Beispiel #1
0
    def test_will_email_on_rule_match(self, node, rule, testapp):
        from flask_mail import email_dispatched

        match = RuleMatch(rule=rule,
                          node=node.to_dict(),
                          result={
                              'name': 'foo',
                              'action': 'added',
                              'timestamp': 'bar',
                              'columns': {
                                  'boo': 'baz',
                                  'kung': 'bloo'
                              },
                          })

        expected_subject = '[Doorman Test] {host_identifier} {name} ({action})'.format(
            host_identifier=node.host_identifier,
            name=rule.name,
            action=match.result['action'])

        @email_dispatched.connect
        def verify(message, app):
            assert message.subject == expected_subject
            assert self.recipients == message.recipients
            assert rule.name in message.body
            assert 'boo' in message.body
            assert 'baz' in message.body

        alerter = EmailAlerter(self.config)
        alerter.handle_alert(node.to_dict(), match)
Beispiel #2
0
    def test_will_make_request(self, node, rule):
        """ Simple test to ensure that there's no serialization or syntax errors. """
        match = RuleMatch(rule=rule,
                          node=node.to_dict(),
                          result={
                              'name': 'foo',
                              'action': 'added',
                              'timestamp': 'bar',
                              'columns': {
                                  'boo': 'baz',
                                  'kung': 'bloo'
                              },
                          })

        resp = MockResponse(ok=True, content='blah')
        with mock.patch('requests.post', return_value=resp) as pmock:
            alerter = PagerDutyAlerter(self.config)
            alerter.handle_alert(node.to_dict(), match)

        assert pmock.called

        args, kwargs = pmock.call_args
        assert args[
            0] == 'https://events.pagerduty.com/generic/2010-04-15/create_event.json'

        assert rule.name in kwargs['data']
        assert 'boo' in kwargs['data']
        assert 'baz' in kwargs['data']
Beispiel #3
0
    def handle_log_entry(self, entry, node):
        """ The actual entrypoint for handling input log entries. """
        from doorman.models import Rule
        from doorman.rules import RuleMatch
        from doorman.utils import extract_results

        self.load_rules()

        to_trigger = []
        for name, action, columns, timestamp in extract_results(entry):
            result = {
                'name': name,
                'action': action,
                'timestamp': timestamp,
                'columns': columns,
            }
            alerts = self.network.process(result, node)
            if len(alerts) == 0:
                continue

            # Alerts is a set of (alerter name, rule id) tuples.  We convert
            # these into RuleMatch instances, which is what our alerters are
            # actually expecting.
            for alerter, rule_id in alerts:
                rule = Rule.get_by_id(rule_id)

                to_trigger.append(
                    (alerter, RuleMatch(rule=rule, result=result, node=node)))

        # Now that we've collected all results, start triggering them.
        for alerter, match in to_trigger:
            self.alerters[alerter].handle_alert(node, match)
Beispiel #4
0
    def test_will_pass_service_key(self, node, rule):
        match = RuleMatch(rule=rule,
                          node=node.to_dict(),
                          result={
                              'name': 'foo',
                              'action': 'added',
                              'timestamp': 'bar',
                              'columns': {
                                  'boo': 'baz',
                                  'kung': 'bloo'
                              },
                          })

        resp = MockResponse(ok=True, content='blah')
        with mock.patch('requests.post', return_value=resp) as pmock:
            alerter = PagerDutyAlerter(self.config)
            alerter.handle_alert(node.to_dict(), match)

        assert pmock.called

        _, kwargs = pmock.call_args
        data = json.loads(kwargs['data'])
        assert data['service_key'] == self.service_key
Beispiel #5
0
    def test_will_alert(self, node, rule, testapp):
        match = RuleMatch(rule=rule,
                          node=node.to_dict(),
                          result={
                              'name': 'foo',
                              'action': 'added',
                              'timestamp': dt.datetime.utcnow(),
                              'columns': {
                                  'boo': 'baz',
                                  'kung': 'bloo'
                              },
                          })

        with mock.patch.object(raven.Client,
                               'captureMessage',
                               return_value=None) as pmock:
            alerter = SentryAlerter(self.config)
            alerter.handle_alert(node.to_dict(), match)

        assert pmock.called

        _, kwargs = pmock.call_args
        assert kwargs['message'] == rule.template.safe_substitute(
            match.result['columns'], **node.to_dict()).rstrip()