Runbook Nodes
Runbook nodes are the individual logical components or automated actions that make up runbooks. Assembled in sequence, Runbook nodes define an automated investigation and generate output to inform your investigation of an incident in response to a trigger. Each runbook node has a set of properties that control its behavior in a runbook. You can configure these properties separately for each instance of the node that is used.
Runbook nodes are accessed in a palette in the Runbook Editor, where they are organized into categories. The palette lists the runbook node categories in approximate order of how they should be assembled in sequence (first a trigger, then a data query, then a logic operation, then an impact or a visualization), but this is broadly advisory, and a complex runbook may have nodes from different categories arranged in many ways.
Runbook Node Compatibility Matrix
There are five types of runbooks that are displayed as columns in the compatibility matrix, plus an additional column to differentiate the case of an External runbook that is created in Aternity.
-
Incident — Runbooks that execute automatically when a new incident is created.
-
Lifecycle — Runbooks that execute automatically when a triggering lifecycle event occurs on an incident.
-
External — Runbooks that trigger in response to a configured API call.
-
Aternity ISD — These runbooks are External runbooks but the editor shows a truncated set of nodes.
-
-
On-Demand — Runbooks that trigger as required (either on-demand, or as scheduled).
-
Subflow — Runbook “macros”. Chunks of reusable automations that perform frequently used functions (e.g., open a ticket in an external system) and can also be used to implement integrations with third party systems.
The following table shows which nodes are compatible with which types of runbook. The Node Execution Value column shows the execution cost of each node. To see the monthly Node Exectuion counts go to the Monitoring Usage page to see the current and previous month node executions.
| Node | Category | Incident | Lifecycle | External | Embedded in Aternity | On-Demand | Subflow | Node Execution Value |
|---|---|---|---|---|---|---|---|---|
| Interface | Triggering Entity | ✓ | 1 | |||||
| Device[s] | Triggering Entity | ✓ | 1 | |||||
| Application[s]/Location[s] | Triggering Entity | ✓ | 1 | |||||
| Webhook | Triggering Entity | ✓ | ✓ | 1 | ||||
| Input | Triggering Entity | ✓ | 1 | |||||
| Runbook Completed | Triggers | ✓ | 1 | |||||
| Status Changed | Triggers | ✓ | 1 | |||||
| Note Added | Triggers | ✓ | 1 | |||||
| Note Updated | Triggers | ✓ | 1 | |||||
| Indicators Updated | Triggers | ✓ | 1 | |||||
| Ongoing State Changed | Triggers | ✓ | 1 | |||||
| Subflow Input | Subflow Input | ✓ | 0 | |||||
| Subflow Output | Subflow Output | ✓ | 0 | |||||
| Applications | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Devices (Traffic) | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Device Status | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Device (CPU Utilization) | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Device (Memory Utilization) | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Device (Disk Utilization) | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Device (Availability) | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Devices (Performance) | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Device (Up Time) | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Device (Configuration Changes) | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Hosts | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Client Hosts | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Server Hosts | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Client-Server Pairs | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Locations | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Client Locations | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Server Locations | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Network Interfaces | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Interface Status | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Network Interfaces (Error Metrics) | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Interfaces (Performance) | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Protocols | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| DSCPs | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Client-Server Location Pairs | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Client-Server Pairs and Protoport | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| User Device (Deprecated) | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Data Store | Data Queries | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Aggregator | Functions | ✓ | ✓ | ✓ | ✓ | ✓ | 1 | |
| Transform | Functions | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | 1 |
| GenAI | Functions | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Premium - 10 |
| Decision Branch | Logic | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | 1 |
| Set Incident Priority | Impacts | ✓ | 1 | |||||
| Tag As Affected Applications | Impacts | ✓ | 1 | |||||
| Tag As Affected Locations | Impacts | ✓ | 1 | |||||
| Tag As Affected Users | Impacts | ✓ | 1 | |||||
| Add Insight | Impacts | ✓ | ✓ | ✓ | 1 | |||
| HTTP Request | Integrations | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | 1 |
| Table | Visualizations | ✓ | ✓ | ✓ | ✓ | 0 | ||
| Pie Chart | Visualizations | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Bar Chart | Visualizations | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Timeseries Chart | Visualizations | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Bubble Chart | Visualizations | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Correlation Chart | Visualizations | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Cards | Visualizations | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Gauges | Visualizations | ✓ | ✓ | ✓ | ✓ | 1 | ||
| Connection Graph | Visualizations | ✓ | ✓ | 1 | ||||
| Text | Visualizations | ✓ | ✓ | ✓ | ✓ | 0 | ||
| Set Primitive Variable | Variables | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | 1 |
| Set Structured Variable | Variables | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | 1 |
| Comment | Miscellaneous | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | 0 |
| Note | Miscellaneous | ✓ | 0 | |||||
| Subflow | Subflows | ✓ | ✓ | ✓ | ✓ | ✓ |
see note below |
Note: The Subflow node execution value is determined based on the subflow type
Subflow Type Node Execution Value Customer-generated subflow count of nodes executed inside the subflow Riverbed-supplied built-in subflows count of nodes executed inside the subflow Riverbed premium subflows
(based on the specific subflow) Premium: Aternity ISD Parse 0 Premium: OTel Premium - 10