Outbound Notifications for Cherwell
After using the 'Add New Connection' Outbound Notification action and selecting Cherwell you will be shown the Cherwell wizard which will take you through the process of configuring your connection.
Cherwell Connection Settings
The Cherwell Connection Settings page defines how you will connect to your Cherwell instance.
Name - A short display name that is used to differentiate connections
We typically advise that you use your instance name with a short description of the alert criteria
URL - The base URL of the REST API service for your Cherwell instance
This requires the trailing forward slash, for example:
hxxps://<instance>.domain.tld/CherwellAPI/
Use a Proxy - Whether or not you wish to use a proxy
Defaults to False
Proxy URL - The actual URL used to connect to your proxy
We only support HTTP proxies
If your proxy requires authentication please see here for further details
Client ID - The REST API client Id of your connection
A GUID obtained from the Cherwell Administrator
Further details on how to create one of these here
Run As Profile - The ‘Run As Profile’ that you will use to provide your service account
You can choose to use a different profile if you wish, as long as it is from a sealed Management Pack
Connection is enabled - Whether or not you wish to create the connection in an enabled state
Defaults to False
Incident Options
The Incident Options page allows you to customize how your incidents are raised in Cherwell. You can use multiple connections to build up a variety of different options.
The image to the side is for illustrative purposes only. You will need to customize these as required for your environment.
Scope (SCOM 2019)
If you are using SCOM 2019 you get the option to set a scope. This allows you to narrow your connections focus down to alerts from certain groups or certain classes. Combined with criteria and appropriate incident options this allows you to raise alerts as incidents for individual teams.
Criteria (2019)
If you are using SCOM 2019 you can set out complex criteria to narrow down the focus of the connection using the interface shown here.
This supports a large number of available alert fields with the Boolean operators AND/OR making for some highly specific criteria.
By default, Connection Center uses subscription-based notifications rather than connector-based notifications. You can read more about this here.
Criteria (Pre - 2019)
SCOM versions pre-2019 have a simpler criteria interface, but this still allows for all the major conditions.
Combined with the appropriate incident options this allows you to raise alerts as incidents for individual teams.
By default, Connection Center uses subscription-based notifications rather than connector-based notifications. You can read more about this here.
Management Pack
The Management Pack page allows you to select where your configuration will be stored.
By default, we store your configuration in a dedicated management pack. However, you are free to choose your own management pack (including creating a new one). You can also export the configuration to XML for use in change management processes or other reasons.
Summary
Finally, you will be brought to the summary screen where you can look over the configuration for a final time before finishing the wizard.
Should you wish to go back and change any part of your configuration, you can use the ‘Previous’ button or jump directly to the relevant page using the links on the left.
After You Finish and Next Steps
When you press the Finish button our wizard sets about putting your configuration in place. If the connection is enabled by default and not exported to XML the connection will set about running a connection test. You can find further details about what to expect from this back on the main page here.
Your next step would normally be to set up an Inbound Notification connection if you would like to pull back information from Cherwell to your SCOM alerts.
If you are using scope or criteria it’s important to note that by default each alert needs to match a subscription for each stage of its life-cycle that you care about. For example, if you set a criterion for all alerts to be new, you won’t get any updates when an alert closes. We have further reading about this here.