def cloudwatch():
hook_started = webhook_timer.start_timer()
try:
incomingAlert = parse_notification(request.data)
except ValueError as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
try:
alert = process_alert(incomingAlert)
except RejectException as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 403
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
webhook_timer.stop_timer(hook_started)
if alert:
body = alert.get_body()
body['href'] = absolute_url('/alert/' + alert.id)
return jsonify(status="ok", id=alert.id, alert=body), 201, {'Location': body['href']}
else:
return jsonify(status="error", message="insert or update of cloudwatch alarm failed"), 500
def get_top10_flapping():
try:
query, _, _, group, _, _, _ = parse_fields(request.args)
except Exception as e:
return jsonify(status="error", message=str(e)), 400
try:
top10 = db.get_topn_flapping(query=query, group=group, limit=10)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
for item in top10:
for resource in item['resources']:
resource['href'] = absolute_url('/alert/' + resource['id'])
if top10:
return jsonify(
status="ok",
total=len(top10),
top10=top10
)
else:
return jsonify(
status="ok",
message="not found",
total=0,
top10=[],
)
def get_heartbeats():
try:
heartbeats = db.get_heartbeats()
except Exception as e:
return jsonify(status="error", message=str(e)), 500
hb_list = list()
for hb in heartbeats:
body = hb.get_body()
if g.get('role', None) != 'admin' and not body['customer'] == g.get(
'customer', None):
continue
body['href'] = absolute_url('/heartbeat/' + hb.id)
hb_list.append(body)
if hb_list:
return jsonify(status="ok",
total=len(heartbeats),
heartbeats=hb_list,
time=datetime.datetime.utcnow())
else:
return jsonify(status="ok",
message="not found",
total=0,
heartbeats=hb_list,
time=datetime.datetime.utcnow())
def index():
rules = []
for rule in app.url_map.iter_rules():
if rule.endpoint not in ['test', 'static']:
rules.append(rule)
return render_template('index.html', base_url=absolute_url(), rules=rules)
def newrelic():
hook_started = webhook_timer.start_timer()
try:
incomingAlert = parse_newrelic(request.json)
except ValueError as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 400
if g.get("customer", None):
incomingAlert.customer = g.get("customer")
try:
alert = process_alert(incomingAlert)
except RejectException as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 403
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
webhook_timer.stop_timer(hook_started)
if alert:
body = alert.get_body()
body["href"] = absolute_url("/alert/" + alert.id)
return jsonify(status="ok", id=alert.id, alert=body), 201, {"Location": body["href"]}
else:
return jsonify(status="error", message="insert or update of New Relic alert failed"), 500
def create_key():
if g.get('role', None) == 'admin':
try:
user = request.json.get('user', g.user)
customer = request.json.get('customer', None)
except AttributeError:
return jsonify(status="error", message="Must supply 'user' as parameter"), 400
else:
try:
user = g.user
customer = g.get('customer', None)
except AttributeError:
return jsonify(status="error", message="Must supply API Key or Bearer Token when creating new API key"), 400
type = request.json.get("type", "read-only")
if type not in ['read-only', 'read-write']:
return jsonify(status="error", message="API key 'type' must be 'read-only' or 'read-write'"), 400
text = request.json.get("text", "API Key for %s" % user)
try:
key = db.create_key(user, type, customer, text)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
return jsonify(status="ok", key=key), 201, {'Location': absolute_url('/key/' + key)}
def get_history():
try:
query, _, _, _, _, limit, query_time = parse_fields(request.args)
except Exception as e:
return jsonify(status="error", message=str(e)), 400
try:
history = db.get_history(query=query, limit=limit)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
for alert in history:
alert['href'] = absolute_url('/alert/' + alert['id'])
if len(history) > 0:
return jsonify(
status="ok",
history=history,
lastTime=history[-1]['updateTime']
)
else:
return jsonify(
status="ok",
message="not found",
history=[],
lastTIme=query_time
)
def create_blackout():
if request.json and 'environment' in request.json:
environment = request.json.get('environment', None) or ''
else:
return jsonify(status="error", message="must supply 'environment' as parameter"), 400
resource = request.json.get("resource", None)
service = request.json.get("service", None)
event = request.json.get("event", None)
group = request.json.get("group", None)
tags = request.json.get("tags", None)
customer = request.json.get("customer", None)
start_time = request.json.get("startTime", None)
end_time = request.json.get("endTime", None)
duration = request.json.get("duration", None)
if start_time:
start_time = datetime.datetime.strptime(start_time, '%Y-%m-%dT%H:%M:%S.%fZ')
if end_time:
end_time = datetime.datetime.strptime(end_time, '%Y-%m-%dT%H:%M:%S.%fZ')
try:
blackout = db.create_blackout(environment, resource, service, event, group, tags, customer, start_time, end_time, duration)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
return jsonify(status="ok", blackout=blackout), 201, {'Location': absolute_url('/blackout/' + blackout)}
def stackdriver():
hook_started = webhook_timer.start_timer()
try:
incomingAlert = parse_stackdriver(request.json)
except ValueError as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 403
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
webhook_timer.stop_timer(hook_started)
if alert:
body = alert.get_body()
body['href'] = absolute_url('/alert/' + alert.id)
return jsonify(status="ok", id=alert.id, alert=body), 201, {'Location': body['href']}
else:
return jsonify(status="error", message="notification from stackdriver failed"), 500
def create_key():
if g.get('role', None) == 'admin':
try:
user = request.json.get('user', g.user)
customer = request.json.get('customer', None)
except AttributeError:
return jsonify(status="error",
message="Must supply 'user' as parameter"), 400
else:
try:
user = g.user
customer = g.get('customer', None)
except AttributeError:
return jsonify(
status="error",
message=
"Must supply API Key or Bearer Token when creating new API key"
), 400
type = request.json.get("type", "read-only")
if type not in ['read-only', 'read-write']:
return jsonify(
status="error",
message="API key 'type' must be 'read-only' or 'read-write'"), 400
text = request.json.get("text", "API Key for %s" % user)
try:
key = db.create_key(user, type, customer, text)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
return jsonify(status="ok", key=key), 201, {
'Location': absolute_url('/key/' + key)
}
def get_heartbeats():
customer = g.get('customer', None)
if customer:
query = {'customer': customer}
else:
query = {}
try:
heartbeats = db.get_heartbeats(query)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
hb_list = list()
for hb in heartbeats:
body = hb.get_body()
body['href'] = absolute_url('/heartbeat/' + hb.id)
hb_list.append(body)
if hb_list:
return jsonify(
status="ok",
total=len(heartbeats),
heartbeats=hb_list,
time=datetime.datetime.utcnow()
)
else:
return jsonify(
status="ok",
message="not found",
total=0,
heartbeats=hb_list,
time=datetime.datetime.utcnow()
)
def newrelic():
hook_started = webhook_timer.start_timer()
try:
incomingAlert = parse_newrelic(request.json)
except ValueError as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 403
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
webhook_timer.stop_timer(hook_started)
if alert:
body = alert.get_body()
body['href'] = absolute_url('/alert/' + alert.id)
return jsonify(status="ok", id=alert.id, alert=body), 201, {
'Location': body['href']
}
else:
return jsonify(
status="error",
message="insert or update of New Relic alert failed"), 500
def get_heartbeats():
try:
heartbeats = db.get_heartbeats()
except Exception as e:
return jsonify(status="error", message=str(e)), 500
hb_list = list()
for hb in heartbeats:
body = hb.get_body()
if g.get('role', None) != 'admin' and not body['customer'] == g.get('customer', None):
continue
body['href'] = absolute_url('/heartbeat/' + hb.id)
hb_list.append(body)
if hb_list:
return jsonify(
status="ok",
total=len(heartbeats),
heartbeats=hb_list,
time=datetime.datetime.utcnow()
)
else:
return jsonify(
status="ok",
message="not found",
total=0,
heartbeats=hb_list,
time=datetime.datetime.utcnow()
)
def get_heartbeats():
customer = g.get('customer', None)
if customer:
query = {'customer': customer}
else:
query = {}
try:
heartbeats = db.get_heartbeats(query)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
hb_list = list()
for hb in heartbeats:
body = hb.get_body()
body['href'] = absolute_url('/heartbeat/' + hb.id)
hb_list.append(body)
if hb_list:
return jsonify(status="ok",
total=len(heartbeats),
heartbeats=hb_list,
time=datetime.datetime.utcnow())
else:
return jsonify(status="ok",
message="not found",
total=0,
heartbeats=hb_list,
time=datetime.datetime.utcnow())
def create_user():
if request.json and 'name' in request.json:
name = request.json["name"]
login = request.json["login"]
password = request.json.get("password", None)
provider = request.json["provider"]
text = request.json.get("text", "")
try:
user_id = db.save_user(str(uuid4()), name, login, password,
provider, text)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
else:
return jsonify(
status="error",
message=
"must supply user 'name', 'login' and 'provider' as parameters"
), 400
if user_id:
return jsonify(status="ok", user=user_id), 201, {
'Location': absolute_url('/user/' + user_id)
}
else:
return jsonify(status="error",
message="User with that login already exists"), 409
def create_blackout():
if request.json and 'environment' in request.json:
environment = request.json.get('environment', None) or ''
else:
return jsonify(status="error",
message="must supply 'environment' as parameter"), 400
resource = request.json.get("resource", None)
service = request.json.get("service", None)
event = request.json.get("event", None)
group = request.json.get("group", None)
tags = request.json.get("tags", None)
customer = request.json.get("customer", None)
start_time = request.json.get("startTime", None)
end_time = request.json.get("endTime", None)
duration = request.json.get("duration", None)
if start_time:
start_time = datetime.datetime.strptime(start_time,
'%Y-%m-%dT%H:%M:%S.%fZ')
if end_time:
end_time = datetime.datetime.strptime(end_time,
'%Y-%m-%dT%H:%M:%S.%fZ')
try:
blackout = db.create_blackout(environment, resource, service, event,
group, tags, customer, start_time,
end_time, duration)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
return jsonify(status="ok", blackout=blackout), 201, {
'Location': absolute_url('/blackout/' + blackout)
}
def get_top10_flapping():
try:
query, _, _, group, _, _, _ = parse_fields(request.args)
except Exception as e:
return jsonify(status="error", message=str(e)), 400
try:
top10 = db.get_topn_flapping(query=query, group=group, limit=10)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
for item in top10:
for resource in item['resources']:
resource['href'] = absolute_url('/alert/' + resource['id'])
if top10:
return jsonify(status="ok", total=len(top10), top10=top10)
else:
return jsonify(
status="ok",
message="not found",
total=0,
top10=[],
)
def index():
rules = []
for rule in app.url_map.iter_rules():
if rule.endpoint not in ['test', 'static']:
rules.append(rule)
return render_template('index.html', base_url=absolute_url(), rules=rules)
def pingdom():
hook_started = webhook_timer.start_timer()
try:
incomingAlert = parse_pingdom(request.args.get('message'))
except ValueError as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 400
try:
alert = process_alert(incomingAlert)
except RejectException as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 403
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
webhook_timer.stop_timer(hook_started)
if alert:
body = alert.get_body()
body['href'] = absolute_url('/alert/' + alert.id)
return jsonify(status="ok", id=alert.id, alert=body), 201, {'Location': body['href']}
else:
return jsonify(status="error", message="insert or update of pingdom check failed"), 500
def get_alert(id):
customer = g.get('customer', None)
try:
alert = db.get_alert(id=id, customer=customer)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
if alert:
body = alert.get_body()
body['href'] = absolute_url('/alert/' + alert.id)
return jsonify(status="ok", total=1, alert=body)
else:
return jsonify(status="error", message="not found", total=0, alert=None), 404
def get_alert(id):
customer = g.get('customer', None)
try:
alert = db.get_alert(id=id, customer=customer)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
if alert:
body = alert.get_body()
body['href'] = absolute_url('/alert/' + alert.id)
return jsonify(status="ok", total=1, alert=body)
else:
return jsonify(status="error", message="not found", total=0, alert=None), 404
def get_heartbeat(id):
customer = g.get('customer', None)
try:
heartbeat = db.get_heartbeat(id=id, customer=customer)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
if heartbeat:
body = heartbeat.get_body()
body['href'] = absolute_url('/hearbeat/' + heartbeat.id)
return jsonify(status="ok", total=1, heartbeat=body)
else:
return jsonify(status="error", message="not found", total=0, heartbeat=None), 404
def get_heartbeat(id):
customer = g.get('customer', None)
try:
heartbeat = db.get_heartbeat(id=id, customer=customer)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
if heartbeat:
body = heartbeat.get_body()
body['href'] = absolute_url('/hearbeat/' + heartbeat.id)
return jsonify(status="ok", total=1, heartbeat=body)
else:
return jsonify(status="error", message="not found", total=0, heartbeat=None), 404
def get_heartbeat(id):
try:
heartbeat = db.get_heartbeat(id=id)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
if heartbeat:
if g.get('role', None) != 'admin' and not heartbeat.customer == g.get('customer', None):
return jsonify(status="error", message="not found", total=0, alert=None), 404
body = heartbeat.get_body()
body['href'] = absolute_url('/hearbeat/' + heartbeat.id)
return jsonify(status="ok", total=1, heartbeat=body)
else:
return jsonify(status="error", message="not found", total=0, heartbeat=None), 404
def create_customer():
if request.json and 'customer' in request.json and 'match' in request.json:
customer = request.json["customer"]
match = request.json["match"]
try:
cid = db.create_customer(customer, match)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
else:
return jsonify(status="error", message="Must supply user 'customer' and 'match' as parameters"), 400
if cid:
return jsonify(status="ok", id=cid), 201, {'Location': absolute_url('/customer/' + cid)}
else:
return jsonify(status="error", message="Customer lookup for this match already exists"), 409
def create_customer():
if request.json and 'customer' in request.json and 'match' in request.json:
customer = request.json["customer"]
match = request.json["match"]
try:
cid = db.create_customer(customer, match)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
else:
return jsonify(status="error", message="Must supply user 'customer' and 'match' as parameters"), 400
if cid:
return jsonify(status="ok", id=cid), 201, {'Location': absolute_url('/customer/' + cid)}
else:
return jsonify(status="error", message="Customer lookup for this match already exists"), 409
def receive_alert():
if not Switch.get('sender-api-allow').is_on():
return jsonify(
status="error",
message="API not accepting alerts. Try again later."), 503
recv_started = receive_timer.start_timer()
try:
incomingAlert = Alert.parse_alert(request.data)
except ValueError as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="error", message=str(e)), 403
except RateLimit as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="error", id=incomingAlert.id,
message=str(e)), 429
except BlackoutPeriod as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="ok", id=incomingAlert.id, message=str(e)), 202
except Exception as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="error", message=str(e)), 500
receive_timer.stop_timer(recv_started)
if alert:
body = alert.get_body()
body['href'] = absolute_url('/alert/' + alert.id)
return jsonify(status="ok", id=alert.id, alert=body), 201, {
'Location': body['href']
}
else:
return jsonify(
status="error",
message="insert or update of received alert failed"), 500
def receive_alert():
if not Switch.get('sender-api-allow').is_on():
return jsonify(
status="error",
message="API not accepting alerts. Try again later."), 503
recv_started = receive_timer.start_timer()
try:
incomingAlert = Alert.parse_alert(request.data)
except ValueError as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
if request.headers.getlist("X-Forwarded-For"):
incomingAlert.attributes.update(
ip=request.headers.getlist("X-Forwarded-For")[0])
else:
incomingAlert.attributes.update(ip=request.remote_addr)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="error", message=str(e)), 403
except RuntimeWarning as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="ok", id=incomingAlert.id, message=str(e)), 202
except Exception as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="error", message=str(e)), 500
receive_timer.stop_timer(recv_started)
if alert:
body = alert.get_body()
body['href'] = absolute_url('/alert/' + alert.id)
return jsonify(status="ok", id=alert.id, alert=body), 201, {
'Location': body['href']
}
else:
return jsonify(
status="error",
message="insert or update of received alert failed"), 500
def create_key():
if 'admin' in g.scopes or 'admin:keys' in g.scopes:
try:
user = request.json.get('user', g.user)
customer = request.json.get('customer', None)
except AttributeError:
return jsonify(status="error",
message="Must supply 'user' as parameter"), 400
else:
try:
user = g.user
customer = g.get('customer', None)
except AttributeError:
return jsonify(
status="error",
message=
"Must supply API Key or Bearer Token when creating new API key"
), 400
scopes = request.json.get("scopes", [])
for scope in scopes:
if not is_in_scope(scope):
return jsonify(
status="error",
message="Requested scope %s is beyond existing scopes: %s." %
(scope, ','.join(g.scopes))), 403
type = request.json.get("type", None)
if type and type not in ['read-only', 'read-write']:
return jsonify(
status="error",
message="API key 'type' must be 'read-only' or 'read-write'"), 400
text = request.json.get("text", "API Key for %s" % user)
try:
key = db.create_key(user,
scopes=scopes,
type=type,
customer=customer,
text=text)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
return jsonify(status="ok", key=key['key'], data=key), 201, {
'Location': absolute_url('/key/' + key['key'])
}
def create_heartbeat():
try:
heartbeat = Heartbeat.parse_heartbeat(request.data)
except ValueError as e:
return jsonify(status="error", message=str(e)), 400
if g.get('role', None) != 'admin':
heartbeat.customer = g.get('customer', None)
try:
heartbeat = db.save_heartbeat(heartbeat)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
body = heartbeat.get_body()
body['href'] = absolute_url('/heartbeat/' + heartbeat.id)
return jsonify(status="ok", id=heartbeat.id, heartbeat=body), 201, {'Location': body['href']}
def create_heartbeat():
try:
heartbeat = Heartbeat.parse_heartbeat(request.data)
except ValueError as e:
return jsonify(status="error", message=str(e)), 400
if g.get('role', None) != 'admin':
heartbeat.customer = g.get('customer', None)
try:
heartbeat = db.save_heartbeat(heartbeat)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
body = heartbeat.get_body()
body['href'] = absolute_url('/heartbeat/' + heartbeat.id)
return jsonify(status="ok", id=heartbeat.id, heartbeat=body), 201, {'Location': body['href']}
def create_user():
if request.json and 'name' in request.json:
name = request.json["name"]
login = request.json["login"]
password = request.json.get("password", None)
provider = request.json["provider"]
text = request.json.get("text", "")
try:
user_id = db.save_user(str(uuid4()), name, login, password, provider, text)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
else:
return jsonify(status="error", message="must supply user 'name', 'login' and 'provider' as parameters"), 400
if user_id:
return jsonify(status="ok", user=user_id), 201, {'Location': absolute_url('/user/' + user_id)}
else:
return jsonify(status="error", message="User with that login already exists"), 409
def create_key():
if request.json and 'user' in request.json:
user = request.json['user']
else:
return jsonify(status="error", message="must supply 'user' as parameter"), 400
type = request.json.get("type", "read-only")
if type not in ['read-only', 'read-write']:
return jsonify(status="error", message="API key must be read-only or read-write"), 400
customer = g.get('customer', None) or request.json.get("customer", None)
text = request.json.get("text", "API Key for %s" % user)
try:
key = db.create_key(user, type, customer, text)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
return jsonify(status="ok", key=key), 201, {'Location': absolute_url('/key/' + key)}
def prometheus():
alerts = []
if request.json and 'alerts' in request.json:
hook_started = webhook_timer.start_timer()
external_url = request.json.get('externalURL', None)
for alert in request.json['alerts']:
try:
incomingAlert = parse_prometheus(alert, external_url)
except ValueError as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 403
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
alerts.append(alert)
webhook_timer.stop_timer(hook_started)
else:
return jsonify(
status="error",
message="no alerts in Prometheus notification payload"), 400
if len(alerts) == 1:
body = alerts[0].get_body()
body['href'] = absolute_url('/alert/' + alerts[0].id)
return jsonify(status="ok", id=alerts[0].id, alert=body), 201, {
'Location': body['href']
}
else:
return jsonify(status="ok", ids=[alert.id for alert in alerts]), 201
def create_key():
if g.get('role', None) != 'admin':
user = g.user
customer = g.customer
else:
user = request.json.get('user', g.user)
customer = request.json.get('customer', None)
type = request.json.get("type", "read-only")
if type not in ['read-only', 'read-write']:
return jsonify(status="error", message="API key must be read-only or read-write"), 400
text = request.json.get("text", "API Key for %s" % user)
try:
key = db.create_key(user, type, customer, text)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
return jsonify(status="ok", key=key), 201, {'Location': absolute_url('/key/' + key)}
def stackdriver():
hook_started = webhook_timer.start_timer()
try:
state, incomingAlert = parse_stackdriver(request.data)
except ValueError as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
if state == 'acknowledged':
try:
alert = db.set_status(id=incomingAlert.id,
status='ack',
text='acknowledged via Stackdriver')
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
else:
try:
alert = process_alert(incomingAlert)
except RejectException as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 403
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
webhook_timer.stop_timer(hook_started)
if alert:
body = alert.get_body()
body['href'] = absolute_url('/alert/' + alert.id)
return jsonify(status="ok", id=alert.id, alert=body), 201, {
'Location': body['href']
}
else:
return jsonify(status="error",
message="notification from stackdriver failed"), 500
def receive_alert():
if not Switch.get('sender-api-allow').is_on():
return jsonify(status="error", message="API not accepting alerts. Try again later."), 503
recv_started = receive_timer.start_timer()
try:
incomingAlert = Alert.parse_alert(request.data)
except ValueError as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="error", message=str(e)), 403
except RateLimit as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="error", id=incomingAlert.id, message=str(e)), 429
except BlackoutPeriod as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="ok", id=incomingAlert.id, message=str(e)), 202
except Exception as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="error", message=str(e)), 500
receive_timer.stop_timer(recv_started)
if alert:
body = alert.get_body()
body['href'] = absolute_url('/alert/' + alert.id)
return jsonify(status="ok", id=alert.id, alert=body), 201, {'Location': body['href']}
else:
return jsonify(status="error", message="insert or update of received alert failed"), 500
def receive_alert():
if not Switch.get('sender-api-allow').is_on():
return jsonify(status="error", message="API not accepting alerts. Try again later."), 503
recv_started = receive_timer.start_timer()
try:
incomingAlert = Alert.parse_alert(request.data)
except ValueError as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
if request.headers.getlist("X-Forwarded-For"):
incomingAlert.attributes.update(ip=request.headers.getlist("X-Forwarded-For")[0])
else:
incomingAlert.attributes.update(ip=request.remote_addr)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="error", message=str(e)), 403
except RuntimeWarning as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="ok", id=incomingAlert.id, message=str(e)), 202
except Exception as e:
receive_timer.stop_timer(recv_started)
return jsonify(status="error", message=str(e)), 500
receive_timer.stop_timer(recv_started)
if alert:
body = alert.get_body()
body['href'] = absolute_url('/alert/' + alert.id)
return jsonify(status="ok", id=alert.id, alert=body), 201, {'Location': body['href']}
else:
return jsonify(status="error", message="insert or update of received alert failed"), 500
def build_slack_response(alert, action, user, data):
response = json.loads(data['payload']).get('original_message', {})
actions = ['watch', 'unwatch']
message = (u"User {user} is {action}ing alert {alert}" if action in actions
else u"The status of alert {alert} is {status} now!").format(
alert=alert.get_id(short=True),
status=alert.status.capitalize(),
action=action,
user=user)
attachment_response = {
"fallback": message,
"pretext": "Action done!",
"color": "#808080",
"title": message,
"title_link": absolute_url('/alert/' + alert.id)
}
# clear interactive buttons and add new attachment as response of action
if action not in actions:
attachments = response.get('attachments', [])
for attachment in attachments:
attachment.pop('actions', None)
attachments.append(attachment_response)
response['attachments'] = attachments
return response
# update the interactive button of all actions
next_action = actions[(actions.index(action) + 1) % len(actions)]
for attachment in response.get('attachments', []):
for attached_action in attachment.get('actions', []):
if action == attached_action.get('value'):
attached_action.update({
'name': next_action,
'value': next_action,
'text': next_action.capitalize()
})
return response
def send_confirmation(name, email):
msg = MIMEMultipart("related")
msg["Subject"] = "[Alerta] Please verify your email '%s'" % email
msg["From"] = app.config["MAIL_FROM"]
msg["To"] = email
msg.preamble = "[Alerta] Please verify your email '%s'" % email
confirm_hash = str(uuid4())
db.set_user_hash(email, confirm_hash)
text = (
"Hello {name}!\n\n"
"Please verify your email address is {email} by clicking on the link below:\n\n"
"{url}\n\n"
"You're receiving this email because you recently created a new Alerta account."
" If this wasn't you, please ignore this email.".format(
name=name, email=email, url=absolute_url("/auth/confirm/" + confirm_hash)
)
)
msg_text = MIMEText(text, "plain", "utf-8")
msg.attach(msg_text)
try:
mx = smtplib.SMTP(app.config["SMTP_HOST"], app.config["SMTP_PORT"])
if app.config["DEBUG"]:
mx.set_debuglevel(True)
mx.ehlo()
mx.starttls()
mx.login(app.config["MAIL_FROM"], app.config["SMTP_PASSWORD"])
mx.sendmail(app.config["MAIL_FROM"], [email], msg.as_string())
mx.close()
except (socket.error, socket.herror, socket.gaierror) as e:
LOG.error("Mail server connection error: %s", str(e))
return
except smtplib.SMTPException as e:
LOG.error("Failed to send email : %s", str(e))
except Exception as e:
LOG.error("Unhandled exception: %s", str(e))
def get_heartbeat(id):
try:
heartbeat = db.get_heartbeat(id=id)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
if heartbeat:
if g.get('role', None) != 'admin' and not heartbeat.customer == g.get(
'customer', None):
return jsonify(status="error",
message="not found",
total=0,
alert=None), 404
body = heartbeat.get_body()
body['href'] = absolute_url('/hearbeat/' + heartbeat.id)
return jsonify(status="ok", total=1, heartbeat=body)
else:
return jsonify(status="error",
message="not found",
total=0,
heartbeat=None), 404
def create_key():
if g.get('role', None) != 'admin':
user = g.user
customer = g.customer
else:
user = request.json.get('user', g.user)
customer = request.json.get('customer', None)
type = request.json.get("type", "read-only")
if type not in ['read-only', 'read-write']:
return jsonify(status="error",
message="API key must be read-only or read-write"), 400
text = request.json.get("text", "API Key for %s" % user)
try:
key = db.create_key(user, type, customer, text)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
return jsonify(status="ok", key=key), 201, {
'Location': absolute_url('/key/' + key)
}
def create_key():
if request.json and 'user' in request.json:
user = request.json['user']
else:
return jsonify(status="error",
message="must supply 'user' as parameter"), 400
type = request.json.get("type", "read-only")
if type not in ['read-only', 'read-write']:
return jsonify(status="error",
message="API key must be read-only or read-write"), 400
customer = g.get('customer', None) or request.json.get("customer", None)
text = request.json.get("text", "API Key for %s" % user)
try:
key = db.create_key(user, type, customer, text)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
return jsonify(status="ok", key=key), 201, {
'Location': absolute_url('/key/' + key)
}
def send_confirmation(name, email):
msg = MIMEMultipart('related')
msg['Subject'] = "[Alerta] Please verify your email '%s'" % email
msg['From'] = app.config['MAIL_FROM']
msg['To'] = email
msg.preamble = "[Alerta] Please verify your email '%s'" % email
confirm_hash = str(uuid4())
db.set_user_hash(email, confirm_hash)
text = 'Hello {name}!\n\n' \
'Please verify your email address is {email} by clicking on the link below:\n\n' \
'{url}\n\n' \
'You\'re receiving this email because you recently created a new Alerta account.' \
' If this wasn\'t you, please ignore this email.'.format(
name=name, email=email, url=absolute_url('/auth/confirm/' + confirm_hash))
msg_text = MIMEText(text, 'plain', 'utf-8')
msg.attach(msg_text)
try:
mx = smtplib.SMTP(app.config['SMTP_HOST'], app.config['SMTP_PORT'])
if app.config['DEBUG']:
mx.set_debuglevel(True)
mx.ehlo()
mx.starttls()
mx.login(app.config['MAIL_FROM'], app.config['SMTP_PASSWORD'])
mx.sendmail(app.config['MAIL_FROM'], [email], msg.as_string())
mx.close()
except (socket.error, socket.herror, socket.gaierror) as e:
LOG.error('Mail server connection error: %s', str(e))
return
except smtplib.SMTPException as e:
LOG.error('Failed to send email : %s', str(e))
except Exception as e:
LOG.error('Unhandled exception: %s', str(e))
def prometheus():
alerts = []
if request.json and 'alerts' in request.json:
hook_started = webhook_timer.start_timer()
for alert in request.json['alerts']:
try:
incomingAlert = parse_prometheus(alert)
except ValueError as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 403
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
alerts.append(alert)
webhook_timer.stop_timer(hook_started)
else:
return jsonify(status="error", message="no alerts in Prometheus notification payload"), 400
if len(alerts) == 1:
body = alerts[0].get_body()
body['href'] = absolute_url('/alert/' + alerts[0].id)
return jsonify(status="ok", id=alerts[0].id, alert=body), 201, {'Location': body['href']}
else:
return jsonify(status="ok", ids=[alert.id for alert in alerts]), 201
def send_confirmation(name, email):
msg = MIMEMultipart('related')
msg['Subject'] = "[Alerta] Please verify your email '%s'" % email
msg['From'] = app.config['MAIL_FROM']
msg['To'] = email
msg.preamble = "[Alerta] Please verify your email '%s'" % email
confirm_hash = str(uuid4())
db.set_user_hash(email, confirm_hash)
text = 'Hello {name}!\n\n' \
'Please verify your email address is {email} by clicking on the link below:\n\n' \
'{url}\n\n' \
'You\'re receiving this email because you recently created a new Alerta account.' \
' If this wasn\'t you, please ignore this email.'.format(
name=name, email=email, url=absolute_url('/auth/confirm/' + confirm_hash))
msg_text = MIMEText(text, 'plain', 'utf-8')
msg.attach(msg_text)
try:
mx = smtplib.SMTP(app.config['SMTP_HOST'], app.config['SMTP_PORT'])
if app.config['DEBUG']:
mx.set_debuglevel(True)
mx.ehlo()
mx.starttls()
mx.login(app.config['MAIL_FROM'], app.config['SMTP_PASSWORD'])
mx.sendmail(app.config['MAIL_FROM'], [email], msg.as_string())
mx.close()
except (socket.error, socket.herror, socket.gaierror) as e:
LOG.error('Mail server connection error: %s', str(e))
return
except smtplib.SMTPException as e:
LOG.error('Failed to send email : %s', str(e))
except Exception as e:
LOG.error('Unhandled exception: %s', str(e))
def stackdriver():
hook_started = webhook_timer.start_timer()
try:
state, incomingAlert = parse_stackdriver(request.data)
except ValueError as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
if state == 'acknowledged':
try:
alert = db.set_status(id=incomingAlert.id, status='ack', text='acknowledged via Stackdriver')
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
else:
try:
alert = process_alert(incomingAlert)
except RejectException as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 403
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
webhook_timer.stop_timer(hook_started)
if alert:
body = alert.get_body()
body['href'] = absolute_url('/alert/' + alert.id)
return jsonify(status="ok", id=alert.id, alert=body), 201, {'Location': body['href']}
else:
return jsonify(status="error", message="notification from stackdriver failed"), 500
def get_history():
try:
query, _, _, _, _, limit, query_time = parse_fields(request.args)
except Exception as e:
return jsonify(status="error", message=str(e)), 400
try:
history = db.get_history(query=query, limit=limit)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
for alert in history:
alert['href'] = absolute_url('/alert/' + alert['id'])
if len(history) > 0:
return jsonify(status="ok",
history=history,
lastTime=history[-1]['updateTime'])
else:
return jsonify(status="ok",
message="not found",
history=[],
lastTIme=query_time)
else:
customer = None
token = create_token(profile['sub'],
profile['name'],
login,
provider='keycloak',
customer=customer,
scopes=scopes(login, groups=roles))
return jsonify(token=token)
if 'SAML2_CONFIG' in app.config:
spConfig = saml2.config.Config()
saml2_config_default = {
'entityid': absolute_url(),
'service': {
'sp': {
'endpoints': {
'assertion_consumer_service':
[(absolute_url('/auth/saml'), saml2.BINDING_HTTP_POST)]
}
}
}
}
spConfig.load(deepmerge(saml2_config_default, app.config['SAML2_CONFIG']))
saml_client = saml2.client.Saml2Client(config=spConfig)
@app.route('/auth/saml', methods=['GET'])
def saml_redirect_to_idp():
def get_alerts():
gets_started = gets_timer.start_timer()
try:
query, fields, sort, _, page, limit, query_time = parse_fields(
request.args)
except Exception as e:
gets_timer.stop_timer(gets_started)
return jsonify(status="error", message=str(e)), 400
try:
severity_count = db.get_counts(query=query,
fields={"severity": 1},
group="severity")
except Exception as e:
return jsonify(status="error", message=str(e)), 500
try:
status_count = db.get_counts(query=query,
fields={"status": 1},
group="status")
except Exception as e:
return jsonify(status="error", message=str(e)), 500
if limit < 1:
return jsonify(status="error",
message="page 'limit' of %s is not valid" % limit), 416
total = sum(severity_count.values())
pages = ((total - 1) // limit) + 1
if total and page > pages or page < 0:
return jsonify(status="error",
message="page out of range: 1-%s" % pages), 416
if 'history' not in fields:
fields['history'] = {'$slice': app.config['HISTORY_LIMIT']}
try:
alerts = db.get_alerts(query=query,
fields=fields,
sort=sort,
page=page,
limit=limit)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
alert_response = list()
if len(alerts) > 0:
last_time = None
for alert in alerts:
body = alert.get_body()
body['href'] = absolute_url('/alert/' + alert.id)
if not last_time:
last_time = body['lastReceiveTime']
elif body['lastReceiveTime'] > last_time:
last_time = body['lastReceiveTime']
alert_response.append(body)
gets_timer.stop_timer(gets_started)
return jsonify(
status="ok",
total=total,
page=page,
pageSize=limit,
pages=pages,
more=page < pages,
alerts=alert_response,
severityCounts=severity_count,
statusCounts=status_count,
lastTime=last_time,
autoRefresh=Switch.get('auto-refresh-allow').is_on(),
)
else:
gets_timer.stop_timer(gets_started)
return jsonify(status="ok",
message="not found",
total=total,
page=page,
pageSize=limit,
pages=pages,
more=False,
alerts=[],
severityCounts=severity_count,
statusCounts=status_count,
lastTime=query_time,
autoRefresh=Switch.get('auto-refresh-allow').is_on())
def grafana():
hook_started = webhook_timer.start_timer()
alerts = []
data = request.json
if data and data['state'] == 'alerting':
for match in data.get('evalMatches', []):
try:
incomingAlert = parse_grafana(data, match)
except ValueError as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 403
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
alerts.append(alert)
webhook_timer.stop_timer(hook_started)
elif data and data['state'] == 'ok' and data.get('ruleId', None):
try:
existingAlerts = db.get_alerts({'attributes.ruleId': data['ruleId'], 'customer': g.get('customer', None)})
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
for updateAlert in existingAlerts:
updateAlert.severity = 'normal'
updateAlert.status = 'closed'
try:
alert = process_alert(updateAlert)
except RejectException as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 403
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
alerts.append(alert)
webhook_timer.stop_timer(hook_started)
else:
return jsonify(status="error", message="no alerts in Grafana notification payload"), 400
if len(alerts) == 1:
body = alerts[0].get_body()
body['href'] = absolute_url('/alert/' + alerts[0].id)
return jsonify(status="ok", id=alerts[0].id, alert=body), 201, {'Location': body['href']}
else:
return jsonify(status="ok", ids=[alert.id for alert in alerts]), 201
def grafana():
hook_started = webhook_timer.start_timer()
alerts = []
data = request.json
if data and data['state'] == 'alerting':
for match in data.get('evalMatches', []):
try:
incomingAlert = parse_grafana(data, match)
except ValueError as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 403
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
alerts.append(alert)
webhook_timer.stop_timer(hook_started)
elif data and data['state'] == 'ok' and data.get('ruleId', None):
try:
existingAlerts = db.get_alerts({'attributes.ruleId': data['ruleId'], 'customer': g.get('customer', None)})
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
for updateAlert in existingAlerts:
updateAlert.severity = 'normal'
updateAlert.status = 'closed'
try:
alert = process_alert(updateAlert)
except RejectException as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 403
except Exception as e:
webhook_timer.stop_timer(hook_started)
return jsonify(status="error", message=str(e)), 500
alerts.append(alert)
webhook_timer.stop_timer(hook_started)
else:
return jsonify(status="error", message="no alerts in Grafana notification payload"), 400
if len(alerts) == 1:
body = alerts[0].get_body()
body['href'] = absolute_url('/alert/' + alerts[0].id)
return jsonify(status="ok", id=alerts[0].id, alert=body), 201, {'Location': body['href']}
else:
return jsonify(status="ok", ids=[alert.id for alert in alerts]), 201
def get_alerts():
gets_started = gets_timer.start_timer()
try:
query, fields, sort, _, page, limit, query_time = parse_fields(request.args)
except Exception as e:
gets_timer.stop_timer(gets_started)
return jsonify(status="error", message=str(e)), 400
try:
severity_count = db.get_counts(query=query, fields={"severity": 1}, group="severity")
except Exception as e:
return jsonify(status="error", message=str(e)), 500
try:
status_count = db.get_counts(query=query, fields={"status": 1}, group="status")
except Exception as e:
return jsonify(status="error", message=str(e)), 500
if limit < 1:
return jsonify(status="error", message="page 'limit' of %s is not valid" % limit), 416
total = sum(severity_count.values())
pages = ((total - 1) // limit) + 1
if total and page > pages or page < 0:
return jsonify(status="error", message="page out of range: 1-%s" % pages), 416
if 'history' not in fields:
fields['history'] = {'$slice': app.config['HISTORY_LIMIT']}
try:
alerts = db.get_alerts(query=query, fields=fields, sort=sort, page=page, limit=limit)
except Exception as e:
return jsonify(status="error", message=str(e)), 500
alert_response = list()
if len(alerts) > 0:
last_time = None
for alert in alerts:
body = alert.get_body()
body['href'] = absolute_url('/alert/' + alert.id)
if not last_time:
last_time = body['lastReceiveTime']
elif body['lastReceiveTime'] > last_time:
last_time = body['lastReceiveTime']
alert_response.append(body)
gets_timer.stop_timer(gets_started)
return jsonify(
status="ok",
total=total,
page=page,
pageSize=limit,
pages=pages,
more=page < pages,
alerts=alert_response,
severityCounts=severity_count,
statusCounts=status_count,
lastTime=last_time,
autoRefresh=Switch.get('auto-refresh-allow').is_on(),
)
else:
gets_timer.stop_timer(gets_started)
return jsonify(
status="ok",
message="not found",
total=total,
page=page,
pageSize=limit,
pages=pages,
more=False,
alerts=[],
severityCounts=severity_count,
statusCounts=status_count,
lastTime=query_time,
autoRefresh=Switch.get('auto-refresh-allow').is_on()
)
