be configured with an address and mail server from which the mail will be sent. See event config modify command for more information.
- |
-syslog <text>
- Syslog Destination -
Use this parameter to specify the syslog server host name or IP address syslog messages are sent to.
[-syslog-port <integer>]
- Syslog Port-
Use this parameter to specify the syslog server port value syslog messages are sent to. The default port used depends on the
syslog-transport
value. If thesyslog-transport
is set totcp-encrypted
, thesyslog-port
has the default value 6514. If thesyslog-transport
is set totcp-unencrypted
, thesyslog-port
has the default value 601. Otherwise, the defaultsyslog-port
is set to 514. [-syslog-transport {udp-unencrypted|tcp-unencrypted|tcp-encrypted}]
- Syslog Transport-
Use this parameter to specify the transport protocol that is used to send the syslog messages.
The
syslog-transport
can be one of the following values:-
udp-unencrypted
- User Datagram Protocol with no security -
tcp-unencrypted
- Transmission Control Protocol with no security -
tcp-encrypted
- Transmission Control Protocol with Transport Layer Security (TLS)
The default protocol is
udp-unencrypted
. + Iftcp-encrypted
transport is specified, then ONTAP verifies the identity of the destination host by validating its certificate. If the Online Certificate Status Protocol (OCSP) is enabled for Event Management System (EMS), then ONTAP uses that protocol to determine the certificate's revocation status. Use the (privilege: advanced) security config ocsp show -application ems command to determine if the OCSP-based certificate revocation status check is enabled for EMS. -
[-syslog-message-format {legacy-netapp|rfc-5424}]
- Syslog Message Format-
Use this parameter to specify the message format to be used for EMS syslog messages.
The
syslog-message-format
can be one of the following values:-
legacy-netapp
- Variation of RFC-3164 Syslog format (format: <PRIVAL>TIMESTAMP [HOSTNAME:Event-name:Event-severity]: MSG) -
rfc-5424
- Syslog format as per RFC-5424 (format: <PRIVAL>VERSION TIMESTAMP HOSTNAME Event-source - Event-name - MSG)
Refer to the respective RFCs for detailed information on the syslog message formats. + The default message format is
legacy-netapp
. -
[-syslog-timestamp-format-override {no-override|rfc-3164|iso-8601-utc|iso-8601-local-time}]
- Syslog Timestamp Format Override-
Use this parameter to override the default timestamp format (based on the
syslog-message-format
parameter) used for EMS syslog messages.The
syslog-timestamp-format-override
can be one of the following values:-
no-override
- Timestamp format based on thesyslog-message-format
parameter (rfc-3164
if message format islegacy-netapp
,iso-8601-local-time
if message format isrfc-5424
) -
rfc-3164
- Timestamp format as per RFC-3164 (format: Mmm dd hh:mm:ss) -
iso-8601-utc
- Timestamp format as per ISO-8601 in UTC (format: YYYY-MM-DDThh:mm:ssZ) -
iso-8601-local-time
- Timestamp format as per ISO-8601 in local time (format: YYYY-MM-DDThh:mm:ss+/-hh:mm)
The default value is
no-override
. When this parameter is modified, its value persists even whensyslog-message-format
is updated. + -
[-syslog-hostname-format-override {no-override|fqdn|hostname-only}]
- Syslog Hostname Format Override-
Use this parameter to override the default hostname format (based on the
syslog-message-format
parameter) used for EMS syslog messages.The
syslog-hostname-format-override
can be one of the following values:-
no-override
- Hostname format based on thesyslog-message-format
parameter (fqdn
if message format isrfc-5424
,hostname-only
if message format islegacy-netapp
) -
fqdn
- Fully Qualified Domain Name (e.g., myhost.example.com) -
hostname-only
- Hostname only, without the domain name (e.g., myhost)
The default value is
no-override
. When this parameter is modified, its value persists even whensyslog-message-format
is updated. + -
- |
-rest-api-url <text>
- REST API Server URL -
Use this parameter to specify the REST API server URL to which event notifications are sent. Enter the full URL, which must start either with an http:// or https:// prefix. To specify a URL that contains a question mark, press ESC followed by the "?". + If a https:// URL is specified, then ONTAP verifies the identity of the destination host by validating its certificate. If the Online Certificate Status Protocol (OCSP) is enabled for Event Management System (EMS), then ONTAP uses that protocol to determine the certificate's revocation status. Use the (privilege: advanced) security config ocsp show -application ems command to determine if the OCSP-based certificate revocation status check is enabled for EMS.
[-certificate-authority <text>]
- Client Certificate Issuing CA-
Use this parameter to specify the name of the certificate authority (CA) that signed the client certificate that will be sent in case mutual authentication with the REST API server is required. + There can be multiple client certificates installed for the admin vserver in the cluster, and this parameter, along with the
certificate-serial
parameter, uniquely identifies which one. + Use the security certificate show command to see the list of certificates installed in the cluster. [-certificate-serial <text>]
- Client Certificate Serial Number }-
Use this parameter to specify the serial number of the client certificate that will be sent in case mutual authentication with the REST API server is required.
Examples
The following example shows the creation of a new event notification destination of type email called "StorageAdminEmail":
cluster1::> event notification destination create -name StorageAdminEmail -email StorageAdmin@example.com cluster1::> event notification destination show Name Type Destination -------------- ---------- --------------------- StorageAdminEmail email StorageAdmin@example.com snmp-traphost snmp 10.30.40.10 (from "system snmp traphost") 2 entries were displayed.
The following example shows the creation of a new event notification destination of type rest-api called "RestApi":
cluster1::> event notification destination create -name RestApi -rest-api-url https://rest.example.com/rest -certificate-authority cluster1-root-ca -certificate-serial 052213E60B7088 cluster1::> event notification destination show -name RestApi -instance Destination Name: RestApi Type of Destination: rest-api Destination Values: https://rest.example.com/rest Client Certificate Issuing CA: cluster1-root-ca Client Certificate Serial Number: 052213E60B7088