Enterprise Solutions

Enterprise System Monitoring Add

Enterprise Event System (EES) > API by Reference > Enterprise Event Services > Enterprise System Monitoring Add

Enterprise System Monitoring Add is a jXchange service that allows publishers to add one or more entries to EES. This message is designed to translate an ESMAdd to an EESAdd.

Message Flow

In Enterprise Event, the Enterprise System Monitoring Add service uses a typical exchange of request/response messages to add one or more entries to the system by translating ESMAdd to EESAdd.

Primary Request

The Third Party Consumer forwards the ESMAddRq_MType message to the Service Provider. The message contains:

  • ErrOvrRdInfoArray_AType
  • ESMInfoArray_AType
  • JESMsgRqHdr_CType

Primary Response

The Service Provider returns the ESMAddRs_MType message to the Third Party Consumer. The message contains:

  • JESMsgRsHdr_CType

Enterprise System Monitoring Add Behavior

The name of the product represented in the ESM package is required. The date and time of the ESM event, not the submission date and time of the event, is required. The date and time is expressed in ISO 8601 time format and should contain either Zulu time or local time and the UTC offset. The unique name or FQDN of the system reporting the event is required. This must uniquely identify the specific machine that is reporting the event. The event code of the registered event is required. The ESM event codes are located in the Enterprise Event Dictionary (EED). The event category and event severity are optional. These values default to the category and severity referenced to the event code in the EED. They are used to describe the nature of the event. The Event Tracking Identification, EventTrackingId, Native Event Code, NEventCode, Event application identification, EventAppId, Event Process Identification, EventProcId, Event Thread Identification, EventThreadId, and Event Correlation Identification, EventCorrelId contribute to the forensics of remediating an ESM event. Warning and Fault Message behavior requirements are forthcoming.

ESMAddRq_MType

ESMAddRq_MType is a message MType element. Contains:

  • ESMInfoArray_AType
  • ErrOvrRdInfoArray_AType
  • JESMsRqHdr_CType

ErrOvrRdInfoArray_AType

ErrOvrRdInfoArray_AType is an array AType element. This is an array of overrides for faults. Contains:

  • ErrOvrRd_CType

ErrOvrRd_CType

ErroOvrRd_CType is a complex CType element. This element is used to override errors created in a previous request. This element is optional.

Simple Elements

The simple elements contained within this complex are listed below.

ErrCode

This is the Soap Header Fault error code.

ESMInfoArray_AType

ESMInfoArray_AType is an array AType element. This is an array of ESM packages. Contains:

  • ESMInfoRec_CType

ESMInfoRec_CType

ESMInfoRec_CType is a complex CType element. Contains:

  • ESMEntry_CType

ESMEntry_CType

ESMEntry_CType is a complex CType element.

Simple Elements

The simple elements contained within this complex are listed below.

Action

Contains the action details expressed as human readable information. For events that can provide details of what occurred, this data element will contain the information. Example: If a logon failure occurred, event 130, this data may contain invalid ID/PWD combination. This data will not be automatically processed for content by the receiving system.

EventAppId

Identifies the application within a specific consumer product that created the logging message. This data element defines the application relating to the event. For example, if the ConsumerProd equals 4Sight, AppId might contain IMAGING or any other sub-categorization of the Consumer Product.

EventCat

The code of the Category of the event that occurred. Example: 3 as expressed as an integer. The category provided for a specific event. The category is optional and the default assigned to the event code will be assigned to the event.

EventCode

This is the code of the event that occurred. The event codes for the Broadcast Event are provided in the canonical values. The event codes for ESM are located in the Enterprise Event Dictionary, referred to as EED. Canonical values are:

  • AcctAnlysStmt
  • AcctAnlysStmtUpd
  • AcctRelCodeDetail
  • AcctRelCodeDetailUpd
  • AcctStmt
  • AcctStmtUpd
  • AcctTitleDetail
  • AcctTitleDetailUpd
  • AllItemsTrn
  • AllItemsTrnUpd
  • CollatTrackItem
  • CollatTrackItemDesc
  • CollatTrackItemDescUpd
  • CollatTrackItemUpd
  • CurrTrnDetail
  • CurrTrnDetailUpd
  • CustAcctDetail
  • CustAcctDetailUpd
  • CustDetail
  • CustDetailUpd
  • Cust_Acct
  • Cust_AcctUpd
  • Cust_Email
  • Cust_EmailUpd
  • Cust_FileMainDetail
  • Cust_FileMainDetailUpd
  • Cust_IdVerifyDetail
  • Cust_IdVerifyDetailUpd
  • Cust_OffCodeDetail
  • Cust_OffCodeDetailUpd
  • Cust_Phone
  • Cust_PhoneUpd
  • Cust_SynapUserDefDetail
  • Cust_SynapUserDefDetailUpd
  • Cust_UserDefDetail
  • Cust_UserDefDetailUpd
  • DepAcct
  • DepAcctHist
  • DepAcctHistUpd
  • DepAcctMemo
  • DepAcctMemoUpd
  • DepAcctUpd
  • DepTrn
  • DepTrnUpd
  • Dep_AcctSweepDetail
  • Dep_AcctSweepDetailUpd
  • Dep_AcctTitle
  • Dep_AcctTitleUpd
  • Dep_AcctWavDetail
  • Dep_AcctWavDetailUpd
  • Dep_EFTDesc
  • Dep_EFTDescUpd
  • Dep_MemoPostRmk
  • Dep_MemoPostRmkUpd
  • Dep_StopChkDetail
  • Dep_StopChkDetailUpd
  • Dep_SynapUserDefDetail
  • Dep_SynapUserDefDetailUpd
  • Dep_TrnCodeDetail
  • Dep_TrnCodeDetailUpd
  • Dep_UserDefDetail
  • Dep_UserDefDetailUpd
  • Dep_XferDetail
  • Dep_XferDetailUpd
  • EFTCard
  • EFTCardUpd
  • EFTCardAcctId
  • EFTCardAcctIdUpd
  • EFTDescDetail
  • EFTDescDetailUpd
  • EmailDetail
  • EmailDetailUpd
  • EscrwDetail
  • EscrwDetailUpd
  • FASB91Acct
  • FASB91AcctUpd
  • FedActNotif
  • FedShutDown
  • FedStartUp
  • GLAcct
  • GLAcctMonthBalDetail
  • GLAcctMonthBalDetailUpd
  • GLAcctQtrBalDetail
  • GLAcctQtrBalDetailUpd
  • GLAcctUpd
  • GLTrn
  • GLTrnUpd
  • InstAppProcDetail
  • InstAppProcDetailUpd
  • InstBrDetail
  • InstBrDetailUpd
  • InstDetail
  • InstDetailUpd
  • IntRateIdxDetail
  • IntRateIdxDetailUpd
  • LnAcct
  • LnAcctHist
  • LnAcctUpd
  • LnAcctHistUpd
  • LnAcctMemo
  • LnAcctMemoUpd
  • LnAcctUpd
  • LnBilDetail
  • LnBilDetailUpd
  • LnFeeDetail
  • LnFeeDetailUpd
  • LnGLAppTrn
  • LnGLAppTrnUpd
  • LnPmtSchedDetail
  • LnPmtSchedDetailUpd
  • LnTrn
  • LnTrnUpd
  • Ln_AcctTitle
  • Ln_AcctTitleUpd
  • Ln_EFTDesc
  • Ln_EFTDescUpd
  • Ln_MemoPostRmk
  • Ln_MemoPostRmkUpd
  • Ln_OffCodeDetail
  • Ln_OffCodeDetailUpd
  • Ln_SynapUserDefDetail
  • Ln_SynapUserDefDetailUpd
  • Ln_UserDefDetail
  • Ln_UserDefDetailUpd
  • Ln_XferDetail
  • Ln_XferDetailUpd
  • LOCDetail
  • LOCDetailUpd
  • MemoPostRmkDetail
  • MemoPostRmkDetailUpd
  • OffCodeDetail
  • OffCodeDetailUpd
  • PhoneDetail
  • PhoneDetailUpd
  • PlnCodeDetail
  • PlnCodeDetailUpd
  • ProdCodeDetail
  • ProdCodeDetailUpd
  • SafeDepAcct
  • SafeDepAcctUpd
  • SafeDep_AcctTitle
  • SafeDep_AcctTitleUpd
  • SafeDep_UserDefDetail
  • SafeDep_UserDefDetailUpd
  • TimeDepAcct
  • TimeDepAcctHist
  • TimeDepAcctHistUpd
  • TimeDepAcctMemo
  • TimeDepAcctMemoUpd
  • TimeDepAcctUpd
  • TimeDepTrn
  • TimeDepTrnUpd
  • TimeDep_AcctTitle
  • TimeDep_AcctTitleUpd
  • TimeDep_EFTDesc
  • TimeDep_EFTDescUpd
  • TimeDep_MemoPostRmk
  • TimeDep_MemoPostRmkUpd
  • TimeDep_StopChkDetail
  • TimeDep_StopChkDetailUpd
  • TimeDep_SynapUserDefDetail
  • TimeDep_SynapUserDefDetailUpd
  • TimeDep_TaxPlnDetail
  • TimeDep_TaxPlnDetailUpd
  • TimeDep_UserDefDetail
  • TimeDep_UserDefDetailUpd
  • TrckAcct
  • TrckAcctUpd

EventCorrelId

An identification provided by the consumer that correlates a group of log messages.

EventDesc

Event Description Sending system can add any additional information that may help the remediation of an event. This data will not be automatically processed for content by the receiving system.

EventProcId

Identifies the process for a consumer application that has created the logging message.

EventProd

This is the name of the product which is consuming the service (business product name) for the Soap Header Fault. The canonical values are:

  • 4|sight
  • Argo
  • Episys Explorer
  • Experience
  • iTalk
  • jXchange
  • OnBoard
  • StreamLine
  • Synergy
    This is the Product or Operating System that is reporting the event. This data element will directly relate to the type of event. Canonical values are:
  • 2020
  • AIX
  • CORE DIRECTOR
  • EPISYS
  • i5/OS
  • SILVERLAKE
  • WINDOWS
  • EventProdEnv
    An identification provided by the consumer that defines the environment in which the application is operating. This is the environment in which the Product or OS is operating. For example: PROD, TEST, AUDIT,SIM001, SIM101 The absence of this element will equate to PROD equals Production Environment. It will be the responsibility of the sender to send the appropriate data to identify the environment if necessary.

EventSvrty

The error severity of an event The error severity provided for a specific event. The error severity is optional and the default assigned to the event code will be assigned to the event.

EventThreadID

An element when the consumer product is executed in a multi-threaded environment.

EventTrackingId

An ID or other information used to track the origin of this event. Example: In some cases, this may be a key supplied by a source system to retrieve the data records of the event that can be used for forensics.

EventUsrId

This is the user ID that the consumer would like written in the audit as performing the requested service. It varies, but it could be the same as the user ID. It is not used to authenticate. It is used to audit the Soap Header Fault. If the event can be associated with a UserID that originated this event, this data element contains the UserID.

EventWsId

This is the workstation ID that the consumer would like written in the audit as performing the requested service for the Soap Header Fault. It varies, but it could be the same as the user ID. This is the unique name or FQDN of the system or machine, where the event occurred. This data must uniquely identify the specific machine where the event occurred. This data element is included when the event occurs at a machine other than the machine that is reporting the event. For example, if a user on a workstation is unsuccessfully attempting to access a secured resource on a server. This data element will contain the unique name or FQDN of the workstation.

InstId

Identifies the institution that has created the logging message. This is the unique ID that identifies the institution for JHA. This must be unique by institution and consistent for all applications.

ItemName

Indicates the object of the event.

LogDtTime

Date and Time the event occurred. Expressed in ISO 8601 time format and should contain either Zulu time or local time and the UTC offset. Format: [-]CCYY-MM-DDThh:mm:ss[Z|(+|-)hh:mm] Valid values

include:

NEventCode

The Native Event Code, Error Code, used in the originating system. Can be used in forensics for tracking events to their source.

NewVal

If a value has changed, this is the resulting new value.

OldVal

If a value has changed, this is the original old value.

SystemId

The workstation ID that the consumer would like written to the audit as performing the requested service for Soap Header Fault. It will vary, but it could be the same as the user ID.

This is the unique name or FQDN of the system or machine reporting the event. This data must uniquely identify the specific machine that is reporting the event. For example, if a user on a workstation is unsuccessfully attempting to access a secured resource on a server. This data element will contain the unique name or FQDN of the server assuming the server, or a process on the server, will report the event.

JESMsgRqHdr_CType

JESMsgRqHdr_CType is a complex CType element. Contains:

  • JESHdr of type JESHdr_CType

JESHdr_CType

JESHdr_CType is a complex CType element. Contains:

  • OrigConsumerInfo_CType Simple Elements

The simple elements contained within this complex are listed below.

AuditUsrId

This is the user ID that the consumer would like written in the audit as performing the requested service. It varies, but it could be the same as the user ID. It is not used to authenticate. It is used to audit the Soap Header Fault.

AuditWsId

This is the workstation ID that the consumer would like written in the audit as performing the requested service for the Soap Header Fault. It varies, but it could be the same as the user ID.

BusCorrelId

The correlation identification as related to business functions and activities.

ConsumerProd

This is the name of the product which is consuming the service (business product name) for the Soap Header Fault. The canonical values are:

  • 4|sight
  • Argo
  • Episys Explorer
  • Experience
  • iTalk
  • jXchange
  • OnBoard
  • StreamLine
  • Synergy

ConsumerRqDtTime

This is a date/time stamp that confirms the message request was made.

jXLogTrackingId

This is an identification provided by jXchange to be able to trace the request and response of a messagefrom the Third Party gateway, internal gateway, and Service Provider for the Soap Header Fault.

ValidConsmName

The consumer name that can be validated by enterprise governance. The canonical values are managed in a consumer/product enterprise table.

ValidConsmProd

The consumer product name that can be validated by enterprise governance. The canonical values are managed in a consumer/product enterprise table.

WorkflowCorrelId

The correlation identification as related to workflow functions and activities.

OrigConsumerInfo_CType

OrigConsumerInfo_CType is a complex CType element. Contains:

  • AuthenUsrCred_CType

Simple Elements

The simple elements contained within this complex are listed below.

MachNameIPAddr

Specifies the machine name used with the current channel, which may be the DNS name of the computer or IP Address.

AuthenUsrCred_CType

AuthenUsrCred_CType is a complex CType element. This element represents Authentication of the end User Credentials in the form of a WS Security Element that contains a single SAML V2.0 Assertion.
http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf

Simple Elements

The simple elements contained within this complex are listed below.

Security

This element defines the wsse:Security SOAP header element per Section 4.

ESMAddRs_MType

ESMAddRs_MType is a message MType element. Contains:

  • JESMsgRsHdr_CType Simple Elements

The simple elements contained within this message are listed below.

RsStat

This is the status of the response. Canonical values are:

  • Fail
  • Success

JESMsgRsHdr_CType

JESMsgRsHdr_CType is a complex CType element. This element is optional. Contains:

  • JESHdr of type JESHdr_CType
  • MsgRecInfoArray of type MsgRecInfoArray_AType

JESHdr_CType

JESHdr_CType is a complex CType element. Contains:

  • OrigConsumerInfo_CType

Simple Elements

The simple elements contained within this complex are listed below.

AuditUsrId

This is the user ID that the consumer would like written in the audit as performing the requested service. It varies, but it could be the same as the user ID. It is not used to authenticate. It is used to audit the Soap Header Fault.

AuditWsId

This is the workstation ID that the consumer would like written in the audit as performing the requested service for the Soap Header Fault. It varies, but it could be the same as the user ID.

BusCorrelId

The correlation identification as related to business functions and activities.

ConsumerProd

This is the name of the product which is consuming the service (business product name) for the Soap Header Fault. The canonical values are:

  • 4|sight
  • Argo
  • Episys Explorer
  • Experience
  • iTalk
  • jXchange
  • OnBoard
  • StreamLine
  • Synergy ConsumerRqDtTime

This is a date/time stamp that confirms the message request was made.

jXLogTrackingId

This is an identification provided by jXchange to be able to trace the request and response of a message from the Third Party gateway, internal gateway, and Service Provider for the Soap Header Fault.

ValidConsmName

The consumer name that can be validated by enterprise governance. The canonical values are managed in a consumer/product enterprise table.

ValidConsmProd

The consumer product name that can be validated by enterprise governance. The canonical values are managed in a consumer/product enterprise table.

WorkflowCorrelId

The correlation identification as related to workflow functions and activities.

SOrigConsumerInfo_CType

OrigConsumerInfo_CType is a complex CType element. Contains:

  • AuthenUsrCred_CType

Simple Elements

The simple elements contained within this complex are listed below.

MachNameIPAddr

Specifies the machine name used with the current channel, which may be the DNS name of the computer or IP Address.

AuthenUsrCred_CType

AuthenUsrCred_CType is a complex CType element. This element represents Authentication of the end User Credentials in the form of a WS Security Element that contains a single SAML V2.0 Assertion.
http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf

Simple Elements

The simple elements contained within this complex are listed below.

Security

This element defines the wsse:Security SOAP header element per Section 4.

MsgRecInfoArray_AType

MsgRecInfoArray_AType is an array AType element. This is an array of messages that can be returned in a response. Contains:

  • MsgRec_CType MsgRec_CType MsgRec_CType is a complex CType element.

Simple Elements

The simple elements contained within this complex are listed below.

ErrCat

This is the Soap Header Fault error category.

ErrCode

This is the Soap Header Fault error code.

ErrDesc

This is the Soap Header Fault error description.

ErrElem

The Soap Header Fault when an error or fault occurs. This optional element contains the element which is causing the error condition.

ErrElemVal

The Soap Header Fault when an error or fault occurs. This optional element contains the value of the element which is causing the error condition.

ErrLoc

This is the Soap Header Fault error location. This is typically the program that generated the error condition.

Have a Question?
Have a how-to question? Seeing a weird error? Get help on StackOverflow.
Register for the Digital Toolkit Meetup where we answer technical Q&A from the audience.
Last updated Thu Jul 14 2022