Triggering action over the event occurrence in OSSIM is going to explain in this article.
There is agent in the system with IP, 192.168.80.22. Email is to be send to server admins whenever this agent disconnect and reconnect to SEIM server.
Below is the sample event

• Here is event ID and data source ID that are interested when agent start to communicate with SEIM server.
• Event Name: AlienVault HIDS- HIDS agent started.
• Event Type Id: 503
• Data Source Id: 7007
• Raw log: AV - Alert - "1475748734" --> RID: "503"; RL: "3"; RG: "ossec,"; RC: "Ossec agent started."; USER: "None"; SRCIP: "None"; HOSTNAME: "(my-agent) 192.168.80.22->ossec"; LOCATION: "(my-agent) 192.168.80.22->ossec"; EVENT: "[INIT]ossec: Agent started: 'my-agent->192.168.80.22'.[END]";
• Here is event ID and data source ID that are interested when agent disconnected from server .
• Event Name: AlienVault HIDS- HIDS agent disconnected.
• Data Source Id: 7007
• Event Type Id: 504
• Raw log: AV - Alert - "1475662394" --> RID: "504"; RL: "3"; RG: "ossec,"; RC: "Ossec agent disconnected."; USER: "None"; SRCIP: "None"; HOSTNAME: "alienvault"; LOCATION: "ossec-monitord"; EVENT: "[INIT]ossec: Agent disconnected: 'my-agent-192.168.80.22'.[END]";

Let’s start it in action
Adding action

1. Navigate action
1. Configuration --> Threat Intelligence --> Actions
2. Click on 'New' to create a new action on OSSIM
3. Fill the form and select 'send an email' for the 'Type'

1. After completing the form save it

Create a policy

1. Navigate policy
1. Configuration --> Threat Intelligence --> Policy
2. Add new policy for ‘Default policy group’
3. File the form
1. Make sure you fill below in correctly.
2. Policy Rule Name
3. Source  (it is you agent name or IP)
4. Destination (it can be any)
5. Action (Pick the action we just added)
4. Click 'update policy' and you have to reload the policy then by click on 'Reload Policy' button in policy group level
5. Order the policy in correct order
   
6. Add correct event ID for the group

Save it and reload it again.

Test it..