Open Integration Manager - Advanced Configuration
The Open Integration Manager enables you to create customizable inbound alert integrations through the configuration of a generic inbound integration rather than creating custom code. The integration manager sets parsing rules for incoming payloads, pre-processing the content to match incoming data requirements before it reaches the BigPanda enrichment engine.
Read more about key features and general configuration in the Open Integration Manager documentation.
Nested Objects
When using nested objects from a sample event, there are many different ways payload properties can be organized. Maintaining desired naming conventions requires careful configuration when multiple parent-objects may have the same child-object names.
The tag names and values sent to BigPanda will be determined based on the selections in the Source Tags, BigPanda Tag Name, and Ignore additional tags? fields. For more information on tag names, see Tag Naming Requirements.
Example Payload
The following payload will be interpreted into BigPanda properties depending on the Tag Mapping configuration:
{
"metadata": {
"entitytype": "value1",
"entityname": "value2",
"location": "value3"
},
"metadata2": {
"entitytype": "value4",
"entityname": "value5",
"location": "value6"
},
"severity": "critical",
}Source Tag | BigPanda Tag Name | Ignore Additional Tags? | Result Property Names |
|---|---|---|---|
(blank) | (blank) | No | metadata_entitytype metadata_entityname metadata_location metadata2_entitytype metadata2_entityname metadata2_location |
metadata.entityname | (blank) | Yes | entityname |
metadata.entityname | metadata | Yes | metadata |
metadata | (blank) | Yes | entitytype entityname location |
metadata | (blank) | No | entitytype entityname Location metadata2_entitytype metadata2_entityname metadata2_location |
metadata | metadata | Yes | metadata_entitytype metadata_entityname metadata_location |
metadata metadata2 | (blank) | Yes | entitytype entityname location (from metadata2) |
metadata metadata2 | metadata metadata2 | Yes | metadata_entitytype metadata_entityname metadata_location metadata2_entitytype metadata2_entityname metadata2_location |
Caution with arrays
If you send the same property name twice in a single event, BigPanda will only use the last value for that property name. We recommend avoiding this, if possible.
Caution with Arrays
If you send the same property name twice in a single event, BigPanda will only use the last value for that property name. We recommend avoiding this, if possible.