The Execution Tracking - Begin (CIs) flow action starts the auditing process for a Security Operations Integration flow that operates on configuration items (CIs).

The Execution Tracking - Begin (CIs) flow action can be used with any CI flow to begin recording the progress of the flow in an audit.

Results

Possible results for this flow action are:

Table 1. Results
Result Description
Success An audit record is created.

Input variables

Input variables determine the initial behavior of the flow action.

Variable Description
capabilityId System identifier of the Integration Capability being executed.
isImpl Flag that specifies whether auditing is done for an Integration Capability flow or an Integration Capability implementation flow. Possible values are:
  • false - denotes auditing on an abstract Integration Capability flow such as Sightings Search. (default.)
  • true - denotes auditing on an Integration Capability implementation flow. For example, Splunk or Elasticsearch.
taskId System identifier for any task associated with the flow.
ciList One or more Configuration Items (CI)s to perform the desired action against in the following format: 
["sysId", "sysId"]
or 
"sysId"

Used as a flow input.
flowContextId System identifier of the associated flow context record. Supplied by the system.
flowName Name of the flow. Supplied by the system.
parentCapabilityExcutionId System identifier of the audit record that launched the implementation flow. Only required for Integration Capability implementation flows such as Splunk, Elasticsearch.

Output variables

The output variables contain data that can be used in subsequent activities.

Table 2. Output variables
Variable Description
capabilityExecutionId System identifier of the audit record.