4. Set up the Netcool/Impact Connector
3.1: Overview
In this Lab, you will create an instance of the Netcool/Impact Connector to connect to an existing Netcool/Impact server. Most, if not all, AIOps deployments will include Netcool/Impact to enable automation and integration with third-party systems. Creating and configuring the Netcool/Impact Connector therefore is usually going to be a key part of any AIOps set-up.
3.2 Preparation tasks
Retrieve Netcool/Impact certificates
In this section, you will retrieve the two certificates used by Netcool/Impact for its server and GUI server processes. These are needed to complete the Netcool/Impact Connector instance.
Open a command prompt and issue the following commands. Save the resulting certificates to a text editor.
echo '' | openssl s_client -connect netcoolvm.ocp.techzone.lan:16311 -showcerts 2>&1 | sed -n -e '/BEGIN\ CERTIFICATE/,/END\ CERTIFICATE/ p'
echo '' | openssl s_client -connect netcoolvm.ocp.techzone.lan:9081 -showcerts 2>&1 | sed -n -e '/BEGIN\ CERTIFICATE/,/END\ CERTIFICATE/ p'
Set up the Zen API key
Use the following steps to create an instance of the Netcool/Impact Connector:
- Log in to the AIOps console
- Click on your user icon in the top-right corner of the screen and select Profile and settings
- Click on API key in the top-right corner of the screen and select Generate new key
- Copy and save the API key to a safe place
- Substitute your copied API key into the following script:
ZENAPIKEY=$(echo "cpadmin:<your-API-key>" | base64 -w 0)
echo ${ZENAPIKEY}
- Test out your
ZENAPIKEYusing the following:
CPD_ROUTE=`oc get route -n cp4aiops cpd -o jsonpath='{.spec.host}'`
TENANT_ID=cfd95b7e-3bc7-4006-a4a8-a73a79c71255
curl -kv -H "Authorization: ZenApiKey ${ZENAPIKEY}" -H "x-tenant-id: ${TENANT_ID}" "https://${CPD_ROUTE}/aiops/api/issue-resolution/v1/alerts/"
If you get a JSON payload response containing events, it means your ZENAPIKEY works.
Save the value of ZENAPIKEY to a text editor.
3.3 Create a Netcool/Impact Connector instance
Use the following steps to create an instance of the Netcool/Impact Connector:
- Log in to the AIOps console and select Integrations from the main menu
- Click the Add integration button to add a new integration
- Type Netcool into the Search bar
- Choose IBM Tivoli Netcool Impact and click Get started to create a new instance
- Name: the label you want to give this integration instance
- GUI Server URLs of Impact endpoint: enter:
https://netcoolvm.ocp.techzone.lan:16311 - Backend Server URLs of Impact endpoint: enter:
https://netcoolvm.ocp.techzone.lan:9081 - User ID: enter:
impactadmin - Password: enter:
netcool - Impact certificates: paste in the certificates you retrieved earlier
- Deployment options: leave this set to Local
- Click on the Done button to complete the integration
It will now take a few minutes for AIOps to create the new integration. Refresh the Integrations page and ensure the Integration status eventually shows with a green tick.
3.4 Complete the integration in Netcool/Impact
As part of the Netcool/Impact Connector instance creation, AIOps creates a number of assets within Netcool/Impact, including some policies, and a RESTful API Data Source Adaptor (DSA) instance. The final step in the setup of the Netcool/Impact Connector integration is to configure the Data Source Adaptor in Netcool/Impact to be able to connect back to AIOps via its API. Use the following steps to complete this last task.
- Navigate to the Netcool/Impact GUI:
https://netcoolvm:16311/ibm/console - Log in to Netcool/Impact as the user
impactadminand passwordnetcool - Click on Data Model
- Identify the RESTful API DSA instance created by AIOps by its name starting with
AIOps- - Double click the AIOps DSA instance to edit it
- Set Host Name to the AIOps host name:
cpd-cp4aiops.apps.ocp.techzone.lan - Use HTTPS: checked
- Disable SSL Verification: checked
- Reuse Connection: checked
- Cache Response: unchecked
- Authentication method to use: select
No Authentication - Scroll down to: Protected Request Headers
- Create a new header with the following details:
- Header Name:
Authorization - Header Value:
ZenApiKey <your-ZENAPIKEY-created-earlier>
- Header Name:
- Click OK to save your new header
- Click on the Save button with the small disk icon at the top of the page to save your changes
- Click on the X to close the DSA instance
- Right click on the DSA instance and select Test Connection and verify it responds with Connection OK
The header value should be the exact string ZenApiKey, followed by a space character, followed by the ZENAPIKEY output you saved to a text editor earlier. If your DSA connection test fails, check each of the steps above to ensure they are correct.